Risk Management and Internal Controls

In the ever-changing business environment, the risks that companies face are increasingly diverse and complicated.
We define factors and events that negatively influence the achievement of our business goals as risks and consider enforcing risk management as material business challenge. In order to be sustainable and responsible to society, we promote risk management initiatives throughout the KDDI Group.

We have established a system to centralize the management of risks with the Corporate Sector at the core.
Furthermore, we are promoting risk management throughout the KDDI Group, in order to realize the continuous growth of the entire group. We have appointed 44 Internal Control System Managers within KDDI and 45 at group companies, as well as 5 Internal Control System Directors to oversee their activities. Under their leadership, we introduce and run internal control systems, carrying out risk management activities and run operational quality improvement activities to foster a company culture in which risks are less likely to arise.

Personnel in Charge of Internal Control

In order to prevent critical events for the company, we at KDDI consider that it is important to recognize signs of danger and implement preventive measures before the situation worsens. Based on this idea, we follow the PDCA cycle for risk management. We also have an organizational framework for risk management in place to ensure any risks we find will be addressed promptly and appropriately.

We regularly examine information about risks to identify significant risks that seriously influence corporations, and discuss measures to reduce such risks and their impacts as much as possible in case we face them.
In order to ensure the achievement of our business goals, in FISCAL 2022, we selected 29 significant risks based on issues that manifested in the past and changes in the business environment, and held internal audits centered on risk prediction, the reduction of significant risks and risk approach. In order to minimize information security risks, we have also established a common standard applicable group-wide to improve the level of information security across the group. The status of these significant risks is also reflected on business risks that are revealed in the Securities Report since it relates to the finance as well.

Based on the provision of Article 362, Paragraph 5 of the Companies Act, we passed the Basic Policy for Constructing an Internal Control System at a meeting of the Board of Directors. In addition, we publicly announce resolutions and our operational status to ensure the fair, transparent and efficient execution of our corporate duties and maintain an effective system for internal controls to raise the company's quality level.

In response to the internal control reporting system based on the Financial Instruments and Exchange Law implemented in fiscal 2008, we conducted evaluations of the internal controls at KDDI and 11 major group subsidiaries (totaling 12 companies) in and outside Japan to ensure reliability of our financial reporting. The results of these evaluations were compiled in an internal control report, which was submitted to Japan's Prime Minister in June 2023, as well as disclosed to investors.

In conjunction with the response to the internal control reporting system, we established an Internal Control Department that promotes initiatives for improving the overall operational quality of the whole Company, and Internal Control System Manager in each division facilitates initiatives that enhance the efficiency and standardization of operations to do so.
Business improvement projects through this activity are added to a database, enabling all employees to utilize activities to enhance operational quality in their own division.
Furthermore, to further raise each employee's awareness and motivation regarding the quality of operations, we have introduced the Operational Quality Improvement Prize to recognize excellent and ambitious initiatives. In addition, we have started working on the introduction of robotic process automation (RPA) across the Company as a way of improving operational quality, productivity, and efficiency at the same time, starting with the preparation of the RPA system environment and education programs.