Strengthening of governance

Material issue relating to governance Strengthen corporate governance and ensure compliance

Vision for 2030

• Be widely recognized as a transparent company trusted by stakeholders.

Astemo Corporate Governance Basic Policies

Astemo has established the “Astemo Corporate Governance Basic Policies” pursuant to a resolution of the Board of Directors to indicate Astemo’s basic approach to, and framework and operating guidelines for, corporate governance. In doing so, Astemo aims to contribute to sustainable growth and enhancement of the long-term corporate value of Astemo.

Astemo Corporate Governance Basic Policies

Composition of the Board of Directors

The Board of Directors comprises eight members, including three directors who serve as Audit and Supervisory Committee members, all of whom are outside directors, and five directors who do not serve as Audit and Supervisory Committee members. Among these five directors, three concurrently serve as executive directors, while two are non-executive directors, one of whom is an outside director. In total, there are four outside directors. The chairperson of the Board is a non-executive director.
We have two representative directors, who are selected designated from among the directors by a resolution of the Board of Directors.
The Board of Directors has established a Nomination Meeting and a Compensation Meeting as voluntary advisory bodies. The Nomination Meeting, in accordance with its regulations, deliberates on matters such as the appointment of director candidates and the selection of executive officers, and provides recommendations to the Board of Directors. The Compensation Meeting, in accordance with its regulations, deliberates on the remuneration of directors (excluding those who are Audit and Supervisory Committee members) and executive officers, and provides recommendations to the Board of Directors.

Governance at the Board of Directors’ level

Framework to ensure the efficient execution of duties by directors

Astemo’s Board of Directors decides on the development of frameworks to ensure the appropriateness of operations. Among these resolutions, the following resolution was adopted as a “framework to ensure the efficient execution of duties by directors.”

• To ensure the efficient execution of duties, directors clearly separate management supervision functions from business execution functions and promote the efficiency of the execution of duties.
• The Executive Committee shall be organized and deliberate on important matters affecting Astemo and its Group companies as a whole, in order to make careful decisions based on multifaceted considerations.
• To operate our business systematically and efficiently based on our management policy, we formulate a medium-term management plan and annual budget, and manage business performance based on these plans.
• We have established an Investment Strategy Committee to improve asset efficiency by allocating investments appropriately and ensuring the profitability of individual projects.

Operational status of the Audit and Supervisory Committee

In FY2024, 18 meetings of the Audit and Supervisory Committee were held on the same day as or close to the Board of Directors meetings, and in addition to matters stipulated in laws and regulations, the Articles of Incorporation, or the Audit and Supervisory Committee Regulations, etc., the committee verified and extracted risks through prior deliberation of important proposals to be submitted to the Board of Directors. In addition, 11 monthly meetings were held to discuss the results of deliberations at the Executive Committee and other important meetings, as well as important matters of execution. Dedicated Audit and Supervisory Committee support staff are assigned to the Board of Directors' Office to assist the committee in carrying out its responsibilities.

Compliance

Compliance promotion framework

Positioning thorough compliance as the foundation of its corporate management, the Astemo Group has established the “Compliance Committee”—chaired by the President & CEO and vice-chaired by the Chief Compliance Officer (CCO)—and promotes comprehensive compliance activities of the entire Group led by this committee. The committee, which includes Executive Committee members and the heads of each business area, is responsible for deliberating and making decisions on important matters such as the development of the compliance system, planning and implementation of measures, and responses to audits and violations. Highly significant compliance issues—such as corruption, bribery, transactions with antisocial forces, and violations of competition law—are reported to and deliberated on by an Executive Committee or the Board of Directors, depending on the nature of the issue.
The committee met twice in FY2024 and discussed matters including the Group’s overall compliance promotion status and individual compliance issues.
Additionally, each region operation division has appointed a regional compliance officer, who shares regional activity policies and key measures. Similarly, compliance managers at each group company in the region are responsible for education and awareness-raising activities and information sharing and promote autonomous initiatives tailored to local conditions. We monitor the implementation status of measures through individual dialogue with regional compliance officers and group companies and take appropriate action based on our findings. We also conduct regular compliance audits across the Group and use the results to promptly implement corrective measures for any items identified as requiring improvement.
In FY2024, there were no cases of prosecution or sanctions from authorities related to bribery, competition law or export controls. Regarding tax compliance, each site complies with the laws and regulations of its country and region, and we have not received any fines or other sanctions for violations of laws and regulations that have had a significant impact on business performance.

Risk Management

Enterprise risk management

In an era characterized by volatility, uncertainty, complexity, and ambiguity, it is essential to anticipate emerging risks and respond swiftly in order to survive and grow as a business entity. With this in mind, Astemo is working to strengthen company-wide risk management to enhance corporate value.
As part of these efforts, we have taken a holistic approach to risk management through integrated and comprehensive enterprise risk management (ERM). The heads of each Business Division, Business Unit, Functional Division, and Region Operation Division serve as Risk Management Officers (RMOs), bearing responsibility for risk management. In collaboration with Risk Managers (RMs), who provide operational support, they identify the top risks within their respective areas. Based on these identified risks, we identify corporate-level top risks and have relevant executives act as risk owners to implement countermeasures, thereby promoting company-wide risk management.

Approach on business continuity (BCP/BCM^*)

The Astemo Group’s basic policy is to proactively prevent anticipated risks from materializing and, in the event of a crisis, to ensure employee safety and minimize damage through prompt response, while maintaining business continuity through rapid recovery. A crisis management center has been established as the organization responsible for promoting initiatives in line with this policy.
The center serves as a global command hub, overseeing cross-group crisis detection, information sharing, and response coordination. Using dedicated external services, it continuously monitors surrounding events at all of the Group’s sites. When an anomaly is detected, information is promptly shared with crisis response headquarters’ members at the global level, the Region Operation Division, and each site according to the severity of the impact, and coordinated response measures are taken.
In addition, regular training is conducted for employees of the crisis response headquarters to continuously enhance their crisis response capabilities.

• *

  BCM：Business Continuity Management

Information Management

Information Security Policy

To minimize critical risks such as information leaks and operational shutdowns caused by cyberattacks, Astemo, as a globally operating company, clearly recognizes cybersecurity as a management risk and has established a company-wide response policy that is aligned with our management policy.
This policy demonstrates our attitude toward information security both inside and outside the company and promotes the strengthening of systems centered on cybersecurity risk management.

Framework for promoting information security

At Astemo, the Chief Information Security Officer (CISO) is responsible for the implementation and operation of information security and personal information protection, and works to promote company-wide information security for all products, services, and internal systems and equipment.
Policies and key measures for information security and personal information protection are decided by the “Product and Information Security Committee,” chaired by the CISO. At each business site and business unit, the head of the site generally serves as the person responsible for information security and implements on-site measures and educates employees through a dedicated department. We have established a similar system at our group companies, and are working to strengthen information security across the entire group while promoting cross-departmental cooperation.
Furthermore, we have formulated global information security management regulations based on the international standard ISO/IEC 27001 and are working to enhance our management system by adhering to the U.S. government standard NIST SP 800-171. These regulations are applied globally to our headquarters and group companies. We have also been promoting acquisition of the Trusted Information Security Assessment Exchange (TISAX) certification, which is widely used by the German automobile industry.
Measures decided by the Product and Information Security Committee are rolled out to each business site and group company through the Information Security Promotion Committee and other bodies, with each responsible person working to ensure their thorough implementation.

View other key sustainability issues