Risk management structure

Sanrio Joint Compliance Committee

We maintain the Sanrio Joint Compliance Committee as a meeting body to manage risks from a company-wide perspective. The committee is composed of a chairperson (Managing Executive Officer responsible for the Internal Control Division and Human Resources Division), a vice-chairperson (Managing Executive Officer responsible for the Corporate Management Division), an outside director who does not serve as an Audit and Supervisory Committee member, an outside director who serves as an Audit and Supervisory Committee member, and an outside attorney. A new managing executive officer who is responsible for the two areas of risk and compliance and internal auditing has been newly appointed and oversees the organizational aspects to foster a better corporate culture and address risk management and compliance in a timely and appropriate manner through highly transparent discussions mindful of outside perspectives. At the beginning of each fiscal year, the Company identifies potential risks based on internal and external information, the audit results of the Internal Auditing Department, and other sources. The risks are analyzed and evaluated for importance, likelihood of occurrence, and potential effect on financial reporting, and risk countermeasures are formulated and set in place. In addition, a company-wide risk map is being created and updated to enable a comprehensive overview for viewing, comparing, and understanding the magnitude of risks. Matters discussed by the Sanrio Joint Compliance Committee are shared with the Board of Directors, and the Board of Directors monitors internal risks, ascertains the status of risks and addresses them.

Subordinate organizations of the Sanrio Joint Compliance Committee include the IT Committee, Product Safety Measures Committee, and Fire Prevention and Disaster Prevention Committee. In principle, all committees meet four times each year to monitor, respond to, and manage internal risks. Additionally, the Compliance Department serves as the secretariat for the Sanrio Joint Compliance Committee and is responsible for handling day-to-day risks.

When a person in charge of compliance designated in each department by the Compliance Department detects a risk within the business of their department, the person in charge discusses and implements measures together with the relevant officer responsible for the department and reports to the Sanrio Joint Compliance Committee. For risks that require a company-wide response, the Sanrio Joint Compliance Committee will work with the relevant departments to collect information on the risk, and if necessary, assist in decision-making at the management meetings and the Board of Directors.

Persons in charge of compliance play a key role in risk management by cooperating in the comprehensive identification of risks in each department and strengthening countermeasures if risk responses are insufficient. As the PDCA cycle for risk management activities is implemented, the risk map is simultaneously updated to its newest version.

We are currently establishing a system to expand the risk management structure implemented at the headquarters throughout the entire Group, including overseas offices.

Sanrio recognizes that the transition risks and physical risks associated with climate change can affect not only the environment, but also our economic situation and business operations. The Sustainability Committee also monitors sustainability risks, including those mentioned above, and if any risks that require a response are discovered, the committee works with the Sanrio Joint Compliance Committee to consider and implement appropriate countermeasures.

Each Group company, including those overseas, holds a risk management meeting twice a year. At these meetings, the Head Office shares the latest risk information and discusses specific risks and responses at Group companies. The minutes of the risk management meetings from each company are shared with the Joint Compliance Committee.

Internal Control Project Management Committee

Each year, the Internal Control Project Management Committee conducts an evaluation of the risks and controls related to financial reporting of the entire Group in accordance with the Financial Instruments and Exchange Act and reports the results to the Board of Directors.

Internal Auditing Department

The Internal Auditing Department audits Group companies, including those overseas, and each division at the Head Office, or conducts themed audits to evaluate operating process controls, the effectiveness of risk management, and other relevant themes. If any improvements are needed, it makes recommendations to the audited divisions. Results of internal audits are reported to the Board of Directors.

In line with the growth strategy in our Medium-Term Management Plan, we are challenging ourselves with new businesses, including in the education, game, and digital areas. This strategy increases the need to identify and understand risks in new business areas with which the Company does not have experience. We will continue to implement thorough risk management while reinforcing our know-how and personnel, and effectively utilizing outside resources when necessary.

Business continuity management in the event of an earthquake

Sanrio has prepared an Emergency Response Manual for Earthquakes in preparation for an earthquake in the upper 5 range or higher on the Japanese seismic intensity scale in the Tokai area or the Greater Tokyo metropolitan area. This manual addresses formulation of a basic policy, preparatory measures and the initial response up to activation of the Management Crisis Response Headquarters, determining the persons in charge, to ensure business continuity management (BCM).