Policies, Regulations and Management Structures

Risk Management Systems

The OLC Group works to prevent and respond to a wide range of business risks in accordance with the OLC Group Risk Management Guidelines.
We have installed a Risk Management Committee to promote effective risk management as standard practice. We have periodically identified and assessed our risks, categorizing them into strategic risks*1 and operational risks*2, the former overseen and managed by the Corporate Strategy Planning Department and the latter by the Risk Management Committee.
 

*1 Strategic risks: Risks that exert a material impact on the sustainability of business
*2 Operational risks: Risks that exert a material impact on the execution of business
 

The Corporation Strategy Planning Department and the Risk Management Committee respectively report their risk management status to the Executive Committee and the Board of Directors to confirm the effectiveness of our risk management.
 

The Emergency Control Center (ECC) is set up to determine how to address an emergency situation as it arises. All OLC Group companies are mandated to swiftly report any identified situations that need to be controlled urgently.
To address the COVID-19 pandemic, we established the Tokyo Disney Resort Infectious Disease Response Coordination Division, with the President of Oriental Land Co., Ltd. as its director. The division makes decisions on important matters concerning the operation of Tokyo Disney Resort, such as limiting attendance at both Theme Parks and reviewing their operating hours.

Specific Risks Handled by the ECC

Earthquakes, fires, typhoons, snow, lightning, power outages, accidents, food poisoning, infectious diseases, and terrorism, among other risks

Business Continuity Plan (BCP) Initiatives

Our Group has set up the Emergency Control Center (ECC) as the organization that supervises response in an emergency such as an earthquake, fire or typhoon to minimize damage to people, and property, enabling the swift resumption of operations. Since the Great East Japan Earthquake in March 2011, we have worked to ensure that operations would be able to continue if a large-scale disaster strikes and are currently considering further initiatives related to our Business Continuity Plan (BCP).
In February 2019, we shifted to a method of financing that sets a loan drawdown of between ¥5 billion and ¥150 billion, with the amount to be determined by our Group if an earthquake materializes.

 

Following the Great Hanshin-Awaji Earthquake in January 1995, we introduced an Earthquake Risk Countermeasure Financing Type Term Loan with the aim of securing liquidity on hand to continue business. This financial preparedness played a part in enabling us to continue business and achieve a rapid recovery in performance when the Great East Japan Earthquake struck. We also review the content of our finances in alignment with our management strategy and the business environment. In addition to being able to increase the financing amount, the new plan allows us to minimize costs by not having to execute the financing until the capital is needed. If an earthquake measuring M7.9 or greater occurs, although the banks can decide whether to request early repayment, our Group can choose to make the loan repayment with cash or other assets, which means the exercise of stock acquisition rights will be extremely limited.

 

Information Security Management Systems

Our Group Basic Policy on Information Security lays out the basic policy and procedure for information management. Specific guidelines for action are set forth in the OLC Group Information Security Policy, and we are developing an information security management system that conforms to this policy. Information management is controlled by the Information Security Management Committee, a sub-committee under the Risk Management Committee. Chaired by the Executive Director of the General Affairs Department, the sub-committee works to raise the level of information security management within our group by monitoring compliance with the OLC Group Information Security Policy and developing plans for employee training and awareness programs.

In January 2013, we established the OLC Group Guidelines on Social Media, which set forth rules on management and communication of information through social media. These guidelines serve to enhance our Group’s information security including in the social media channels.

Since June 2021, the Vice Chairman of the Risk Management Committee, the Supervisor of the Corporate Strategy Planning Division (Executive Director and Executive Vice President Officer), has been in charge of company-wide Information Technology operations including degital security. 

The OLC Group Basic Policy on Information Security
(Established March 2005)

  1. The OLC Group shall ensure the proper management of all information related to its business operations (“Information Assets” hereinafter), by identifying its owner, its value as an information asset, the level of confidentiality, and rights of access.
  2. The OLC Group has established an information security policy (“Policy” hereinafter), setting forth specific procedures to be followed by OLC Group companies and specific actions to be taken by executives and employees in the management of information.
  3. The OLC Group, its executives and employees, shall abide by applicable laws governing the management and handling of Information Assets.
  4. The OLC Group shall take appropriate technical security measures when processing or holding its Information Assets in an information system and/or network.
  5. The OLC Group shall offer scheduled training and education to its executives and employees to familiarize them with information security management policy and procedures.
  6. The OLC Group shall review the documents and controls adopted for the Policy and other basic policies etc., and shall monitor compliance with these policies and procedures on a continuous basis.

Our Group ensures that customers' and Guests' personal information is protected. The handling of personal information is periodically checked by the departments in charge, as well as audited by other departments.