The Cosmo Energy Group has positioned risk management as one of its material issues. Based on the identification of potential risks relating to business activities, we have established a system to ensure appropriate management of various risks using a cycle of planning, implementation, evaluation, and corrective action.
Moreover, in order to respond more appropriately to changes in the business environment surrounding the Group and today’s diverse risks, we are taking a medium- to long-term perspective, approaching risks as business opportunities while building an enterprise risk management (ERM) system, both seeking to maximize corporate value. In the identification of risks, we have introduced a top-down approach by management, and we promote Group-wide risk management for each risk category by appointing risk owners.
(1) Risk Management Structure
The Group is determined to ensure the development and safe operation of businesses at each Group company. As part of this effort, the Group risk management department (Sustainability Initiative Department) summarizes the status of measures to address risk at each company and reports to the Sustainability Strategy Council. The council deliberates on Group-wide risk countermeasures, and the results are reported to the Executive Officers’ Committee and the Board of Directors, and also communicated to Group companies through the Sustainability Liaison Committee.
In addition, the Sustainability Committee headed by the general manager of the Sustainability Initiative Department meets as necessary, functioning as the practical working body of the Sustainability Strategy Council.
Please refer to the link below for the governance system chart for the Sustainability Strategy Council.
(2) Operation of Risk Management
We select the risks with the most impact and likelihood of occurring, the highest relevance to material issues, and the most importance in terms of industry characteristics from among the medium- and long-term risks identified through management interviews and questionnaires using a top-down approach and risks identified by each department and Group company using a bottom-up approach. The Sustainability Strategy Council determines the priority risks, and these risks are also reported to the Board of Directors. In April 2024, the former Sustainability Strategy Committee* determined 11 priority risks based on discussion with management and reported them to the Board of Directors.
In fiscal 2025, we will continue to address these 11 risks while integrating recent internal and external environmental changes that could impact the Group into risk scenarios and working to enhance countermeasures.
To ensure Group-wide control of these priority risks, we appoint a Group risk owner for the entire Group as well as a risk owner at the core operating companies.
As the managers responsible for the entire Group, the Group risk owner formulates countermeasures for the priority risks and sets KPIs, monitoring and reviewing them for further improvement. Risk owners at the core operating companies, in collaboration with the Group risk owner, implement the same plan-do-check-act (PDCA) cycle at each company.
Risks extracted from each division and group company that are not included in the priority risks are also managed as part of the enterprise risk management.
* On April 1, 2025, the Sustainability Strategy Committee was replaced by the Sustainability Strategy Council.
PDCA Cycle in Our ERM
(3) Priority Risks
The priority risks are as described below. We determine and manage the priority risks as described under (2) Operation of Risk Management.
| No. | Priority risk | Category | Relevance to material issues | Possible scenarios and main countermeasures |
|---|---|---|---|---|
| 1 | Decrease in demand for oil due to decarbonization and impact on business assets | Strategy | ✓ | Scenario: Faster-than-expected decreases in demand for petroleum products due to progress in energy transition, as well as increased costs due to the emissions trading system of Japan’s Green Transformation League (GX-ETS) and carbon taxes, could reduce profitability and strand the Group’s business assets. Countermeasures: Appropriately assess medium- to long-term changes in the business environment and examine business direction with a view to the future environment. |
| 2 | Impact on business portfolio and strategic investment associated with stronger environmental regulations and climate change countermeasures | Strategy | ✓ | Scenario: Climate change countermeasures could be rapidly strengthened due to changes in energy policies and regulations, affecting portfolio transformation and strategic investment decisions. Countermeasures: Appropriately assess medium- to long-term changes in the business environment and develop appropriate portfolio and business strategies suited to the future environment. |
| 3 | Increasing difficulty securing and developing human resources due to changes in the labor market | Strategy | ✓ | Scenario: As the working population declines, it could become difficult to secure and develop diverse and specialized human resources for both existing and new businesses. Countermeasures: Securing management personnel and human resources aligned with business strategy. |
| 4 | Delay in taking action on carbon neutral fuels | Strategy | ✓ | Scenario: Action on carbon neutral fuels could be delayed by difficulties in procuring such fuels that are on the market, delays or failures in the development and introduction of new technologies. Countermeasures: Monitoring industry and policy trends, and technology review. |
| 5 | Fluctuations in prices of raw materials and supplies | Strategy | Scenario: Fluctuations in the prices of resources such as crude oil and LNG due to political and economic changes, policies changes in each country, etc., as well as protectionist policies worldwide, inflation (including soaring costs of materials, equipment, and labor), and fluctuations in exchange rates, may cause the Group's performance to deteriorate. Countermeasures: Monitoring industry and policy trends and oil-producing country trends, and optimizing procurement systems. | |
| 6 | Natural disasters | Strategy | ✓ | Scenario: The Group’s facilities could suffer catastrophic damage due to a large-scale natural disaster such as an earthquake or tsunami, causing difficulties with early recovery and leading to huge losses. Countermeasures: Establishing disaster countermeasures across the entire Group. |
| 7 | Misconduct related to product quality | Operations | ✓ | Scenario: Issues related to product quality, due to deficiencies in quality management and lack of self-correcting mechanisms, emerging after shipment could lead to losses due to product recall, etc., as well as loss of stakeholder trust. Countermeasures: Implementation of quality audits and consideration of advancing quality management systems. |
| 8 | Supply chain interruptions | Operations | ✓ | Scenario: As the Group’s supply chain covers a wide area, deterioration in political situations or various issues at suppliers could cause supply chain interruptions or losses, in areas such as shutdowns at crude oil production sites, shipping, maintenance of refineries, and operation of service stations, etc. Countermeasures: Strengthening transportation systems and optimizing procurement systems. |
| 9 | Information security risk | Operations | ✓ | Scenario: A cyberattack could cause a suspension of operations, information leaks, ransom demands, and other damage. Insufficient guidance and auditing of customer information management subcontractors could result in personal information leaks and loss of customer trust. Countermeasures: Strengthening ransomware and virus countermeasures, and strengthening personal information protection and other such countermeasures. |
| 10 | Accidents, faults, and breakdowns at production facilities | Operations | ✓ | Scenario: Accidents, faults, or breakdowns at refineries, oil fields, or power stations could make continuity of operations difficult and impact the surrounding natural environment and wildlife, resulting in losses and impacting cash flow generation. Countermeasures: Preventing faults (establishment of asset performance management (APM) system1, etc.), strengthening disaster mitigation measures, and aging countermeasures. |
| 11 | Fraud / inappropriate conduct due to deficiencies in internal control | Finance / compliance | ✓ | Scenario: Inadequate functioning of the internal control function or serious deficiencies or misconduct due to lack of personnel or expertise, and IT technology introduction etc., could result in administrative guidance or criminal penalties, in addition to loss of stakeholder trust. Leakage of information assets—the source of corporate value and competitiveness—outside the Group could damage corporate value and competitiveness. Countermeasures: Implementing control self assessment (CSA)2, strengthening group governance, and strengthening intellectual property management. |
1. A system that can efficiently and effectively manage maintenance big data by utilizing global standard maintenance and equipment reliability business processes, enhancing comprehensiveness, predictability, and manageability.
2. Internal control self-assessment