- Home
- Corporate Information
- Risk Management
Risk Management
The Group’s View of Risk Management
The Group defines risk as “uncertainties that have both potential positive and negative sides that could have an impact on the achievement of targets by a company’s management.” The Company has positioned risk management as the “activity that increases corporate value by managing risks by reasonable and optimal methods from a company-wide perspective” to achieve sustainable corporate growth by addressing the positive side and the negative side of risk properly.
Enterprise Risk Management (ERM) Centered on the Risk Management Committee
J. Front Retailing has a Risk Management Committee, which is chaired by its President and Representative Executive Officer and comprises its Executive Officers and the presidents of major operating companies. The committee has a secretariat headed by an officer in charge of risk management. The secretariat shares important matters decided by the committee with operating companies to promote enterprise risk management (ERM). We position risk as the starting point of strategy and link risk with strategy so that risk management will enhance corporate value.
Risk Management Process
The Group promotes risk management through the following processes. Specifically, we are striving to ensure that risks of high importance to the Group are not overlooked, under the external and internal environmental analyses, and based on the recognition of Directors, the management team, external experts, and practical divisions.
Those risks that are of extreme importance to the Group management over the medium term are positioned as the JFR Group Key Risks and are the starting point of the Group Medium-term Business Plan. The JFR Group Key Risks are broken down and detailed from an annual perspective, and risks (mainly operation risks and system response) that need to be addressed individually in the relevant fiscal year are combined into the JFR Group Annual Risks, and we prioritize them and implement countermeasures.
The JFR Group Annual Risks are monitored for changes in the environment surrounding the risks and the progress of countermeasures, which are discussed by the Risk Management Committee and reported to the Board of Directors.
The Group’s Risk Perception
Of the thirteen Group Key Risks, we have positioned four risks, “transformation of industry structure in existing businesses,” “intensifying competition in attracting human resources,” “accelerating technological innovation,” and “growing importance of environmental issues,” as the top priority risks in the Medium-term Business Plan because of their extremely large impact on the Group’s management.
In addition, at present, the market for overseas consumers, mainly inbound tourists, is expected to continue to expand. This market is considered an important target for the Group, so it will be an opportunity for us to continue to respond appropriately. On the other hand, we anticipate a significant drop in inbound sales due to the political situation and other reasons, and we must continue to focus on responding to domestic customers.
Strengthening Resilience
In response to risks such as natural disasters that threaten business continuity, we have established a business continuity system based on our business continuity plan from the perspective of ensuring critical operations (funds, payment operations, etc.) and critical infrastructure (systems, etc.). We are also working to improve our ability to respond to a wide range of crisis events and their effectiveness by expanding the content of our business continuity plan, such as by formulating a Manual for Responding to the Eruption of Mt. Fuji, and by conducting regular BCP drills at each operating company.
In addition, we will respond to infectious diseases based on the New Infectious Disease Response Manual, which stipulates items related to ensuring the safety of human life, minimizing the impact on our business, and establishing a system to deal with such diseases during normal times.
Information Security Measures
In order to respond to recent changes in the IT environment and increasingly sophisticated and complex cyber attacks, the Group is continually working on both hardware and software aspects.
In terms of hardware, we are promoting multi-factor authentication for business systems to strengthen measures against the risk of information leakage in the event of a password leakage, and we are also strengthening security by renewing the Group network. In terms of software, based on the Group Security Guidelines, which were substantially revised in the previous fiscal year, we will strive to create an environment in which security incidents are unlikely to occur by improving peripheral regulations, strengthening the security incident response system, centrally managing IT assets within the Group, and clarifying response procedures when vulnerabilities are discovered in the system. At the same time, we will improve security awareness and literacy by conducting incident response training for IT personnel and continuing to provide information security e-learning and targeted attack e-mail training for all employees.
