Sojitz Corporation

CLOSE

Risk Management

Policy and Basic Approach

Sojitz Group aims to ensure sound management practices and increase its corporate value. To realize these aims, Sojitz identifies and categorizes risks that may occur under the performance of duties with the potential to result in unexpected losses or damages to Sojitz Group’s net assets. Additionally, Sojitz carefully assesses risks associated with new business ventures or accompanying changes in the business environment, and the company has established the necessary risk management systems to address these risks and manages these systems appropriately.

Systems

Sojitz Group uses an evaluation process to regularly review the major risks facing the Group and has currently identified 12 major risk types. Sojitz appoints risk managers for each risk type and these managers establish risk management policies and plans for addressing the unique characteristics of each risk type. Sojitz has established internal committees that act as executing bodies under the supervision of the president & CEO to oversee management issues that require collaboration across organizations, and each committee deliberates and executes risk countermeasures. In addition, Sojitz has established working groups that address specific themes from a cross-organizational perspective.

The status of Sojitz’s risk management operations, efforts to improve risk management systems, and monitoring results are reported quarterly to the Management Committee and Board of Directors through the Internal Control Committee, which is chaired by the CFO. The Board of Directors supervises Sojitz’s risk management operations through discussion of important risk management-related issues and through regular reports.

Major 12 Risks and Sojitz Internal Committees

  1. Market risks (foreign exchange rates, interest rates, commodity prices, listed securities prices)
  2. Credit risks
  3. Business investment risks
  4. Country risks
  5. Funding risks
  6. Environmental and social (human rights) risks
  7. Compliance risks
  8. Legal risks
  9. System and information security risks
  10. Disaster risks
  11. Risks related to sharing company information via the corporate website and social media accounts
  12. Quality management risks
Committee Chairperson
Internal Control Committee Executive Vice President, CFO
Compliance Committee Executive Officer, CCO
Sustainability Committee President & CEO
Security Trade Control Committee Executive Vice President
DX Promotion Committee President & CEO
Quality Management Committee Managing Executive Officer
Information and IT System Security Committee Vice President, CISO
Business Continuity Management Working Group Managing Executive Officer
Disclosure Working Group Executive Officer

Initiatives

In compliance with its Basic Code of Corporate Risk Management, Sojitz Group defines and categorizes risks and manages them according to the nature of each risk. For quantifiable risks (market risks, credit risks, business risks, and country risks), risk assets are measured on a quarterly basis. Difficult-to-quantify risks (funding risks, environmental and social (human rights) risks, compliance risks, legal risks, System and information security risks, disaster risks, risks related to sharing company information via the corporate website and social media accounts, and quality management risks) are managed in the same manner as quantifiable risks, with risk managers being appointed for each risk. These risk managers establish risk management policies and plans, and issue quarterly progress reports to the Internal Control Committee, the Management Committee, and the Board of Directors. In the event that a new risk is detected mid-quarter, risk managers assess the risk as well as the status of risk management systems and initiatives in order to verify the effectiveness of overall risk countermeasures.

Sojitz’s basic internal control policy comprises three lines of defense (first line: business divisions; second line: corporate departments; third line: internal audits). Under Medium-term Management Plan 2023, we seek to augment the risk management capabilities of the first and second lines while bolstering our capacity to respond to the risks that might emerge due to our entry into new business fields.

3線ディフェンス図

Specifically, risks with the potential to impact Sojitz Group are subdivided in order to track risks in a meticulous and comprehensive manner. The responsible corporate department is defined for each of the subdivided risk types, comprising the second line of defense. Each department uses an evaluation process to identify major risks and implements a PDCA cycle. Through this approach, Sojitz will strengthen its response toward quality and information management risks associated with business-to-consumer operations, which are expected to grow in the future, as well as toward the risks that may emerge in new business fields.

リスク管理基本規定におけるリスク管理PDCA活動のイメージ図

Individual Risks

Category Status of response
Quantifiable Risks
Market risks
  • -The Group minimizes market risks through such means as matching assets and liabilities (e.g., long and short commodity exposures) and hedging with forward exchange contracts, commodity futures and forward contracts, and interest rate swaps.
Credit risks
  • -The Group implements safeguards (e.g., collateral and guarantees) as warranted by the customer’s credit status.
  • -The Group uses a system for assessing receivables to identify customers for inquiry from among those customers with business receivables, based on certain standards; regularly monitors credit risk; and estimates provisions for doubtful accounts for individual receivables.
Business investment risks
  • -The Group closely examines business plans and carefully assesses feasibility when deliberating on investment projects. The Group also sets hurdle rates using internal rate of return (IRR) and selects those projects that can generate profits commensurate with risk and contribute to improved shareholder value.
  • -After investment, in order to ascertain issues at an early stage, improve shareholder value, and minimize losses from withdrawal or restructuring, the Group sets conditions for monitoring and withdrawal and for determining whether projects meet these conditions on an annual basis.
Country risks
  • -The Group assigns country risk ratings and sets net exposure limits to avoid concentrated exposure to any single country or region.
  • -In countries that pose substantial country risk, the Group hedges against country risk on a transaction-by-transaction basis, through such means as purchasing trade insurance.
Difficult-to-Quantify Risks
Funding risks
  • -The Group ensures stable funding by maintaining good business relationships with financial institutions and by keeping the long-term debt ratio at a specified level.
  • -To provide additional financial flexibility and liquidity, the Group maintains long-term commitment lines and a long-term multi-currency borrowing facility agreement with effective period provisions.
Environmental and social (human rights) risks
  • -The Group has defined its Sustainability Challenge long-term vision for 2050 as well as decarbonization policies in relation to its Key Sustainability Issues (Materiality). The Sustainability Committee monitors progress with regard to these objectives. In addition, scenario analyses are performed based on the final recommendations of the Task Force on Climate-related Financial Disclosures. Meanwhile, the Finance & Investment Deliberation Council confirms environmental risks, social risks, and other risks related to sustainability when deliberating on potential finance and investment projects.
  • -Additionally, the Group has established an Environmental Policy, a Human Rights Policy, and CSR Action Guidelines for Supply Chains. It works to mitigate risks by ensuring these policies are observed throughout the Group, sharing them with suppliers, conducting risk assessments, and working to address discovered issues. For climate-related risks, the Group pays close attention to government policies and regulatory trends worldwide, analyzing their impact on the Group’s business.
Compliance and legal risks
  • -The Group has formulated a compliance program and has established the Sojitz Group Code of Conduct and Ethics. The Compliance Committee promotes rigorous regulatory compliance on a Groupwide basis.
  • -The Security Trade Control Committee is a central proponent in the implementation of systems for security trade control initiatives.
  • -Measures are in place to monitor the taxation-related procedures of Group companies and to strengthen taxation governance.
System and information security risks
  • -The Group has prescribed regulations and established oversight entities, mainly the Information and IT System Security Committee, pertaining to the appropriate protection and management of information assets.
  • -The Group has implemented safeguards, such as installation of backup hardware, to protect against failure of key information systems and network infrastructure. Additionally, the Group is strengthening its safeguards against information leaks through such means as installing firewalls and taking other steps to prevent unauthorized access by outsiders, implementing sophisticated malware countermeasures, and utilizing encryption technologies.
Disaster risks
  • -The Business Continuity Management Working Group formulates action plans for addressing disaster risks and monitors the progress of these plans. In addition, disaster and infectious disease response manuals and business continuity plans have been established. Efforts are taken to educate employees on the use of the safety confirmation system and crisis management drills are regularly conducted. With regard to the COVID-19 pandemic, we are placing first priority on preventing infections and the spread of COVID-19 inside and outside of the company and are maintaining the safety of all Group employees and stakeholders as we implement a variety of response measures.
Risks related to sharing company information via the corporate website and social media accounts
  • - The Group has set administrative guidelines for the terms of use and protection of personal information on Sojitz Corporation’s and Sojitz Group companies’ official websites and social media accounts, and monitors the implementation status of these guidelines at Group companies. Any updates are reported to the Disclosure Working Group to monitor progress in addressing risks.
Quality management risks
  • -The Group’s business investments have resulted in increased involvement in manufacturing and other new business areas, and the Group therefore actively monitors the status of quality management systems for manufactured products and services.
  • -The Group established the Quality Management Committee in the fiscal year ended March 2022, for the purpose of reconstructing company-wide quality management systems to facilitate the development of businesses based on a market-oriented perspective and to promote participation in manufacturing businesses.

Risk Measurement and Control

The goals of risk measurement are to 1) manage quantified risk assets within the scope of the company’s strength (total equity), and 2) maximize earnings in line with the level of risk exposure. Based on this thinking, Sojitz Group manages risks with a focus on both stability and profitability. Risk assets are measured quarterly and reported to the Board of Directors and the Management Committee. Each business department receives feedback on analysis conducted for factors affecting risk levels, and the business departments utilize the results of these analyses in their ongoing risk management efforts. Sojitz Group’s objective for risk control is to keep the ratio of risk assets to total equity at or below 1.0. Sojitz has maintained this goal ratio since the fiscal year ended March 2010.

Amid the current spread of COVID-19, governments around the world are taking steps to minimize the impact of the pandemic on their economies through vaccine rollouts and other ongoing government financing and financial measures. However, the current conditions are expected to continue over the long term. In this constantly changing operating environment, Sojitz Group is implementing appropriate risk management measures. For example, risk assets are calculated by factoring stress into stock price and exchange rate volatility and country credit ratings, and the ratio of risk assets to total equity is monitored to ensure that the ratio remains at 1.0 or below, even under stress conditions. In addition, as a countermeasure to tail risk, Sojitz creates stress scenarios for its core businesses in order to analyze the potential impacts that stress conditions may have on its business portfolio.

Risk Measurement and Control

Business Investment Proposals

Business investment proposals are deliberated by the Finance & Investment Deliberation Council, which consists of a chairman and members appointed by the president & CEO. In order to visualize risks and facilitate deliberation, the council examines downside scenarios as well as expected scenarios, and decides whether or not Sojitz should invest in projects. More specifically, the council assesses the feasibility of the overall business plan, including the cash flow plan, and sets internal rate of return (IRR) hurdles in order to select projects that can be expected to increase Sojitz Group’s shareholder value and produce returns commensurate with the risks. Each corporate department deliberates proposals in advance from its respective specialized viewpoint.

More than ever before, Sojitz seeks to maximize “two types of value”—that is, “value for Sojitz” and “value for society”—in its management of operating companies after investment. Sojitz aims to enhance the value of its businesses by increasing competitiveness and profitability. For ongoing investment projects, Sojitz carefully manages business processes, including through assessments of commercial viability and profitability, while also paying attention to changes in the external environment. Sojitz considers all of these factors as it determines whether to continue with each business. Sojitz sets exit rules and implements a monitoring system in order to identify problems in ongoing investment projects early on, improve shareholder value, and minimize losses upon withdrawal or reorganization. Sojitz relies on these criteria as it determines whether to continue with or withdraw from an investment, primarily for businesses that do not generate a return that exceeds the cost of capital.

Business Investment Proposals

Risk Management Training

Establishing rules alone is not sufficient to enhance company-wide risk management competence; all employees throughout the company must have risk management capabilities. In addition to e-learning courses and other trainings to familiarize employees with company rules, Sojitz provides a wide range of risk-related trainings. Training topics include: case studies on past risk-related incidents, preventing and mitigating country risks, preventing and mitigating transactions with inherent market risks such as inventory transactions. Training is provided for employees at various levels, including junior employees and management-level staff. Training is based on the knowledge and on-the-job experience of employees directly involved in daily operations. Sojitz also regularly holds workshops with external specialists on topics such as political and economic conditions to foster employees’ ability to respond flexibly to changes in the business environment. In addition, Sojitz takes steps to further instill risk management capabilities throughout the company by bringing staff from business divisions and overseas operating bases into risk management organizations, and through other personnel exchanges between risk management organizations at Sojitz’s Tokyo headquarters and Group companies.

Page top