Compliance/Risk Management
At the CAC Group, we believe that the strong awareness of our corporate social and public responsibilities and the actions we take to strengthen social understanding and trust leads to our sustainable development.
To increase our sense of morality and our sincerity as a corporate entity, we have established our policies and systems on compliance and risk management and are striving to maintain these policies and systems.
Compliance
At the CAC Group, we define compliance as “increasing our sense of morality and our sincerity as a corporate entity by complying strictly with laws, regulations, rules and social norms.” Based on Five Values, we have formulated the Basic Guidelines for Business Conduct for Compliance of the overall Group. We have made it our basic compliance policy to establish a system for promoting compliance and to take actions to promote compliance.
In our system for promoting compliance, we have established a Compliance Control Division, which is a division in charge of legal compliance, under the Chief Compliance Officer (CCO), who is appointed by the Board of Directors. The CCO supervises the Compliance Control Division, which engages in activities related to compliance, including planning, training, supervision and improvements. We have also introduced the Compliance Helpline System (a whistleblowing system), which permits employees of the CAC Group to respond appropriately to compliance violations or potential compliance violations that they discover. We operate this system both within and outside the Group.
As our basic policy for eliminating antisocial forces, we at the CAC Group will not be involved at all with any forces or groups that threaten social order and safety, will firmly reject demands from such forces or groups, and will not undertake any trade with any companies, groups or individuals related to such forces or groups.
CAC Group’s System for Promoting Compliance
Risk Management
In business activities, a company faces not only risks generated in its external business environment but also internal risks that exist within the company. The CAC Group needs to handle these risks appropriately to maintain and keep improving its corporate value.
At the CAC Group, we have established the Risk Management Principles as basic rules on risk management, thus having clarified action guidelines to follow when
managing risks, contents of risks that must be managed appropriately, and system to promote the management of these risks, among others. As the system for promoting
the appropriate identification, assessment and handling of risks, we have established the Risk Management Division under the Chief Risk Officer (CRO).
Initiatives for Dealing with Material Risks
Major risks that may have a significant impact on the Group’s management and operating results are as follows.
Recognizing the possibility that such risks may materialize, the Group endeavors to prevent them from occurring and appropriately deals with them in the event that they do materialize.
| Risks | Impact on the Group | Countermeasures | |
|---|---|---|---|
| Business environment | Increasingly tough competitive environment | Failure to acquire projects will lead to a loss from fewer working hours for personnel and a deterioration in profits from projects. | Collection of information and monitoring regarding customers, market trends, competitors, etc. Reinforcement of sales capabilities |
| Dependence on specific customers and industrial sectors | Changes in IT investment and management environment of the specific customers and industrial sectors that make up the majority of the Group’s sales will make the Group’s business results highly volatile. | Constant understanding of customer trends Development of new customers |
|
| Development of overseas business | Politics and the economy, foreign exchange movements, legal restrictions, commercial practice, social turmoil, etc. in each country exert an adverse influence over the Group’s overseas business activities. | Collection of information on politics, the economy, social situation, etc. of each country Maintenance of systems that ensure smooth contact with overseas bases |
|
| Corporate acquisition/Capital contribution | In the event that capital invested in acquired/portfolio companies is not recoverable or that additional costs are incurred, it will have an adverse impact on the Group’s operating results, business development, etc. | Ensuring of preliminary examinations and reviews Formation of standards for business acquisition and capital contribution and those for withdrawal Strengthening of post-merger integration (PMI) process |
|
| Business operation | Value of assets held | A decline in the value of investment securities and other assets held will have an adverse impact on the Group’s operating results and financial situation. | Monitoring of asset value Prompt decision making on whether to continue holding the assets based on a policy on holding assets |
| Securing and fostering of human resources | Failure to secure and foster excellent human resources as planned will have an adverse impact on the Group’s business promotion. | Appropriate and effective hiring activities and human resources development Improvement in corporate brands and creation of an attractive workplace |
|
| Technology | Information security | Loss, destruction, leakage, etc. of confidential information will lead to a decline in, or loss of, social confidence and/or liability for damages. | Development of a policy, administrative procedures, etc. for information management Training of all employees on information management Security measures |
| Unprofitable projects | Excess time spent on development and work will raise the cost of sales ratio. | Detailed examination of each project prior to receiving an order Monitoring of each project by specialized departments |
|
| Suspension of service | System failures, natural disasters, pandemics, etc. could cause the various IT services provided by our Group to be suspended, which would have a negative impact on our business performance. | Formation of a business continuity plan (BCP) and training and education | |