Vantec Risk Management Basic Policy
The Vantec group companies (the “group companies”) identify, assess, and control a wide variety of potential risks in the face of uncertainty, which may affect each entity’s operations as a going concern, recognize the importance of enterprise risk management, and continue to make progress in enhancing comprehensive risk management system.
Vantec categorizes its corporate risk into six components that are defined as follows.
- 1. Compliance Risk
Controls & definitions:
See Compliance section.
- 2. Operational Risk
To ensure reliability and accuracy of financial reporting.Definitions:
The risk of incurring financial losses caused by material events such as clerical errors, noncompliance of operational procedures, accidents, and employee frauds.
(The category of risk recognition is limited in the scope of compiling financial statements.)
- 3. Legal Risk
Signed contracts/agreements are strictly in control, and these drafts are routinely reviewed by legal staff of the compliance section. Reforms of existing laws and regulations related with corporate activities are occasionally monitored.Definitions:
The risk of incurring economical losses as well as legal claims (or litigations ) from outside parties (including customers) due to the failure (or the delay) in setting out counter plans of the following each item:
1) Investigation of enforcements and revisions of applicable laws and regulations, and control over and response to the compliance with the laws and regulations.
2) Continuous legal check on contracts/agreements, and filings of the created documents as well as storage of their administrative data in the stage of completing these documents or responding to various legal actions.
3) Proper responses to lawsuits filed by a contractual party or other parties and to inspections conducted by governmental/local authorities for investigating suspicious violations against applicable laws and regulations.
4) Proper responses to the events that may arise from legal uncertainties.
- 4. Natural Disaster Risk
To prepare for natural disasters, including preparation and notification of disaster risk control manuals and an emergency communication route chart.Definitions:
The risk of human, material, and economical losses due to natural disasters such as an earthquake, a volcanic eruption, a tsunami, a high tide, a typhoon, a cataract, an abnormal climate, a spread of the epidemic/ a pandemic/ an outbreak of unidentified illness, a biohazard, or any other natural phenomenon.
- 5. Health and Safety Management Risk
To continuously improve the health and safety management system, including education systems and monitoring systems for prevention of industrial accidents or traffic accidents caused by employees or subcontractors.Definitions :
1) Safety risk
The risk of incurring losses on the group companies due to accidents (automobile / freight / environment / finished car）occurred during the course of performing duties committed to fulfill contracts with customers or due to accidents occurred during workers’ commuting time. This risk may have unfavorable effects on the operations for providing services to customers.
2) Health risk
The risk of incurring losses on the group companies, due to industrial accidents, overworks, or inappropriate working environments. This risk may have unfavorable effects on the operations for providing services to customers.
- 6. IT System Risk
To prevent suspension of operations due to IT system failure or troubles. To take adequate steps for confidential corporate and personal information, protection of copyrights, illegal access, and computer virus.Definitions:(1) Risk of system failure
The risk of incurring losses on our customers, business partners, or the group companies, due to delay or disorder in providing services to such parties caused by IT system failure in hardware, software, blackout, or network down.(2) Risk of IT system breakdown by natural disasters
The risk of having a material negative impact on corporate activities due to destruction of a part of or the whole IT system caused by natural disasters such as an earthquake, fire, or flood. This risk leads to a long-time suspension of operations, or difficulties in maintaining proper functions of IT systems.(3) Risk of data leakage
The risk of incurring material losses on customers, business partners, or the group companies due to damaged social credit caused by data leakage (whatever on purpose, by mistake, or by hacking from outside) of confidential corporate information, customer information, business partners’ information, or personal information.(4) Risk of unauthorized usage of licenses
The risk of impairing corporate reputation due to the illegal usage of unauthorized copies, leading to lawsuits or announcements in public of the fact filed by license holders.(5) Risk of virus infection
The risk of impairing corporate reputation due to the virus infection through e-mails or data storage media such as Web/USB, thereby causing data destruction, data leakage, and virus diffusion on customers.