Operational and Other Risks

The ID Group is committed to obtaining an accurate grasp of the various risks that can have important effects on investors’ judgements and reducing risks that may have an impact on its management. For this reason, in April 2019 the Group reorganized the Risk Management Committee and established the Group Risk Management Committee as an advisory body to the Board of Directors. The Committee divided the main risks it anticipates for the ID Group into three categories—management and financial risk; personnel, labor and general social risk; and business-segment risk—and established subcommittees for each. The subcommittees identify specific risks and propose measures to deal with them, and the Group Risk Management Committee deliberates on and examines those proposals.

The following are some of the items related to the Group’s business results, accounts and similar matters that may have an important impact on investors’ judgements. Future-oriented statements in the text below constitutes the judgement of the Group as of the date of submission of the Group’s Annual Securities Report (June 22, 2020).

The COVID-19 Pandemic

The ID Group quickly took the initiative regarding the COVID-19 pandemic according to conditions. On January 29, 2020, the Group ordered employees who had returned from China and other infected countries to work from home, required masks to be worn on Group premises at all times and imposed a moratorium on Group travel to countries with significant numbers of infected persons. On February 17 the Group expanded these measures, staggering work hours, encouraging the use of telework and teleconferencing, and postponing training sessions involving large gatherings. 
 
The Group expects the COVID-19 pandemic to have a grievous impact on the economies of Japan and countries around the world. Prospects for economic activity, the business-management environment and the employment picture have become difficult to forecast as a result. 
 
The resulting changes in business conditions for the Group’s customers may impact the Group in many ways. Plans for investment in IT systems may be revised or postponed, causing a decline in orders to the Group and non-renewal of contracts. Moreover, a market-wide retreat in investment appetite may prevent the Group from securing new customers and projects at previously expected levels.
 
Further problems may arise if the work-at-home systems of the Group and its partners are stretched beyond tolerable levels. Labor productivity may decrease, causing delays in the development of customer systems and an inability to provide customers with the high-quality service they have come to expect from the ID Group. If the current predicament becomes overly protracted, or increases in severity, the Group’s ability to retain a stable workforce may be impacted. 
 
On the other hand, the COVID-19 pandemic may benefit the information services industry to some extent. As the need for telework increases, fresh demand may be generated for upgrading and supply of IT environments and for acceleration of migration of information assets to the cloud.
 
In view of current circumstances, the ID Group is establishing a two-part forecast. First, the Group expects the pandemic to abate temporarily sometime around August 2020, with a “second wave” following sometime between December 2020 and April 2021. Second, the Group expects a full-fledged revival of IT investment among corporate clients in or after the second quarter of the fiscal year ending March 31, 2021 (Q2 FY2020).
 
The Group’s judgement on matters regarding the future of the COVID-19 pandemic is current as of April 30, 2020. The timing of the end of the pandemic remains unpredictable, however, so related risks are not restricted to those described above.
The Group positions these risks as particularly important risks. The ID Group will continue to watch conditions closely as they unfold, examining and revising its countermeasures as appropriate and constructing a framework to reduce risk.


Dependence on specific customers

In the consolidated fiscal year under review, the Mizuho Financial Group accounted for 21.6% of the sales of the ID Group. The Group is grateful for the stable business relationships it has enjoyed with companies under the Mizuho Financial Group umbrella for many years. However, given said Group’s high proportion of the ID Group’s total sales, variations in the volume of projects entrusted to the ID Group by the Mizuho Financial Group can significantly impact the business results and financial condition of the ID Group. While the Group remains committed to supporting and expanding its relationship with the Mizuho Financial Group, it will at the same time cultivate customers other than those in said Group and strive to attract other customers through M&A activities, business partnerships and other strategies.

Changes in the market environment

The market environment in the IT services industry is shaped by the rapid pace of progress in digital technologies such as AI and IoT. As customers respond to these developments, the need for transformation of their businesses through digital technology—digital transformation (DX)—is skyrocketing. If the services provided by the Group become obsolete or become uncompetitive, the business results and financial condition of the ID Group may be impacted.
 
The Group is determined to amplify its knowledge of leading-edge technologies that have the power to change society. To enhance its application of these technologies in its business activities, in April 2018 the Group established the Advanced Technology Office. In January 2020 the Group founded DX CONSULTING CO., LTD., into which it subsumed Group segments with strengths in consulting regarding business innovation in systems operation, quality improvement and other matters.
 
Through measures such as these, based on the wealth of operating knowledge and expertise in customer systems it has accumulated over many years, the ID Group is fusing existing service solutions with advanced technologies. In this way the Group is strengthening its provision of high-value-added services that meet customer needs and responding to changes in the market environment.


Corporate acquisition risk

One of the Group’s strategies for expanding operations is to do so through mergers and acquisitions. However, changes in the market environment and unexpected events may prevent the Group from realizing the benefits from these moves as originally anticipated, thereby impacting the business results and financial condition of the ID Group.
 
When implementing mergers and acquisitions, the Group strives to prevent these risks through due diligence by specialists such as accountants and lawyers, who examine the financial and tax status of target companies, related legal matters and other aspects. After the merger or acquisition is completed, the Group regularly monitors the management of the acquired company by attending meetings of the Board of Directors, inspecting its accounts and other measures. In these ways the Group strives to obtain a clear understanding of the impact of the merger or acquisition on the business results and financial condition of the ID Group.


Global business risk

As part of its operating strategy, the ID Group advances its operations on the global playing field, with particular focus on China, Singapore, Myanmar, the United States and Europe. A broad array of factors can affect these global operations, including trends in the global economy and exchange rates, laws and regulations governing commerce, differences in business culture, and political and social trends. These and other factors have the power to impact the business results and financial condition of the ID Group.
 
Led by the International Business Promotion Department and the Corporate Strategy Department, the ID Group maintains an appropriate understanding of business conditions at each overseas location and changes in the external environment. On individual risk phenomena, the Group Risk Management Committee examines the details, confirms conditions, confirms progress on countermeasures and examines the effects of countermeasures. In these ways the Group makes every effort to reduce risks.

Recruitment risk

Responding to the latest developments in DX technology and enhancing customer satisfaction are tasks that require the Group to hire and retain excellent personnel as a vital issue of management. If the Group is unable to secure and train such personnel, or if the Group is unable to supplement its workforce with people who can meet its needs related to business innovation, the Group may suffer impact on its business results and financial condition.
 
To respond to these challenges, the ID Group strives to hire people who offer high value-added both in Japan and abroad, whether as fresh graduates or as mid-career hires. After they join the Group, new hires undergo planned rotation and training, to develop and promote them as advanced technology engineers. To respond to customers’ changing needs, the Group is exploring new businesses and encourages its personnel to expand their skill sets.


Information management

The ID Group constantly makes every effort to support and improve information security while providing services that earn the satisfaction of customers. However, in the unlikely event that unlawful access or a major error causes the loss, tampering, leak or other compromise to information about customers or their transactions, the Group’s reputation may suffer, resulting in negative impact to the business results and financial condition of the ID Group. To ensure that personal information and other information assets are handled appropriately, the Group has established various regulations, including the Basic Policy on Information Management and the Privacy Policy. In addition, the Group is now fully compliant with the European Union (EU)’s General Data Protection Regulation (GDPR). 
 
The Group has taken other steps to ensure data security as well. The Information Management Committee has been established to conduct cross-sectoral deliberations on information management generally and is working to strengthen the Group’s information management framework. The Group also revises regulations in response to updates to laws and guidelines and provides regular training for the further enhancement of employees’ awareness of compliance issues. Finally, the Group has obtained certification under PrivacyMark and ISO27001 and is committed to maintaining and supporting those certifications.
 
Currently many Group employees have switched to telework in response to the COVID-19 pandemic. This situation increases the danger of information leaks in comparison with maintaining conventional office hours. In view of this concern, on April 9, 2020 the Group established the Telework (Work-from-Home) Security Guidelines.


Natural disasters, terrorism, infectious disease, etc.

The risks from natural disasters such as earthquakes, typhoons and floods are mounting year by year, and losses from terrorism, infectious disease and other unforeseen events around the world can never be completely avoided. If the Group suffers damage beyond its expectations for incidents such as these, the business results and financial condition of the ID Group could be impacted.
 
The ID Group has taken steps to minimize the impact of possible obstruction of its business operations from major destructive events, such as natural disasters, including earthquakes and floods; terrorism or other crime; or pandemics and the like. The Group has established a Crisis Management Manual and a Business Continuation Plan (BCP). Specific measures include securing of back-up centers, storage of food and hygiene products, introduction of a safety confirmation system, and establishment of frameworks by which people can work from home. Each manual is updated periodically and training is provided on a regular basis.


ESG

Activities related to non-financial information can have enormous impact on the sustainability and enterprise value of a company over the medium-to-long term. This realization has focused increasing attention on environmental, social and governance (ESG) matters. Business entities that neglect activities in these areas may miss out on opportunities for growth. 
 
In April 2020 the ID Group established the ESG Promotion Department, to bring together and promote the Group’s ESG activities. 
 
Rather than stop at the conventional categories of CSR activities, the Group is strengthening its response to issues in ESG, in search of ways to solve social issues through its business activities. By earning more positive evaluations from customers and investors in this way, the Group is enabling its own sustainable growth going forward.


Risks in software development and infrastructure-building projects

Software development and infrastructure-building projects together comprised some 43.4% of the Group’s net sales in the consolidated fiscal year under review. As these operations become more sophisticated and complex while delivery schedules shorten, the risk arises that problems may occur during development, including changes to required specifications, decrease in quality and late delivery.
 
To hedge these risks, the ID Group is introducing quality management systems that conform to ISO9001. When an inquiry for a new, large project is received, an order-acceptance review meeting is convened to examine the project based on management judgements of business policy, profitability, staffing, technical competence and opportunities to build technical knowledge. The Quality Management Division analyzes and manages risk across all processes, from the project-proposal and estimate stages to delivery, conducting regular reviews of quality, cost and delivery (QCD) as the project unfolds. When abnormalities are detected or predicted, measures are taken at an early stage to prevent the occurrence of unprofitable projects. 
 
In cases where, despite the above measures, the required quality is not achieved according to plan or development is not completed on time, additional expense may be incurred to complete the project or restitution of damages may be required, reducing the profitability of the project. Such outcomes may impact the business results and financial condition of the ID Group. During the previous fiscal year, the Group had only one such project and its impact was negligible.
 
The Group is taking further steps to strengthen project management. From the fiscal year under review, the ID Group is reorganizing with the establishment of a Global Innovation Center (GIC). The GIC will bring together the various organizations that had conducted batch development work previously. In addition, the Group is newly appointing a Project Director, establishing a framework for unified management of all projects. This new organization will reinforce management of projects awarded in batches while enabling projects to be staffed flexibly and appropriately.


Risks in system operation management

In the consolidated fiscal year under review, system operation management accounted for 45.4% of the Group’s sales. In system operation management, the risk always exists that operational error or the like can cause damage to systems, delays in providing information or other issues. If a major system failure were to occur, the Group could become liable for damages, causing impact to the business results and financial condition of the ID Group.
 
The ID Group is making a number of moves to prevent such system failures. For example, the Group thoroughly implements a system for double-checking of high-impact projects and uses a suite of tools to enhance automation. The Quality Management Division plans and executes a variety of measures, including training to prevent failures, analyzing and giving feedback on the causes of failures, and on-site inspections. Moreover, the Group has obtained certification under ISO9001 and is continuously improving quality. In the previous fiscal year, no major system failures occurred.
 
The field of system operation management, which is the Group’s core business, is currently undergoing a profound transformation. As DX progresses, companies are slashing maintenance costs in existing systems, advancing automation and moving to use of the public cloud, while major customers of the ID Group are shifting to next-generation systems and centralizing operations. If the Group were to confine itself to conventional, stand-alone operations, it would risk a major downsizing of its business. 
 
The ID Group is also pressing ahead with DX. For example, the Group is launching projects to revolutionize its operational services and automating operations to enhance value-added, with a view to upholding the viability of its system-operation business. To upgrade the skills of employees, we are advancing the transfer of personnel to other segments.


Recruiting from partner companies

To attract talented people who fit the needs of its projects and to obtain the capability to respond flexibly to fluctuations in order volumes, the ID Group is moving decisively to recruit from partner companies. Even so, in the event of a rapid increase or decrease in the volume of orders received beyond anticipated levels, the Group may be unable to recruit the necessary personnel or release them in a timely manner. In such cases, the business results and financial condition of the ID Group could be impacted.
 
To minimize this risk, the Group shares information closely with partner companies. On a regular basis, the Group conducts partner meetings and seminars, sharing information about business policies, individual projects and case studies of trouble encountered. With its core partners, the Group is further strengthening cooperative relationships, forming cooperative frameworks to improve its ability to win batch project orders and enhance quality management. In these ways, the Group is working to improve quality as well as its ability to attract talented people.