In order to cope effectively with the diversifying risk environment, we have built a risk management framework by developing our risk management approach from a micro to a macro perspective, and shifting our focus from “minimizing losses from individual transactions” to “maximizing corporate value.” This framework is strongly linked to the management plan, playing a critical role in supporting the efficient management of our corporate resources.

The Purpose of Risk Management

In response to the shift of our risk management focus from “probability of losses” to “probability of discrepancy between the plan and the actual results,” we have set the following three items as the purpose for our risk management activities.

1. Stabilize Performance: Minimize discrepancies between the plan and the actual results
2. Strengthen Financial Base: Maintain Risk-adjusted Assets within the buffer (shareholders’ equity)
3. Maintain Corporate Reputation: Fulfill CSR requirements and preserve corporate reputation

Risk Management Basic Policy

We classify our risks into two categories: Quantifiable risk and Non-quantifiable risk. Quantifiable risk is defined as “Value creating risk,” where we proactively take to gain the return. Our policy is to maximize the risk-adjusted return while maintaining Risk-adjusted Assets within our buffer. Non-quantifiable risk is defined as “Value breaking risk,” which only generates losses when it surfaces. We are building a framework that prevents or minimizes the probability of this risk to materialize.

Risk Management Framework

Managing Quantifiable Risks

Managing Investment Risks

Once an investment is made, it is often difficult to make a withdrawal decision and the loss impact is usually significant in scale. To manage the investment risk, we have in place an integrated framework covering the entry process to the exit process. For the entry process, we carefully select investments that exceed the hurdle rate, a threshold for the rates of return on new investments relative to the cost of capital. In case of new investments for large-scale, important projects, cases are put forward to the Loan and Investment Committee for thorough examination, and if such investments significantly underperform the original business plans, Value-Up plans shall be formulated and executed with the support of the Committee. When the performance of investments falls short of required standards after a certain period from their inception, we have an Exit Rule that shall designate those investments as “Investments to withdraw from.”

Managing Credit Risks

We have incorporated our original credit rating model, the Sumisho Credit Rating (SCR), to assess our customer’s credit risk. The authority level to provide credit exposure to customers depends on the assigned credit rating, and the risk weight is set for each rating criteria. A higher ranked officer’s approval is required to provide credit to low-rated customers, with larger Risk-adjusted Assets being calculated. This consideration provides each Business Unit with an incentive to reduce the amount of credit extended to customers with low credit ratings. We are expanding the scope of the SCR system to subsidiaries and associated companies to enhance Group wide credit risk management.

Managing Market Risks

We set limits on contract balances as well as the maximum amounts of allowable losses for six months or a full year for commodity and financial instrument transactions. At the same time, we constantly monitor the potential amount of loss, (Value at Risk (VaR)—an estimate of potential risk or in case the total figures of realized and unrealized gain/loss are negative at the time of monitoring, the total of VaR and the relevant negative figures), to ensure that the potential amount of loss falls within the maximum amounts of allowable losses. In addition, we conduct liquidity risk management for each product on an individual futures market basis in order to be prepared in the event that it becomes difficult to close positions due to shrinking liquidity. The Financial Resources Management Group undertakes both the back and middle office functions in order to completely separate those functions from the Business Units, thereby enabling us to maintain the soundness of internal checks.

Managing Concentration Risks

As we are operating globally and engaging in a variety of business fields, we need to ensure that the risks are not excessively concentrated in particular areas. In order to avoid overly concentrated exposure in certain countries and regions, we have in place a country risk management system. In addition, in order to avoid the excessive concentration of resources in any specific field and maximize our corporate value, we refine our business portfolio at a meeting held in December each year.

Managing Non-Quantifiable Risks

Non-quantifiable risks are those that must be borne, but for which we cannot expect returns. These include litigation and other legal risks, operational risks such as clerical mistakes or fraud acts, and natural disaster risk. Some of these risks involve events that rarely occur but could have a critical impact on our operations once they arise. Our basic policy is to prevent or minimize the probability of these risks to materialize. Accordingly, we periodically assess non-quantifiable risks on a global and consolidated basis. We do this through a range of initiatives to strengthen our internal control across the Group under the leadership of the Internal Control Committee as well as through independent activities by our business units and regional organizations in Japan and overseas. Based on the assessment result, we continuously search for a more efficient and effective organizational structure and procedures to improve the quality of our business operations.

Embedding the Sense of Risk Management

Although we have been constructing the best possible risk management framework to cope with diversified risks, we cannot completely prevent the incurrence of loss in the course of business activities only by the framework itself. We are putting our efforts into implementing the initiatives that enable us to quickly identify the occurrence of losses in order to suppress loss accumulation and prevent the contagion effects that lead to secondary losses. These initiatives include devising ways to quickly identify the cause of losses and share such information among top management and related departments. We have compiled a database of such loss information that allows for the systematic analysis of the causes of loss-incurring events. These analyses are used as training materials for employees as part of various educational programs. Through this knowledge feedback process, individual employees can upgrade their risk management capabilities, supporting the prevention of the same kind of loss events.

Eyeing the Future of Risk Management

Over the past decade, Sumitomo Corporation has created a formidable risk management framework by studying advanced methods and processes. Our goal is to implement the best practices in risk management while maintaining the flexibility to adapt to changes in the business environment. The surrounding environment is continually changing, however, and new business model that we could never have imagined are emerging on a daily basis. Responding to changing circumstances in a timely and effective manner, we continually upgrade our risk management under the direction of top management.

* Click for larger images.

Information Security Control Structure

Sumitomo Corporation works to enhance its information management system to maintain and improve information security. Our approach to this end includes the development of internal rules and manuals as well as the provision of employee training and awareness-raising activities, with a focus on taking preventive measures against risks identified within the Group relating to leakages of confidential information and compliance with the Personal Information Protection Act, which came into full effect in April 2005.