Risk Management

We are strengthening risk management to achieve a "resilient business foundation" which we have identified as part of our materiality (priority issues). Based on risk prevention, forecasting, and control, we are implementing risk management through five committees (Quality, Trade Management, BCM, Information Security, and Technology Asset Management) that establish and implement regulations. In addition, we are enhancing resilience by supporting business divisions in their risk activities based on specialized knowledge and expertise, preparing and training on BCPs (business continuity plans) during normal times, and establishing a governance system for emergency situations.

YKK AP’s risk management promotion structure is based on a three-line model. The five basic units (Sales, Development and technology, Manufacturing and supply, Administration, and Overseas) serve as the first line, taking the lead in risk management activities. Risk management departments and committees, which serve as the second line, support the first line with their specialized knowledge and expertise. The Internal Auditing Division, which serves as the third line, audits the effectiveness of the risk management activities of the first and second lines. Furthermore, by allowing self-checks of risk management activities based on the YKK Group’s compliance standards, the YKK Global Criteria of Compliance (YGCC), we are clarifying the roles and responsibilities of each person and division in charge of conducting these activities, thereby enhancing their effectiveness.

In FY2024, we reviewed our process for identifying key risks and, in addition to consultations with risk management departments, conducted risk surveys of business divisions and interviews with senior management to identify and analyze risks. In evaluating risks, we determine the level of risk based on the likelihood of occurrence and impact, as well as reputational risks and internal and external factors. This is then used as a basis for discussion and decision-making by the Board of Directors to identify key risks.

For FY2025, we have identified 27 categories of key risks, including system failures, cybersecurity, major natural disasters, product defects, and recalls. We will prioritize the allocation of business resources to these areas and implement measures to develop systems and countermeasures.

We are working to acquire the appropriate business continuity capabilities necessary to respond to major emergencies. To this end, we are enhancing our organizational strength through repeated training and preparation to enable rapid initial response and implementation of BCPs based on an all-hazards approach, covering large-scale natural disasters, supply chain disruptions, cyber incidents, and the spread of infectious diseases.

The first basic policy is "Prioritize human life, ensure safety, and prevent secondary disasters." In FY2024, based on the scenario of a major earthquake directly under Tokyo or a Nankai Trough earthquake, we conducted joint training exercises involving manufacturing and sales operations across different areas, briefings for sales managers, and training exercises with Kurobe, which will serve as a backup base for the local disaster response headquarters in the event of a disaster in the Tokyo metropolitan area. Measures will be considered for each location to address issues identified during the training, and these will be reflected in BCP revisions and future training. We are also conducting initiatives that involve external contractors such as truck drivers and cafeteria staff in evacuation drills.

To recognize our series of initiatives on risk management, YKK AP has been certified as a business operator that meets the "Resilience Certification" requirements for Business Continuity and Social Contributions from the Association For Resilience Japan.