The risk management of the Group is primarily focused on “achieving our medium-to-long-term strategies”. We thus consider risks as “uncertainties” that may impact achievement, both potential threats to business as well as potential opportunities. Based on this approach, we have established a risk management structure and have put into place measures for managing such risks appropriately and effectively.
We have placed the Risk Management Department in the head office which reports to CLO (Chief Legal Officer), and Risk Management Officers (RMOs) in each regional headquarters to centrally manage related information. The Global Risk Management & Compliance Committee, composed of corporate officers/regional CEOs and chaired by the CEO, meets on a regular basis to discuss risks and countermeasures.
In fiscal year 2020, risks with potential impact on “WIN 2023 Key Strategies*” execution were identified through Risk Management Department analysis based on risk perception interviews with the Group CEO, Executive Officers, Regional CEOs, and External Directors. Regional risk assessments and input from related functional divisions were also taken into consideration, as well as insight from external experts.
We then set three evaluation axes for the risks: “impact on business upon risk manifestation”, “likelihood and timing of risk manifestation”, and “preparedness toward the risk”. Through the above-mentioned Committees and related meetings, the risks were prioritized and status of countermeasures considered.
Reflecting our corporate policies, risk assessment plans have been designed to attach due weight to issues related to personal health (and safety), company assets, business continuity, and reputation.
Risk factors identified from risk assessment results have been categorized into four parameter groups, according to risk characteristics: “Consumer-related Risks”, “Social-related Risks”, “Operation & Fundamental Risks,” and “Other Risks”. We have also adopted a risk ownership approach, appointing a risk owner to each risk category to take on clearly defined responsibilities of implementing countermeasures and as a mechanism to enable regular monitoring by the Global Risk Management & Compliance Committee/Board of Directors.
|Improve Profitability|| |
|Focus on Skin Beauty|| |
|Rebuild Business Foundation|| |
Based on 2020 risk assessment findings, the most impactful risks (Threats and Opportunities) for fiscal year 2021 in relation to WIN 2023 Key Strategies realization are: "Innovation Risks", "Changes in Consumer Values", "Business Structure Transformation", "Speed of Digital Shift", "Natural and Human-Made Disasters", and "ESC (Environment, Society and Culture) Unique to Shiseido”.
|Consumer-related Risks||Social-related Risks||Operation & Fundamental Risks||Other Risks|
| || || || |
Meanwhile, from a long-term perspective, we identified " Decline in purchasing demands for cosmetics " and "Tighter regulations on R&D, manufacturing and sales of cosmetics’’ as "Emerging Risks" of rapidly increasing importance to our business with potential long-term impact.
We are taking or have taken appropriate response measures to mitigate these risks as described below, along with other risks, including changes in our business model.
|Emerging Risk||Description||Impact on business||Mitigating actions|
|Decline in purchasing demands for cosmetics||The values, behaviors, and preferences of consumers are rapidly changing and diversifying due to the development of a highly technological and borderless society. |
In the midst of these changes, there is a risk that the purchasing demand for cosmetics, such as skincare and makeup, will decline.
|If we are unable to appropriately respond to changes in consumers’ sense of values regarding beauty and to develop cosmetics and services that match demand, it may have a significant impact on our business.|| |
|Tighter regulations on R&D, manufacturing and sales of cosmetics||There is a risk that our technologies and cosmetics may become subject to regulations in various countries and regions, resulting in stagnation of research and development, or a ban on production and sales, as a result of stricter regulations on formulation development, UV care, containers and packaging, etc., due to growing global environmental awareness.||Many proposals have been made to build a sustainable society in various countries and regions, such as the European Green Deal and the formulation of the Chemicals Strategy for Sustainability. The number of cosmetics and services offered by the Company may decrease and negatively affect the business plan if we are unable to formulate a unique strategy and effectively develop sustainable products in response to these tightening regulations. In addition, inadequate efforts in this area could result in a loss of trust from society and consumers.|| |
At the same time, compliance programs are being or have been prepared for four priority areas: personal data protection, anti-bribery, anti-cartel, and supplier risk reduction.
Shiseido has established the Shiseido Group Crisis Management Policy, a guide for incident response to enable swift and appropriate actions, effective damage control, and early recovery. In Japan, departments in which an incident occurs take initial actions to understand the situation and prevent damage from spreading while promptly reporting to the Risk Management Department. After determining the incident level from the perspectives of severity of damage, possibility of spread, social impact, and other factors, the Risk Management Department assigns members from necessary HQ functions to organize a task force. The task force examines a range of actions to prevent damage from spreading, respond to those affected, and disclose information, while continuously monitoring investigation into cause, progress, and response results, and implements reoccurrence prevention measures. Outside of Japan, regional CEOs and RMOs are responsible for leading incident response activities. Significant incidents, such as those which pose a high risk of affecting operations in other regions, are immediately reported to the Risk Management Department at headquarters to enable quick action.
1．Ensure the safety of employees and their families
2．Preserve company assets
4．Ensure the trust of stakeholders
We have formulated a Business Continuity Plan (BCP) to prepare for major natural disasters and other emergency situations. To enable prompt and appropriate actions by employees according to the BCP in the event of an emergency, we provide regular training and education programs and use the findings from these programs to periodically revise the BCP.
Our BCP is formulated based on the Shiseido Group Crisis Management Policy and the Shiseido Group BCP Concept as described below.
Our BCP consists of a “basic plan” serving as a general guide and “action plans” to specifically describe recovery activities to be carried out by each department.
The BCP is designed primarily for natural disasters and other emergency situations, such as large earthquakes, that can seriously affect business continuity. In order to minimize damage and facilitate early recovery, the plan describes “restoration tasks” (necessary actions to restore basic operations) and “business continuity tasks during an emergency” (actions that must be taken to maintain business operations during disaster situations), and sets “recovery time objectives” to complete said tasks. The plan also specifies in phases the information to be collected, items to be decided, and reporting lines. This plan is executed under the leadership of the HQ Emergency Task Force, appointing a risk management corporate officer appointed as director and members from necessary divisions to address issues related to employees, facilities, communication systems, information disclosure, funding, and consumer relations. The task force undertakes overall management in cooperation with two other special functions: the Product Supply Continuity Task Force (to recover and sustain supply networks) and the SJ Emergency Task Force (to be responsible for Japan Region operations). In addition to the BCP, for sudden and unexpected incidents such as earthquakes, we have separately developed a business continuity plan for emergencies with gradual/long-term impact, such as infectious disease outbreaks, which sets matters to be considered and implemented by each phase (infectious disease BCP).
The HQ Emergency Task Force Drill is held on a regular basis as training for effective command and appropriate execution of the BCP. Findings from the drill are used to review and revise existing action plans and BCP-related documents. Relevant parties are notified of changes, ensuring the BCP is up-to-date and prepared all for immediate action.
To promote individual employee awareness and knowledge of emergency preparedness, we run various training and education programs around the globe. BCP briefings are given to heads of departments/offices to increase their understanding and ensure swift action by all staff under their leadership in the event of major emergency, under HQ Emergency Task Force instructions. Additionally, safety confirmation tests are conducted for all employees twice a year, and new hire orientation programs include lectures to raise awareness of emergency preparedness.