Corporate Governance Structure and Initiatives | Internal Control System

Basic Views on Internal Control System and Status of Development

The status of the internal control systems developed by the Company based on the Companies Act and its enforcement regulations, for the purpose of ensuring the suitable and efficient operation of the Company as part of the duty of due care of a prudent manager, is as follows.

1. Systems for ensuring that directors’ and employees’ execution of duties comply with laws and regulations:

The Company has established the Risk and Compliance Committee, chaired by an external director, in order to strengthen the compliance system for adherence to laws and regulations, the Articles of Incorporation, corporate ethics, and social norms, and to enhance the supervision function of the Board of Directors through guidance, proposals, and recommendations of the external directors. The Risk and Compliance Committee promotes compliance-oriented management by auditing and supervising the Company’s compliance activities and by providing recommendations and guidance to the Board of Directors.
In addition, the Company strives to raise awareness of compliance among officers and employees through initiatives including internal training, and has established the Capcom Code of Conduct, which governs the conduct for compliance.
Furthermore, the Company takes measures to enhance the compliance system, including establishing the Risk and Compliance Council chaired by the representative director, establishing a system for cross-organizational control over measures taken under the compliance system in the Company, and regularly reporting to the Risk and Compliance Committee concerning the status of those activities. The Company has also established a point of contact for consultation as part of the internal reporting system within the Company office as well as offsite at a law office.
The Company has established the Internal Audit Department, which is an organization directly under the control of the Audit and Supervisory Committee that conducts internal audits independently of the departments conducting business.

2. Systems for storing and managing information relating to directors’ execution of duties:

The Company practices appropriate storage and management of the minutes of Board of Directors’ meetings and other documents and data pertaining to the directors’ execution of duties in accordance with its Document Management Rules and other documents.

3. Rules and other systems for managing the risk of loss

The Company has established the Risk Management Rules and the Risk and Compliance Council chaired by a representative director, so as to prevent crises.
The Risk and Compliance Council carries out activities to clarify and enhance the risk management system in the Company. In addition, it strives to strengthen the risk management system through such measures as regularly reporting to the Risk and Compliance Committee, composed of directors, concerning those activities.
Furthermore, the Company strives to respond promptly and appropriately in collaboration with related departments in the event of unforeseen circumstances, based on the Risk Management Rules.

4. Systems for ensuring that directors execute their duties efficiently

The Company enhances management efficiency through the introduction of the corporate officer system which clearly distinguishes between the Board of Directors (which determines management policies) and corporate officers (who execute business operations) and by promoting swift decision-making, resulting in smooth and flexible business operations.

5. Systems for ensuring the appropriateness of the Company’s business operations

The Company’s subsidiaries hold Board of Directors meetings approximately once a month, which are attended by the Company’s directors. The subsidiaries and the Company communicate and coordinate closely, and the subsidiaries are required to report on sales updates, business forecasts, and other important matters, in accordance with the Management Regulations for Subsidiaries. The Risk Management Rules and other measures advance the Company’s overall risk management system including compliance and ensure that its operations incorporate functional corporate governance.

6. Systems for employees assisting the Audit and Supervisory Committee, ensuring the independence of said employees, and ensuring the effectiveness of instructions given to said employees

The Audit and Supervisory Committee works to ensure effective internal control by auditing directors’ and employees’ execution of duties in accordance with auditing policies and submitting audit findings along with advice and corrective recommendations, among others. For this purpose, the Internal Audit Department (an organization directly under the control of the Audit and Supervisory Committee) has been established to support the Audit and Supervisory Committee in carrying out its duties smoothly and appropriately. We have established a system in which full-time employees assist with the committee’s duties under instructions of the members of the Audit and Supervisory Committee, and these employees cannot be transferred without the agreement of the Audit and Supervisory Committee.

7. Systems for the subsidiaries’ and affiliates’ officers and employees to report to the Audit and supervisory Committee, for other reports to the Audit and Supervisory Committee, and for preventing unfavorable treatment as a result of making such reports

The subsidiaries’ and affiliates’ officers and employees from whom the Audit and Supervisory Committee has requested information regarding the execution of duties must promptly respond to such requests and report appropriately on required matters.
The subsidiaries’ and affiliates’ officers and employees will not be treated unfavorably for making such reports to the Audit and Supervisory Committee.

8. Other systems for ensuring the effectiveness of audits by the Audit and Supervisory Committee

The Company sets aside a budget to cover costs incidental to the execution by directors who serve as a member of the Audit and Supervisory Committee of their duties. Where requested, a cash advance covering such costs is provided by the Company.

9. Overview of the status of operation of the system to ensure appropriate business operations

The overview of the status of operation of the system for the fiscal year ended March 31, 2025 is as follows.

(i)    In addition to the systems mentioned above, important meetings (of the Board of Directors, as well as the Corporate Management Council, Human Resources Committee, and Board of Corporate Officers) were convened at which deliberations and resolutions took place concerning matters stipulated by law and items to be discussed based on various rules. In addition, the Audit and Supervisory Committee determined auditing policies and schedules, and conducted audits of the Board of Directors pertaining to execution of duties and observance of laws and regulations.
Further, the Company operates a system capable of swift decision making in a business environment that is undergoing rapid change by delegating authority based on internal rules, including delegation by the Board of Directors of certain important business execution decisions to the Representative Directors.
In addition, in order to strengthen the supervisory function of the Board of Directors, the Company works to achieve active exchanges of opinions while deepening external directors’ understanding by organizing various voluntary committees, roundtable discussions, facility tours, and other events.

(ii)   The Compliance Committee, chaired by an external director, met quarterly. The Committee worked to quickly detect and prevent illegal activities and fraud by understanding inherent risks, identifying the probabilities, and reporting on the same to the Board of Directors.

(iii)  The Company promoted thorough awareness about preventing insider trading and leaking of information and other matters required under the laws and regulations, through e-learning and periodic compliance checklists to vet effectiveness, deepening officers’ and employees’ understanding of compliance issues.
In addition, harassment and other in-house and external training was deployed to raise compliance awareness among officers and employees.

(iv)   With regard to information protection and management, the Company manages personal information and other confidential information appropriately based on the Information Management General Rules and other regulations and guidelines.
In addition, the Company treats ensuring information security as a priority in view of the significant impact that information has on its business activities. For this reason, we are working to ensure information security by strengthening privilege management and using the latest software, as well as by using round-the-clock monitoring of external connections and early detection systems to monitor devices for malicious behavior. Further, in addition to building a system for early response and recovery in the event that a security risk becomes apparent, we will maintain and enhance the information security system using the PDCA cycle, taking on board the advice of the Information Technology Security Oversight Committee (an external advisory group).
Furthermore, directors, officers, and employees of the Company undergo regular information security education, training, and other activities. The outcomes of these activities are reported to the Board of Directors, among other initiatives, to increase awareness of information security.

(v)    With regard to the Company’s subsidiary companies, apart from communicating the Company’s management policies to the management of Company subsidiaries, the Company has initiatives in place to ensure the effectiveness of the internal control systems of the Company as a whole by continuous monitoring of subsidiaries’ operations. These measures include gathering information from officers holding concurrent positions in the Company and subsidiaries as well as from temporary employees.

(vi)   In addition to receiving periodic reports from the Internal Audit Department, where required, the Audit and Supervisory Committee conducts stringent checks to determine the effectiveness of internal control systems using organizational audits, by issuing directions, and other measures.

(vii)  The position of CHO (Chief Human Resources Officer) was created to advance the Company’s priority challenge of investing strategically in human resources, and we established a system for direct communication between management and employees. In addition, we strive to achieve swift and effective decision-making to resolve these challenges by establishing the Human Resources Committee which holds discussions focusing on policies and measures relating to human capital.
In addition, the Company holds regular briefings where the management team and employees may engage in direct dialogue so as to implement various measures and spread awareness of management strategy. We work to achieve mutual understanding through question-and-answer sessions, exchanges of opinions, and other means of communicating with employees.

(viii) The Company established a point of contact system through which the Company’s employees may make reports or seek advice for the purpose of further improving the workplace environment as well as to facilitate early detection and prevention of illegal activities. The points of contact, which provide a system for employees to submit reports and seek consultations, are located within the Company office as well as offsite at a law office. The points of contact operate based on rules that maintain their independence from management, ensure that people who submit internal reports are not subject to unfavorable treatment as a result of such reports, and protect the confidentiality of information that might identify the persons seeking advice.

Basic Views on Measures for Eliminating Anti-Social Forces and Status of Development

The Company takes a firm stand against antisocial forces that threaten social order and the safety of civil society, and has no connection of any kind with groups or individuals of such nature.

Where the Company comes into contact with such groups or individuals, prompt organizational action is taken in response and any unjustified or illegal demands are firmly denied, while also coordinating with the police and other relevant organizations.

In addition, care is taken to acquire relevant information on anti-social forces and related trends, and if a connection exists with entities that the Company was not aware were anti-social forces, swift action is taken to terminate such connection in coordination with the police and other relevant organizations.