| Parent company group |
Large |
Medium |
- Improvement of business performance through synergy effects among the companies of the parent company group.
- Impact on financial results in the event of competition between the parent group companies with respect to the Group’s businesses, or as a result of the cancelation of collaboration due to changes in the parent companies’ management policies.
- Damage to minority shareholders’ interest.
|
- Facilitate information sharing among the companies of the parent company group.
- Have the reasonableness of trades between relevant parties discussed and considered by a special committee consisting of outside directors.
|
| Business model |
Large |
Small |
- Differentiation from competitors by expanding original tracking technologies.
- Difficulty calculating advertising effects due to the restrictions on cookie-based tracking.
|
- Conduct surveys on trends in tracking regulations, browser vendors and the World Wide Web Consortium (an organization established to expand the standardization of various types of internet technologies).
- Develop original tracking technologies and consider workaround measures.
|
| Dependence on specific services * |
Large |
Small |
- High dependence on specific services such as Yahoo! Shopping, which will cause impact in the case of suspension of the services, their poor performance, competition of their functions with the Company’s, etc.
|
- Consider new businesses which will not depend on those services.
|
| Group governance |
Medium |
Medium |
- Improvement of consolidated results through synergies with the Company’s group companies.
- Degradation in the quality of management of the Group and negative effects on consolidated results due to the lack of governance on the part of the Company’s group companies.
|
- Strengthen governance through weekly business reporting, monthly steering committee meetings and quarterly monitoring.
|
| Natural disaster |
Large |
Small |
- Impact on business performance due to suspension of services in the event of an emergency disaster.
- Impact on business performance due to delays in post-disaster business recovery efforts.
|
- Formulate a BCP with an awareness of remote work.
- Periodic BCP training.
|
| Management of personal information |
Large |
Small |
- Leakage of the personal information of users due to intentional attacks/errors of related parties of the Group or the contractor, attacks by a third party with malicious intent, or unforeseen situations.
|
- Ensure compliance with operation rules for the maintenance and management of ISMS certification-based security levels.
- Implement the full-scale security check process.
- Continued education for employees.
|
| Cyber security |
Large |
Small |
- Human errors in operations or intentional illegal acts, system failures due to natural disasters, cyberattacks including malware infections or targeted attacks, information leakage, data destruction or alteration, or service suspension due to the vulnerability of systems or products.
|
- Establish an organization for system management and operate it continuously.
- Implement backups periodically.
- Check information on vulnerability and implement countermeasures.
- Watch and prevent unauthorized external accesses through cyber attacks.
|
| System failure |
Large |
Small |
- Disruption of sales data or overcharging due to calculation errors resulting from system malfunctions, specifications and operation errors.
|
- Ensure that development processes are reviewed and tests are implemented.
- Use data with high accuracy.
- Conduct monitoring periodically.
|
| Data governance |
Large |
Small |
- Increasing trust in data governance.
- Loss of trust and customer churn due to problems in data acquisition methods and data management caused by poor data governance.
|
- Development of operational rules for data governance and review of terms of agreement.
- Educate employees on data governance.
|
Business continuation/
Response to risks |
Large |
Small |
- Difficulty continuing businesses due to the concentration of material resources (servers) and information systems in the event of large-scale natural disasters.
|
- Facilitate the decentralization and multiplexing of data centers through the use of multiple cloud services.
- Consider the possibility of deployment in other areas.
- Clarify restoration measures to be taken in the case of failures.
|
| Investment strategy |
Large |
Small |
- Expansion of business domains with M&A and new businesses.
- Impact of delays in the recovery of the cost of investments and loans in M&A and new businesses, which may be caused by changes in the market or competitive environments, on consolidated results, growth, business expansion, etc.
|
- Carefully study and consider synergies with the Group’s existing businesses, business plans, composition of finances, contractual relations, etc. in M&A and investment in new business.
|