Governance

Risk Management

Risk Management

KJRM Holdings and KJR Management (KJRM Group) committed to the thorough implementation of these risks under the following organization structure.

Structure on Risk Management

The KJRM Group believes that implementing risk management will ensure the continuity and stable development of our business. Being fully aware of the Group’s corporate public mission and social responsibility in conducting its financial instruments business and ancillary business, we carry out the risk management necessary for the KJRM Group. In addition, to meet the expectations of the real estate investment corporations from which KJRM Group companies receive asset management consignments (hereinafter referred to as “investment corporations”) or real estate funds, etc. other than those investment corporations that have entered into discretionary investment or investment advisory agreements with KJRM Group companies (including, but not limited to, special purpose companies and other forms of corporations, partnerships, trustees, etc. that are vehicles for investment (hereinafter referred to as “private real estate funds”; the investment corporations and private real estate funds are hereinafter collectively referred to as “funds”)) and their investors, we carry out the risk management necessary for each of the funds by conducting management aimed at maximizing risk-return. We strive to conduct sound and appropriate business management, based on our management policy and strategic goals. With regard to risks arising as a result of that business management, we have established an income and risk management system in line with the management policies of each of the funds and based on strategic goals, and we manage the system so that risk is appropriately controlled.

Key Risks to be Managed

  • Investment management risk
  • Clerical work risk
  • System risk
  • Reputation risk
  • Conduct risk
Structure on Risk Management
  • [1]Senior Advisory Board
    KJRM Holdings’ Senior Advisory Board has control over overall risk management of the KJRM Group, receives periodic and ad-hoc reports, and determines a material risk management policy.
  • [2]KJRM Holdings President & CEO, Chief Officer for Risk Management
    KJRM Holdings President & CEO: Supervision of the overall risk management
    Chief Officer for Risk Management: Execute necessary measures to properly manage risks
  • [3]Investment Committee
    Examines, discusses and makes decisions regarding overall risks affecting the portfolio as a whole (e.g.acquisition, disposal and management of assets by each funds, investment policy and standards, management policies and standards, budgets, funding.)
  • [4]Risk Management Committee
    Grasps and investigates in a timely manner matters related to major risks, including clerical work and system risks (excluding those matters that are dealt with by the investment committees of relevant KJRM Group companies). Also formulates countermeasures and management policies.
  • [5]In charge of Internal Audit
    Planning and implementation of internal audit
  • [6]In charge of Compliance & Risk Management
    • Plans and makes proposals concerning risk management for the KJRM Group as a whole
    • Monitors, evaluates and analyzes the extent to which risk management is in place and functioning, and runs the Risk Management Committee
  • [7]Risk Management Officer
    • Person responsible for managing major risks, etc. in his/her department
    • Reports the state of risk management to the Risk Management Committee

Internal Audits

KJRM Group has established the Internal Audit Department, which is independent of any department. Audits are conducted by formulating and implementing an internal audit plan each year based on risk assessment result.

The Internal Audit Department conducts internal audit based on the established Internal Audit Rules. When the audited department receives any instruction or proposal for improvement through the internal audit, it prepares an improvement response plan as well as expected timeline, and reports the results to the Internal Audit Department.

After the completion of the internal audit, the Internal Audit Department directly reports to the President, in addition to reporting to the Board of Directors at least once a year, in principle.

Information Security

The Company has established the Basic Rules on Information Security to ensure the appropriate and rigorous protection of all assets held by the Company.

Basic Policies

  1. Appropriately store and manage information assets and effectively prevent information leakage and falsification.
  2. Give due consideration to the handling of confidential information and personal information.
  3. When outsourcing business to an external contractor, confirm the contractor's eligibility and security control measures, etc. for personal information.
  4. Implement the same information security management for information assets that have been licensed for use.

Measures are taken for the following items based on the Basic Policies.

  • Management system
  • Information assets management
  • Access control
  • Secure use of information infrastructure
  • Systems management

Implementation of training to improve IT security awareness such as e-mail attack drills

There is an increased risk of information leakage by "targeted (hoax) e-mail" attacks aimed at organizations such as corporations and government agencies. Since attack techniques are evolving day by day and the ultimate best defense to prevent damage is raising awareness and appropriate action of all employees as e-mail recipients, we implement training e-mail attack drills every month targeting all users. Additionally, between March and December 2024, we conducted special training on two occasions using videos on specific cases, etc.