Risk Management



Development of Risk Management System

LIXIL and its group companies build, operate, and evaluate internal control systems to ensure the reliability of operations as well as the accuracy and appropriateness of financial reporting in order to enhance corporate value. In addition, we are strengthening our group-wide operational management system through risk awareness and, as a corporate group that emphasizes compliance management, building various systems that comply with laws and regulations. As part of the system, the Chief Legal and Compliance Officer, who is responsible for legal, compliance, risk management, and corporate audit, is structurally independent of our business lines in order to promote robust risk management.

Enterprise Risk Management (ERM)

The LIXIL group strives to stably and continuously develop its business through the implementation and operation of ERM for the entire group. Risks related to crises that require immediate response when they occur are also controlled through crisis management as part of ERM.

Risk Management (RM)

The LIXIL group promotes a system of managing risks whereby leaders identify risks that may influence the achievement of management targets and take on the role of risk owner responsible for addressing and managing them. Risks are categorized into strategic risks and operational risks. For strategic risks, efforts are made to collaborate with relevant departments to ensure the framework encompasses a wide range of perspectives. This includes medium-to-long-term perspectives such as management policies, business strategies, and Impact Strategy, as well as the perspectives of stakeholders. By identifying and assessing risks that may hinder the achievement of our goals for material issues, risks are prioritized as the basis for taking risk measures. The risk management system established for operational risks is autonomous, whereby each organization and region holds meetings or sets agendas regularly, or as necessary, to discuss and respond to risks, which they then report to headquarters.

The LIXIL group takes both a top-down and bottom-up approach to respond to various risks. Also, risk managers in major regions ensure efficient coordination among those at headquarters, regional operations, and local business operations. Through these kinds of coordinated activities and visualized risks, taking into account risk appetite and tolerance as necessary, we aim to increase the risk awareness of LIXIL officers and employees, and transparency by disclosing our material risks and countermeasures internally and externally.

Crisis Management (CM)

A crisis management framework has been established in each group company. Crisis management policies and a handbook have been created and distributed so that a swift initial response and escalation is possible when a crisis occurs. Also, frameworks are in place for crisis headquarters to be established whenever necessary at various levels within group companies such as at headquarters, departments, or at local business premises.

Understanding the importance of cybersecurity, the LIXIL group has established and operates the LIXIL Computer Security Incident Response Team (LIXIL-CSIRT) to minimize the impact of cyberattacks which are becoming increasingly sophisticated. We constantly monitor computers and networks to detect problems at an early stage and analyze the impact and cause of the problems in order to respond quickly. We have also established a Business Continuity Plan (BCP) for possible cyberattacks, as well as a crisis management system that includes emergency reporting criteria and reporting flows, which enables a coordinated response among departments.

Crisis Management Flow Outline

Crisis Management Framework

Information Security

Our Approach to Information Security
LIXIL recognizes the importance of appropriate management of information as an integral part of business management. We have established the LIXIL Information Security Principles outlining our fundamental policy, to ensure information security across the Group.
Management Structure
In order to ensure the protection and appropriate management of all information assets, LIXIL maintains an efficient management structure that enables us to perform information security assessments and implement necessary actions based on the level risk. In the unlikely event of an information security breach, we are set up to minimize the damage, determine the root cause, and implement improvements to prevent reoccurrence.
Organization of Information Security Committee
Organization of Information Security Committee
LIXIL has established Information Security Committee as an organization to make decisions related to information security issues.Chaired by CDO, the committee consists of representatives of each department.The committee regularly makes decisions and approves information security policies, and reports on the status of security measures.
Internal Regulations
LIXIL has established internal regulations regarding information security, and ensures that all employees are fully aware of the Group's principles regarding the protection and appropriate management of information assets.
Information Security Measures
LIXIL has security measures in place to prevent unauthorized access, destruction, leakage and falsification of sensitive information.
Information Security Education
LIXIL provides training to all employees to boost their information security literacy and ensure appropriate handling and management of information assets.
Consistent Improvements
LIXIL evaluates regularly the effectiveness of the initiatives mentioned above and makes continuous improvements to its information security management structure.

Intellectual Property Management

Our Approach to Intellectual Property Management

LIXIL has established global principles on intellectual property (IP) management, expanding the coverage of our IP management structure to include overseas subsidiaries, to maximize the value generated from our IPs and minimize associated risks across the Group.

Through effective management and use of our IPs, we protect differentiated technologies and designs that are the results of our research and development as well as the brand that is supported by our users around the world from imitation by third parties, and also reduce business risks which may be caused by third parties’ IPs. In order to prevent damage to our brand value and ensure users’ safety, we take decisive measures against counterfeit products, such as strengthening border control measures and cracking down on internet sales. We build, maintain and actively use the Group-wide IP portfolio, considering the business strategy, IP strategy of each business and Group-wide synergies.

In addition to holding annual IP strategy meetings among the Intellectual Property division and each business unit, we hold monthly global IP meetings in which the Intellectual Property divisions of the head office and overseas subsidiaries participate. Through these meetings, we manage and protect our IPs across the Group.

The Intellectual Property Division regularly reports the Group's IP strategy to the Board of Directors and has established a system for the Board of Directors to monitor its activities.

Licensing Intellectual Property Rights and Preventing Infringements

At LIXIL, we protect our high-quality IPs in order to differentiate our products and secure our competitive advantage. We investigate whether our inventions and designs have 'prior art or design’, and evaluate the business values for the inventions and designs in deciding whether to obtain those IP rights. We also protect our know-how to be kept secret to maintain our competitive advantage as trade secret.

On the other hand, our infringement of third party’s IP right at our business operation stage could lead to business risks , resulting ultimately in the suspension of sales or compensation claims. To avoid such risks, we thoroughly investigate and analyze third parties’ IP rights from the development stage before starting business operations.

To ensure that the aforementioned activities are appropriately facilitated, we are also actively enhancing the knowledge base and skill sets of employees and relevant personnel involved in IP through providing IP trainings for managers and new hires.