Risk Management Structure
Based on the Rules of Risk Management, the risk management structure works toward the thorough reduction of risks on a Groupwide basis, and is led by the Risk Management and Compliance Committee and its subordinate council, the Risk Management and Compliance Promotion Meeting, which comprises the risk management supervising section and divisions in charge of risk management. The Committee, chaired by the President and Chief Executive Officer, monitors risk on a Groupwide basis while also designating significant risks at the Group level to be tackled as priorities and checking on activities to address risk.
Furthermore, the divisions in charge of risk management formulate response policies and rules for the risks under their charge, promote activities to address risk based on these response policies, etc., and monitor activities at headquarters divisions and Group companies.
Risk Management Activity Cycle
Risk management activities are promoted through the repetition of the following PDCA (plan, do, check, and act) cycle. The Yamaha Motor Group has prepared a risk management ledger of all risks that need to be covered, and works to reduce risk by appropriately managing and operating the risk management ledger.
Significant Risks at the Group Level
Each year, risks that need to be prevented and addressed as special priorities are determined to be significant risks at the Group level. In addition to the results of risk assessment at the Group level, significant risks at the Group level can be comprehensively determined and designated based on the Group's business strategy, legal and regulatory changes inside or outside the Group, or other developments including information concerning the likelihood of a risk event occurring or the operating environment.
|Fiscal 2019 Significant Risks at the Group Level
||The main Group manufacturing plants in Japan are concentrated near the epicenter of the predicted Nankai Trough Megaquake, and measures must be taken to prepare for typhoons and other natural disasters. Natural disasters have, therefore, been designated as significant risks.
||The Group is promoting measures to deal with the scenario of a Nankai Trough Megaquake as well as measures to address other earthquakes, typhoons, and other natural disasters.
|Violation of laws and regulations concerning product quality
||Compliance with regard to product quality is a fundamental and important issue for manufacturers. Further strengthening the structures put in place by the Group to prevent the violation of laws and regulations is necessary. Violation of laws and regulations concerning product quality has, therefore, been designated a significant risk.
||The Group strives to gain information regarding the establishment of and changes to laws and regulations concerning product quality. In addition, the Group works to create mechanisms that reflect this information appropriately in in-house regulations and standards, while pursuing improvement activities and other efforts.
|Major accidents involving a Yamaha product
||A major accident involving a Yamaha product is one of the causes of market penalties such as large-scale recalls. The Group must make continual efforts to ensure zero incidence of such incidents. Major accidents involving a Yamaha product have, therefore, been designated significant risks.
||The Group is promoting information-gathering activities linked to product accidents and making efforts to raise quality awareness among all employees.
||The degree of reliance on and the importance of information systems within the Group's business activities is increasing. Measures are needed to prevent leaks of personal or confidential information, information system damage, etc., caused by cyberattacks and computer virus infections. Cybersecurity has, therefore, been designated a significant risk.
||The Group is taking measures covering both tangible and intangible aspects of cybersecurity to increase protection against external attacks, to detect an attack at an early stage, and to minimize the damage in the event an attack were to occur.
Crisis Management Structure and Activities
The Yamaha Motor Group works to minimize the damage from and quickly resolve crisis situations as per the Rules for Initial Response to an Emergency.
In the event of a disaster, accident, or compliance-related incident at the Group, the division involved will report to the risk management supervising section or the divisions in charge of risk management as per standards for determining the level of reporting, which are set in advance. If the reported event is of a scale significant enough to warrant the involvement of Group management or multiple divisions and/or companies, the risk management supervising section will refer the matter to a response team designated in advance, and an Emergency Countermeasure Headquarters, chaired by the President, will be established. The headquarters will work to understand the situation and formulate a provisional response, and, if necessary, will promptly report on the matter to customers and related parties.
Management of Information
Employees handling personal information undergo training and education via compliance seminars held by the risk management supervising section and e-training. The divisions in charge of risk management also provide direct advice and guidance and other measures to ensure that customer information is handled appropriately.
In fiscal 2018, there were no complaints about violations of our customers’ privacy.
The Yamaha Motor Group has implemented IT-related information security measures for the entire Group, covering areas including access management, malware countermeasures, and disaster responses.
Group employees also undergo IT risk training annually, and assessments are carried out every year at Group companies as we strive to strengthen security.
In addition, given the increasing sophistication of cyberattacks in recent years, Yamaha Motor implements measures covering both tangible and intangible aspects of cybersecurity to increase our protection against external attacks, and to detect an attack at an early stage and to minimize the damage in the event an attack were to occur. A Groupwide Computer Security Incident Response Team has also been established to prepare against unforeseen events and also to function for receiving and transmitting security information inside and outside the Company.
Business Continuity Planning
To prepare against envisioned risks that could impact the continuity of our business, Yamaha Motor has formulated Rules of Business Continuity and responds as per those Rules.
Yamaha Motor's primary operations are concentrated in Shizuoka Prefecture, and could be affected if a major earthquake were to occur in the Nankai Trough. To prepare for this, we have formulated a Business Continuity Plan to maintain the continuity of business operations, based on the damage projected by government bodies and are placing foremost priority on the lives and safety of our employees.
Specifically, buildings and equipment have been made earthquake and tsunami resistant, emergency stockpiles of food, water, and other essentials are maintained, emergency methods for telecommunications are in place, and Companywide evacuation drills (including at Group companies located nearby and night drills) and safety confirmation drills are carried out regularly. Also, regular initial response drills are carried out at the headquarters and individual business units, procedures to restore operations have been clarified, and a system for gathering supply chain information is in place. These and other measures addressing both tangible and intangible effects are carried out comprehensively and continuously.
Another concern is the outbreak of a potentially global pandemic. To prepare for this possibility, Group companies identify issues that could affect the continuity of their operations and formulate response plans. Drills simulating actions to be taken at various stages prior to the full-scale outbreak of a pandemic are carried out regularly, and a structure is in place to guarantee that businesses are able to continue operating.