HOME   >   Sustainability  >  Governance  >  Risk Management and Internal Control System

Risk Management and Internal Control System

Our company appoints a director in charge of risk management to appropriately identify all risks associated with our business activities and to reduce the frequency of their occurrence and their impact on management. A “Risk Management Committee” has been established, chaired by the responsible director and composed mainly of department heads from administrative divisions, in order to build and maintain our risk management framework.

System for Preservation and Management of Information Related to the Execution of Duties by Directors

・ We have established internal rules for the preservation and management of documents (including electronic records) that define responsibilities and authority for document management within the Group, as well as retention periods and management methods.

・ Rules for information security management are in place to establish and maintain an appropriate level of security.

・ Rules for managing information systems are established to ensure the safe operation and maintenance of information systems.

Rules and other systems for managing risk of loss.

・ We have formulated internal rules for responding to risks, enabling proper communication and sharing of risk information, initial response procedures, and establishment and operation of crisis management headquarters within the Group.

・ The Sustainability Strategy Committee and Risk Management Committee deliberate and propose responses to risks identified across the Group.

System to Ensure Efficient Execution of Duties by Directors

・ We define authority for organizational bodies, departments, and positions in internal regulations to ensure proper and efficient decision-making and execution of duties throughout the Group.

・ We promote company-wide operational efficiency across the Group.

・ Through the use of information systems, we enhance appropriate information transmission and communication among officers and employees, and ensure proper pre-review, storage, and access to meeting materials.

System to Ensure the Proper Execution of Business within the Group

・ We treat our subsidiaries as part of our own organization, establishing clear lines of command and reporting obligations that cover all organizations within subsidiaries, enabling integrated and comprehensive management across the Group.

・ The internal audit department conducts audits covering the entire Group, including subsidiaries.

System to Ensure the Accuracy of Financial Reporting

・ We have established accounting rules to ensure appropriate accounting in accordance with laws and accounting standards.

・ We comply with laws and securities exchange regulations to conduct accurate and timely financial reporting.

・ The internal audit department reports evaluations and improvement results regarding company-wide internal controls and business processes by assessing and documenting them.

・ We continuously assess the effectiveness of internal controls related to financial reporting and make improvements as necessary.

Matters concerning directors and employees who are to assist in the duties of the Audit and Supervisory Committee, matters concerning the independence of said directors and employees from other directors (excluding directors who are Audit and Supervisory Committee members), and matters concerning the assurance of the effectiveness of instructions from the Audit and Supervisory Committee to said directors and employees.

・ If the Audit and Supervisory Committee requests, employees shall be assigned to assist with its duties.

・ Personnel decisions regarding these employees are made only after prior consultation and consent from the Committee.

・ If the assisting employee concurrently serves another department, the employee shall give priority to the work of the Audit and Supervisory Committee.

System for Reporting to the Audit and Supervisory Committee and Ensuring Whistleblowers Are Not Disadvantaged

・ Officers and employees must promptly and appropriately report to the Audit and Supervisory Committee any facts that may significantly harm the Group or other important business matters.

・ The internal audit department shall report audit results to the Committee in a timely and appropriate manner.

・ The internal reporting system ensures that whistleblowers will not suffer disadvantage, and reports on usage and handling of internal reports are regularly provided to the Committee.

・ When the contents of a whistleblower report are relevant to the duties of the Audit and Supervisory Committee, or when the whistleblower requests it, the information is promptly forwarded to the Committee.

Policy for Processing Expenses or Liabilities Arising from Execution of Duties by Audit and Supervisory Committee Members (limited to duties related to the Audit and Supervisory Committee)

・ When a director who is a member of the Audit and Supervisory Committee requests prepayment or reimbursement of expenses incurred in the execution of their duties, such expenses or liabilities shall be promptly processed unless they are deemed unnecessary for the execution of those duties.

Other Systems to Ensure Effective Audits by the Audit and Supervisory Committee

・ The Representative Director holds regular meetings with the Audit and Supervisory Committee and provides necessary information to the full-time Committee members to ensure effective communication.

・ The internal audit department and the Committee regularly exchange information and conduct coordinated audits.

・ Officers and employees must promptly and appropriately respond when the Committee or its supporting employees request reports or submission of relevant documents regarding business execution.

・ Full-time Committee members participate in important meetings and review important documents, such as approval requests, to stay informed on decision-making processes and operational status.

The Group handles confidential information such as personal data and trade secrets in the course of its business operations, including store management. Fully recognizing the potential impact of information leaks on management and corporate credibility, we are committed to strengthening and maintaining appropriate systems for managing such confidential information.

[Measures Taken]

*Security education and training for employees
*Implementation of antivirus and intrusion prevention systems
*Operation of backup systems
*Periodic security audits of e-commerce sites and mobile apps by specialized vendors
© BOOKOFF GROUP HOLDINGS.All Rights Reserved.