Basic Policy on Implementing Internal Controls
The Company, in compliance with the Companies Act and the Ordinance for Enforcement of the Companies Act, is applied basic policy for the establishment of an internal control system as follows.
1. Systems to ensure that Directors and employees conduct their work in accordance with laws and regulations and the Articles of Incorporation
(1) To improve enterprise value and gain trust as a member of the community, I-O DATA places compliance with laws and regulations, its own Articles of Incorporation and community standards at the heart of its business. As part of this action policy, the Company has instituted the I-O DATA Action Charter and the I-O DATA Code of Conduct, which Directors and employees are expected to follow in the course of their duties.
(2) We have established a Compliance Committee, chaired by the President, which deliberates on important compliance issues, provides training and raises awareness to maintain and improve the compliance system.
(3) The Compliance Helpline is a reporting mechanism created to enable quick discovery and response to violations of the law. Reporting to the Compliance Committee Chair, Compliance Secretariat and independent auditors, the Helpline effectively promotes compliance. The reporting person shall not receive any disadvantageous treatment by reason of his/her reporting.
(4) In accordance with the I-O DATA Code of Conduct, the Company determines to sever any ties with anti-social forces which pose a threat to social order and security with a resolute attitude and responds to unreasonable demand organizationally by closely cooperating with outside special organizations including the police and attorneys.
(5) The Audit Office reports directly to the President, conducting regular audits on the performance of operations and the status of compliance at each department, and reporting the results to the President and the Standing Statutory Auditors.
2. Systems to store and manage information on Directors’execution of their duties
The Company shall store and manage information on the execution of Directors’ duties by recording such information in documents or by electromagnetic means based on document-handling guidelines and other internal rules, in order that Directors and Auditors may inspect such information as necessary.
3. Rules and other systems to manage the risk of losses to the Company and its subsidiaries
(1) The Risk Management Guidelines set forth the basic policy and organizations for managing business risks. Risk management systems are established and organized on this basis, to ensure effective handling of risks.
(2) The Company and its subsidiaries recognize various types of risks, including market risks, credit risks, quality risks, compliance risks and overseas country risks. For each compliance category, managers are appointed to assess and respond to such risks appropriately.
(3) The President Office has general responsibility for overall risk management, collecting information on risks and implementing risk management as an integral part of internal control. Furthermore, the Department is organized to take rapid crisis-response measures in the event of serious problems.
4. Systems to ensure that Directors perform their duties efficiently
(1)To ensure fast decision-making in response to changes in the market environment, I-O DATA introduced an Executive Officer System whereby executive rights and responsibilities are delegated to Executive Officers.
(2)The Board of Directors meets in principle once a month, to reach decisions on the most vital issues of the Company’s management and assess the performance of duties up to the level of Executive Officers.
(3)The Management Conference meets in principle once a week and consists of Directors, Standing Statutory Auditors, Executive Officers and General Managers. The Conference reports and deliberates on the most important issues confronting the Company at that time.
(4)A system of internal regulations is established to clarify the division of duties and responsibilities among Directors, Executive Officers and employees to ensure the effective and appropriate performance of duties.
5. Systems to ensure appropriateness of operations among the Company and its subsidiaries
(1) General Managers in charge of management of subsidiaries are appointed to monitor and supervise the duties of Directors at subsidiaries in accordance with the regulations on management of affiliates and other internal rules.
(2) Important decisions on the management activities of subsidiaries are reported to the Board of Directors of the Company for approval.
(3) Liaison meetings are held regularly with subsidiaries. These meetings provide a forum for sharing information and views among the Group, ensuring consistency in management policy.
(4) The Company’s Audit Office conducts regular audits of subsidiaries’ operations and internal controls and reports its findings to the President and Standing Statutory Auditors of I-O DATA.
6. Employees requested to assist auditors in the performance of their duties
Employees to assist the duties of auditors shall be seconded from the Audit Office or the management division, and they shall therefore concurrently serve two posts.
7. Assurance of the independence of employees serving as auditors’ assistants from the Directors and the effectiveness of the auditors’ instructions to the said employees
Items relating to appointment, transfer, evaluation and punishment of employees seconded to assist auditors in their duties shall respond to and respect the opinion of the Board of Auditors. Employees who receive orders from auditors regarding their auditing work may not receive orders regarding those orders from Directors and managers, etc.
8. System for reporting of Directors and employees to auditors and system for ensuring that a reporting person does not receive any disadvantageous treatment by reason of his/her reporting
(1) Directors, employees, etc. of the Company and directors, auditors, employees, etc. of the Company’s subsidiaries shall report and provide information as necessary to each auditor in accordance with the Board of Auditors Guidelines and the Auditors’ Auditing Standards. Also, in the event of the following emergencies, Directors and employees must report them to auditors without delay.
1) Financial or legal issues that may significantly affect the Company’s management.
2) Conditions that may otherwise significantly damage the Company.
(2) A person who reports to auditors shall not receive any disadvantageous treatment by reason of his/her reporting.
9. Procedures for the prepayment or reimbursement of expenses incurred by the auditors of the Company for the execution of their duties and other policies on the treatment and reimbursement of those expenses
With regard to procedures for the prepayment or reimbursement of expenses incurred by auditors for the execution of their duties and the treatment and reimbursement of those expenses, the Company has established a system whereby such procedures and treatment are promptly conducted at the request, etc. of the auditors.
10. Other systems to ensure the effective implementation of audits by auditors
(1) Meetings are held, as appropriate, for auditors to exchange views with the President and Directors.
(2) The Audit Office confers with auditors annually to devise an auditing plan. The Audit Office and auditors stay in regular contact to enable meetings and exchanges of views on the results of internal audits and other findings and proposals.
(3) The auditors and Audit Office exchange information and stay in regular contact with the Accounting Auditors.