Internal Control
The Sumitomo Corporation Group has strengthened its internal controls to retain the trust of all its stakeholders.
Basic Principles and System
The Sumitomo Corporation Group comprises six business units, an initiative, regional organizations and Group companies in Japan and overseas. The Group collectively works together in a broad range of business fields.
In order to realize sustainable growth and development for the Sumitomo Corporation Group by enhancing the operational quality of each of the Group companies, we stipulate basic regulations for internal control, develop and conduct appropriate internal control, and access the effectiveness and take action to improve it.
To rationally ensure compliance with laws and regulations throughout the entire Group in relation to business activities, safeguarding assets against loss, effectiveness and efficiency of operations, and reliability of financial reporting, initiatives are being taken to improve group governance.

Financial Reporting
The Sumitomo Corporation Group creates financial reports in accordance with the Accounting Policy Manual that lays out the Group’s internal policies for accounting, and discloses information in a timely and appropriate manner and in compliance with relevant laws, regulations, and accounting standards.
For its financial reporting internal control system, the Company acts in accordance with the Internal Control Reporting System stipulated in the Financial Instruments and Exchange Act, by promoting internal control activities as required by the Act, and evaluating and improving its business processes.
Information Security
Led by the IT Strategy Committee, which is a companywide organization chaired by the Chief Information Officer (CIO), Sumitomo Corporation has established an Information Security Policy and other relevant regulations, and works to ensure information security and the appropriate management of information assets.
We also take steps to minimize the risk from unexpected situations involving information security, such as external attacks aimed for instance at theft or destruction of corporate information. In addition to system-based safeguards, these include continuous training and drills for officers and employees and system monitoring and upgrades covering our major subsidiaries and other group entities.
Internal Audits
The Internal Auditing Department, which reports directly to the President and Chief Executive Officer, is an independent organization that monitors the operations of the Group, and audits organizations and operating companies of the Group. As well as reporting the internal audit results directly to the President and Chief Executive Officer, in principle on a monthly basis, periodic reports are also made to the Board of Directors and the Audit & Supervisory Board. The department regularly conducts audits on all aspects of internal control, comprising asset and risk management, compliance, and business operations. It evaluates the effectiveness and adequacy of the internal controls of auditees, taking into account the significance of the inherent risks. At the same time, it provides appropriate advice for improvements and expedites improvement and maintenance on the auditee’s own initiative, thereby contributing to the improvement of governance and internal controls within the Sumitomo Corporation Group.

Group Governance
The management policy of the Sumitomo Corporation Group is to respect "Jiritsu"* management by each Group Company, and to be involved in important decision-making at the board of directors or organization equivalent to the board of directors of each Group Company based on the relationship of trust established through active "Dialogue" as a shareholder, and to create new value through strong "Collaboration" of each Group Company including Sumitomo Corporation.
With the aim of strengthening the Group’s governance under the medium-term management plan "SHIFT 2023", in order to maximize our group’s corporate value through sharing and putting into practice the principles of Group management, we have established a Group Management Policy (GMP) that sets the three principles of Group management: "Jiritsu", "Dialogue", and "Collaboration".Sumitomo Corporation supports the establishment and operation of an optimal management system to control risks appropriately and increase the odds of achieving its business strategies for Jiritsu management of each Group Company. While maintaining dialogues with Group Companies, we will create a PDCA cycle for internal control, which will lead to enhancement of operational quality and corporate value for the Group as a whole.
*"Jiritsu" is the Japanese term. In GMP, we define it to mean "following the rules necessary for the management of each Group Company, such as the Sumitomo Corporation Group’s management principles, strategies, and policies, to discipline oneself, to think, make decisions, act for oneself in order to achieve goals, and to be accountable to stakeholders".