Sojitz Group aims to ensure sound management practices and increase its corporate value. To realize these aims, Sojitz identifies and categorizes risks that may occur under the performance of duties with the potential to result in unexpected losses or damages to Sojitz Group’s net assets. Additionally, Sojitz carefully assesses risks associated with new business ventures or accompanying changes in the business environment, and the company has established the necessary risk management systems to address these risks and manages these systems appropriately.
Sojitz Group uses an evaluation process to regularly review the major risks facing the Group and has currently identified 12 major risk types. Sojitz appoints risk managers for each risk type and these managers establish risk management policies and plans for addressing the unique characteristics of each risk type. Sojitz has established internal committees that act as executing bodies under the supervision of the president & CEO to oversee management issues that require collaboration across organizations, and each committee deliberates and executes risk countermeasures. In addition, Sojitz has established working groups that address specific themes from a cross-organizational perspective.
The status of Sojitz’s risk management operations, efforts to improve risk management systems, and monitoring results are reported quarterly to the Management Committee and Board of Directors through the Internal Control Committee, which is chaired by the CFO. The Board of Directors supervises Sojitz’s risk management operations through discussion of important risk management-related issues and through regular reports.
Major 12 Risks and Sojitz Internal Committees
- Market risks (foreign exchange rates, interest rates, commodity prices, listed securities prices)
- Credit risks
- Business investment risks
- Country risks
- Funding risks
- Environmental and social (human rights) risks
- Compliance risks
- Legal risks
- System and information security risks
- Disaster risks
- Risks related to sharing company information via the corporate website and social media accounts
- Quality management risks
|Internal Control Committee||Executive Vice President, CFO|
|Compliance Committee||Executive Officer, CCO|
|Sustainability Committee||President & CEO|
|Security Trade Control Committee||Executive Vice President|
|DX Promotion Committee||President & CEO|
|Quality Management Committee||Managing Executive Officer|
|Information and IT System Security Committee||Vice President, CISO|
|Business Continuity Management Working Group||Managing Executive Officer|
|Disclosure Working Group||Executive Officer|
In compliance with its Basic Code of Corporate Risk Management, Sojitz Group defines and categorizes risks and manages them according to the nature of each risk. For quantifiable risks (market risks, credit risks, business risks, and country risks), risk assets are measured on a quarterly basis. Difficult-to-quantify risks (funding risks, environmental and social (human rights) risks, compliance risks, legal risks, System and information security risks, disaster risks, risks related to sharing company information via the corporate website and social media accounts, and quality management risks) are managed in the same manner as quantifiable risks, with risk managers being appointed for each risk. These risk managers establish risk management policies and plans, and issue quarterly progress reports to the Internal Control Committee, the Management Committee, and the Board of Directors. In the event that a new risk is detected mid-quarter, risk managers assess the risk as well as the status of risk management systems and initiatives in order to verify the effectiveness of overall risk countermeasures.
Sojitz’s basic internal control policy comprises three lines of defense (first line: business divisions; second line: corporate departments; third line: internal audits). Under Medium-term Management Plan 2023, we seek to augment the risk management capabilities of the first and second lines while bolstering our capacity to respond to the risks that might emerge due to our entry into new business fields.
Specifically, risks with the potential to impact Sojitz Group are subdivided in order to track risks in a meticulous and comprehensive manner. The responsible corporate department is defined for each of the subdivided risk types, comprising the second line of defense. Each department uses an evaluation process to identify major risks and implements a PDCA cycle. Through this approach, Sojitz will strengthen its response toward quality and information management risks associated with business-to-consumer operations, which are expected to grow in the future, as well as toward the risks that may emerge in new business fields.
|Category||Status of response|
|Business investment risks||
|Environmental and social (human rights) risks||
|Compliance and legal risks||
|System and information security risks||
|Risks related to sharing company information via the corporate website and social media accounts||
|Quality management risks||
The goals of risk measurement are to 1) manage quantified risk assets within the scope of the company’s strength (total equity), and 2) maximize earnings in line with the level of risk exposure. Based on this thinking, Sojitz Group manages risks with a focus on both stability and profitability. Risk assets are measured quarterly and reported to the Board of Directors and the Management Committee. Each business department receives feedback on analysis conducted for factors affecting risk levels, and the business departments utilize the results of these analyses in their ongoing risk management efforts. Sojitz Group’s objective for risk control is to keep the ratio of risk assets to total equity at or below 1.0. Sojitz has maintained this goal ratio since the fiscal year ended March 2010.
Amid the current spread of COVID-19, governments around the world are taking steps to minimize the impact of the pandemic on their economies through vaccine rollouts and other ongoing government financing and financial measures. However, the current conditions are expected to continue over the long term. In this constantly changing operating environment, Sojitz Group is implementing appropriate risk management measures. For example, risk assets are calculated by factoring stress into stock price and exchange rate volatility and country credit ratings, and the ratio of risk assets to total equity is monitored to ensure that the ratio remains at 1.0 or below, even under stress conditions. In addition, as a countermeasure to tail risk, Sojitz creates stress scenarios for its core businesses in order to analyze the potential impacts that stress conditions may have on its business portfolio.
Business investment proposals are deliberated by the Finance & Investment Deliberation Council, which consists of a chairman and members appointed by the president & CEO. In order to visualize risks and facilitate deliberation, the council examines downside scenarios as well as expected scenarios, and decides whether or not Sojitz should invest in projects. More specifically, the council assesses the feasibility of the overall business plan, including the cash flow plan, and sets internal rate of return (IRR) hurdles in order to select projects that can be expected to increase Sojitz Group’s shareholder value and produce returns commensurate with the risks. Each corporate department deliberates proposals in advance from its respective specialized viewpoint.
More than ever before, Sojitz seeks to maximize “two types of value”—that is, “value for Sojitz” and “value for society”—in its management of operating companies after investment. Sojitz aims to enhance the value of its businesses by increasing competitiveness and profitability. For ongoing investment projects, Sojitz carefully manages business processes, including through assessments of commercial viability and profitability, while also paying attention to changes in the external environment. Sojitz considers all of these factors as it determines whether to continue with each business. Sojitz sets exit rules and implements a monitoring system in order to identify problems in ongoing investment projects early on, improve shareholder value, and minimize losses upon withdrawal or reorganization. Sojitz relies on these criteria as it determines whether to continue with or withdraw from an investment, primarily for businesses that do not generate a return that exceeds the cost of capital.
Establishing rules alone is not sufficient to enhance company-wide risk management competence; all employees throughout the company must have risk management capabilities. In addition to e-learning courses and other trainings to familiarize employees with company rules, Sojitz provides a wide range of risk-related trainings. Training topics include: case studies on past risk-related incidents, preventing and mitigating country risks, preventing and mitigating transactions with inherent market risks such as inventory transactions. Training is provided for employees at various levels, including junior employees and management-level staff. Training is based on the knowledge and on-the-job experience of employees directly involved in daily operations. Sojitz also regularly holds workshops with external specialists on topics such as political and economic conditions to foster employees’ ability to respond flexibly to changes in the business environment. In addition, Sojitz takes steps to further instill risk management capabilities throughout the company by bringing staff from business divisions and overseas operating bases into risk management organizations, and through other personnel exchanges between risk management organizations at Sojitz’s Tokyo headquarters and Group companies.