Foresight in sight

Investor Relations

Risks in Business Operations

Risks that have the possibility of having a material impact on the decisions of investors are as follows.
Please note that any remarks concerning the future indicated in the descriptions have been made based on the adjudications made by the Nihon Unisys group (the Company and its consolidated subsidiaries) as of the end of March 2019.

[1] Risks from Economic Trends and the Market Environment

In a case where our business environment may worsen partly attributable to: adverse economic circumstances under the influence of trade frictions continuing between US and China; corporate customers becoming less motivated to invest in their own information systems; and intensified rivalries as a result of participants from other business categories, performances and financial conditions of our company group are likely to be impacted.
Furthermore, there is a possibility that our focal businesses may not grow in size as we expect in the beginning, if sharing economy business models are accepted in the mobility business area and energy related business area only significantly behind our assumed schedule, and if cashless transactions do not spread easily in the Japanese society moving under the influence of various types of policies executed by the Japanese government.

[2] Procurement

We procure hardware, software and services from suppliers in Japan and overseas, and provide them to customers. There is a possibility that our Group’s business results could be impacted by changes in product specifications or suspensions of products/services supply (as a result of unforeseen changes in business strategies or deteriorations of business conditions of the supplier companies). Also, we are aware of possible impairment of our social credibility and brand image (owing to occurrences of catastrophic system failures induced by problems of services that we procure and security incidents). We have been endeavoring to avoid such risks through measures to assess suppliers periodically and control qualities of service products that we deal in.

[3] Intellectual Property Rights

The Group has been executing business with the utmost care about intellectual property rights. We have been making efforts to protect our intellectual properties by obtaining intellectual property rights such as patent rights and trademark rights for our technologies as well as products and services. Furthermore, we have been exercising extreme caution not to infringe upon third parties’ intellectual property rights. However, there is a possibility that any third parties may infringe upon our intellectual property rights. Also, there are risks that third parties’ claiming that our products and services infringe upon their intellectual property rights may be developed into lawsuits, and costs may be incurred on our side.
Furthermore, there are risks that the Group may not be able to provide specific products or services in an event that we unexpectedly fail to obtain licenses of intellectual property rights necessary for our business execution from holders.
In addition, we are aware of risks that we cannot unexpectedly use intellectual property rights held by start-up companies that agree to join us in promoting open innovation by entering into capital or business tie-ups, if the companies fail to establish intellectual property rights due to a procedural defect.
These possibilities are likely to impact business results of the Group.
Therefore, our company group has made efforts to screen thoroughly alliance partner candidates from the viewpoint of intellectual property rights in order to ensure our rights that we expect from alliance agreements with them, as well as obtain intellectual property rights.

[4] Project Management

The Group has worked on many projects to create new businesses such as platform businesses and services businesses in the focal areas, as well as many system development projects in the ICT Core business.
Amid intensified market competition we have been facing customers who continually demand more sophisticated systems. As a result, system development projects have become increasingly complex. If a problem arises in the projects, there is a risk that the problem would require greater-than-expected costs and time to fix, which could incur a cost overrun and a delay of release date. Furthermore, we may face growing risks of safety and security that should be managed in projects as a result of diversification of products and services which we deal in. To stave off such risks, the Group has made continuous efforts to operate a system that we established in order to assess any risks of projects from multifaceted viewpoints, monitor service delivery situations, and evaluate the situations at the Project Review Committee.
In addition, the Group has been working to increase productivity by systematizing and standardizing system development methods and continuously implement measures such as the Andon system (which detects problems in a project at the development stage). The Group also implements the plan-do-check-act cycle of improvement predicated upon reviewing problematic projects, ascertaining true causes and implementing fundamental countermeasures and recurrence prevention measures. The Group has been making these efforts to detect problems early and prevent cost overruns.

[5] System Failure

The Group has come to deliver diversified systems and services that include mission-critical systems for customers’ businesses, financial and electricity infrastructure systems/services, and consumer services such as payment/settlement services and EC (electronic commerce). In the event of serious failures caused by system faults and cyberattacks, the Group may cause a broad range of impacts on our customers and consumers who use our systems/services provided via our customers. We will be exposed to the reputation risk of having our own social credibility and brand image damaged with compensation payments for such damages entailed. Eventually, we may have our Group business performance impacted.
Thus, the Group has been working to improve system/service quality measured in the metrics such as confidentiality, fault tolerance, resilience, and stability through setting recovery time targets after an unplanned service suspension that a system trouble should entail, and implementing quality assurance reviews in the system development phases and system inspections before and after service launch. Furthermore, the Group has been making efforts to enable rapid responses in an event of an occurrence of system trouble and stave off facing imminent risk by sharing information with related in-house departments through a system trouble reporting system.

[6] Information Security

The Group has opportunities to access many customers’ confidential personal and corporate information, as well as that of the Group itself, through business activities related to the development and provision of information systems. We therefore consider information control to be a top priority, and take all possible measures for appropriate management of information as a member of the ICT industry.
However, cyberattacks have been sophisticated and elaborated every year, and thus cybersecurity risks have become a key management issue. In this business environment, the Group has positioned cyberattacks as serious management risks in the information security basic policy. We established a project system through which we formulate and promote strategies to cope with cybersecurity risks under the aegis of Information Security Committee that oversees information security management for the entire Group. As indicated in the cybersecurity strategies, the Group has implemented a broad range of diverse security measures based on visions, goals and activity plans to enable continuous awareness of cybersecurity in business management.
To cope with the small possibility of an information leak in an emergency case that is beyond conventional imagination, the Group has insurance contracts to address the situation up to a certain extent.

[7] Skilled Employees

We face an intensified IT talent war due to fiercer business competitions in the global arena, where companies further earnestly take on digital transformation amidst their suffering a global shortage of skilled information technology experts who are aging more rapidly than the small young workforce are matured and gain mastery. Furthermore, given that we witness significant changes in the industrial structures and business environment, it is material to secure proven engineers who are multi-capable of remaining innovative and further satisfying diversified customer needs. If the Group is unable to secure high value-added personnel that we need, the Group’s ability to maintain technological advantages, competitiveness and continuous growth potential would be impacted.
The Group has employed new graduates and mid-career recruits who can hit the ground running from the mid-and long-term viewpoint of employing and developing high value-added personnel. Furthermore, we have implemented various types of workforce development measures based on training and system improvements to help workforce learn and master higher skills. In addition, the Group has helped a variety of employees such as female workers and elder workers to play active roles through promoting diversity management measures.
Moreover, we aim to secure stably employees capable of helping a sustainable growth of the Group from the mid-and long-term viewpoint. We have been working to review roles of our partner companies and strengthen our relationship with them in order to create new business value in cooperation with them as well as maintain and increase the ICT Core businesses and provide new technologies to customers.

[8] Investments

The Group intends to strengthen our competitiveness and expand our businesses. Thus, we make large investments with the aim of providing new products and services.
The Group has implemented investments into and M&As activities targeted at partner companies who own advanced technologies and expertise, partly on a global basis. Likewise, we have continued and even increased investments in start-up companies and funds.
We make these investments without necessarily having sufficient returns guaranteed. The investments may impact the Group performance results in an event of discrepancies from partner companies in business strategies or from our initial assumptions about business growth.
Thus, the Group entrusts with individual investment projects the R&D/Investment Committee and the Project Review Committee as well as their overseer, the Executive Council. The internal bodies carefully determine the appropriateness of business plans and other factors in order to minimize risks from investment decisions.

[9] Compliance

Creating new businesses as indicated in the mid-term management plan will entail diversified and complicated compliance risks. In an event of inadequate data handling and other material compliance violations that we may commit from dealing more in data utilization businesses and service-provision type businesses in the future, the Group may have our social credibility harmed, pay damage compensation, and eventually have ourselves re-examined by our key business partners. Negative impacts of such risks may be augmented by personnel and labor issues such as long working hours as well as power harassment and sexual harassment, collectively impacting our business results.
The Group aims to stave off such risks through compliance promotion systems established pursuant to the Nihon Unisys Group Charter of Corporate Behavior, the Group Compliance Basic Regulations, and the Nihon Unisys Group Code of Conduct. We have endeavored to ensure that all of the Group’s executives and employees conduct ethical behavior in compliance with laws and regulations, social norms, and in-house regulations.

[10] Natural Disasters

In an event that an occurrence of natural disaster such as an earthquake or terrorist attack damages devastatingly social infrastructure or the Group’s major business bases, the Group will be forced to bear a significant amount of costs in order to cope with the situation.
Similarly, in an event that the Group must restrict activities of many of our employees and suppliers in order to secure their safety and well-being in the wake of an outbreak of infectious disease, our business activities such as service provision will be impacted enormously, which will eventually be reflected in the business results.
The Group aims to cope with business continuity risks partly caused by earthquakes and new strains of influenza. Thus, we established a business continuity plan (BCP). We have implemented Business Continuity Project to review and improve the plan continuously from the viewpoints of ensuring safety, resuming internal businesses, and serving customers. The Group has implemented premediated training sessions such as safety confirmation drills and comprehensive simulation-based training sessions in order to make preparations against disaster occurrences. The training drills and sessions are designed for employees, organization leaders, and disaster control headquarters members. Comprehensive simulation-based training sessions are organized in accordance with scenarios of specific event occurrence in order to train participants to play individual roles about damage situation reports, response instructions, and feedback reports.