Investor Relations Operational and Other Risks
The ID Group is committed to obtaining an accurate grasp of the various risks that can have important effects on investors’ judgements and reducing risks that may have an impact on its management. For this purpose, the Group established the Group Risk Management Committee as an advisory body to the Board of Directors. The Committee divided the main risks it anticipates for the ID Group into three categories—management and financial risk; personnel, labor and general social risk; and business-segment risk—and established subcommittees for each. The subcommittees identify specific risks and propose measures to deal with them, and the Group Risk Management Committee deliberates on and examines those proposals.
The following are some of the items related to the Group’s business results, accounts and similar matters that may have an important impact on investors’ judgements. Future-oriented statements in the text below constitutes the judgement of the Group as of the date of submission of the Group’s Annual Securities Report (June 24, 2024) .
1. Changes in the market environment
Despite the continued growth in demand for business innovation (digital transformation: DX) using digital technology, the ID Group’s business could be affected by the loss of order opportunities as a result of delays in response to high value-added fields using cutting-edge technology, a decline in competitiveness against our competitors, or the decline in our clients’ willingness to invest in IT due to significant changes in the social and economic conditions.
The ID Group has positioned DX as the pillar of our growth strategy in our Mid-Term Management Plan. As such, the ID Group will work closely with our partner companies to support clients’ DX promotion and develop proprietary solutions in the future growth areas of cloud computing and cybersecurity. In addition, the Group is responding to the changing market environment by developing highly skilled engineers and innovative leaders in DX-related fields in order to provide high value-added services that meet customer needs.
The ID Group has positioned DX as the pillar of our growth strategy in our Mid-Term Management Plan. As such, the ID Group will work closely with our partner companies to support clients’ DX promotion and develop proprietary solutions in the future growth areas of cloud computing and cybersecurity. In addition, the Group is responding to the changing market environment by developing highly skilled engineers and innovative leaders in DX-related fields in order to provide high value-added services that meet customer needs.
2. Corporate acquisition
One of the Group’s strategies for expanding operations is to do so through mergers and acquisitions. However, changes in the market environment and unexpected events may prevent the Group from implementing these moves or result in effects other than originally anticipated. In such cases, the business results and financial condition of the ID Group may be impacted, for example by the need to appropriate impairment of goodwill or a loss on valuation of shares in affiliated companies.When implementing mergers and acquisitions, the Group strives to prevent these risks through due diligence by specialists such as accountants and lawyers, who examine the financial and tax status of target companies, related legal matters and other aspects. After the merger or acquisition is completed, the Group regularly monitors the management of the acquired company by attending meetings of the Board of Directors, inspecting its accounts and other measures. In these ways the Group strives to obtain a clear understanding of the impact of the merger or acquisition on the business results and financial condition of the ID Group.
3. Global business
As part of its operating strategy, the ID Group advances its operations on the global playing field, with particular focus on China, Singapore, Myanmar, the United States and Europe. A broad array of factors can affect these global operations, including trends in the global economy and exchange rates, laws and regulations governing transactions, differences in business practices, and political and social changes. These and other factors have the power to impact the business results and financial condition of the ID Group.
Led by the Global Management Department, the ID Group maintains an appropriate understanding of business conditions at each overseas location and changes in the external environment. On individual risk events, the Group Risk Management Committee examines the details, confirms conditions, confirms progress on countermeasures and examines the effects of countermeasures. In these ways the Group makes every effort to reduce risks.
As of March 31, 2023, the Group has terminated operations in Myanmar due to lingering political instability in that country. The impact of this decision on Group business results is negligible.
Led by the Global Management Department, the ID Group maintains an appropriate understanding of business conditions at each overseas location and changes in the external environment. On individual risk events, the Group Risk Management Committee examines the details, confirms conditions, confirms progress on countermeasures and examines the effects of countermeasures. In these ways the Group makes every effort to reduce risks.
As of March 31, 2023, the Group has terminated operations in Myanmar due to lingering political instability in that country. The impact of this decision on Group business results is negligible.
4. Securing personnel
Responding to the latest technology and enhancing customer satisfaction are tasks that require the Group to hire and retain excellent personnel as a vital issue of management. If the Group is unable to secure and train such personnel, or if the Group is unable to supplement its workforce with people who can meet its needs related to business innovation, the Group may suffer impact on its business results and financial condition.
The Group strives to recruit and retain high-value-added personnel, both in Japan and overseas, including both fresh graduates and mid-career hires. After hiring, recruits follow a planned program of rotation and training, to cultivate and advance them as high-quality engineers. To respond to changing customer needs, the Group encourages employees to update and expand their skill sets and ventures into new business areas.
The Group strives to recruit and retain high-value-added personnel, both in Japan and overseas, including both fresh graduates and mid-career hires. After hiring, recruits follow a planned program of rotation and training, to cultivate and advance them as high-quality engineers. To respond to changing customer needs, the Group encourages employees to update and expand their skill sets and ventures into new business areas.
5. Information management
The ID Group constantly makes every effort to support and improve information security while providing services that earn the satisfaction of customers. However, in the unlikely event that unlawful access or a major error causes the loss, tampering, leak or other compromise to information about transactions, the Group’s reputation may suffer, resulting in negative impact to the business results and financial condition of the ID Group. To ensure that personal information and other information assets are handled appropriately, the Group has established various regulations, including the Basic Policy on Information Management and the Privacy Policy. In addition, the Group is now fully compliant with the Revised Personal Information Protection Act, which came into force in April 2022.
The Group has taken other steps to ensure data security as well. The Information Management Committee was established to conduct cross-sectoral deliberations on information management generally and is working to strengthen the Group’s information management framework. Led by the Computer Incident Response Team (CSIRT), a dedicated cybersecurity team, the Group is strengthening various security measures and taking steps for effective response when incidents occur.
Finally, the Group is taking steps to improve employees’ compliance mindset. Employees are provided regular training on cybersecurity measures and education on revisions to Group regulations in response to laws and ordinances. Moreover, the Group has obtained certification under PrivacyMark and ISO27002 and is committed to maintaining and supporting those certifications.
The Group has taken other steps to ensure data security as well. The Information Management Committee was established to conduct cross-sectoral deliberations on information management generally and is working to strengthen the Group’s information management framework. Led by the Computer Incident Response Team (CSIRT), a dedicated cybersecurity team, the Group is strengthening various security measures and taking steps for effective response when incidents occur.
Finally, the Group is taking steps to improve employees’ compliance mindset. Employees are provided regular training on cybersecurity measures and education on revisions to Group regulations in response to laws and ordinances. Moreover, the Group has obtained certification under PrivacyMark and ISO27002 and is committed to maintaining and supporting those certifications.
6. Sustainability
The Group recognizes that various environmental and societal risks can significantly impact the sustainability and long-term value of its businesses. Accordingly, the Group regards risk management as a vital area of policy.
The Group Risk Management Committee, chaired by the President and Representative Director, identifies, assesses and manages Group-wide risks, including those involving important issues (“materialities”) listed by the Sustainability Committee. The Group Risk Management Committee reports these findings to the Board of Directors.
The Group Risk Management Committee divides foreseeable risks into three categories: management and financial risks; personnel, labor and overall social risks; and business-division risks. For each risk category, the Group Risk Management Committee establishes an examining subcommittee, which brings risks to light and proposes measures to deal with them. Based on the work of the examining subcommittees, the Group Risk Management Committee deliberates on the revealed risks, verifies them and conducts an annual review of risks.
If a risk event occurs, the Group Risk Management Committee establishes an Emergency Measures Division, in accordance with the ID Group Emergency Response Regulations, to take prompt and appropriate responsive action.
The Group Risk Management Committee, chaired by the President and Representative Director, identifies, assesses and manages Group-wide risks, including those involving important issues (“materialities”) listed by the Sustainability Committee. The Group Risk Management Committee reports these findings to the Board of Directors.
The Group Risk Management Committee divides foreseeable risks into three categories: management and financial risks; personnel, labor and overall social risks; and business-division risks. For each risk category, the Group Risk Management Committee establishes an examining subcommittee, which brings risks to light and proposes measures to deal with them. Based on the work of the examining subcommittees, the Group Risk Management Committee deliberates on the revealed risks, verifies them and conducts an annual review of risks.
If a risk event occurs, the Group Risk Management Committee establishes an Emergency Measures Division, in accordance with the ID Group Emergency Response Regulations, to take prompt and appropriate responsive action.
7. Climate change initiatives
Climate change may make natural disasters such as torrential rains and large typhoons more severe and frequent, negatively affecting our business results and financial condition. On the other hand, we are expecting a growing need for products and IT solutions that contribute to the reduction of environmental impact, aiming for the realization of carbon neutrality. Through the provisions of IT solutions and services, ID Group is committed to promoting the reduction of environmental burden throughout society and the realization of carbon neutrality for society as a whole.
The Group Risk Management Committee, chaired by the President, Representative Director and Group CEO, identifies, evaluates, manages group-wide risks, including those related to climate change, and reports the results to the Board of Directors.
The Group Risk Management Committee, chaired by the President, Representative Director and Group CEO, identifies, evaluates, manages group-wide risks, including those related to climate change, and reports the results to the Board of Directors.
8. Natural disasters, conflict, terrorism and pandemic-level infectious diseases
While risks related to large-scale natural disasters such as earthquakes, typhoons and floods are rising steadily year by year, damage from natural disasters, conflict, terrorism and pandemic-level infectious diseases has become impossible to avoid completely. When the damage from these events rises beyond expected levels, the business results and financial condition of the Group may be impacted.
Such irregular events can obstruct the execution of Group operations. To minimize their impact, the Group has prepared a Crisis Management Manual and Business Continuity Plan (BCP). The Group has also taken a range of other preventive actions. Some head-office functions have been shifted to Sanin Business Process Outsourcing Center, mitigating risk from centralization, and the Group continues to advance diversification of work styles, including promotion of remote work. The Group will continue to strive to ensure business continuity, by accumulating stores of food and medical goods, revising manuals and conducting regular drills on the use of safety confirmation systems.
Such irregular events can obstruct the execution of Group operations. To minimize their impact, the Group has prepared a Crisis Management Manual and Business Continuity Plan (BCP). The Group has also taken a range of other preventive actions. Some head-office functions have been shifted to Sanin Business Process Outsourcing Center, mitigating risk from centralization, and the Group continues to advance diversification of work styles, including promotion of remote work. The Group will continue to strive to ensure business continuity, by accumulating stores of food and medical goods, revising manuals and conducting regular drills on the use of safety confirmation systems.
9. Software development and implementation of IT infrastructure projects
Software development and IT infrastructure projects together comprised some 44.2% of the Group’s net sales in the consolidated fiscal year under review. As these operations become more sophisticated and complex while delivery schedules shorten, problems may occur, including changes to required specifications during development, decrease in quality and late delivery. In such cases, additional expense may be incurred to complete projects, or restitution of damages may be required, reducing the profitability of the project. Such outcomes may impact the business results and financial condition of the ID Group.
To hedge these risks, the ID Group is introducing quality management systems that conform to ISO9001. When an inquiry for a new, large project is received, an order-acceptance review meeting is convened to examine the project based on management judgements of business policy, profitability, staffing, technical competence and opportunities to build technical knowledge. Also, the Quality Management Division analyzes and manages risk across all processes, from the project-proposal and estimate stages to delivery, conducting regular reviews of quality, cost and delivery (QCD) as the project unfolds. In this way abnormalities can be detected at an early stage to prevent the occurrence of unprofitable projects.
To strengthen project management, the Group has established a Global Innovation Center (GIC). Through the GIC, the Group is establishing a framework for unified management of projects, under a project-based organization. This new organization reinforces management of projects awarded in batches while enabling projects to be staffed flexibly and appropriately.
To hedge these risks, the ID Group is introducing quality management systems that conform to ISO9001. When an inquiry for a new, large project is received, an order-acceptance review meeting is convened to examine the project based on management judgements of business policy, profitability, staffing, technical competence and opportunities to build technical knowledge. Also, the Quality Management Division analyzes and manages risk across all processes, from the project-proposal and estimate stages to delivery, conducting regular reviews of quality, cost and delivery (QCD) as the project unfolds. In this way abnormalities can be detected at an early stage to prevent the occurrence of unprofitable projects.
To strengthen project management, the Group has established a Global Innovation Center (GIC). Through the GIC, the Group is establishing a framework for unified management of projects, under a project-based organization. This new organization reinforces management of projects awarded in batches while enabling projects to be staffed flexibly and appropriately.
10. System management
In the consolidated fiscal year under review, system management accounted for 44.7% of the Group’s sales. In system management, the risk always exists that operational error or the like can cause damage to systems, delays in providing information or other issues. If a major system failure were to occur, liability for damages could arise, impacting Group business results and financial condition of the ID Group.
The ID Group is making a number of moves to prevent such system failures. For example, the Group thoroughly implements a system for double-checking of high-impact projects and uses a suite of tools to enhance automation. The Quality Management Division plans and executes a variety of measures, including training to prevent failures, analyzing and giving feedback on the causes of failures, and on-site inspections. Moreover, the Group has obtained certification under ISO9001 and is continuously improving quality. As of this writing, no major system failures have occurred.
DX is advancing in the field of system management, which is the Group’s core business. As DX progresses, companies are slashing maintenance costs in existing systems, advancing automation and moving to use of the public cloud, while major customers of the ID Group are shifting to next-generation systems and centralizing operations. Given the enormity of the transformation now under way, if the Group were to confine itself to simple, conventional operations, it would risk a major downsizing of its business.
The ID Group is implementing a number of DX strategies, such as automation of operations that enhance value-added in work vital for the future viability of its system management business. The Group is also advancing changes in employees’ skill sets.
In addition, the Group is continuing to advance smart operation services. These include automation through AI; improvement of efficiency through support for remote operation; operation of low-cost, high-quality SaaS systems; and sales of ID-VROP, a virtual system operation center accessible through a metaverse.
The ID Group is making a number of moves to prevent such system failures. For example, the Group thoroughly implements a system for double-checking of high-impact projects and uses a suite of tools to enhance automation. The Quality Management Division plans and executes a variety of measures, including training to prevent failures, analyzing and giving feedback on the causes of failures, and on-site inspections. Moreover, the Group has obtained certification under ISO9001 and is continuously improving quality. As of this writing, no major system failures have occurred.
DX is advancing in the field of system management, which is the Group’s core business. As DX progresses, companies are slashing maintenance costs in existing systems, advancing automation and moving to use of the public cloud, while major customers of the ID Group are shifting to next-generation systems and centralizing operations. Given the enormity of the transformation now under way, if the Group were to confine itself to simple, conventional operations, it would risk a major downsizing of its business.
The ID Group is implementing a number of DX strategies, such as automation of operations that enhance value-added in work vital for the future viability of its system management business. The Group is also advancing changes in employees’ skill sets.
In addition, the Group is continuing to advance smart operation services. These include automation through AI; improvement of efficiency through support for remote operation; operation of low-cost, high-quality SaaS systems; and sales of ID-VROP, a virtual system operation center accessible through a metaverse.
11. Recruiting from partner companies
To assign capable people who fit the needs of its projects and to respond flexibly to fluctuations in order volumes, the ID Group is moving decisively to recruit from partner companies. Even so, changes in market conditions can cause unexpectedly rapid increases or decreases in the volume of orders received. In such cases, the Group may be unable to recruit the necessary personnel or release them in a timely manner. As an outcome, the business results and financial condition of the ID Group could be impacted.
To minimize this risk, the Group shares information closely with partner companies. On a regular basis, the Group conducts partner meetings and seminars, sharing information about business policies, individual projects and case studies of trouble encountered. With its core partners, the Group is further strengthening cooperative relationships, forming cooperative frameworks to improve its ability to win batch project orders and enhance quality management. In these ways, the Group is working to improve quality as well as its ability to assign capable people.
In addition, the Group is striving to secure high-value engineering personnel conversant in DX-related technologies, for which demand is steadily increasing. The Group is pursuing this goal by disclosing information on topics such as Group measures to attract such personnel and its personnel training policy and supporting training in these technologies for Group employees as well as for engineers at partner companies.
To minimize this risk, the Group shares information closely with partner companies. On a regular basis, the Group conducts partner meetings and seminars, sharing information about business policies, individual projects and case studies of trouble encountered. With its core partners, the Group is further strengthening cooperative relationships, forming cooperative frameworks to improve its ability to win batch project orders and enhance quality management. In these ways, the Group is working to improve quality as well as its ability to assign capable people.
In addition, the Group is striving to secure high-value engineering personnel conversant in DX-related technologies, for which demand is steadily increasing. The Group is pursuing this goal by disclosing information on topics such as Group measures to attract such personnel and its personnel training policy and supporting training in these technologies for Group employees as well as for engineers at partner companies.