Top page > Corporate Governance > Internal Management Structure and Initiatives

Latest version is available on the "Online Integrated Report 2016" top page.

Internal Management Structure and Initiatives

Status of Internal Control System

Strengthening Risk Management through the Development of Our Internal Control System

As part of directors' due diligence, Capcom developed the following internal control system based on the Companies Act and its enforcement regulations to ensure that all Group company practices comply with regulations and are executed in an efficient manner.

1. Creation of a Structure to Ensure Directors Perform their Duties in Accordance with Laws and Regulations

To strengthen the management monitoring function and enhance corporate value, Capcom strives to prevent illegal activities and ensure compliance through regular Compliance Committee checks while attempting to invigorate and heighten the monitoring function of the Board of Directors in accordance with advice and recommendations from the three external directors.

2. Internal Control over Financial Reporting

Based on our "internal control rules", Capcom has developed and continues to operate the necessary systems in order to guarantee reliable financial reporting and ensure proper internal control over financial reporting, in accordance with the Financial Instruments and Exchange Act. Our internal control system over consolidated financial reporting at the end of the period under review has been determined as effective and the results of this assessment have been reported to the Director-General of the Kanto Regional Finance Bureau in the form of an internal control report. The results have also been disclosed through EDINET and our corporate website.

3. Develop a System to Maintain Appropriate Business Practices

(1) Information Management and Storage
The management and storage of documents and information such as the minutes from board meetings is conducted in accordance with "document management regulations".

(2) Risk Management
A risk management structure and "crisis management regulations" were created to proactively prevent crises and execute the appropriate actions if one occurs.

(3) Efficient Execution of Business Operations
Capcom introduced a Corporate Officer System under which the duties of the Board of Directors and corporate officers are separated to enable smooth and flexible business operations and enhance management efficiency.

(4) Legal Compliance System
The "Capcom Code of Conduct" is our guideline for legal compliance. We seek to prevent illegal activities and misconduct through employee training and monitoring programs.

(5) Operational Audit Structure
In accordance with auditing policies, the execution of operations by Board of Directors are audited, with recommendations for improvements indicated in auditor reports as necessary to ensure internal controls function effectively. To enable auditors to perform their duties smoothly and appropriately, two employees are selected with the consent of auditors to provide assistance.

4. Basic Policy and Framework for the Eradication of Antisocial Forces

Capcom takes a firm stand against antisocial forces that threaten social order and the safety of citizens, and strictly prohibits any association with such groups at the organizational, employee and individual levels. If we are contacted by such groups, in addition to swift organizational measures, we will cooperate with the police and other relevant authorities to firmly refuse unlawful demands.

While Capcom attempts to remain aware of information related to these groups in order to avoid contact or involvement, if we discover that we have unknowingly become involved with them, we will immediately terminate the association with the help of the police and other relevant authorities.

Initiatives to Strengthen Compliance

Focusing on the Viability and Effectiveness of Our Compliance System

As noted on page 54, Capcom has established a Compliance Committee consisting of external directors, some of whom are lawyers, who regularly report to the Board of Directors and issue reminders and recommendations. A secretariat was established in the Internal Controls Department, which works to enhance the viability of the entire Capcom Group compliance system by planning and operating the internal compliance system and functioning as the department that provides consultations and receives notifications to prevent legal violations before they occur.

Furthermore, the "Capcom Code of Conduct" was formulated to strengthen our compliance system. Capcom is dedicated to proactively preventing illegal acts and misconduct, and ensuring legal compliance through the promulgation of corporate ethics and principles.

During the period under review, the Compliance Committee met four times and conducted compliance training sessions for new employees. Also, "e-learning sessions on legal compliance and personal information protection rules" were given to all employees.

Compliance is the foundation of corporate governance and the basis for the fulfillment of corporate social responsibility. Capcom will continue to instill this understanding in all its officers and employees.

Compliance Structure

diagram: Compliance Structure

Status of Training Programs (Year ended March 31, 2015)

Activity No. of Times Target
Compliance training curriculum 2 All employees
Personal information protection training curriculum 2 All employees

Periodic Compliance Checks

Compliance Status Checked Regularly

Capcom conducts "periodic compliance checks" to regularly monitor the operational status of each of its departments. Twice each year, more than 30 items, including fair business practices, workplace health and safety, and information asset management, are checked using a check sheet, while compliance officers covering each department are also interviewed individually to confirm the effectiveness of our overall compliance system.

Also, in response to feedback received from interviews and questions during the "periodic compliance check", such as on protocol for issuing documents to business partners and proper document management practices, clear-cut answers are provided to related persons and when necessary, all employees are notified and made aware using the intranet.

Compliance Hotline

Special Hotline Set Up for Compliance Issues

Capcom established the "Compliance Hotline" as a self-corrective function to uncover and prevent risks in order for the company to thoroughly practice compliance-focused management. This enables the company to smoothly address whistle-blowing reports from employees and have in place an environment to prevent legal violations or illegal behaviors as well as take corrective action.

Information Security Initiatives

Building Mechanisms for the Appropriate Protection of Information Assets

As a company primarily engaged in the planning and development of software, Capcom is an environment where the latest information technology is always in use. Compared to companies in other lines of business, we face relatively high information security risks.

Accordingly, to protect Capcom's information assets from a variety of threats and maintain an information security policy appropriate for a corporation trusted by society, we publish internal information regulation collections, including "Basic Security Policies", "System Usage Policies" and "Basic Disclosure Policies", etc.

We use a firewall to protect us from external attacks via the Internet, and our internal system requires each user to have a unique ID, password and PIN to access the system, thereby reducing the risk of unwelcome intruders.

Furthermore, we are in the process of patching known security holes. Over the past few years, we have been implementing measures to prevent information leaks, which include the (1) identification of information leak risks, (2) creation of an early response structure to respond to information leaks and (3) establishment of a response process to minimize damage in event information is leaked.

Above all, in (1) we will reconfirm the importance of information assets held by each department with the aim of clarifying critical risks and create a manual detailing procedures related to (2), while (3) will involve a system capable of quickly auditing the information log to find the cause and prevent the reoccurrence of problems. In this manner, we are focusing our efforts on using our expertise to enhance our internal response capabilities.

Moreover, to prevent the remote takeover of computers and other cyber-attacks that are on the rise recently, we constantly monitor for suspicious communications with external networks and implement virus detection on computers issued to employees.

In addition, regarding critical online services, we outsource the constant monitoring of security and communications to an external security specialist who also conducts regular diagnostics.

To improve security literacy among all our employees, we are implementing internal training to raise awareness and educate on the topic of information leak risks. Through these and other initiatives, Capcom is striving to create a structure for making an appropriate first response in the event information is leaked or an accident occurs.

Business Continuity Plan (BCP) Initiatives

Strengthening Our Crisis Management System

Capcom is working to strengthen its crisis management system in order to minimize damages, losses and disrepute, and ensure the company continues to function, based on an appropriate and smooth response, in the event of an emergency, such as a natural disaster or accident. If an emergency occurs, under our crisis management rules, a task force consisting of top management will be set up to assess the extent of damage to the company. In addition, we have established action criteria and an emergency contact route in our crisis management manual in order to ensure an appropriate response and convey information to one another in a prompt manner.

In the wake of the Great East Japan Earthquake, we are striving to build a crisis management system that will ensure our business continuity in the event of an unforeseen incident or natural disaster. This will be made possible by strengthening our risk management through the stockpiling of disaster-relief supplies, implementation of a safety confirmation system, and storage of "health kits for flu", to ensure that we can properly and quickly respond to these emergencies.

PDF Download Corporate Governance (PDF:1.28MB/18 pages)

DOWNLOAD

  • digg

Online Integrated Report (Annual Report) Archives