Basic Policy of Establishing Internal Control Systems

1. System for the preservation and management of information related to the execution of duties by directors.

(1) Our company will store and manage information in accordance with laws and regulations, as well as the "Document Management Regulations," "Information Security Implementation Manual," and other internal regulations.

(2) The Representative Director shall appoint from among the Directors a person responsible for company-wide oversight regarding the storage and management of information related to the execution of duties by Directors.

(3) The person in charge of overall management shall record and store information relating to the execution of duties by directors in accordance with internal regulations.

(4) Records to be kept shall be stored and kept in a highly searchable manner so that they can be viewed at any time by directors, auditors, and accounting auditors.

(5) In accordance with the Information Security Basic Policy, Privacy Mark, and Information Security Management System (ISMS), we will establish an appropriate system for the storage, management, and transmission of information.

2. Regulations and other systems concerning management of risk of loss

(1) Events (risks) that could have a significant impact on the company's objectives and business objectives shall be categorized as follows, and a management system shall be established.

• Financial reporting risks

• Quality risks

• Information security risks

• Labor risks

• Legal risks

• Environmental risks

• Business continuity risks

• Human Resource Risks

• Financial risk

• Social risks

• Governance risks

(2) Based on the "Risk Management Regulations," a Risk Management Committee shall be established to direct the financial reporting risk management system, conduct assessments of financial risks, and take measures to avoid or reduce risks.

(3) In order to deter misconduct caused by information leaks by employees, we will establish "Confidentiality Management Regulations" and "Disciplinary Regulations," and require employees to sign and submit a pledge to comply with company regulations.

(4) Risk management regarding digital information will involve establishing a system that can accurately identify information leakage routes and implementing deterrent functions through in-house training.

(5) With regard to environmental risks, social risks, and governance risks, the Sustainability Committee will conduct risk assessments and analyses and report the results to the Risk Management Committee.

3. System for ensuring that Directors execute their duties efficiently

(1) The Company shall hold a Board of Directors meeting once a month, and shall also hold extraordinary meetings as needed to make decisions on important matters and to supervise the performance of the Directors' duties.

(2) All directors shall each be responsible for the Company's operations, appropriately monitor progress, and strive to improve the efficiency of business execution.

(3) Regarding business operations, a medium-term management plan and annual budgets will be formulated based on the future business environment, etc., and company-wide goals will be set.

(4) Each department shall plan and implement specific measures to achieve its objectives.

(5) In order to ensure efficient execution of duties, the scope of necessary duties and authority shall be clearly defined by the "Duties Division Regulations" and the "Duties Authority Regulations."

(6) Implement flexible organizational changes to respond to environmental changes.

4. System to ensure that the execution of duties by directors and employees conforms to laws and Articles of Incorporation and the articles of incorporation.

(1) We will periodically review our internal regulations to comply with laws and regulations and Articles of Incorporation, and conduct internal training as necessary to raise awareness among employees regarding the execution of their duties.

(2) The "Board of Directors Regulations," "Board of Corporate Auditors Regulations," and "Employee Employment Regulations" define the system for ensuring the proper execution of business.

(3) In order to maintain a system of compliance with laws and regulations, employees shall sign and seal a pledge to comply with company regulations and submit it.

(4) Establish a compliance reporting system and promote compliance with laws and Articles of Incorporation and the articles of incorporation by providing guidance through training and other means so that officers and employees, in their respective positions, take it as their own responsibility and apply it to their business operations.

(5) Establish an internal audit system and audit the legality of business operations.

5. System for ensuring the appropriateness of business operations within our corporate group

A. System for ensuring that matters related to the execution of duties by directors, etc., of subsidiaries are reported to our company

(1) In accordance with the "Regulations for the Management of Affiliated Companies," the director in charge of the business related to the affiliated company (the director in charge) will be responsible.

(2) The director in charge shall request the submission of documents and other materials from the affiliated company as necessary and endeavor to understand the business operations of the affiliated company.

B. Rules and other systems for managing risk of loss of subsidiaries

(1) We require accounting procedures to be carried out in accordance with the "Accounting Regulations" and to receive monthly reports.

(2) In accordance with the "Risk Management Regulations," affiliated companies shall explain the status and effectiveness of measures implemented to address financial reporting risks to the Risk Management Committee and conduct an evaluation.

C. System for ensuring that Directors, etc., of subsidiaries execute their duties efficiently

(1) The management of affiliated companies shall be based on mutual trust and coexistence and co-prosperity, while respecting their autonomy.

(2) Important matters shall be discussed in advance by the Board of Directors.

II. A system to ensure that the execution of duties by directors, etc., and employees of subsidiaries complies with laws and Articles of Incorporation.

(1) A director shall be appointed to oversee the business of the corporate group, and the subsidiary shall be given the authority and responsibility to establish a compliance system.

(2) Our management department will promote and manage the compliance system established by our subsidiaries across the board.

(3) When conducting audits in the management described in (2), our "Internal Audit Regulations" shall apply mutatis mutandis.

6. Matters concerning employees who are requested by Audit and Supervisory Board Members to assist them in the performance of their duties

The employees who should assist the auditors in their duties shall be members of the Internal Audit Department.

7. Matters related to the independence from Directors of employees assisting the duties of Audit and Supervisory Board Members

Personnel changes, performance evaluations, and disciplinary actions against employees of the Internal Audit Department shall be subject to the prior consent of the Corporate Auditor.

8. Matters related to ensuring the effectiveness of instructions given by Audit and Supervisory Board Members to the employees assisting in the Audit and Supervisory Board Members' duties

The auditor has the authority to direct and instruct employees who are to assist the auditor in performing their duties.

9. System for reporting to the Audit and Supervisory Board Members

i. System for directors and employees to report to auditors

(1) If a director discovers any facts that may cause significant damage to the company, he or she shall immediately report them to the auditors in accordance with laws and regulations and internal company rules.

(2) The Internal Audit Department shall conduct an internal audit of any identified risks, and the Internal Audit Department shall report the results to the Board of Corporate Auditors.

(3) Financial reports shall be analyzed by the Risk Management Committee, which is the monitoring department, and the results shall be reported to the Board of Corporate Auditors.

(4) In the case of internal whistleblowing by employees, the Compliance Committee, which is the investigating body for the whistleblowing, will report to the Risk Management Committee.

(b) A system for reporting to the auditors by persons who receive reports from directors, employees, etc., of subsidiaries or persons equivalent thereto.

(1) If the director in charge of a subsidiary discovers any facts that may cause significant damage to the company, he or she shall immediately report them to the auditors.

(2) With regard to the financial reporting of subsidiaries, the Risk Management Committee, which is the monitoring department, will analyze the reports from the relevant departments of the subsidiaries and report the results to the Board of Corporate Auditors.

(3) Regarding internal whistleblowing, the Compliance Committee, which is the investigating body for the whistleblowing, will report to the Risk Management Committee.

10. A system to ensure that persons who report to the auditors are not subjected to unfavorable treatment as a result of having made such reports.

(1) In accordance with the "Compliance Reporting Regulations," the company shall take measures to prevent any deterioration of the workplace environment, including prohibiting dismissal or any other adverse treatment of the person who made the report.

(2) With regard to employees of subsidiaries, protection against disadvantageous treatment will be provided in the same manner as in (1).

11. Matters concerning the procedures for advance payment or reimbursement of expenses incurred in connection with the duties of corporate auditors, and other policies regarding the handling of expenses or liabilities incurred in connection with the performance of such duties.

(1) The Board of Corporate Auditors shall budget in advance for expenses that it deems necessary for the performance of its duties.

(2) The employee may request the company to pay in advance any expenses that become necessary in an emergency or extraordinary situation, and to reimburse the employee for any expenses that have been incurred.

(3) When it comes to the expenditure of audit expenses, attention should be paid to efficiency and appropriateness.

12. Other systems for ensuring that audits by Audit and Supervisory Board Members are executed efficiently

(1) In order to ensure the effectiveness of the corporate auditors, the "Corporate Auditor Audit Standards" and "Internal Audit Regulations" will be established.

(2) The auditors shall be aware of the process of important decision-making within the company and the status of business execution, in addition to the Board of Directors.

(3) Attend important company meetings, review key approval documents and other important documents related to business execution, and request explanations from directors or employees as necessary.

(4) Fully understand the significance and purpose of the three types of audits (internal audit, corporate auditor audit, and external auditor audit), and ensure cooperation and mutual complementarity among the three types of audits.

Established on May 19, 2006
Revised August 6, 2009
Revised June 13, 2011
Revised December 5, 2011
Revised June 1, 2015
Revised June 13, 2016
Revised April 1, 2020