The Nihon M&A Center Group constantly strives to strengthen and push forward corporate governance, strictly enforcing compliance, implementing risk management and keeping a tight rein on information security.

Our group places the utmost importance on on-going compliance activities, which we regard as essential for maintaining and improving trustworthiness in our business.

Underlying compliance principals

Our group has established compliance principals requiring employees to perform duties to society acting in accordance with applicable laws, company regulations and ethical standards, behaving in a fair and appropriate manner.
Our policy for matters such as anti-corruption is manifested in ten articles outlining our Compliance Principle, respecting the Ten Principles of the UN Global Compact.

On 20 December 2021 we issued “Announcement of Investigation on Attribution Period of Sales at our Subsidiary”, following which we have implemented practical measures to prevent a reoccurrence and strengthen internal controls. These include the establishment of a new Compliance Division , external appointment of a Chief Compliance Officer (CCO), formulation of a compliance education structure and regular compliance training sessions.

A compliance manual has been issued to all our employees detailing our internal regulations spanning our corporate ethos, corporate code of conduct, compliance rules, human respect and prevention of harassment. At our overseas group offices we strive in various ways to increase compliance awareness using appropriate channels of communication and translated documentation.

Compliance Principle

1. Compliance with laws and regulations
   • We will comply with all laws, regulations, and internal rules, both as a company and as individuals, and will conduct our corporate activities in accordance with social norms.
2. Information management
   • We will treat all information entrusted to us as valuable assets. We will manage confidential information with the utmost care to prevent leakage.
3. Prevention of Insider Trading
   • We will strictly maintain all relevant information, both within our own company and with other companies, to prevent insider trading, and we will make prior application when buying or selling securities. We will also alert all relevant parties.
4. Compliance with decent processes
   • We will comply with relevant laws and regulations, company rules, and business processes to provide our customers with the highest quality.
5. No Relationship with Anti-Social Forces
   • We will take a firm stand against anti-social forces and will not engage in any transactions or acts that may be suspected of being transactions with anti-social forces, nor will we have any other relationships with them.
6. Prohibition of Discrimination and Harassment
   • We respect the human rights of all people and do not tolerate or engage in any form of discrimination or harassment.
7. Accurate records
   • We will accurately record all business activities (sales, financial accounting, expenses, attendance, work, etc.) in a timely and accurate manner.
8. Prevention of corruption
   • We will maintain sound relationships with related parties, make clear distinctions between public and private matters, and conduct our business with integrity.
9. Responsibility for Consultation and Reporting
   • We will report, consult, and notify our superiors or the reporting/consultation desk when we discover any act of non-compliance.

Internal notification system

We have put in place an in-house notification system using an external lawyer as a point of contact. We respond in an appropriate fashion upon notification of any kind of breach in compliance, illegal conduct or suspicious activities. This includes bullying, harassment and forms of corruption such as illicit profit sharing, excessive entertainment and gifts. This is applicable to employees bound by employment contracts such as directors, staff and part-time workers, as well as those who are seconded to our firm on a temporary or agency basis. All of this is with a view to strengthening our compliance system and prevent breeches.

The discussions can be done anonymously and under strict confidentiality such that the whistleblower is not disadvantaged in any way and is strictly protected.
Should it nevertheless occur that such a person is put at any form of disadvantage, help will be provided and there will be remediation, with the perpetrator also dealt with in an appropriate manner.
Following on from the incident of inappropriate sales reporting in the year to March 2022 , as one of the measures to prevent any reoccurrence we clarified to managers that there is a clear duty of whistleblowing in the event that anyone is aware of a compliance transgression (including any cause for suspicion thereof). Additionally our intranet was adopted for all employees to utilize visibly as a tool to facilitate an easier form of discussion and whistleblowing.

Compliance training implementation status (FY2019)

Applicable employees	Period	Theme
All employees	Mar-20	Anti-corruption
	Feb-20	Prevention of insider trading
	Jan-20	Risk management
	Nov-19	Information security rules, Compliance
	Oct-19	Management of working hours, Information security rules
	Sep-19	Compliance, Anti-corruption
	Jul-19	Information security rules, Information management
	May-19	Information management, Prevention of insider trading
	Apr-19	Rules on use of printed documents

New employees	At start of employment	Information security rules
		Risk management
		Information management
		Prevention of insider trading

Following the announcement on 14 February 2022 about the discovery of inappropriate reporting of sales recognition, compliance training sessions were set up as one of the measures to prevent a reoccurrence
+ Management compliance training
+ Group leader compliance training
+ Exceptional compliance training for people involved in the incident
+ Compliance training for all employees

Investigation, procedures and consequences when compliance regulation is deemed to have been infringed

In the event that a problem arises causing an infringement of compliance regulations, be it a concern this might be the case or that there is any doubt about conformity with compliance, the process outlined in our compliance procedure enables the employee concerned to report the matter to an appropriate party within the company such as a senior officer or a member of the Compliance Committee. A senior officer who has received a report of this kind in turn has the duty to report the matter concerned swiftly to the Compliance Committee, followed by a discussion of the content of the report, which is to be conveyed in turn to the president. The report of the problem received by the president along with the status of the treatment thereof is reported to the Board of Directors along with any related reports from subsidiaries and reports of areas of concern.

The Compliance Committee will research as necessary the subject of the written and verbal reports, taking due care to protect the privacy, individual rights and reputations of all parties including the whistleblower, the purportedly guilty party and those helping with the investigation.
The outcome of this is announced to the person who made the report, the Senior Directors Meeting and the Board of Directors so that it can be used by the Board of Directors for formulation and implementation of measures to prevent a future occurrence. The Board of Directors designates to the Disciplinary Committee the decision on the verdict on what action to take towards the guilty party and it is incumbent upon the president to act accordingly.

On 1 March 2022 we established a new Compliance Division and decided upon the external appointment of a highly experienced Chief Compliance Officer (CCO) to assume dedicated responsibility. We are implementing processes for the development of employee training and monitoring systems for corporate culture to be firmly rooted in a consciousness of high respect for compliance.
Following the incident there were 12 reports of compliance transgressions (as at 28 April 2022).

Our group implements a risk management system to ensure that we can respond in a quick and appropriate way to large risks which may adversely impact our business activities.

The Risk Management Committee

There is a regular cycle of monthly meetings convened for the Risk Management Committee, whose members comprise executive directors and a senior manager of the legal department. Besides in-depth discussion of matters pertaining to overall risk administration, including adherence to our Ten Guiding Principles for Compliance Behaviour, the committee reports regularly to the Board of Directors in an appropriate fashion, when necessary with reference to guidance and advice from external parties such as legal advisors whom we may consult.
In this way we have a structure in place to respond quickly to any important matter impacting the business, with swift discussions to reach a mutual understanding.
Moreover, the committee provides encouragement and carries out checks to ensure employees continuously act in accordance with compliance rules and social ethics.
The effectiveness of the Risk Management Committee is evaluated by the Board of Directors with a view to revising the guidelines as and when appropriate. Furthermore, in the event that it is necessary to respond to changes in the business environment that require our reaction to be disseminated to all employees or to respond to a new form of risk category, we have in place measures to report issues and actions of each case appropriately to management.

Responding to incidents

The Risk Management Committee is the first call for when an incident occurs and will act in an appropriate manner at the right time, deciding how the incident should be reported, communicated and discussed, depending on its content, urgency and importance. Also it analyses incidents and takes appropriate measures to prevent a recurrence.

Assessment of ESG risk in new mandates

When taking on new mandates we conduct an assessment with checks that include the probability of a successful sale, the reason for the sale, trustworthiness and a provisional valuation. Not only does this assessment of new mandates play an important role in risk management, it also contributes to greater trustworthiness of the transactions we undertake. From January 2021 we have added new ESG negative screening components to this assessment process for new mandates. We are checking for any overt problems from an ESG perspective, such as an outbreak of pollution to land or water, work-related injuries, product-related health risks, repatriation of illegal foreign workers, illegal labour practices through encouragement or coercion, unpaid salary or rental, or inappropriate relationships with public officials.
If the process of this assessment leads to the discovery of ESG risk, an overall judgement is made on whether or not to proceed with the proposed transaction, also taking into account a series of other checks.
In FY 2021 there were 14 mandates deemed to contain ESG risk.

Evaluating corruption risk in our business

In order to develop our business activities in other countries it is necessary to understand anti-corruption measures required to operate locally in compliance with laws and regulations and international standards. We put in place the necessary procedures in consultation with both in-house counsel and external legal advisors for corruption risk assessment to prevent risks such as entertainment or present giving which people might think suspicious or dubious; inappropriate cash incentives for generating profit, and any other form of attempt to profit by bribery. Accordingly, employees associated with overseas business undertake training to raise awareness of the risk of corruption in “high risk” emerging markets that may arise from local customs such as excessive entertainment, present or profit giving incentives.

Political contributions

Our Group complies with the Political Funds Control Act and other laws/regulations. We do not make any political donations to individual politicians, and when we make donations to political parties, political fund groups or purchase political fund party tickets, we do so in a legitimate manner. The total amount of our group's political donations was 0 yen in FY2020, 0 yen in FY2021 and 170,000 yen in FY2022.

Number of cases of employee sanctions or dismissal for contravention of anti-corruption policies

None (FY2021)

Costs arising from fines, penalties or settlements related to corruption

Total: ¥0 (FY2021)

It is of paramount importance for us as a company that corporate governance systems are in place to enable us to contribute continuously to society based on our management principals and to meet the expectations of our various stakeholders.
Through pursuing the highest standards of corporate governance we strengthen oversight and control functions of the business activities of the company, striving on a daily basis to embody the following core principals in our management:

• Maintain sound and fair management, enforcing compliance
• Maintain transparency of management, meeting our duty to explain
• Maintain effective management, working towards maximizing shareholder value

Corporate governance organisation

Our corporate governance organisation is illustrated in the chart

Our Board of Directors comprises 15 members including Audit and Supervisory Committee members, with 7 independent directors making up over a third of the total.

Internal control systems

Internal control systems have been put in place to ensure thorough adherence to compliance is reflected in effectiveness and efficiency within business operations in tandem with trustworthy financial reporting.
Further detail is available in our corporate governance report. *Japanese Only

Following the announcement on 14 February 2022 of the discovery of inappropriate reporting of sales recognition we have taken seriously the cause of the incident identified by the Investigation Committee and recommendations on preventive measures, and have made efforts to strengthen internal controls. For further details see "Implementation Status of Measures to Prevent Reoccurrence", announced on 23 March 2022.

Commitment to gender mix and diversity in the Board of Directors

Our target is to take into account diversity in the composition of our Board of Directors, including ability, breadth of experience, term of service, age and gender. The Mid-Term Plan aims for the percentage of female members of the Board of Directors to be 10% by 2025. In June 2021 it was 15%.

Terms of reference for the Board of Directors

The Board of Directors undertakes reviews as appropriate to see if any changes are required to the Risk Management Committee and ten compliance principals which form our code of ethics. Furthermore, in the event that it is necessary to respond to changes in the business environment that require our reaction to be disseminated to all employees or to respond to a new form of risk category, we have in place measures to report issues and actions of each case appropriately to management.

We strive to handle security of information in the best possible way. Confidentiality obligations are of paramount importance to our group's business activities. We give consideration both to what is expected of us by our stakeholders and what is mission critical for our M&A professionals.

Response to incidents

When an incident occurs we respond in a timely and appropriate way based on procedures for reporting, communicating and discussing the incident according to the content, urgency and priority. We then analyse the incident to implement an appropriate policy for the prevention of any reoccurence.

Information security procedures and ISO27001 certification

Our group has built highly secure systems with support from external specialists. We work hard to ensure that we have in place comprehensive rules for information security and that these are fully in operation through training of employees and use of the intranet. Furthermore, systems are verified inter alia by internal audit for operational performance and to see if they remain fit for purpose.
On 25 May 2016 we obtained ISO27001 certification, the Information Security Management System (ISMS) international standard.