Business Risks
Olympus Corporation applies the regulations in Note (31) listed in Form 2 of the “Cabinet Office Order on Disclosure of Corporate Affairs” following amendment in accordance with the “Cabinet Office Order Partially Amending the Cabinet Office Order on Disclosure of Corporate Affairs” (Cabinet Office Order No. 3 of January 31, 2019).
The business performance of the Olympus Group may be materially influenced by various risks (uncertainties) which may occur in the future. The Olympus Group has implemented a global Enterprise Risk Management Methodology to support the achievement of its business objectives which include inter alia its management philosophy and corporate strategy. Specifically, the Olympus Group’s risk management is based on the “Policy of Risk Management & Crisis Response” and related rules. The Olympus Group is undertaking Enterprise Risk Management from the perspective of both opportunities and threats. Opportunities are seized through active and appropriate risk taking leading to sustainable growth and value creation for the Olympus Group. Threats are identified, prioritized, and treated to ensure the achievement of business objectives and to prevent non-compliance.
In April 2023, the Olympus Group launched a new global organizational design to integrate the four functions Risk & Controls, Compliance, Privacy, and Information Security related to Governance, Risk and Compliance (GRC) into a global GRC organization. In addition, the Olympus Group started to transfer the existing Enterprise Risk Management Portfolio into an advanced methodology and performed a global Risk Assessment with all functions to validate and update Olympus Corporation’s global Risk Portfolio based on this enhanced methodology.
In particular, the elements of the enhanced Enterprise Risk Management System are:
- A global Risk & Controls organization embedded into the GRC function,
- An enhanced global Enterprise Risk Management Methodology and Approach, and
- A globally harmonized Enterprise Risk Management Process.
Those three elements aim to ensure a streamlined Enterprise Risk Management that feeds into business and financial planning and safeguards the achievement of Olympus Corporation’s business objectives and its corporate strategy by supporting informed decision making.
Enterprise Risk Management Organizational Setup
The Olympus Group has established a new committee structure on both a global and regional level, the Global and Regional Risk Assurance and Compliance Committees (G-RACC and R-RACC, collectively the “RACCs”). The objectives of the RACCs are to establish, implement and manage a framework for addressing enterprise risk and complying with applicable policies, laws, and regulations. Recommendations, guidance and significant risks are regularly reported to the Olympus Group Executive Committee (GEC), the Board of Directors (Board), and the Audit Committee for ongoing monitoring.
The Olympus Group also identified and collaboratively nominated Risk Owners, i.e., Global Division and Function Heads and Regional Division and Function Heads and respective Risk Coordinators responsible for managing risks. Each Risk Owner is accountable to execute the necessary measures (organizational structure, process preparation, focus measures, etc.) in their designated area of risk.
< Enterprise Risk Management Organizational Chart >
Enterprise Risk Management Methodology and Approach
The Olympus Group has established a global Enterprise Risk Management Methodology and Approach which includes 5 calibrated Risk Categories (1. Strategic (incl. External), 2. Operations & Product, 3. Financial, 4. Governance, and 5. IT & Digital) and corresponding Risk Sub-Categories.
< Enterprise Risk Management Risk Categories >
The Olympus Group also introduced three Risk Evaluation Criteria (1. Exposure, 2. Vulnerability, 3. Velocity) to evaluate and display each individual risk that might have an effect on the achievement of Olympus’ business objectives as well as on the corporate strategy:
- Exposure which is determined by likelihood and impact. The likelihood indicates the probability of a risk materializing, while the impact assesses the severity of the consequences if a risk does materialize. Likelihood and impact levels are defined as quantitative (financial) or qualitative criteria.
- Vulnerability which refers to how well the organization is prepared to manage a risk if it occurs.
- Velocity which indicates how fast Olympus Corporation would be affected by a risk after it occurs.
Based on the three criteria, the Olympus Group actively identifies, mitigates and monitors risks. Mitigation measures are regularly reviewed and tested for effectiveness.
The Olympus Group has also introduced a so-called “3D-Risk Matrix” to visualize and manage risks. It combines the Exposure with the perceived Vulnerability and adds the Velocity to the assessed risk. The matrix is split into four quadrants. Each of them gives an indication how the risk should be dealt with. The Olympus Group also introduced an updated IT application based on databases and dashboards to facilitate better and informed risk-based decision making.
< Enterprise Risk Management Risk Evaluation Method >
Enterprise Risk Management Process
The main components of the Enterprise Risk Management Process are:
- Risk Assessment to identify, analyze, and evaluate risks.
- Risk Treatment to mitigate risk, coordinate and execute Risk Management Activities.
- Risk Monitoring to design and implement monitoring procedures on risks and evaluate effectiveness on Risk Treatment activities.
- Risk Reporting to aggregate and valuate risk and mitigating measures and report to relevant stakeholders regularly. Risk Reporting is developed and deployed internally as part of the annual plan.
The Enterprise Risk Management Process is based on the strong collaboration between the Risk & Controls Function and the Division/Business Functions following the principle of the Three Lines Model.
Risk & Controls is responsible to provide, maintain and develop the Enterprise Risk Methodology and operational guidance. We are promoting the spread of the new organizational structure and methods within the company.
< Enterprise Risk Management Process >
Macroeconomic Business Environment
Macroeconomic developments worldwide have been severely affected by the impact of the war in Ukraine and the situation in the Middle East region. Energy prices have risen and remain high on a global level. Inflationary developments are also aggravated by supply chain disruptions. Combined with noticeable skills shortages, this has been leading to an overall slowdown in the economy and consumption. However, inflation is falling faster than expected in most regions, in the midst of unwinding supply-side issues and restrictive monetary policy.
Geopolitical instability is also one of the greatest threats to economic growth, and other potential high-impact supply chain risk events including cyber-attacks, high-impact weather events, and uncertainty in the procurement of raw materials and components have increased in recent years. Material price increases and product shortages resulting from external issues (e.g., increasing trade barriers and lower raw material availability) require intensive focus on strong supplier management.
Awareness of the impact that environmental issues may have on business operations has reached significant levels and has become an inherent business requirement from stakeholders.
On the technology front, digital transformation is accelerating across all areas. In response to this, there is a trend towards shortened development cycles being requested. Practical application of technology innovation (AI/robotics/ICT) is also progressing rapidly.
Industry-specific Business Environment
In the medical field, healthcare system reforms are being continuously implemented in Japan and overseas with the aim of curbing medical care costs and improving the quality of life of patients by improving the safety and efficacy of healthcare services. As a result, legal and regulatory requirements for medical device applications and registrations in each country, including the US Food and Drug Administration (FDA) and European Medical Device Regulations (EU-MDR), are increasing every year. In addition, the requirements concerning infection prevention and reprocessing (i.e., cleaning, disinfection, and sterilization) are becoming more complex.
The hurdles and complexities for technology development are increasing due to changes in healthcare policies in various countries, reductions in healthcare costs, tighter healthcare-related laws and regulations, and further increased demands for infection prevention and reprocessing. Accordingly, the business environment is becoming more demanding, not only due to new and alternative technologies, but also due to the entrants into the medical industry from other industries, including large technology companies.
Furthermore, there is a growing need for healthcare as societies progressively age, particularly in developed countries. There are efforts underway in various countries to reform healthcare systems, aiming to optimize the provision of effective, high quality healthcare services in spite of rising healthcare costs. Under such circumstances, there are many competitors in the business areas in which the Olympus Group is involved, and technological innovation is also progressing. Especially, competition in the Therapeutic Solutions Business is intensifying more than ever before.
In the Chinese market, although trade friction between the U.S. and China is intensifying, and uncertainty surrounding the Chinese market is intensifying in the form of Chinese government policies favoring national production and the promotion of concentrated purchasing, the Olympus Group sees the Chinese market as a market with the potential for sustainable growth. Furthermore, other emerging markets are also experiencing increasing healthcare needs and economic growth potential.
In the industries in which the Olympus Group operates, competition for talent is intensifying globally, and changes in the labor market are leading to higher retirement rates. Recruitment, development, and retention of personnel is becoming increasingly important.
The Olympus Group’s Risk State for the Fiscal Year Ended March 31, 2024
Based on the Olympus Group’s global Risk Assessment performed in the fiscal year ended March 31, 2024, risks impacting the Olympus Group have been identified, quantified, and prioritized.
Risks designated as “Improve” in the 3D-Risk Matrix have been prioritized for Risk Treatment. For the risks in the “Test” quadrant controls are in place. Routine audits ensure that the existing controls are designed well and operate effectively. Risks located in the “Monitor” quadrant are subject to periodic re-evaluation to ensure that their Risk Exposure is still at an acceptable level or to initiate additional Risk Treatment where necessary.
The Olympus Group reports the following top risks per Risk Category:
| Risk Category | “Strategy (incl. External)” |
|---|---|
| Type | Opportunity and Threat |
| Risk Scenarios | This Risk Category consists of the following sub-categories: Planning & Resource Allocation, Business Development & Investment, Communication & Stakeholder Management, Market Dynamics, and Force Majeure. The highest rated risks are geopolitical threats, supply chain interruptions and challenges to business development in a volatile market. This category includes risks related to market competition.
|
| Risk Treatment | To manage above risks the Olympus Group has been focusing on the following top Risk Treatment activities:
|
| Connection with company strategy and policies | Innovation for Growth, Productivity |
| Risk Category | “Operations & Product” |
|---|---|
| Type | Opportunity and Threat |
| Risk Scenarios |
This Risk Category consists of the following sub-categories: Research & Development (R&D), Manufacturing & Repair, End-to-end Supply Chain, Sales, Marketing & Service, Quality, Physical Assets, and People & HR. The most significant risks belong to Product Quality, End-to-End Supply Chain and Marketing & Sales. These risks include the availability of products as well as product lifecycle. In particular, these are:
|
| Risk Treatment |
The Olympus Group has been focusing on improving the stability of the End-to-End Supply Chain and quality processes to provide a premium service and supply to customers, with a primary focus on patient safety. Key activities are:
|
| Connection with company strategy and policies | Patient Safety and Sustainability, Productivity |
| Risk Category | “Financial” |
|---|---|
| Type | Opportunity and Threat |
| Risk Scenarios |
This Risk Category consists of the following sub-categories: Capital Structure, Accounting & Reporting, Liquidity & Credit, Revenue Cycle, and Tax. The Olympus Group provides products and services in various markets all over the world and recognizes the risks associated with foreign currencies exchange rate fluctuations. The Olympus Group’s business performance may be adversely affected by a strong yen, while it may be positively affected by a weak yen. We hedge foreign currency-denominated receivables and payables where possible, however in the event that sudden exchange fluctuations occur or if receivables and payables being hedged differ significantly from expectations, the Olympus Group’s business performance may be adversely affected. The Olympus Group finances itself by, among others, loans from financial institutions as well as issuance of bonds. Changes in the financial markets may have an adverse impact on our financing capacities. Furthermore, if the financing cost rises due to the deterioration of the Olympus Group’s business performance, the financing of the Olympus Group may be adversely affected, while if the financing cost decreases due to the improvement of the business performance, it may be positively affected. The Olympus Group’s tax burden may be increased due to changes in applicable tax laws or changes in their interpretations and application guidelines in jurisdiction of each country in the world. The valuation allowance for deferred tax assets may need to be increased as a result of recoverability reassessment due to changes in business conditions or the implementation of organizational restructuring. If such situations occur, it may adversely affect the Olympus Group’s business performance and financial position. We also recognize risks related to credit risks of customers, suppliers, etc. |
| Risk Treatment |
The Olympus Group uses derivative instruments such as forward exchange contracts, currency swaps, etc. to reduce the risk of exchange fluctuations. Furthermore, we are working to reduce foreign currency denominated receivables and payables through improving the efficiency of the Olympus Group’s funds by introducing global cash pooling. For risks related to financing, the Olympus Group is reducing funding costs through the diversification of funding methods such as the issuance of commercial paper and public bonds. The Olympus Group adopts a fixed interest rate policy for long-term interest-bearing debt to limit the impact of rising interest rates. In addition, we are working to improve the efficiency of the Olympus Group’s funds and strengthen financial management by introducing global cash pooling. In regard to changes in applicable tax laws in each jurisdiction, or changes in their interpretations and application guidelines, the Olympus Group is monitoring the amendments to laws and changes in regulations and making changes as appropriate to rules for transactions within the Olympus Group. In regard to deferred tax assets, the Olympus Group is monitoring the profitability of each group company and controlling the financial results so that the respective companies can appropriately secure profitability while also paying close attention in cases of business combinations for changes in profitability following such restructuring in order to minimize risks. With respect to credit risk, the Company monitors the financial condition of credit recipients and takes action as necessary. |
| Connection with company strategy and policies | Productivity |
| Risk Category | “Governance” |
|---|---|
| Type | Opportunity and Threat |
| Risk Scenarios |
This Risk Category consists of the following sub-categories: Culture, Regulatory, Legal, Compliance, Data Privacy, and Corporate Governance. These risks relate to the following areas:
|
| Risk Treatment |
The following key activities have been started and/or implemented:
|
| Connection with company strategy and policies | Patient Safety and Sustainability |
| Risk Category | “IT & Digital” |
|---|---|
| Type | Opportunity and Threat |
| Risk Scenarios |
This Risk Category consists of the following sub-categories: IT Security & Cyber, IT Applications, IT Governance, IT Infrastructure & Services, and Digital. Cyber Security breaches are evaluated as high risks and require constant attention and adjustment. As Olympus products are increasingly utilizing digital technologies to improve quality and efficiency of patients´ treatments, the measures to protect against cyber security breaches extend from product development all along value chain. |
| Risk Treatment |
Top treatment measures to avoid or manage Cyber Security breaches include:
|
| Connection with company strategy and policies | Patient Safety and Sustainability, Productivity |
Due to the change in the Risk Assessment Methodology and the full review of the Olympus Group’s Risk Portfolio, the content and the order of the risks have changed. After the re-evaluation, the below risks have been ranked lower than the above Top Risks and therefore are not mentioned. These risks are still covered in our current Risk Portfolio and are being addressed and monitored.
- Risks associated with Litigation
- Risks associated with Human Resources
- Sustainability risks, including those related to climate and the environment
May 17, 2024 Updated