Our group is expanding its business globally. Various risks arise at each base, but in response to these risks, under the direction of the Risk Management Committee, we issue initial risk management reports, share information with management and related departments, and work to improve. In addition, as part of our internal control efforts, we are promoting efforts across the group in line with the global standard "three-line model."
The first line is primarily the manufacturing and sales departments of our factories and group companies, and is what we call the "front line." At each site, we appropriately control the various risks that arise in the course of business operations.
The second line is centered around the headquarters departments and each central committee, and is responsible for compliance, human rights, finance and accounting, IT, quality, health and safety, etc. In the areas they are responsible for, they not only respond to initial risk management reports but also support the control functions of the entire group by holding study sessions based on past cases.
The third line is Internal Audit Department, which is independent of any internal interests within the organization and is responsible for providing assurance to the board and management regarding the effectiveness of risk management and controls. The audit targets all areas of the organization, including the activities of the first and second lines.
The Risk Management Committee comprehensively implements internal controls, including for Group companies, and works with each central committee and head office department to implement the PDCA cycle in risk management activities.
3-line model
・First line (business execution): Manufacturing plants, group companies
・Second line (supervision): Headquarters departments, each central committee (health and safety, environmental disaster prevention, quality)
・Third line (internal audit): Internal Audit Department
Source: Quoted from the Institute of Internal Auditors (IIA) website, partially modified for our Group
Our company has established a system centered around the Risk Management Committee to prevent risks across the entire group and to respond quickly when they occur. Each department and group company formulates an annual activity plan related to risk management and promotes continuous improvement activities. When a risk incident occurs or there is a possibility of one occurring, it is reported to the Risk Management Committee, etc., and the risk level is determined and addressed according to its severity. Additionally, each fiscal year we set priority themes related to risk management and work to ensure their effective implementation. For fiscal 2024, we have set the following three priority themes and are working on them.
(1) Promoting business continuity management (BCM) to reduce unexpected risks
In preparation for emergencies such as disasters and infectious diseases, we worked to ensure the sustainability of our business by reviewing our business continuity plan (BCP), making our facilities earthquake-resistant, and conducting drills.
(2) Strengthening responses to cyber attacks
In terms of technology, we have promoted the introduction of countermeasures against spoofed emails, vulnerability countermeasure tools, EDR and SOC, as well as four e-learning sessions per year and twice-yearly targeted attack emails.
Through the training, we aimed to instill security awareness.
(3) Strengthening compliance, including respect for human rights
We utilized the updated Compliance Guidebook to raise employee awareness and provided ongoing training and follow-up.
The activities of these Risk Management Committees are reported to the Board of Directors after the committee has finished its work, and efforts are made to ensure their effectiveness under continuous supervision.In addition, in terms of finances, to prepare for liquidity risk, we have concluded commitment line agreements with major financial institutions, and have established a system to ensure the securing of funds in emergencies.
Based on the "Group Company Management Regulations, the Company's main divisions receive reports from Group companies on business policies, plans, financial results and other matters as appropriate, and important matters are approved by the Executive Management Meeting or the Board of Directors. In addition to encouraging the autonomous management of each group company, we also conduct a management soundness evaluation each fiscal year, with evaluation items such as the business performance and risk management status of each group company. We provide guidance and support to each group company.
We have established the "Group Basic Philosophy" and "Group Code of Conduct," and have made them known to all Group executives and employees through our website, in-house newsletter, Group Compliance Guidebook (third edition revised in October 2023), etc. Furthermore, under the leadership of our Risk Management Committee, each of our divisions and Group companies formulates annual action plans for thorough compliance, promotes improvement activities, and shares information. In addition, our responsible divisions and other departments provide various types of compliance education to all levels of the Group.
The effectiveness of "Group Basic Philosophy" and "Group Code of Conduct" is confirmed through an annual review of the status of maintenance and operation to ensure the appropriateness of the Board of Directors' operations, and revisions are made as necessary (both were revised on May 11, 2022).
- Corporate philosophy
-
グループ・コンプライアンスガイドブック
(4,342KB)
In order to strengthen compliance, the Group has established contact points for consultation and reporting both inside and outside the company, and accepts consultations and reports regarding general corporate ethics from Group employees and business partners. Anonymous consultations and reports are possible, and the confidentiality of consultations and reports received at the hotline is protected. We will not give disadvantageous treatment to those who cooperated in confirming the facts, not to mention those who consulted and reported.
|
Contact point for consultation/reporting |
(1) Inside: Topy Industries Group Ethics Consultation Office (2) Outside: Topy Industries Group Compliance Hotline (outside law firm) |
|
Person who can consult and report |
Group officers, employees and their families, retirees, business partners (including contractors, joint venture partners, other business partners, etc.) |
|
Target of consultation/report |
Acts that are considered to violate laws, corporate ethics, Group Basic Philosophy, Group Code of Conduct, or internal regulations related to the business of the Group (including matters related to human rights violations such as harassment and child labor, and corruption including bribery) |
|
Investigation/correction |
|
In addition to Board of Directors meetings, Audit & Supervisory Board Member & Audit & Supervisory Board Member Board Members attend Executive Management Meeting and other important meetings, and receive reports on the activities of the Internal Control & Audit Department and the Risk Management Committee, as well as other matters that have a significant impact on the Group. In addition, regular meetings are held between Representative Directors and Audit & Supervisory Board Member to exchange opinions, and information-sharing meetings are also held between Outside Directors and Audit & Supervisory Board Member.
In the event that an incident related to risk management occurs or is likely to occur within the Group, it is also reported to the Audit & Audit & Supervisory Board Member based on the Group Risk Management Regulations. In addition, based on the "Topy Industries Group Ethics Consultation Office and Topy Industries Group Compliance Hotline Regulations," we have established a system for reporting whistleblowing to Audit & Supervisory Board Member.
Our group recognizes that corruption, bribery, and other corrupt practices are a risk factor that can significantly undermine corporate trust. We have established the Topy Industries Group Anti-Corruption Policy which declares that we will build fair and transparent relationships with local residents, etc., and that we will not engage in any form of corruption.
Additionally, the Topy Industries Group Supply Chain Management Policy which concerns the supply chain, stipulates anti-corruption measures, and we work together with our group's business partners to prevent corruption.
In addition to the development of rules, we have implemented education on anti-corruption for Group officers and employees, and have established a system for receiving consultations and reports at the Group's whistleblower hotline regarding matters suspected of corrupt practices such as corruption and bribery. We are also working to prevent corruption from an operational perspective.
The Topy Group believes that it is necessary to increase tax transparency for various stakeholders, and has established the Topy Industries Group Tax Policy, which stipulates tax compliance and governance.
Our group has established the Topy Industries Group Intellectual Property Policy. This policy positions intellectual property as a tool that supports sustainable business growth, defines it as not only patents but also includes know-how, promotes stricter management of intellectual property, and decides to promote an innovative intellectual property strategy and by visualization, analysis, and utilization of intellectual property. Under this policy, our group strives to create intellectual property and improve compliance and governance regarding intellectual property.
