Initiatives to Further Enhance the Reliability of Financial Reporting

We have established an internal system in order to further enhance the reliability of our consolidated financial reporting. The designing and implementing of internal control are periodically assessed to keep making appropriate improvements. Specifically, a Chief Responsible for Internal Control has been appointed in each organization to design and implement internal control. The Internal Audit Division evaluates the effectiveness of internal control and provides feedback to each organization to ensure the continuous improvement. Overall management of these initiatives is conducted by the Internal Audit Division, and important matters are determined through deliberations in the Disclosure Committee chaired by the CFO. In this way, we are working to reinforce the companywide internal control system.

Strengthening Risk Management on a Group Basis, Including Subsidiaries

ITOCHU has established internal committees and responsible departments in order to address the various risks associated with the Group's business operations, such as market risk, credit risk, country risk, and investment risk. At the same time, on a Group basis ITOCHU has developed the risk management systems and methods to manage various risks individually and on a companywide basis.
Those include a range of management regulations, investment criteria, risk exposure limits, and transaction limits, as well as reporting and monitoring systems. Moreover, ITOCHU regularly reviews the effectiveness of its risk management systems. As part of such efforts, the ALM Committee protects the ITOCHU Group's assets through deliberations on Group balance sheet management as well as analysis and management of risk.

Process for Investments

Managing Concentrated Risks

We also manage overall country risk exposure to non-industrialized countries and manage individual country risk based on internal country rating standards. Country limits are deliberated by the Asset Liability Management (ALM) Committee and approved by the HMC.

Business Continuity Plan

ITOCHU Corporation has established a Business Continuity Plan (BCP) to ensure that in the event of unforeseen emergencies, including major earthquakes and other natural disasters, pandemics, terrorism, major accidents, and cyber-attacks and security incidents, important business will not be interrupted, or will resume as quickly as possible if there is an interruption. The BCP applies to the entire ITOCHU Group and is supplemented with individual BCPs set by individual business and administrative divisions. Content revisions, together with internal education and training sessions, are undertaken regularly.
In preparation for unexpected major disasters, the BCP describes four stages: 1) Emergency response and initial recovery; 2) BCP invocation; 3) Operational recovery; and 4) Full recovery. The BCP specifies the commander and response protocols for each stage. ITOCHU has also implemented a crisis management system for outbreaks of infectious diseases, including COVID-19. This system, which prioritizes the safety of employees and the prevention of the spread of infection, allows us to continue critical operations while avoiding risks even during periods of high infection spread, in order to contribute to the stability of daily life by maintaining supply chains in each sector.