Internal controls
Risk management
The JT Group identifies and closely monitors risks that could affect its operations and implements measures to both prevent them from materializing and minimize their impacts if they were to materialize.
We have established an integrated system for identifying and managing all identified risks. We appropriately manage these risks to properly seize opportunities and strategically develop our business in order to realize sustainable profit growth over the medium- and long-term. Our risk management process comprises the following four steps.
|
①Identify risks |
An executive appointed by the CEO to be in charge of risk management (currently the Executive Officer in charge of corporate governance and compliance) identifies all risks that could affect the JT Group. |
|---|---|
|
②Assess risks |
Executive Officers assess risks in their respective organizational units probability of materializing and the magnitude of its impact if it were to materialize. They identify material risks that should be prioritized with attention and report them to the executive in charge of risk management. Based on such reports, the executive in charge of risk management identifies Group-level material risks with the potential to inflict major losses in terms of attainment of the Group’s management targets and business strategies and reports said risks to the CEO. |
|
③Formulate plans to address risks |
Executive Officers oversee formulation of plans to address the JT Group’s material risks and submit them to the executive in charge of risk management and the CEO. |
|
④Monitor progress of plans |
Executive Officers regularly report to the executive in charge of risk management and the CEO on the progress of the plans to address the Group’s material risks. |
We have prepared crisis management and disaster response manuals in preparation for emergencies. When a crisis or natural disaster occurs, we set up an emergency project task force. We have made advance arrangements to enable concerned organizational units and subsidiaries to swiftly take appropriate action in close coordination with each other under the direction of senior executives. Such incidents and pertinent information about them are reported to the Board of Directors in a timely and appropriate manner.
- Please see Risk factors & Regulation, key laws and litigation for more on risks facing the JT Group.
Compliance
We enforce strict compliance. We have instituted a Code of Conduct that mandates that all Directors and employees act in compliance with applicable laws, government regulations, our Articles of Incorporation and societal norms pursuant to regulations established by the Board of Directors. To achieve the compliance management that we aim for, we have established the JT Group Compliance Committee whose members are the CEO, Executive Vice Presidents and an outside expert.
From 2024, the JT Group Compliance Committee will become a deliberative body responsible for the executive management and promotion of compliance for the entire JT Group, and will report on this work to the Board of Directors. In terms of changes to structure, the Committee will be comprised of the CEO, Executive Vice Presidents and an outside expert, with the CEO serving as committee chair. We appoint an Executive Officer in charge of compliance who oversees the Legal and Compliance Division and strive to establish/promote a crossover system on a Group-wide basis as well as to grasp the issues. Furthermore, the divisional compliance committees established within corporate and business divisions autonomously deliberate compliance-related matters within their jurisdictions. The JT Group Compliance Committee, meanwhile, in addition to grasping and deliberating initiatives for the entire JT Group, strengthens ties with the Board of Directors through ample reporting to the Board. Through this framework, we strive for robust and enhanced JT Group compliance in terms of both supervision and promotion. In 2023, under the previous compliance system, the JT Group Compliance Committee met three times to discuss initiatives to further promote compliance. Its conclusions have been reflected in the Compliance Action Plan for 2024.
The compliance promotion departments of the Company and its subsidiaries (namely, the Legal and Compliance Division in the Company, and corresponding departments in subsidiaries) distribute compliance codes of conduct for every department through their respective departments and organizations to drive awareness among the Directors and employees of the Company, as well as the directors, employees and others of subsidiaries (Directors, employees and others of the Company and subsidiaries hereinafter collectively called “Directors and employees”). The compliance promotion departments also work on enhancing the effectiveness of compliance through awareness-raising activities by enlightening Directors and employees about compliance through training and other programs.
Compliance Action Plans
Compliance Action Plans formulated by each division include actions to maintain/enhance compliance programs, address priority compliance issues, conduct trainings and seminars, operate the internal reporting system and implement Compliance Promotion Month.
Compliance surveys
We annually conduct a Group-wide questionnaire survey to check the status of compliance practices in our Japanese operations. In 2023, 96.7% of employees completed the survey. The survey’s findings are reported to Directors and employees, and are used by concerned organizational units to reassess their respective compliance plans and formulate and implement measures to improve compliance.
Internal reporting system (whistle-blower system)
Group companies have set up hotlines for Directors and employees and other parties to report acts suspected of being legal/regulatory violations and other such concerns. Compliance promotion departments that receive a report or query via their hotlines investigate its details and then take action, including recurrence prevention measures, as needed. Additionally, JT has set up another hotline apart from the one staffed by its Legal and Compliance Division. The second hotline is independent from organizational units involved in operational execution and staffed by Audit & Supervisory Board Members, who investigate the details of any reports or queries received via the hotline. JT then takes action, including recurrence prevention measures, as needed. JT refers or reports serious problems involving the JT Group to the divisional compliance committees and the JT Group Compliance Committee for further review as needed.
Quality control
We are committed to maintaining the public’s trust in our products. To do so, we have implemented quality assurance systems across all of our businesses.
Tobacco business
For tobacco products, we are building a globally uniform quality assurance model and making necessary changes based on this model with the aim of providing high-quality products.
Our quality assurance activities fundamentally aim to improve quality and rectify deficiencies by providing feedback to concerned organizational units about quality issues identified based on quality information from markets and related research. For example, when our RRP (Reduced-Risk Products) devices are in the development stage, we confirm that they not only comply with applicable laws and regulations but also that they meet industry safety standards for electric products by having them evaluated as needed by external specialists.
Additionally, in conjunction with measures to strengthen the tobacco business’s operating model, we established Quality Assurance in January 2022 as a new organization independent from the tobacco business’s markets and other global operational functions. Quality Assurance endeavors to provide high-quality products by assuming accountability for quality assurance activities across the entire value chain from R&D through procurement, manufacturing, marketing, distribution and sales based on fair decisions from the consumer’s* standpoint.
Pharmaceutical business
In our pharmaceutical business, we are strictly committed to safety and quality control in compliance with regulations such as the Pharmaceutical and Medical Device Act and ministerial ordinances that govern pharmaceutical quality and safety.
Processed food business
In our processed food business, we place utmost priority on food safety management across the entire value chain from sourcing ingredients to delivering products to consumers. We do so under our four-pronged framework, consisting of the following viewpoints: Food Safety, Food Defense, Food Quality and Food Communication.
*
Adult consumers. Minimum legal age for smoking varies in accordance with the legislation in each country
Information security
We have established information security regulations to clearly demonstrate our commitment to information security and comprehensively promote information security measures on an ongoing basis. Specifically, we have adopted the JT Group IT Governance Policy and JT Group Information Security Standards and mandated and implemented the required IT risk mitigation measures, including access restrictions, antivirus defenses, education, audits, and monitoring. We strive to manage and safeguard our IT systems, data and other information assets in an appropriate manner. We are continuously pursuing initiatives to strengthen our information security with respect to both hardware and software. Hardware-wise, we continually test and improve our key IT systems’ security-related technologies and operations, including requests to suppliers. Software-wise, we conduct security-related educational activities globally to promote proper handling of information assets by all employees. In 2022, 88% of all JT Group company employees attended security training programs. Additionally, we extended a single information classification and protection solution across all our business divisions and established a unified approach to security operations across the JT Group. We are also conducting educational activities across the entire JT Group, having rolled out our internally developed i-SECURE program. The i-SECURE program’s effectiveness is constantly being measured by employee behavior metrics. It has been instrumental in raising employees’ awareness of information security.
Internal auditing
Our Internal Audit Division conducts internal audits from an objective standpoint independent from organizational units involved in operational execution and reports directly to the CEO. It maintains company property and strives to enhance the efficiency of management through its examination and assessment of controlling/operating systems which relate to all business activities as well as the status of business execution from the perspectives of legality and rationality. To fulfill its responsibilities, it has unrestricted authority to observe all activities, inspect all records and question all personnel on a Group-wide basis.
The Division formulates annual internal audit plans subject to the CEO’s approval. Its head mandatorily reports internal audit results to the CEO, reports to the Board of Directors, and may freely and regularly confer with the CEO and our subsidiaries’ senior-most executives about internal audit findings, internal controls’ status and risk assessments.
Our subsidiaries may set up their own internal auditing organizations at their own discretion. Those that have done so include major subsidiaries JTI, TS Network, Torii Pharmaceutical and TableMark. Subsidiaries’ internal audit plans are approved by, and their audit results reported to, their respective presidents or the Board of Directors. JT’s Internal Audit Division coordinates internal audits with subsidiaries’ internal auditing organizations. Subsidiaries’ annual internal audit plans and their internal audit results are reported to the Group CEO and our Board of Directors through our Internal Audit Division. To increase internal audits’ efficiency and effectiveness, we periodically hold meetings to improve audit quality through information sharing among internal auditing staff across the Group. We also conduct joint audits with and provide auditing assistance to subsidiaries as necessary.
Internal controls over JT International
The tobacco business is operated by JTI, a subsidiary of holding company JT International Holding B.V. With appointees from JT occupying a majority of seats on the latter’s Board of Directors, JT sets the tobacco business’s overall strategy. Major decision-making authority and procedures between JT and JTI are prescribed in internal regulations, most notably our Responsibility and Authority Regulations. From an operational agility standpoint, JT has delegated a certain degree of authority to JTI while retaining approval authority over JTI’s budgets and midterm plans, as well as proposed investments that exceed a certain materiality threshold. Through such arrangements, JT endeavors to exercise governance over JTI. JTI has its own internal regulations on delegation of responsibilities and authority called the JTI Operating Guidelines. JTI delegates authority to its market subunits, plants and executive officers within the scope of authority delegated to it by JT.
Additionally, JT’s Audit & Supervisory Board Members and Operational Review and Business Assurance Division are authorized to audit JTI. JT’s Audit & Supervisory Board Members audit JTI as warranted. While JTI’s internal audits are conducted by its own internal auditing staff, JT’s Internal Audit Division audits joint JT-JTI operations in coordination with JTI’s internal auditing staff. The results of audits by JTI’s internal auditing staff are reported to the Board of Directors of JT International Holding B.V.
Through these arrangements, JT is building an appropriate governance regime.