Internal Control & Risk Management
Marubeni's internal control system was established to enhance our corporate value through corporate activities that fulfill the "Company Creed" and "Management Philosophy" and to build a stable and sustainable corporate foundation. Our internal control system is regularly reviewed in terms of its structure and performance so as to stay abreast of social and environmental change.
Priority CSR Activities in Fiscal 2010
To use the internal control reporting system to carry out higher levels of assessment in financial reporting in order to further improve internal control.
Fiscal 2010 in Review
In fiscal 2010, the third year following the change in the law implementing regulations on internal control, we worked to enhance the assessment procedure that serves as the basis of our internal control reporting. Specifically, we made the assessment procedure more stringent and more consistent.
The enhanced assessment procedure makes it possible for us to gain a better understanding of the current status of the development and operation of important controls in each division, thus further improving the internal control of the whole Group.
Basic Policy on Internal Control
In general, an internal control system has a number of objectives, including ensuring that operations are performed efficiently, ensuring the accurate preparation of statements of accounts for the reporting of financial results to stakeholders, and ensuring compliance with laws and regulations. Marubeni has defined internal control as preparation/ maintenance and operation of internal schemes in accordance with these objectives.
In accordance with the Companies Act and the Ordinance for Enforcement of the Companies Act, Marubeni has developed a basic policy for ensuring the appropriate operation of the Marubeni Group. We aim to make our system as appropriate and efficient as possible so that it can respond to changes in society.
Internal Controls over Financial Reporting
Recognizing the importance of internal control, in March 2004, the Marubeni Group started the MARICO PROJECT (MARubeni Internal COntrol System PROJECT) to ensure the reliability of our financial reporting. Following the methodology outlined in the Sarbanes- Oxley Act (SOX Act) of the United States, the MARICO PROJECT documented the flow of business practices, as well as the risks and controls relating to financial reporting. After evaluating the effectiveness of the project, we completed our Group-wide internal control system in fiscal 2005.
Pursuant to the Financial Instruments and Exchange Act, from April 2008, listed companies in Japan are required to have in place a reporting system for their internal control over financial reporting. Marubeni fulfilled this requirement before the legislated deadline and has since taken proactive and voluntary steps to achieve effective internal control to enhance our corporate value base.
We expect to submit our internal control report for fiscal 2010 together with our annual securities report in June 2011.
Current Structure of Risk Management
To manage our risks which come from our wide range business activities, the Marubeni Group has implemented the qualitative and quantitative risk management at both the macro and micro levels. At the macro level, we promote integrated risk management based on quantitative methods. At the micro level, we have improved our control for individual projects by requiring scenario analysis, rigid adherence to the numerical benchmarks and reinforcing monitoring systems for each project.
With respect to qualitative risks, we have adopted a preventative approach by improving our internal control system and bolstering our compliance structure. For trade compliance, we have established the Trade Compliance Management Department in an attempt to strengthen assessment functions and enhance business functions.
Risk management is also positioned as an important measure in the Marubeni Group's mid-term management plan SG-12. Under the plan, we will develop stronger and more advanced risk management to best cope with the rapidly changing management and business environments.
Development of Risk Management System
We manage major potential business risks using the system shown in Figure 1.
For important individual proposals, such as those relating to investment or financing, drafts are first circulated and discussed by the "Investment and Credit Committee" and the Corporate Management Committee before the President makes a decision. The Board of Directors is also involved in decisionmaking on issues of substantial importance. Following implementation, each business division manages its own risk exposure and, for important cases, periodic status reports are made to the "Investment and Credit Committee" and the Board of Directors. In addition, risk is diversified through portfolio management to reduce the risk to the company as a whole.
Figure1: Risk Management System Structure
Fair Trading
The Marubeni Group's "Management Philosophy" is to conduct its corporate activities in a fair and forthright manner in accordance with the spirit imbued in our "Company Creed" of "Fairness, Innovation and Harmony." The Marubeni Group's "Compliance Manual" also contains sections on "Compliance with the Antimonopoly Law and Related Laws and Regulations" and "Prohibition of Unfair Competition."
Response to Antisocial Forces
We resolutely renounce antisocial forces and groups that threaten the order and security of society and refuse to have any contact with them.
The "Compliance Manual" contains detailed provisions regarding "bans on money laundering" and "bans on using the influence of antisocial forces."
Information Security
In November 2001, Marubeni established the "Marubeni Information Security Policy." We implement safety and protection measures for information assets to conduct business activities safely and without exposure to information security risks. In January 2005, we established the IT Security Management Rule and the IT Security Standard to raise the awareness of the whole company on the importance of information security. These actions were designed to take measures against such risks as unauthorized access, loss, destruction, alteration and leaks of information assets, as well as to maintain the effective use and credibility of those assets.
More specifically, we have established the Detailed Rules for the Administration of Documents and other Records and the IT Usage Rules, and have been promoting compliance with these rules by employees throughout the entire Group. In addition, we encourage Group companies to formulate and apply their own rules tailored to the specific features of their respective businesses with reference to Marubeni's rules and regulations.
We have also established the Guidelines for IT General Control as a standard for strengthening control at Marubeni and key Group companies in response to the fiscal 2008 launch of the internal control reporting system based on the Financial Instruments and Exchange Act. The guidelines are continuously reviewed and improved.
Business Continuity Plan (for business continuity in the event of a major disaster)
Marubeni has formulated a Business Continuity Plan (BCP) to prepare for largescale earthquakes and the epidemics of new strains of influenza. The BCP is not only for the Tokyo Head Office, but also for other offices both in and outside Japan that could impact the continuation of corporate activities.
When a massive earthquake hit Japan in March 2011, an emergency headquarters under the direction of the President was established in accordance with the initial response guidelines stipulated in the BCP (the BCP itself was not implemented). Information on the safety of employees, the status of infrastructure and damage to facilities was quickly collected and necessary measures were taken in a timely manner. These plans are reviewed annually and revised as necessary.
