Risk Management

Risk Management System

We define "risk" as "an event with the potential to cause unexpected losses in business operations, or cause damage to the Toyota Tsusho Group's assets and trust, etc." as laid out in the company's Risk Management Basic Policy. The company's fundamental approach is to identify and consider the various risks that occur in the course of business operations, ensure management safety, and increase corporate value by exposing itself to risk only within an appropriate and controlled range. Referencing the COSO*1 ERM Framework, we launched an Integrated Risk Management Committee in April 2020 as a structure for putting the Risk Management Basic Policy into practice. The committee is aimed at promoting global risk management in addition to individual management that has been conventionally carried out by risk Supervisory departments for their respective risks. It is chaired by the CFO and consists of regional CFOs, the general manager of the planning department of each sales division, and the executives and general managers in charge of respective risks. The committee clarifies risks that could impact the Toyota Tsusho Group’s management, identifies important risks, discusses and decides on response policies, verifies the effectiveness of the risk management process, and reports to the CEO. The committee also makes proposals to the Board of Directors meeting, which supervises the effectiveness of the risk management process based on such proposals and takes appropriate action if necessary.

  1. *1Committee of Sponsoring Organizations of the Treadway Commission
Risk Management System

The committee advances risk management through four activities: Check10, review of safety and compliance, strategy/BCP, and sustainability.

Check10 is an improvement activity implemented based on the findings of group companies’ self-assessment and their regional headquarters’ review for the 10 items identified as risks that should be given the highest priority. Check 10 aims to implement improvement measures by conducting assessment for each risk item and visualizing the risk management status.

The review of safety and compliance is an activity based on the idea of “beginning everything we do with safety and compliance,” which is shared across the entire Toyota Tsusho Group. All of Toyota Tsusho’s departments, domestic and overseas sites, and group companies, conduct inspections on their own to confirm the acquisition status of licenses, permits, registrations, etc. necessary for their operations, as well as compliance with quality and certification standards based on laws and regulations. The process and results of such an inspection are then subject to on-site, hands-on verification by executives in charge of responsible divisions.

By enhancing Check10 and activities for review of safety and compliance, we have strengthened not only collaboration between Toyota Tsusho’s departments responsible for respective risks and group companies but also the relationship within the relevant region, successfully building an integrated risk management system on a consolidated basis.

In strategy/BCP initiatives, analyzing macro-risks and BCP risks that affect strategy is becoming increasingly important as uncertainty associated with changes in the external environment is growing, thereby having greater impact on our business. Based on external environment (PEST) analysis, we consider the risks and opportunities for our business presented by changes in the external environment and implement measures for each scenario. As for sustainability initiatives, given the increasing impact of sustainability-related risks and opportunities on us, we are strengthening analysis and measures.

As described above, we classify highly important and urgent risks that exist in carrying out Toyota Tsusho Group business according to their factors, and appropriately implement the process of building an internal management system that suits their respective characteristics and reporting to the Integrated Risk Management Committee.

Risk Management for Strategy/BCP and Sustainability

About Check10

In particular, for Check10, the main activity of the Integrated Risk Management Committee, the 10 risk items (product, credit, business, finance, internal control, human resources and labor, information security, misconduct, logistics, and occupational safety and environment) selected as risks to be given the highest priority are assessed and scored by each business entity on a two-axis matrix of risk and management systems, and a heat map is created to visualize both quantitative and qualitative risks. In our annual Check10 initiative, each risk specialist department evaluates and reviews the self-assessment results submitted by each subsidiary. This process enhances the accuracy of the assessments and provides support to each company.

To identify global risks and problems, and then work to eliminate and minimize them, we discuss and promote the necessary countermeasures to establish and strengthen the risk management system on a consolidated basis.

We also conduct various training programs through in-person sessions, online courses, and e-learning to keep our antennae tuned to risks surrounding our company and to ensure appropriate management is carried out.

Check10 risk
Two-axis Matrix of Risk and Management Systems
Risk Evaluation Results (Heat map)

Risk Management

Risk Asset Management (RAM)

We engage in risk asset management (RAM), in which Risk Asset (RA) are calculated by multiplying risk exposure (RA principal) on a consolidated basis by risk weight (RW)—the maximum expected loss ratio based on credit rating and country risk—and balancing it with risk buffer (RB) based on financial corporate strength.

Our basic RAM policy, authorized by the board of directors, is to maintain a ratio of RA to RB below 1.0. To achieve this, we simulate the ratio of RA to RB based on the investment pipeline and other factors to achieve both investment in growth and financial soundness. For exposure in emerging countries with relatively higher country risk, we hedge risks through insurance by Nippon Export and Investment Insurance (NEXI) among other measures. We also manage country risk by setting country-specific maximum limits based on RB to prevent excessive concentration in specific countries. In addition, we conduct Risk-adjusted Value Added (RVA) assessments during transaction screening and investment discussions to raise awareness of the need to secure sufficient return for the risk.

Although RA has increased in each region due to business expansion as well as country risks that materialized in some emerging countries, our RA continue to be well diversified by region. As a result of RA management and the continuous accumulation of RB, the RAM figure for the fiscal year ended March 31, 2025, stood at 0.6. RA was again held within the range of RB (ratio of RA to RB of 0.6, which is below 1.0), and we thus maintained a sound and stable financial structure.

RAM values are measured and monitored regularly (twice a year). Measurement results are reported to management every six months, and year-end results are disclosed externally following approval by the Board of Directors.

Diversification of Risk Asset by Region

Major Risks

Product Risk

Commodities handled by the Toyota Tsusho group in its businesses, such as non-ferrous metals, rare earth resources, foods, and textiles, are vulnerable to uncertainties arising from price fluctuations. To address this, the Group sets position limits for each commodity and regularly monitors the status of operations within these limits. While the group takes various measures to reduce such price variation risks, it may not be possible to completely avoid them, so the state of commodity markets and market price movements may affect the operating results and financial condition of the group.

Credit Risk

The Toyota Tsusho group faces a degree of risk arising from the collection of loans and receivables associated with commercial transactions with its domestic and overseas business partners. To address these credit risks, the group sets bond limits and contract limits for each type of transaction, such as accounts receivables and advances, and uses a company-wide system to understand group credit risks. We also set ratings (eight levels) using our own standards based on the financial status of business partners and regularly confirm the status of business partners. In the case of business partners with low ratings, the group reviews the transaction conditions, determines the transaction policy, such as the protection of accounts receivables or withdrawal, carries out individually focused management, and endeavors to prevent losses. While the group manages credit in this way, it is difficult to entirely avoid the risk of deterioration of the financial condition of business partners or risks arising from the occurrence of unforeseen events, and the group’s operating results and financial condition could be adversely affected if it becomes difficult to collect receivables due to bankruptcy of business partners or other circumstances.

Business Investment Risk

We aim to expand existing businesses, strengthen functions, and enter new businesses by strengthening existing partnerships and forming new alliances. The Group’s investment approach is not based on the pursuit of short-term profit, but rather strategic investment that will lead to the development of business and the expansion and reinforcement of the Group’s value chain over the medium to long term. To better focus management resources on businesses where the Company can demonstrate its unique strengths, sales division policies and the investment pipeline are discussed at the Mid-term Business Plan Meeting based on company-wide policies, and the strategic value and priority of investments exceeding a certain amount are discussed at the Investment Strategy Meeting to determine whether they should be pursued. In the process of reviewing investment projects, the Administrative Unit verifies business plans from a technical perspective. Risk assessments and risk mitigation measures are discussed and opinions provided for each investment project, leading to deliberation by the Investment and Loan Meeting and a final decision by the organization concerned. In addition, to accelerate the investment decision-making process, the Group is proceeding to determine the authorized decision maker based on certain conditions and monetary significance, and to delegate decision-making authority to certain affiliated companies both in Japan and overseas. After investments are implemented, the Administrative Unit and the sales divisions jointly and continuously monitor and support projects facing issues (“check and support”). The Group also monitors investments for signs of declining performance, progress in business plans, exit conditions, and other aspects, and it operates strict restructure and exit rules for projects that are not proceeding as planned.

For many years, we used TVA1 (which measures the value added beyond the cost of capital employed) and RVA2 (which measures risk) as quantitative evaluation indicators for investments. While utilizing TVA, which can evaluate the contribution to corporate value, we have adopted ROIC3 as a KPI for deliberating investment projects in order to more strongly emphasize the efficiency of returns generated from invested capital. The cost rate of invested capital, which is in contrast to ROIC, is calculated as the weighted average cost of shareholders’ equity and interest-bearing debt. Setting the cost of shareholders’ equity to reflect the Company’s ROE target is designed such that any increase in ROIC through improved capital efficiency, improved profit margins or sales expansion will lead to achievement of our ROE target. In addition, by adjusting for country risk, we ensure an approach that matches the global nature of our business.

Despite these efforts, if the value of an investment target company or the market value of the stock of such a company declines due to changes in the business environment, technological innovation, or other unforeseeable circumstances, the group may lose all or a substantial portion of the invested balance or the group may have no choice but to provide additional funding to such investment targets. In such cases, there could be adverse impacts on the group’s operating results and financial condition.

Foreign Exchange Risk

Toyota Tsusho implements hedge measures, including using forward exchange contracts, for transactions denominated in foreign currencies, as they are exposed to the risk of fluctuations in foreign exchange rates. In the event we are unable to hedge a transaction, we implement measures that mitigate foreign exchange rate fluctuation risks by setting position limits and regularly monitoring the results of these transactions.

Risks Related to the Fund Procurement

We strive to minimize liquidity risk by maintaining sound business relationships with financial institutions, engaging in asset liability management (ALM), and procuring funds in accordance with the nature of our assets.

Human rights risks

We began conducting human rights due diligence at all consolidated subsidiaries in the fiscal year ended March 31, 2022 in order to respond to human rights risks that could have an impact on society through business activities.

Based on the opinions of internal and external experts, we analyzed human rights risks at all consolidated subsidiaries around the world from three perspectives: business natures (business sector), location (country), and products handled. We identified 93 companies where confirmation of priority risks is thoroughly needed. The four salient human rights issues that we investigated during this due diligence process were forced labor, child labor, discrimination, and the freedom of association and right to collective negotiations.

We surveyed the 93 subject companies using a questionnaire to understand the management status of anticipated specific human rights risks. Based on the results of the questionnaire, we identified companies that we believed required further investigation. We then investigated the actual situation through an interview with the presence of third-party organizations and established the direction of specific measures to reduce risks.

No human rights issues of immediate concern were identified through this process, but we will continue our efforts to reduce human rights risks.

The status of this process and the evaluation results are reported to the Sustainability Management Committee.

Information Security Risk

The CSO is responsible for overseeing information security measures. Based on the Company's Information Security Policy, the CSO implements information security risk management through the following measures and others. Additionally, the CSO participates in the Integrated Risk Management Committee and continuously supervises our company's cybersecurity strategy.

  1. 1Deployment of security guidelines
    • Toyota Tsusho group standard Information security management guidelines "All Toyota Security Guideline"(ATSG) have been established and deployed globally, The compliance status is visualized, and continuous improvements are carried out through internal audits.
    • Based on ISO 27001/27002, NIST (National Institute of Standards and Technology) Cyber Security Framework, the Ministry of Economy, Trade and Industry's Cyber Security Management Guidelines, and other guidelines, ATSG has established organizational controls, personnel controls, technical controls, and physical controls as well as systems for responding to incidents and accidents.
    • We review this guideline regularly to deal with ever-increasing risks of cyber attacks, etc. and at the same time, make efforts to improve the management capability of each group company.
  2. 2Deployment of group standard security management systems
    • We have established group standard security systems and are deploying and managing them globally in order to promote adherence to the guidelines efficiently and uniformly.
    • As the group standard security systems, we have standardized major IT functions such as network security, email security, and PC security to analyze and detect vulnerabilities globally, and we will expand them as appropriate in the future. Through its Security Operation Center (SOC), we monitor cyber attacks globally and quickly responds to threats such as malware infection, unauthorized access, and data leaks.
  3. 3Building a response system for cyber attacks
    • We have established a Computer Security Incident Response Team (CSIRT) and the CSIRT are implementing preventive activities to reduce the risk of security incident by continuous collecting / analyzing threat information and monitoring activities using the group standard security systems.
    • In the event of a serious incident such as an information leak, we mandate reporting to the designated contact point in accordance with the company-wide emergency reporting system, "Bad News First & Fast."
    • In order to minimize damage in the event of a security incident, we have established a collaboration and support system with group companies, and are working to create an environment where we can identify the scope of impact, take measures, and prevent recurrence immediately.
    • In cases where violations are identified, appropriate disciplinary actions will be considered in accordance with the internal policy titled 'Regulations for Confidential Information and Personal Information Management.'
  4. 4Implementation of employee training
    • We ensure that all employees of the Toyota Tsusho Group, including those overseas, are fully aware of the importance of information management and information security through e-learning and other forms of employee education, as well as through periodic security training. To maintain and enhance this awareness, we require all relevant personnel to participate in mandatory and ongoing education and training programs.

Compliance Risks

We established the Compliance & Crisis Management Department to strengthen the compliance system of the entire Group. In doing so, we aim to raise awareness of compliance, including thorough compliance with laws and regulations.

Related Links

Occupational Safety & Health Risk and Environmental Risk

We establish management rules or guidelines concerning occupational safety & health and environmental risk and appropriately identify and manage these risks.

Environmental Risk Management

The Group's business entities are operated in accordance with Toyota Tsusho Group Environmental Policy. For existing business units, we are working to reduce the risk of environmental pollution by quantitatively evaluating the degree of environmental pollution risk for each facility and the management level of work sites. In addition, we carry out a compliance evaluation for environmental laws and regulations every six months, and double-check the status of legal compliance of priority issues through internal and external audits.

Country Risks

We strive to reduce risks for projects in countries with high country risk through export and investment insurance and other means. We also aim to reduce the concentration of risk in specific regions or countries by monitoring risk-weighted assets, which is the maximum expected loss, for each country and keeping it within an upper limit set for each country.

Crisis Management

Overseas Crisis Management

In response to a major terrorist attack in Algeria in January 2013, the Security Management Group was established as a specialist organization within the Global Human Resources Department in April of that year. Currently, the Crisis Management & BCM Group of the Compliance & Crisis Management Department conducts education and training includes pre-assignment seminars for employees (and their families) stationed overseas and hands-on training that enables them, in a controlled environment, to learn about and to experience the risks unique to their country or region.

  1. 1A seminar on basic precautions while on business trips abroad is held for young employees with little overseas experience.
  2. 2Hostile Environment Training, which includes topics such as terrorism, is conducted for personnel assigned to high-risk countries. We have stepped up our monitoring and analysis of security information and have developed a website through which we share information with Toyota Tsusho Group employees all around the world. We have also established a 24/7 response system offering medical consultation with a physician by telephone and emergency medical transport for employees stationed overseas.

Business Continuity

The Toyota Tsusho Group has established a Business Continuity Management (BCM) system led by the Crisis Management & BCM Group of the Compliance & Crisis Management Department.
Toyota Tsusho's Business Continuity Plan (BCP) is an all-hazard BCP that takes into account all risks, including natural disasters such as earthquakes and typhoons, terrorist acts, pandemics, and cyber-attacks, and has been formulated for 210 businesses in Japan and overseas. Specifically, in accordance with the Toyota Tsusho Group Basic Business Continuity Principles, we have prepared plans to prevent business interruption or, to restore operations as quickly as possible even in the event of interruption, assuming scenarios in which key management resources are unavailable, such as employees not being able to come to work, not being able to enter the headquarters, long-term power outages, or not being able to use IT systems. Based on the formulated response plan, we conduct initial disaster response drills in September and March of each year, based on the scenario of a large-scale earthquake. We also conduct educational and awareness-raising activities for our employees worldwide by publishing a collection of case studies of businesses that have formulated BCPs and regularly issuing newsletters in both Japanese and English. Based on the BCP formulated to maintain an appropriate management system, we conduct periodic exercises and improvements, and continue to operate through the PDCA cycle.

TTC Group Business Continuity Principles

  1. 1The Safety of employees and their families is the first priority.
  2. 2Even if unexpected contingencies occur, we will not forget the Corporate Philosophy: Living and prospering together in society. All employees will fulfill their social responsibilities.
  3. 3We take preventive measures against predictable risks. We maximize Team Power to recover quickly from unexpected contingencies. We minimize impact to customers and continue our business.
  4. 4We promote the understanding of our Business Continuity Principles to all employees by means of education and training. We consistently perform KAIZEN (continuous improvement) to tackle Business Continuity Management (BCM), which should be based on Real Places, Real Things, and Reality.

Conflict Mineral

There are worldwide concerns that mineral resources mined in the Democratic Republic of the Congo (DRC) and nine neighboring countries are the source of funding for armed groups that are causing human rights abuses and environmental destruction. A survey has been conducted every year since 2013 to check whether these conflict minerals are contained by going back to the supply chain globally, centered on US-listed companies, and we are also actively participating in the survey as a member of the supply chain.

Investment Cycle Management

Basic Approach to Investing

Our basic approach to investing is not to target short-term profits but rather to make strategic investments whereby a business is developed over the medium- to long-term, thus leading to the expansion and strengthening of the Toyota Tsusho Group’s value chains. We focus our management resources on businesses in which we can demonstrate Toyota Tsusho’s unique strengths through discussions of each division policies based on companywide policies and the formulation of investment pipelines.

For investment projects that exceed a threshold level, the strategic value and order of priority of the investment are discussed at the Investment Strategy Meeting to determine whether it should be pursued. At the feasibility study of an investment, the Administrative Unit examines the business plan from an expert perspective and then discusses and provides opinions on risk assessment and mitigation measures. A final investment decision is then made through discussions at the Investment and Loan Meeting and Investment and Loan Committee. For important investment projects, the Administrative Unit and each sales division put in place a collaborative team to resolve issues.

In addition, to speed up decision-making on investments, decision-makers are assigned based on predefined conditions and monetary importance, and decision-making authority is delegated to some affiliates.

Investment Cycle

Structure Conscious of Capital Efficiency and Cost of Capital

We have implemented ROIC as a business management indicator, also using it as a KPI when deliberating on investment projects. This allows us to be keenly aware of the efficiency of return on invested capital. For the three value domains of core value, social value, and nature value, we have set a target for each domain, aiming to achieve a ROIC of 15% or more, 10% or more, and 5% or more, respectively. In the Mid-Term Business Plan (the fiscal year ending March 31, 2026, to the fiscal year ending March 31, 2028), we also include a ROE of 15% or more as a quantitative target and are working to improve our profitability and capital efficiency.

In addition, we use Toyotsu Value Achievement (TVA)—a unique indicator measuring the value added beyond the expected rate of return on invested capital (funds used), or the cost rate of capital employed—for monitoring the performance and investment effects of sales divisions and business units. The cost rate of capital employed, which is the weighted average of shareholders’ equity and debt costs, is designed in a way that ensures improving TVA through higher capital efficiency and profit growth will lead to the achievement of ROE targets. In addition, by adjusting for country risk, we ensure an approach that matches the global nature of our business.

For optimal allocation of management resources, we have reevaluated our businesses by classifying them into four quadrants based on their competitiveness and growth expectations, accelerating our efforts to exit the non-core business and reduce low-profit companies.

Examples of On-site Initiatives Conscious of Capital Efficiency and Cost of Capital