Towards Value Creation
Basic Risk Management Policy and Regulations
In our Business Principles we declare “we will strive to anticipate the changing business environment to assess new opportunities for growth.” We consider risk management to be a foundation for reducing management uncertainties and achieving management objectives. Based on our basic risk management policy, we manage risks that make the achievement of management goals uncertain, such as social change, changes in the global environment, natural disasters, accidents and scandals. In addition, we have established "Risk Management Regulations" to ensure that the Basic Risk Management Policy is deployed in specific risk management activities.
Basic Risk Management Policy
- We prevent and reduce risks in order to ensure the quality and safety of our products and services, protect the lives and safety of our employees and their families, and earn greater trust from our stakeholders.
- We create a system to appropriately manage a wide range of risks associated with our business activities.
- We promote risk management through a plan-do-check-act cycle.
- We quickly and appropriately deal with risks as they are identified.
- In collaboration with group companies we build a system for immediately detecting new risks arising from changes in our business environment and for quickly and appropriately dealing with risks at the group level.
- Through risk communication with stakeholders, we gain an understanding of the opinions of stakeholders necessary for risk management.
- We openly disclose risk-related information, such as risk assessments and mitigation outcomes, fostering a trusting relationship between our company and stakeholders.
Basic Compliance Policy
Under our Business Principles we pledge that we will act in strict compliance with the law and in accordance with social mores. Fully aware that compliance is the foundation of Sustainability management, we published the Basic Compliance Policy and simultaneously created compliance rules in March 2005. We do not limit our definition of compliance to legal compliance; our definition includes compliance with the social mores from which our laws originate, the mission and business principles of our group, and internal regulations.
Basic Compliance Policy (Summary)
- Compliance with our Mission, Business Principles and social norms
- Maintaining internal systems and rules and ensuring broad-based awareness of them
- Cooperation with all group companies and promotion of educational and enlightenment activities
- Establishing appropriate responses and policies for when problems occur
- Timely and appropriate disclosure and communication of necessary information
- Compliance with international standards and rules, and respect for local cultures and customs
- Rejection of illegal and unwarranted demands from antisocial forces or organizations
Anti-Bribery
Message from President on Anti-Bribery Policy
Compliance is the fundamental concept of Taiheiyo Cement Group’s business. In our Business Principle developed based upon such concept, we pledged that, "we will act in an ethical manner and abide by laws and regulations" and published the Basic Policy on Corporate Governance in March 2005.
Furthermore, we established the Anti-Bribery Basic Principle (Policy) in January 2017 in order to enhance anti-corruption measures in light of the recent global trend of tightening regulations related to bribery.
We declare our thorough implementation of anti-bribery measures by publishing this policy outside the group.
Furthermore, in accordance with this policy, we established the “TAIHEIYO CEMENT GROUP Basic Rules and Regulations for Bribery Prevention" in June 2024. The purpose of this is to comply with anti-bribery and corruption laws and to prevent any acts that violate these laws in advance.
Proper Implementation and Management of Public Research Funds and Response to Misconduct in Research Activities
Taiheiyo Cement has established the rules for proper implementation and management of public research funds in its research activities and response to misconduct in research activities based on the Guidelines for Managing and Auditing Public Research Funds at Research Institutions as well as the Guidelines for Responding to Misconduct in Research enacted by the Ministry of Education, Culture, Sports, Science and Technology (MEXT) of Japan, with the following systems installed in accordance with the rules.
The following responsibility system has been established to ensure proper implementation and management of public research funds and prevention of misconduct in research activities at Taiheiyo Cement.
| Responsibilities | Positions at Taiheiyo Cement |
|---|---|
| Chiesexecutive administrator | President and Representative Director |
| Exetutive administrator | Director in charge of research and development |
| Administrator responsible for compliance implementation in pblic research(Research ethics education administrator) | Manager of the office to which researchers and otherinvolved member*belong |
*Every staff member involved in implementation and/or management of competitive or other public research funds
If there are accusation and consultation about misconduct in implementation and management of Public Research Funds and research activity at Taiheiyo Cement, please contact the head office general affairs department.
Initiatives to ensure compliance related to tax
Taiheiyo Cement Group Tax Policy
The Taiheiyo Cement Group formulated the Taiheiyo Cement Group Tax Policy in November 2019 to enhance its corporate governance related to tax.
In accordance with the tax policy, the Group pays taxes appropriately by ensuring compliance related to tax.
Operational Structure
Our president has ultimate responsibility for risk management and compliance promotion. The officer in charge of both areas (officer in charge of the General Affairs Department) is appointed by the president to preside over and run the Risk Management & Compliance Committee and systematically promote organized activities.
The committee plays a core role in our risk management and compliance promotion for the entire group. It deploys the policy, identifies, evaluates and specifies company-wide risks, implements risk management activities based on PDCA cycles and promotes compliance. Moreover, it creates and revises rules for risk management and compliance, and provides instructions for advancing the awareness and education of employees. Four meetings were held in FY2024.
(note) Subject to risk management: 94 group companies (Japan and overseas) (as of March 31, 2024)
Roadmap for Realizing the Long-term Vision
Compliance Enforcement
Companies are expected to actively fulfill a useful role in society, not just from an economic perspective. In order for our company and each of our group companies to live up to the trust and expectations of society and achieve continuous and stable development, we are working to promote compliance management that "recognizes the rules that must be followed in society and acts in accordance with them" and continue to be a trusted corporate group.
Risk Management
If a significant risk were to materialize, it not only undermines our management resources but can also adversely affect the stakeholders surrounding our group, potentially leading to a breakdown of trust and a loss of social credibility. In order to continue our business and achieve sustainable development, we are working on developing a risk management system and promoting effective risk management activities in order to reduce serious risks and minimize losses caused by actualized risks. We will also strive to properly handle, protect and manage information assets.
| KPI / Goals | FY2022 | FY2023 | FY2024 |
| Coverage of the Whistleblower Program in Group Companies (Japan and Overseas): 90% or more (FY2031) | 78.6% | 81.1% | 88.3% |
| Standards of Conduct Training (e-learning) Participation Rate: Maintain at 90% or more | 87.8% | 91.7% | 97.3% |
Whistleblower Program
We have set up whistleblower hotlines to receive reports directly without the need for the usual company procedures. Whistleblowers have the option of either disclosing their identity or reporting anonymously to mitigate any potential psychological constraints. We have whistleblower hotlines both internally (Compliance Hotline) and externally (at a law firm) in order to safeguard the privacy of those submitting reports. These hotlines are also available to all employees of group companies in an effort to strengthen group governance, improve program effectiveness, and reduce the burden on individual companies (the establishment of hotlines for overseas group companies is under consideration). In addition, we created the Whistleblower Program Regulations so whistleblowers using the program are not subject to unfavorable treatment.
| Hotline | No. of cases |
| Internal (whistleblower hotlines) | 4 |
| External (law firm) | 0 |
(note) Cases that should be regarded as reports are according to the Whistleblower Program Regulations.
* Taiheiyo Cement Corporation and group companies subject to risk management by the Risk Management & Compliance Committee are subject to aggregation.
Risk Management and Compliance Promotion Activities
Identifying, Evaluating and Specifying Company-wide Risks
We collect, evaluate and identify company-wide risks, including those of group companies, every three years and conduct an annual review of those risks. In the comprehensive review of company-wide risks conducted in FY2023, we performed a thorough inventory of risks considering the environmental changes over the past three years. We identified those risks that have a heightened concern for materialization and those with insufficient countermeasures as "company-wide risks" and decided to promote effective responses under the oversight of the Risk Management & Compliance Committee.
●Identified "company-wide risks," business opportunities and business strategies
| Company-wide risks | Business opportunities | Business Strategies |
| Risk of increase in the number and severity of natural disasters and aging facilities and equipment |
|
|
| Risk of business fluctuations in the supply chain |
|
|
| Human resource-related risks |
|
Examples of Overseas Risk Countermeasures
We have created and regularly revise the Riot/Terrorism Response Manual. In addition, with regard to high-risk countries to which our employees are dispatched, we clearly state the procedure for deciding on local evacuations, have created a tool for evaluating the emergency evacuation level according to changes in local situations, and provide training using the tool. We also list and secure supplies (food, clothes, toiletries and medicines), as well as cash and other resources needed, in the event of evacuation or an emergency at our overseas business sites.
Emergency Task Force
If an event such as a disaster, accident or misconduct has occurred, the affected business site informs the general manager of the General Affairs Department. The general manager considers the severity of the event and determines if an emergency task force should be established or if the response to the event can be delegated to the site management. Appropriate action is then taken by the emergency task force or local management.
As preparation for responding to disasters and accidents, we also conduct Shake Out earthquake drills that assume a largescale earthquake at each business site.
Risk Management and Compliance Promotion Training
To ensure effective risk management and compliance we provide training for risk management and compliance managers/ promoters working at the company’s business sites and group companies. In FY2024, we invited an outside lecturer to give a talk in November to the managers at our group companies on "Why Does Diversity Foster Organizational Growth? – Diversity Management and Case Studies" and "Sustainability and Corporate Management," which was attended by managers from 87 companies. We also held an e-learning training session for promoters in February on "Compliance Course – Preventing Misconduct in Organizations."
Compliance Training
We have created and distributed to all our employees, as well as all those of our main group companies, the Standards of Conduct (Casebook), which describes specific examples on how to act in line with the Standards of Conduct. We regularly revise the Standards of Conduct (Casebook) to reflect the latest information.
In addition, for all company employees, including those on loan to group companies, we conduct monthly quiz tests as part of e-learning programs to provide education on the Standards of Conduct (Casebook) and other materials so they learn how to act in individual situations. In FY2024, 97.3% of employees participated in the program.
Standards of Conduct (Casebook Fifth Edition) (Japanese Only)
Information security
System to Promote Information Security
To ensure and maintain the security of information assets we have established the Basic Information Security Policy and the Information Security Management Regulations. Under the management system in accordance with these regulations, we are actively working to maintain information security.
Our president has ultimate responsibility for information security. The president appoints the officer in charge of information security (officer in charge of the Corporate Planning Department), who presides over and runs the Information Security Committee in order to advance systematic, organized activities to promote information security.
Basic Information Security Policy (Summary)
- All information created in the course of work are ascribed to information assets.
- Take appropriate security measures to protect information assets under management and control from threats.
- Stipulate a manager, management method, handling standards, and other precautions according to the level of importance for all information assets handled, and safeguard security.
- Always comply with laws related to information security and other social norms, and manage personal information in accordance with our Privacy Policy.
- Continuously provide education and awareness building regarding information security to all officers and employees, and strive to keep everyone familiarized with information security.
- Should a security problem occur with regards to information assets, promptly ascertain the cause and strive to minimize any damage.
- Regularly audit the status of information security, and strive to continuously improve and enhance measures to ensure information security.
Privacy Policy (Summary)
- When obtaining, using, providing, entrusting, or otherwise handling personal information, do so appropriately under strict management and strive to protect the information. Also, do not handle personal information beyond the scope needed to achieve the purpose of use.
- Comply with laws and other norms.
- Take appropriate measures to prevent and/or correct unauthorized access as well as the loss, destruction, alteration, or leakage, etc., of personal information.
- Respond appropriately and promptly to complaints and inquiries regarding the handling of personal information.
- Establish a management system for the protection of personal information, and strive to maintain appropriate management.
Activities to Promote Information Security
In FY2024, we developed a cyber incident response manual that establishes the process for when a security incident occurs, and conducted a tabletop exercise that simulated internal network outages due to external security breaches. We have also continuously conducted recovery drills in preparation for natural disasters.
Additionally, we conducted suspicious email response training and security assessments for our company and group companies. Furthermore, we are working to enhance the overall security level of the group by distributing security news on our portal.
We also held a networking event for the information system personnel of group companies, providing an opportunity to share information from our company and discuss challenges faced by each company.
No serious incidents related to information security occurred in FY2024.
Risk Management for Intellectual Property
To prevent the infringement of intellectual property rights owned by other companies, we regularly monitor patent applications in relevant industries. For applications from other companies that warrant attention, we proactively engage in risk management activities to ensure a safe business environment. This includes verifying that we are not infringing on any rights, monitoring the examination status as needed, and considering appropriate responses.
To address intellectual property risks in the various foreign countries where we do business, we leverage our network of external organizations and experts to gather the latest local information and implement response measures equivalent to those in Japan to mitigate these risks.
In addition to these risk management activities, we are also promoting awareness within the group about the importance of respecting the rights of other companies. To date, we have never encountered any issues related to intellectual property that have affected our business.
