Services

Support for Group Compliance Risk Assessment

An incident of non-compliance in a single subsidiary affects not only the subsidiary itself but also the entire corporate group and could impair the reputation of the entire group seriously. It is thus necessary for the parent company to properly understand and manage compliance risks to which its group companies are exposed.

Necessity of Group Compliance

In the case of a corporate group consisting of multiple companies, an incident of non-compliance in a single subsidiary affects not only the subsidiary itself but also the entire corporate group and could impair the reputation of the entire group seriously. It is thus necessary for the parent company to properly understand and manage compliance risks to which its group companies are exposed.

 However, if the corporate group has a diversified business portfolio encompassing various business sectors and categories, it is not easy for the parent company to properly identify the risks associated with non-compliance with laws and regulations by its group companies. 

 

Identification of Relevant Laws/Regulations and the Assessment of Risks Involved

Companies are governed by two types of laws and regulations, i.e., basic laws applicable to all companies and industry-specific laws. Examples of the former include the Labor Standards Act, the Act on Securing, etc. of Equal Opportunity and Treatment between Men and Women in Employment, the Act against Delay in Payment of Subcontract Proceeds, etc. to Subcontractors, and the Act on the Protection of Personal Information, whereas those of the latter include the Pharmaceutical Affairs Act, the Insurance Business Act, the Food Sanitation Act, and the Construction Business Act. In conducting a risk assessment, it is important to first identify all laws and regulations relevant to group companies and then narrow down the target areas for risk assessment.

Services of Deloitte Japan

Service offerings designed to support the group compliance risk assessment*

Phase 1 (Identification of relevant laws/regulations and risk assessment)
   We offer support services in areas such as the following:
   -Development of the overall planning and design of your project
   -Project management
   -Identification of relevant laws and regulations
   -Risk assessment through various approaches such as:
     ・Questionnaire survey approach: We help you develop questionnaires
     ・Interview approach: We help you conduct interviews
     ・Control self-assessment (CSA) approach: We provide facilitation support


Phase 2 (Improvements and responses)
   We offer support services in areas such as the following:
   -Aggregation and analysis of risk assessment results
   -Identification of material risks (challenges)
   -Development of improvement plans
   -Remedial measures for addressing specific challenges
   -Monitoring

* Support services do not include those services that we are not allowed to provide as a fiduciary under the Attorney Act or any other relevant law.

 
Service Offerings Designed to Support the Creation of a Compliance System

Since laws and regulations may be created, amended, or repealed at any time, the assessment of compliance risks must be carried out not just once but on a continuous basis. In other words, it is necessary to create a system to promote compliance so as to reduce compliance risks.

We help not only with the assessment of compliance risks but also with the creation of a compliance system. We provide support services in areas such as the following:

     • Development of an organizational unit or a system to promote compliance
     • Establishment of relevant bylaws and other internal rules
     • Implementation of compliance training programs
     • Development of a self-check mechanism