Basic Policy on Internal Control
Pursuant to Article 362 of the Companies Act of Japan and Article 100 of the Ordinance for Enforcement of the Companies Act, CMK Corporation has adopted the following Basic Policy on Internal Control.
A framework to ensure that execution of a director's or an employee's duty is in compliance with relevant laws and regulations and the Articles of Incorporation.
CMK Corporation (hereafter, the "Company") shall enhance its management supervision functions by strengthening the board of directors' functions for overseeing the execution of duties by directors and the audit functions of company auditors.
All the officers and employees of the Group shall execute their duties and further enhance the compliance systems of the Group in accordance with the CMK Group Action Statement, thereby ensuring compliance with laws, regulations, the Articles of Incorporation and social norms.
the Company shall have no relationship at all with anti-social forces and groups which threaten the order and safety of the civil society, and shall be resolute in dealing with them. The Company shall enhance education and training programs related to compliance.
A framework designed for the preservation and control of information relating to the directors' performance of their duties
A director shall prepare and preserve documents and other information concerning the execution of his/her duties in accordance with internal rules and add or improve the rules as necessary.
A framework including rules concerning risk of loss management
The Company shall set forth a cross-departmental risk management framework in order to deal with any and all risk in the corporate environment and strengthen its risk management in accordance with company-wide policies.
The Company shall strengthen the risk management of the entire company by having its Internal Control Management Committee establish and improve the risk prevention system and having its Risk Management Committee respond promptly and appropriately to the risks that have occurred.
A framework to ensure an efficient performance of directors' duties
The Company shall improve the organization arrangement in order to conform to the conditions of the Company based on the understanding of changes in the business environment. It shall also develop internal regulations to clearly define the scope of authority and responsibilities of each officer and division manager. The Company shall promote efficiency improvement of the entire company's operations by continuously improving the efficiency of each business division and administrative division, discovering elements which affect the efficiency, and taking countermeasures against such elements constantly.
A framework to ensure fairness of operations within the CMK Group, including CMK Corporation and its subsidiaries
- The Company shall conduct the business management of and provide management guidance to each subsidiary by placing emphasis on prior consultations between the Company and the subsidiary for important issues such as regularly reporting the content of the subsidiary business, while respecting the autonomy of each subsidiary as an independent corporate entity.
Any material issue that could have an impact on business results shall be subject to approval by the Company's board of directors. The Company shall dispatch directors and company auditors to each subsidiary, as necessary, to ensure the fairness of operations of the subsidiary.
- In accordance with the Group's risk management rules, etc., the Internal Control Management Committee shall deliberate on issues concerning the promotion of Group-wide risk management and devise measures for such issues.
In the event of an unforeseen situation within the Group, the Risk Management Committee shall lead the Group's response to the situation to ensure the continuation of the Group's business.
- In order to formulate a medium-term management plan on a consolidated basis and materialize the plan, key management goals shall be set for each fiscal year for the entire Group and actual performance shall be monitored and shared among Group companies.
- In order to familiarize all officers and employees of the Group with the CMK Group Action Statement, which is based on the Group's management philosophy, regular compliance training sessions shall be held to maintain and improve their awareness of compliance. Persons in charge of compliance matters shall be appointed within the Group, as appropriate, to ensure the infusion of compliance awareness throughout the Group.
The internal audit division shall audit the situations of the subsidiaries and provide them with instructions on improvement, support and advice.
The Group shall develop an environment that facilitates the use of its whistle blowing system with officers and employees.
Matters concerning employees assisting company auditors appointed based on such company auditors' request
If a company auditor requests the appointment of an employee to assist in his/her duties as a company auditor in order to ensure an effective audit, directors shall appoint an employee to assist the company auditor's duties, upon discussion therewith. The employee shall be appointed from among the employees who have the necessary knowledge and skill and shall follow the directions and instructions of the company auditor.
Matters concerning the independence of the employees mentioned in the previous section from directors
To ensure the independence of the employee mentioned in the previous section from the directors, matters concerning authority over personnel issues pertaining to the employee such as employee evaluation and employee movement shall be determined after obtaining the consent of the full-time corporate auditors.
A framework for directors, other employees, etc. of the Company and directors, employees, etc. of the subsidiaries to report to company auditors, etc.
- Company auditors shall attend the meetings of the board of directors and other important meetings as well as meetings of the Internal Control Management Committee and request reports on important management issues and risk information, as appropriate. Minutes of important meetings, internal decision-making documents, requesting documents on management decisions, etc. shall be submitted to company auditors for each case.
- A director who discovers any fact that caused or may cause serious damage to the Group shall immediately report such a fact to the company auditors.
- When a corporate officer or employee of the Group is requested by the Company's corporate auditors to make a report on matters concerning business execution, he/she shall promptly comply with such a request.
- When a corporate officer or employee of the Group discovers any fact that caused or may cause serious damage to the Company or the Group, including violations of laws, etc., he/she shall promptly report to the relevant division in charge and directly notify company auditors using such frameworks as those prescribed in the Regulations for the Whistle-Blowing System.
A framework to ensure that the whistle-blower mentioned in the previous section does not face unfair treatment due to having made a report
The Company forbids the dismissal or any other adverse action against any officer or employee of the Group who has made a whistle-blowing report to company auditors in retaliation for having made the report. The Company shall familiarize all officers and employees of the Group with this rule.
Matters concerning policies on the recognition of costs arising from the execution of duties by company auditors
When a company auditor requests the advance payment of costs relating to the execution of his/her duties pursuant to laws and regulations, the Company shall promptly pay such costs, etc. save in the event that the requested costs are proven to be unnecessary for the execution of his/her duties.
A framework to ensure effective audit by the company auditors
- The Company's representative director and the director in charge of internal controls shall create opportunities that are sufficient for the exchange of information and opinions, etc., as appropriate, and shall endeavor to improve the internal control system to suit the condition of the Group.
- In executing their duties, company auditors shall, at their own discretion, ensure the creation of opportunities to cooperate with attorneys, certified public accountants and other external professionals.
Fundamental IT Policy
Based on the Company motto of Development and Lasting Prosperity and its management policies, CMK seeks to control its information-technology lifeline, improve operational efficiency and increase profits, and improve its competitive abilities using IT.
Definition of IT
"IT" refers to information-technology assets used to achieve goals such as improving operational efficiency and increasing profits. The scope of IT is shown below:
- IT data and the human resources using IT
- Planning optimal IT investment to realize management strategies.
- Managing IT-related development and operation processes and costs to increase cost effectiveness.
- Working to develop human resources through continuous IT training.
- Working to visualize IT by clarifying relationships between IT and business processes.
- Working to build a foundation for business continuity through IT-related security measures and risk avoidance.
Information Security Guidelines
At CMK CORPORATION, our ultimate goal, as espoused in management policy, is to inspire confidence in our products and generate customer satisfaction, and in doing so to impart joy and pleasure. Information represents one of our most valuable management assets. Effective information sharing and use within the company helps improve efficiency and rationality, accelerate decision-making processes, and enhance competitiveness on the global stage. Meanwhile, externally, information assets must be protected to ensure the highest standards of security and confidentiality. For these reasons, information security is treated as a key management issue. The Information Security Guidelines are designed to ensure that an optimum level of security is maintained on an ongoing basis.
- mplement information security in compliance with the relevant legislation and ordinances, as well as internal stipulations and regulations and applicable social standards and norms.
- Strive to protect its information assets from security threats such as unauthorized access, loss, destruction, tampering, and confidentiality breaches through a combination of organizational, personnel, physical, and technological measures designed to prevent security breaches and rectify any problems that may occur.
- Ensure that information classified as confidential is subject to stringent confidentiality measures and disclosed to employees only to the extent required for business operations.
- Provide training on information security for directors and employees of the company and other persons as relevant.
- Set up and maintain administrative systems and structures that incorporate the continuous improvement of information security measures.