It is important to always to anticipate the various risks that threaten business continuity, such as natural disasters, compliance, the availability of human resources, safety and health, and product quality, and to take appropriate measures to address these risks. The Daifuku Group conducts regular risk assessments in accordance with the Risk Management Regulations to mitigate and minimize risks that may impact business operations and to strengthen the system for emergencies.
The Group has established a risk management system based on a three-line model with the CEO as the chief executive. Corporate Functions and other administrative divisions (second line) provide support, guidance, and supervision for risk management by the business divisions (first line), which are the entities responsible for responding to risks. In addition, the audit departments (third line) audit the risk management efforts of the first and second lines.
We have established the Risk Management Committee, which is chaired by the President and CEO and includes the heads of divisions and business units, general managers, and related executive officers, to monitor these initiatives from a company-wide perspective, issue instructions for action, and manage progress. The Committee meets several times a year and reports important risk-related issues to the Board of Directors as appropriate.
This Committee promotes activities during normal times to control risks before they materialize; however, in the event of an emergency, the BCP promotion system is in place to respond to crises after risks have emerged. The BCP promotion system works with the Risk Management Committee to consider and prepare for crises starting from normal operations. When faced with a crisis such as a large-scale disaster, we will quickly establish a framework and take initial actions to prevent secondary disasters, placing the highest priority on human lives.
In addition, the Audit Division, which is tasked with establishing and operating an internal audit system, has been established under the direct control of the Board of Directors, and the Board of Directors receives regular reports from the Audit Division. One of its functions is to verify and evaluate the effectiveness of risk management and the maintenance and operation of internal control systems, and to facilitate their improvement. In the development and operation of the internal control system, the Group refers to a standard framework (COSO).
FY2023 promotion system
The main roles of each committee
In order to further strengthen the risk management system, three committees that had been operating individually up until now (the Central Safety and Health Committee, the Information Security Committee, and the International Trade Control Committee) have been changed to a structure that works in cooperation with the Risk Management Committee, effective starting fiscal 2023. The main roles of each committee are as follows.
Risk Management Committee
- Planning and development of risk management systems and related regulations
- Selection of critical risks based on risk assessment results, and decision making, direction, and progress management of response policies
- Determining and directing the action policy for training and awareness activities related to risk management
Central Safety and Health Committee
- Promotion and dissemination of efforts to ensure compliance with relevant laws and regulations, elimination of occupational accidents, and elimination of traffic accidents
Information Security Committee
- Planning and scheduling of information security management and implementation of in-house training
- Establish and revise information security rules and assess compliance with them
- Study of countermeasures for cyber-attacks and information security risks
International Trade Control Committee
- Compliance management system and internal awareness-raising activities to ensure thorough compliance with laws and regulations (including those related to security) regarding all overseas transactions
Crucial risk factors that significantly affect the business activities of the Group are identified, and those factors are mapped on two assessment axes of frequency and consequence to ascertain and manage risks. The assessment covers all business divisions and subsidiaries inside and outside of Japan. Based on the results of this assessment, an external organization conducts interviews within the Group and adds its expertise to map risk items, and the Risk Management Committee ultimately determines the key risks that should be prioritized and addressed.
Overview of significant risks
The following is a list of risks that we recognize as having the potential to materially affect our operating results as of June 2023. However, this is not an exhaustive list of all risks to the Group, and there are unforeseen risks other than those listed. While we are taking measures to mitigate each of these risks, it is difficult to completely predict or address all of them.
|1. Risks related to changes in business environment||Impact||
|2. Risks related to Group governance||Impact||
|3. Risks related to human resources||Impact||
|4. Reputation risks||Impact||
|5. Risks from large-scale natural disasters||Impact||
|6. Risk of information leakage from cyberattacks||Impact||
Identifying and addressing procurement risks
With the aim of ensuring stable procurement of critical parts and materials, the Group is working to ascertain procurement risks latent in our supply chain and strengthen our response measures to these risks. In addition to geopolitical risks and risks related to fluctuations in raw material costs and exchange rates, we are cognizant of risks related to business succession of suppliers, fire, accidents, and labor.
In fiscal 2022, we formed a Group-wide Procurement Risk Working Group across business divisions led by the Production Officer (current CPO). This group shared information on the status of procurement of parts and materials and challenges faced by each division, and we took company-wide measures to address procurement-related risks that have grown more difficult due to the lockdown in Shanghai and other factors.
In fiscal 2023, the Production Innovation Division was established, and the Supply Chain Innovation Promotion Department within this division works to understand the realities of the Group’s increasingly complex supply chain risks.
Main efforts in fiscal 2022
- Identify key suppliers and parts and materials
- Identify risks in the supply chain assumed by each business unit
Business continuity plan
We have formulated a business continuity plan (BCP) to minimize damage to business assets and to enable business continuity and a rapid recovery in the event of a crisis such as a large-scale disaster, with human life as the top priority. In formulating our BCP, we followed the ISO 22301 international standard for its development and operation.
With the aim of enhancing the effectiveness of our BCP, we are conducting regular risk assessments at our business locations, introducing a safety confirmation system, implementing periodic exercises based on the initial response manual, and upgrading our disaster prevention supplies. Daifuku will, if necessary, establish on-site disaster headquarters in the event of an earthquake with an intensity of 5 or higher (per the Japan Meteorological Agency Seismic Intensity Scale), a disaster requiring prolonged recovery efforts, or other events that have or are expected to have a significant impact on business operations.
Strengthening information security
The Group is promoting specific initiatives in each of the following areas against technical threats such as unauthorized access and cyberattacks, human threats such as internal misconduct and disregard for rules, and physical threats such as disasters and theft.
Regarding employee training, we conduct regular global training using video content available in more than 30 languages and e-mail drills that simulate targeted attacks.
|Global information security training||－||2 sessions||4 sessions|
|Global e-mail training||2 sessions||3 sessions||4 sessions|