Now ideas for wellness

About Meiji
At a Glance

At a Glance

Get to know Meiji at a glance – from our core business to our most important numbers.

CLOSE

Food
Our Nutrition Initiatives

Our Nutrition Initiatives

Our goal is to improve the lives of people of all ages around the world through nutrition, from infants to older adults, and we are dedicated to achieving this goal.

CLOSE

Pharmaceuticals

R&D

Medical needs are always diversifying – here's how Meiji is responding.

CLOSE

Sustainability

Search Documents

Download the Meiji Group’s sustainability reports and ESG data.

CLOSE

Investors

Invest in Meiji

Meiji delivers long-term growth and stakeholder returns – here’s how we do it.

CLOSE
Search this site

Risk Management

Basic Views

The Group recognizes that risk management is not just for responding when emergencies or disasters occur and severely impact business activities. It is also important to take preventive measures to control and avert/mitigate management risks.

Risk Management System

The Group established a risk management structure that supports further growth to achieve the Meiji Group 2026 Vision. Under this risk management structure, we identify overall Group management risks, reduce risks, and manage decisive risk-taking.

We established the Risk Management Department, which is separated from the Audit & Supervisory Board, to strengthen Group-wide risk management, and appointed an executive officer in charge of the department. The Executive Committee evaluates and confirms Group-wide management risks in line with the Group Vision and the risk control status and reports them to the Board of Directors, which evaluates and supervises the system. Thus, we can manage risks by adapting to changes in our operating environment.

Furthermore, to establish risk management systems that are suited to the Food Segment and Pharmaceutical Segment, respectively, we periodically share information, identify issues, and address them appropriately. We regularly share risk information across the Group, which includes risks common to all of our segments and risks that have impacts on the whole Group. Accordingly, we identify, evaluate, address, and solve risks promptly. The executive officer in charge of the Risk Management Department reports, as needed, information to the CEO, President and Representative Director.

Figure: Risk management system

*The Meiji Group has implemented a risk management system by referencing frameworks such as ISO 31000 and COSO.

Strengthen business continuity plans

The Meiji Group recognizes that risk management is not just for responding when emergencies or disasters occur and severely impact business activities. It is also important to take preventive measures to control and mitigate/avert risks.

In addition, as a company responsible for "food and health", we are maintaining and improving our business continuity plan (BCP) so that pharmaceuticals and food can be delivered to those who need it even in an emergency.

We provide employees with ongoing awareness training and regular training to confirm their safety.
In terms of business infrastructure and systems, we work to strengthen BCP in the entire value chain by reinforcing the earthquake resistance of facilities, establishing multiple production bases, duplicating procurement of raw materials, and reinforcing IT system backups.

Basic Policies for Business Continuity Plans

Meiji Group's mission is to continue supplying the products and services our customers need, even in the event of a large-scale disaster. In order to ensure this is possible, we have implemented our BCP in line with the following policies:

  1. Protect the lives of people involved in Meiji Group's business operations, as well as their families
  2. Fulfil Meiji Group's social responsibilities
  3. Minimize damage to business caused by stoppage of operations, or similar causes

The Group Business Management Risks

We appropriately identify risks and develop countermeasures considering the risk impact from a company-wide business management perspective. In this way, we not only minimize risks, but we also achieve sustainable growth and gain new growth opportunities. We outlined the three visions — the Business Vision, Sustainability Vision, and Management Foundation Vision — in the Meiji Group 2026 Vision. We have identified the Meiji Group Business Management Risks based on those three Visions. Each management risk is managed under the supervision of an assigned risk owner, who implements measures to avoid or mitigate these risks at the first line of operational management.
Among the matters related to the status of business, accounting, etc. as described in this annual securities report, the main risks that management recognizes as having a significant impact on the financial position, operating results, and cash flows of the consolidated company are as follows.

The future risks outlined in the table below are categorized based on the Group's medium- and long-term management strategies. We have assessed their importance to the Group, taking into account the likelihood of occurrence and the level of impact on the Group.

The information represents risks recognized by the Group as of the date of submission of this annual securities report. These risks are not a comprehensive representation of all the risks related to our businesses.

Business Risks

(As of June 27, 2024)

$$: Risks of greater importance
$: Risks of great importance

Risks Countermeasures Change in risk recognition from previous year Importance to the Group
Sale and supply of products and services
  • Abandon to launch planned product
  • Changes in customer lifestyles and values
  • Negative rumors about the Group's core materials (milk, cocoa, etc.)
  • Establish solid Proofs of Concept (POC)
  • Gather information on market trends
  • Develop products that are friendly to the environment and society
  • Create products and services unique to Meiji that address social issues
  • Appropriately disseminate relevant information about products and materials
 ↗︎ $$
The majority of profits comes from specific products
  • Sluggish sales of products that account for a considerable portion of sales and profits
  • Implement promotions that maximize unique value
  • Improve product portfolio management
  • Explore new markets and new business domains
 ↗︎ $$
Supply chains
  • Insufficient or excess procurement or price increases of raw materials
  • Cessation of production due to production problems, etc.
  • Difficulties in procuring raw milk
  • Unstable product supplies due to distribution problems
  • Gather information on raw materials markets and promote procurement strategies
  • Strengthen coordination between production and sales divisions
  • Diversify suppliers and consider alternative materials
  • Improve distribution efficiency through labor-saving/automation
 ↗︎ $$
Technological advances
  • Insufficient adaptation to rapid advances in digital technologies
  • Discovery of innovative treatment methods, manufacturing methods and formulation methods
  • Consider introducing new technologies as early as possible
  • Research new manufacturing and formulation methods, and search for alliances
 $$
Laws and regulations
  • Revisions that significantly impact corporate activities
  • NHI drug price revisions
  • Obtain information about system revisions early and implement countermeasures
  • Make appropriate approaches to relevant government authorities
  • Expand portfolio of products that are not affected by NHI drug price revisions
 $
Overseas expansion and overseas Group companies
  • Rapid changes in society, or outbreaks of war or terrorism
  • Revisions of the systems that greatly exceed expectations in various countries
  • Gather information, and investigate and implement countermeasures early
  • Create product supply systems from multiple locations
 ↗︎ $
Business plans, etc.
  • Failure to achieve the Visions or Medium-Term Business Plans due to change in business conditions
  • Growth slowdowns in Core Business, or failure to achieve targets for overseas markets or new business domains
  • Impairment losses on non-current assets or goodwill
  • Fluctuations in foreign exchange or interest
  • Enhance unique value and search for new value
  • Manage business portfolio from the perspectives of profitability, growth, and productivity
  • Make decisions and monitor investment, M&A, and R&D plans appropriately
  • Use foreign exchange contracts and borrow at fixed interest rates
 ↗︎ $
Sustainability-related Risks
Risks Countermeasures Change in risk recognition from previous year Importance to the Group
Caring for the Earth
  • Environment friendliness in corporate activities
  • Reduce CO2 emissions and prevent fluorocarbon leaks, promote energy-saving activities, expand installation of solar power generation facilities, use renewable energy-driven power, properly treat wastewater and industrial waste, and promote environmental management in compliance with ISO14001
  • Circular economy
  • Comply with policies related to the environment
 ↗︎ $
Climate change
  • Address climate change
  • Analyze climate change scenarios according to the TCFD framework, formulate strategies and release information
 $
Thriving Communities
  • Sustainable raw material procurement
  • Understand diversity, and use a diverse workforce effectively
  • Consider human rights, and human rights issues
  • Increase the ratio of sustainably procured raw materials, such as cocoa beans and palm oil
  • Strengthen cooperation and collaboration with dairy farmers and other suppliers
  • Create organizations and cultures that value diverse perspectives and abilities
  • Address challenges of human rights based on due diligence
  • Strictly comply with policies, etc. related to procurement, human rights, society, and so on.
 $
Management Foundation-related Risks
Risks Countermeasures Change in risk recognition from previous year Importance to the Group
Corporate Governance
  • Make decisions in a timely and appropriately manner
  • Internal or external non-compliance
  • Improve effectiveness of the Board of Directors
  • Enhance corporate governance systems
  • Provide education on compliance and social media usage based on Meiji Group Behavior Charter, and comply with internal and external policies
 $
Damage to the Meiji brand
  • Product recalls or withdrawals from the market due to quality defects or unexpected side effects of pharmaceuticals, etc.
  • Unexpected harmful rumors about the Group or products
  • Pursue quality and safety
  • Communicate appropriately with each stakeholder
 ↗︎ $$
Human capital and culture
  • Recruit and develop human capital required for corporate growth
  • Employee engagement
  • Effects of business environment on productivity
  • Appropriately implement succession planning
  • Improve employee training
  • Implement measures in consideration of the results of the employee engagement survey
  • Strengthen the structure to enhance health and productivity management; develop a Group-wide structure for occupational health and safety
 ↗︎ $
Information asset leaks
  • Information leaks and system shutdowns due to unauthorized access, etc.
  • Data breaches due to inappropriate system management
  • Strengthen information management systems and information security
  • Strengthen education on information management and comply with regulations and policies
 $$
Disaster, emergency or other unforeseen circumstances
  • Temporary or full suspension of business operations due to disasters, pandemics or other unexpected emergency
  • Increases or decreases in product demand due to changes in business conditions in an emergency
  • Develop business continuity plans and risk management plans for swift recovery
  • Maintain a broad product portfolio across the Group
 ↗︎ $$

The Board of Directors selected the priority initiative topics for FYE March 2024 relating to Group business management risks and confirmed the initiatives of each operating company.

Priority initiative topics for FYE March 2024

1. Information leaks and system shutdowns due to unauthorized access, etc.

Damage suffered by companies due to ransomware and targeted email attacks have become more prominent, and therefore, we confirmed our countermeasures against cyberattacks, especially such as unauthorized access targeting overseas subsidiaries, under usual conditions and responses when such incidents occur.
The Group has established incident response procedures with the aim of preventing incidents when security threats are detected and mitigating the impact of incidents when they occur. Specifically, each operating company has built a CSIRT structure, based on which each develops response flows, conducts training, and strengthens cooperation with other operating companies. These measures support business continuity and enhance trust from society. Additionally, we continuously strengthen our cybersecurity by conducting vulnerability tests, including simulated hacker attacks by third parties, on our website servers, networks, and other IT environments.

2. Unstable product supplies due to distribution problems

As part of the "Work style reform laws" implemented in stages since April 2019, regulations such as limiting truck drivers' overtime work to 960 hours per year will be enforced starting from April 2024. Along with this, concerns have been raised regarding potential logistics challenges, so called the "logistics 2024 problem," due to the anticipated decrease in truck drivers' working hours leading to potential transportation capacity shortages. In light of this, we have reviewed the current situation, challenges, and responses related to the Group's product logistics.
The Group has subsidiary companies in charge of logistics functions, through which we maintain close communication with transportation providers and are working on measures aimed at optimizing logistics and enhancing its productivity in line with the government's "Policy Package for Logistics Innovation" and its associated guidelines.

Information Security

We work to strengthen information security, including the management of personal information and confidential information. In addition to enhancing and implementing intellectual property protection and other information management in accordance with guidelines and rules related to various information management, we ensure employee education and training are provided, and work to strengthen our continuously evolving IT technology.
We provide necessary information to customers through helpdesks and websites established for each business division. For shareholders and investors, we provide information disclosure through our IR activities and a dedicated website.

Basic policy

The Meiji Group understands the importance of ensuring the security of customer personal information and other information assets. With this in mind, we have outlined the Meiji Group Information Security Policy along with various related rules and guidelines that we apply towards ensuring and enhancing information security.

Meiji Group Information Security Policy

Management structure

The Meiji Group recognizes information security as a business risk. As an information security structure, the Meiji Holdings Co., Ltd. Executive Committee evaluates and confirms the state of information security management, and submits reports to the Board of Directors, which oversees the evaluation and monitoring of this structure. We also establish relevant committees within each operating company to strengthen information security and ensure an effective information security structure. In the event of a serious incident or other emergency situations related to information security, the executive officer in charge of the Risk Management Department at Meiji Holdings Co., Ltd. submits reports directly to the CEO, President and Representative Director.

Initiatives

Employee education

To improve information security awareness, we regularly conduct employee education and training concerning information security.

Information Security Employee Education Implementation Status

Education / training content FYE March 2022 FYE March 2023 FYE March 2024
results results results
Rate of new employee training 100% (162 people) 100% (168 people) 100% (159 people)
Rate of e-learning education 85% (10,315 of 12,137) 88% (10,727 of 12,222) 83% (11,703 of 14,061)
E-learning details About risks and measures related to email and internet use Importance of initial response to information security incidents and accidents
Suspicious email / targeted email attack response training numbers 11,217 people 3,578 people* 14,273 people
Other initiatives Companywide warnings and information security one-point lessons

*Implemented for randomly selected participants

Strengthening incident response

The Meiji Group has created an Incident Response Procedure to prevent incidents before they occur if a security threat is detected as well as to prevent the spread of damage in the event an incident occurs. Specifically, we have established a CSIRT* structure within each operating company and implemented various measures, including outlining a response flow, conducting training, and working to further strengthen coordination between operating companies. This helps ensure business continuity and increase society's trust in the Meiji Group.

*CSIRT (Computer Security Incident Response Team): The name of the dedicated organization for monitoring security issues on computers and networks within the organization, and conducting cause analysis and identifying the scope of impact in the event an issue is discovered.

CSIRT Structure Example: Meiji Co., Ltd.

figure of CSIRT Structure Example: Meiji Co., Ltd.

Meiji Seika Pharma Co., Ltd. and KM Biologics Co., Ltd. have also established similar CSIRT structure.

Incident response details

We implement various measures to prevent incidents, including electronic media and PC encryption, IT asset management, and log monitoring. In the event of an incident, we prevent information leaks by taking measures such as locking accounts, conducting remote wipes, and investigating logs.
In cases where we suspect an organization has been subject to a cyberattack, we systemically prepare to conduct detection, isolation, and recovery.

Incident Response Procedure

Meiji-CRIST Structure
Incident response training

The Meiji Group implements a regular annual training program on incident response. The results of training are reported to the supervising officers of each operating company, and structures are reviewed regularly based on those results.

Cybersecurity response

The Meiji Group continuously works to strengthen the cybersecurity of our IT environment, which includes our website servers and networks. These efforts include third-party vulnerability diagnosis using cyberattack simulations.

Social media risk reduction initiatives

The Meiji Group has established various rules for the use of social networking services in order to reduce social media risks. We also use a company portal website to educate our employees.

Intellectual property rights initiatives

The importance of intellectual property protection is increasing year by year due to the growing awareness of intellectual property rights, including trademark rights such as copyright and design registration, and various measures taken by the government. We have rights to the results obtained through research and development of products and technologies as intellectual property, and utilizes them to continuously supply high value-added products that are unique to the Meiji Group.

On this site, we use cookies to provide better service to our customers. By accessing this site, you agree to our use of cookies. For more details, please see Terms and Conditions.

Accept