We engage in risk management based on thepolicies outlined in our Risk ManagementRegulations, which detail risk prevention measuresfor incidents with the potential to interrupt businessoperations and appropriate responses in the eventa risk incident occurs. The Risk ManagementCommittee, which is chaired by the President,serves as the entity in charge of risk management.This Committee holds regular monthly meetings, oras necessary in cases of an emergency, to monitorthe status of risk management structure creationand reports on risk management activities receivedfrom business divisions. At least once every threemonths, the Committee issues reports to the Boardof Directors on the status of risk management butissues a report immediately in the event of a seriousincident.Divisions work to ascertain, analyze, and assesslatent risks in order to prevent risks before theyoccur. In accordance with Division RiskManagement Parameters, we set a baseline amountcalculated by multiplying ordinary profit plan figuresby a specific coefficient. Any risks with anestimated impact exceeding the calculated amountare reported to the Risk Management Committee.

AS ONE has over 4,200 suppliers, 13,000 dealers,and a customer base of researchers comprised ofAXEL members and users of the ocean purchasingsystem who rely on the timely order processing andshipment of the more than 10 million products weoffer. To fulfill our commitment as a hub for researchand medical supplies, we take full advantage ofvarious IT systems.However, technical innovation in informationsystems is progressing at a remarkable pace, and,in some cases, it is difficult to fully prevent or avoidproblems such as failures in core systems orcommunication networks, as well as tampering,destruction, and leakage of information, etc. In theunlikely event that such a situation occurs, it couldhave an impact on the Group’s performance.In order to avoid such situations, the Group hasestablished Information Security Regulations.Under the Information Security Committee, which ischaired by a director, we are implementinginformation security measures while also makingcontinuous information investments to stay abreastof technical innovations in information systems. Toprepare for contingencies, in addition to using datacenters that are highly resistant to earthquakes,we also take steps to distribute servers, createredundant communication routes, and implementmultiple layers of protection against cyberattacks,while also placing importance on raising awarenessamong our employees. We will continue to strengthenour security based on the premise of zero trust(nowhere is safe).