TOKYO ELECTRON LIMITED

Risk Management

Approach to Risk Management

Tokyo Electron is building and developing a risk management system to respond appropriately and promptly to risks that are growing increasingly complex and diverse as society and the business environment change. We identify cross-division and comprehensive risks across the entire Group to build a solid financial foundation based on the Medium-term Management Plan that is competitive globally. We make decisions and supervise particularly material risks at the Corporate Officers Meeting and the Board of Directors, and implement countermeasures without fail alongside each of the Group companies and related departments.
We believe accurately understanding the risks and impacts that we may face in our businesses with an eye on the future, viewing them as opportunities for business growth and appropriately addressing them are essential to sustainable growth as a company that is trusted by society.

Risk Management System

We have established the organization to oversee the entire Group at our headquarters and carry out enterprise risk management*¹ to promote more effective risk management. This organization, together with the respective departments responsible for each operation, comprehensively identifies a wide range of risks associated with our business activities, such as compliance, human resource, labor and business continuity, and classifies those with high impact and probability as our material risks.
In addition, we strive to improve the effectiveness of risk management through measures such as regular education and training programs for management and employees to raise Group-wide risk awareness, formulating and monitoring the implementation of measures to reduce material risks, and reinforcing the PDCA cycle through discussions at major internal meetings. Specifically, we review the response status of the executive department and each of the Group companies regarding the identified material risks at the BUGM meeting, quarterly review meeting and the CSS, etc., and decide a response policy at the Corporate Officers Meeting. We ensure the operating rhythm of this procedure and also report periodically to the Board of Directors.
Additionally, we are also continuing to focus on the revision and operational improvement of our BCP for the entire Group, and we regularly conduct BCP drills and disaster drills for all employees to foster the practical ability to ensure the continuation of business operations in the event of an emergency.
Starting in fiscal year 2023, we are promoting further DX in our risk management activities by introducing GRC tools*² that utilize digital technology. It is now possible to visualize the assessment of and countermeasures against risks across the entire Group, as well as to synchronize the information among risk owners and departments in charge of each risk on a global and cross-sectional basis through the use of these tools.
To continue practicing autonomous and highly effective risk management, we will develop group-wide activities for each risk owner to further strengthen risk management for the 12 risk items that we have defined.

Enterprise risk management: Group-wide systems and processes related to risk management activities

GRC tools: A system that contributes to managerial decision-making in a timely manner by systematically organizing multi-layered and complex corporate management functions and management information collected through the integration of governance, risk and compliance (GRC) measures related to corporate activities

Risk Management Initiatives

We have begun to address emerging risks from a medium- to long-term perspective, going a step further than its conventional approach of assessing the current risk management state, identifying known and unknown risks that may surround the company in the future and examining mitigation measures. In fiscal year 2023, the 12 risks identified to date were reviewed and reevaluated from the perspective of their potential to have a significant impact on our operating results, financial condition and cash flow. We then pushed forward risk management initiatives for each identified risk even further.

Item Main Potential Risks Main Risk Management Initiatives
⒈Market Fluctuations
  • A rapid contraction of the semiconductor market could lead to overproduction or an increase in dead inventory
  • A sharp increase in demand could lead to an inability to supply customers with products in a timely manner, resulting in lost opportunities 
  • Periodically review market conditions and orders received at the Board of Directors and other important meetings, and appropriately adjust capital investments, personnel/inventory planning and other aspects of business
  • The Account Sales Division and the Global Sales Division strengthen the sales framework and customer base by grasping investment trends of customers and responding to a wide range of customer needs
2.Research and Development
  • Delays in the launch of new products or the mismatch of such products with customer needs could lead to a decline in the competitiveness of products 
  • Establish the Corporate Innovation Division and build a Group-wide development framework that integrates innovative technology development with the technologies of each development division
  • Provide highly competitive next-generation products ahead of competitors by collaborating with research institutions and sharing a technology roadmap spanning multiple generations with leading-edge customers 
3.Geopolitics
  • Geopolitical tensions could undermine the international order and global macroeconomic conditions, affecting national and regional security, foreign, industrial or environmental policy. This could in turn lead to supply chain disruptions or deterioration of the macroeconomic environment, restricting the Company’s ability to operate business
  • Carefully monitor the international situation as well as the diplomatic and security measures and industrial policy trends in each country and region
  • Anticipate the impact of macroeconomic fluctuations and regulations related to product imports/exports or technological development on the Company’s business and consider countermeasures in advance
4.Procurement, Production and Supply
  • Interruptions in the Company’s production due to a natural disaster or delays in component procurement due to deterioration in the business conditions of a supplier or an increase in demand that exceeds the supplier’s supply capacity could lead to delays in the supply of products to customers 
  • Formulate business continuity plans (BCP), develop alternate production capabilities, promote the seismic reinforcement of plants, standardize production, enhance the backup capabilities for information systems, use multiple sources of important parts, and maintain appropriate inventory levels
  • Share forecasts based on demand projections for semiconductors with suppliers and build a system for the stable supply of products
5.Safety
  • Safety problems with the Company's products or serious accidents resulting in workplace injuries could lead to damage to customers, liability for damages and a decline in public trust and confidence in the Company's safety initiatives
  • Based on the “Safety First” approach, implement inherently safe design with an awareness of risk reduction at the product development stage
  • Implement company-wide efforts such as promoting safety education tailored to each employee's job and developing an incident reporting system  
6.Quality
  • The occurrence of a product defect could lead to liability for damages, costs for countermeasures and a decline in the Group’s brand and credibility
  • Promote continuous education on quality to employees and suppliers to establish a quality assurance system and a world-class service system
  • Resolve technical issues from the product development and design stage
  • Thoroughly investigate the cause of any defects and implement measures to prevent the same or similar defects from occurring
  • Monitor the quality status of suppliers, conduct audits and provide support for improvement 
7.Environmental Issues
  • The inability to respond appropriately to each country’s climate change policies, environmental laws and regulations, and customer needs could lead to additional related costs such as for developing new products or changing specifications, as well as to reduced product competitiveness and diminished public confidence in the Company 
  • To achieve medium- to long-term environmental goals that include the net zero target, implement measures such as reducing greenhouse gas emissions from the use of our products, increasing the rate of renewable energy usage at plants and offices, reducing overall power consumption, reviewing packaging materials, and promoting a modal shift
  • Provide technologies, etc., that contribute to higher performance and energy efficiency of semiconductor devices through implementation of our E-COMPASS initiative 
8.Laws and Regulations
  • Violations of the laws and regulations of the countries and regions where the Company operates could lead to diminished public confidence in the Company, fines, liability for damages or restrictions on business activities 
  • Monitor compliance activities at key sites in and outside Japan under the direction of the Chief Compliance Officer
  • Have assessments conducted by external experts and report identified issues to the CEO, the Board of Directors and the Audit & Supervisory Board for swift and effective action
9.Intellectual Property Rights
  • The inability to obtain exclusive rights to proprietary technologies could lead to reduced product competitiveness
  • Infringement of the intellectual property rights of third parties could lead to restrictions on the production and sale of products as well as liability for damages 
  • Advance the intellectual property strategy, business strategy and R&D strategy in an integrated manner to build an appropriate intellectual property portfolio
  • Reduce the risk of infringement of other companies' patents by continuously monitoring other companies' patents and establishing a system to take appropriate measures in cooperation with the business and R&D departments
10.Information Security
  • Breaches of information or the suspension of services due to unauthorized access by cyberattack against the Company or suppliers, natural disasters or other factors could lead to diminished public confidence in the Company or liability for damages 
  • Launch a dedicated security organization and establish an information security system that conforms to international standards by having security assessments conducted by external experts, etc.
  • Establish globally standardized rules and regulations for information management and implement response guidelines 
11.Human Resources
  • The inability to recruit and retain necessary human resources on an ongoing basis or the inability to create an environment where people with diverse values and expertise can play an active role could lead to diminished product development capability or customer support quality
  • Make continuous improvements to work environments and promote diverse work styles as well as health and productivity management (e.g., sharing our visions by management, establishing training plans for human resource who will lead the future, visualizing career paths for employees and offering attractive remuneration and benefits)
12.Other Risks Such as Infectious Diseases and Natural Disasters
 
  • The global and regional political landscape, economic environment, financial and stock markets, foreign exchange fluctuations, infectious diseases and natural disasters such as earthquakes, windstorms and floods, among other factors, could cause the Company's business activities to stagnate and the global economy to deteriorate
  • Take appropriate measures against such risks
  • In case of a potential impact on the continuation of the business, establish an Emergency Task Force headed by the CEO and implement measures to minimize the impact

Management foundation