Development Status of Risk Management System
The Asset Manager has prescribed Risk Management Regulations and Risk Management Implementation Guidelines regarding various risks that arise in the course of managing DHR’s assets. It endeavors to manage risk based on a fundamental policy of comprehensively and accurately identifying risks, qualitatively and quantitatively measuring and appropriately assessing the identified risks’ impacts on operations, formulating risk prevention measures, monitoring risk management status on an ongoing basis and formulating procedures for responding to risks when they surface. Additionally, the Asset Manager conducts annual internal audits to verify the appropriateness and effectiveness of the foregoing risk management system and implementation status of risk controls. The audit results are reported to the President and CEO. The Asset Manager is committed to ensuring that operations are conducted appropriately and soundly managed through such means as reporting to the Compliance Committee and Board of Directors as the occasion demands.
The risk management, improvements and other relevant matters are incorporated into the annual Plan of Compliance Programs and reported to the Boards of Directors of both the Asset Manager and DHR.
Risk Management System
DHR and the Asset Manager recognize the existence of the above risks and have established the risk management system below in order to fully address such risks.
-
Risk Management System
The Asset Manager has prescribed Risk Management Regulations and endeavors to manage risks based on a fundamental policy of comprehensively and accurately identifying risks, qualitatively and quantitatively measuring and appropriately assessing identified risks’ impacts on operations, formulating risk prevention measures, and monitoring risk management status on an ongoing basis. -
Timely and appropriate information disclosure
DHR endeavors to maintain a system that enables timely and appropriate disclosure of information to investors in compliance with the Investment Trusts Act and the regulations of the Tokyo Stock Exchange so that information necessary for investors to make investment decisions in accord with the principle of self-responsibility can be appropriately and timely disclosed. The Fund Management Department in Daiwa House REIT Division of the Asset Manager is in charge of information disclosure. -
Thorough compliance
Timely and appropriate information disclosure of the above must be the result of the operations of DHR and the Asset Manager being in compliance (in other words, sincere and fair corporate activities that are fully in line with social norms in addition to strict compliance with laws, regulations, internal regulations, and market rules). DHR and the Asset Manager have made the following preparations in relation to compliance as corporations that operate legally in accordance with the Investment Trusts Act as well as the Financial Instruments and Exchange Act.
The DHR Board of Directors is comprised of one Executive Director and two Supervisory Directors and supervises the execution of business by the Executive Director and the status of execution of services by the Asset Manager.
The Asset Manager’s Board of Directors has established and implements Compliance Regulations and other regulations that set forth the roles of and other matters pertaining to the Board of Directors, the President and CEO, the Compliance Committee, the Compliance Officer, and the Compliance Department in order to ensure that operations are conducted in accordance with compliance requirements. In addition, various regulations are in place for systematic stipulation of the rules of conduct for officers and employees to ensure thorough compliance.
Internal Audits
To ensure the effectiveness of the Asset Manager’s management system, the Board of Directors has set out Rules for Internal Audits, and the Compliance Department conducts internal audits of the Asset Manager’s operations, audits of risk management, and the like to verify compliance with laws, rules, and regulations; develops an understanding of problems and summarizes recommendations for correcting them; reports the results of these efforts to the President and CEO as well as the Compliance Committee, the Board of Directors, and the DHR Board of Directors as necessary; and follows up on the status of improvements. Notably, in an effort to ensure the effectiveness of internal audits, the Compliance Department maintains close communication with departments to be audited, notifying them prior to conducting the audits and holding post-audit review sessions.
Business Continuity Planning
The Asset Manager establishes the necessary items for its disaster prevention and crisis management in relation to risks specified separately for natural disasters such as large-scale earthquakes, accidents, crimes, and other material facts. It has established an “Emergency Response Manual” in order to prevent and avoid risk, ensure people’s safety and reduce/mitigate damage in the event of a disaster, prevent secondary accidents, resume DHR’s asset management operations at an early point, and fulfill its corporate social responsibility. Furthermore, to ensure continuity of payment and disclosure operations from the standpoint of the business continuity requirements to which financial instrument business operators are subject, the Asset Manager plans to operate in accordance with a BCP Execution Plan it has formulated.
The Asset Manager has stockpiled supplies, including three days of emergency meals and drinking water for officers and employees and two storage batteries, at its office, warehouse for general affairs and elsewhere.
Cutting Off Relationships with Anti-social Forces and Preventing Money Laundering
To realize sound corporate management, the Daiwa House Group established the Daiwa House Group Principles of Corporate Ethics and Code of Conduct , and announced internally and externally that it will cut off relationships with anti-social forces.
Additionally, the Asset Manager has established a basic policy and Rules for Dealing with Anti-Social Forces, resolved to take action from top (President & CEO) to bottom throughout the organization, and established close-knit collaboration with the police, the Anti-Organized Crime Campaign Center of Tokyo, attorneys, and other outside specialist organizations.
The Asset Manager holds regular training sessions for all officers and employees—for example, internal training on methods of dealing with anti-social forces—and takes other steps to thoroughly spread the word to all officers and employees.
The Daiwa House Group rallies the entire Group behind efforts such as establishing a database of information about anti-social forces available to all companies in the Group.
The Asset Manager’s Compliance Manual requires officers and employees to categorically reject all requests, both public and private, from anti-social forces that threaten the order and safety of civil society, including those for money and goods, donations, contributions, and subscriptions to informational magazines.
Safety Confirmation System
As part of corporate crisis management, the Asset Manager has adopted an online safety confirmation system to ascertain its officers and employees’ safety and post-disaster status at the time of disaster swiftly.The Asset Manager conducts safety confirmation drills at least once annually. In the fiscal year ended March 2023, the participation rate was 100%.
Managing Personal Information
DHR recognizes the importance of personal information (here and hereinafter including specific personal information as defined in the Act on the Use of Numbers to Identify a Specific Individual in Administrative Procedures (hereinafter referred to as the “Numbers Act”)), and in its handling of personal information complies with the Act on the Protection of Personal Information, the Numbers Act, and other laws and regulations on protecting personal information in addition to guidelines and other literature issued by the competent authorities.
Additionally, DHR engages in the proper handling, protection, and management of personal information based on the following policy (hereinafter referred to as the “Personal Information Protection Policy”).
Please refer to "Personal Information Protection Policy"
https://www.daiwahouse-reit.co.jp/en/privacy/index.html
Information Security
The Asset Manager recognizes the proper management of information as an important management challenge and has established an information security policy as a basic policy to ensure information security. This policy implements the following items
- Preparation of an information security management system
- Appointment of an information security manager
- Establishment of internal regulations
- Information security education
- Reinforcement of management systems of outsourceing compaies
- Implementation of ongoing improvements
Additionally, the Asset Manager has established IT management regulations, which define specific procedures for handling information devices to safely and smoothly manage information devices and secure the confidentiality and completeness of data, with an aim to fully protect the information handled by the Asset Manager.
| Item | Fiscal year ended March 2019 | Fiscal year ended March 2020 | Fiscal year ended March 2021 | Fiscal year ended March 2022 | Fiscal year ended March 2023 |
|---|---|---|---|---|---|
| Information security training | 2 times | 2 times | 2 times | 2 times | 2 times |
Conducting drills to respond to targeted email attacks
The Asset Manager draws attention to suspicious emails through information security training conducted each period. However, in an effort to improve awareness among all officers and employees in a more practical way, the Asset Manager conducts drills for responding to targeted email attacks.
If an officer or employee opens the email and then opens an attachment or clicks on an embedded link, they are shown educational content about targeted emails in an effort to verify and improve their awareness of information security.
Receiving regular reports from outside contractors on information device operation and management
The Asset Manager has established IT management regulations and Information Device Operation and Management Guidelines, and when it contracts the operation and management of information devices to an outside contractor, the person responsible for IT control (General Manager of the Administration and Accounting Department) receives quarterly reports on information device operation from the contractor.
Information Security-related Problems
There were no serious problems related to information security at the Asset Manager that would influence stakeholders. (Fiscal year ended March 2023)