Robust Risk Management (strengthening BCM)

The JAL Group recognizes that trust from society is a managerial resource for aviation infrastructure, where safety is the basic foundation of business continuity. To protect and enhance that trust, we conduct comprehensive risk management of our business activities to achieve stable management of the entire Group and promote activities to fulfill our corporate social responsibility. Even at Group companies which are not directly involved in air transport, we are coordinating within the Group to enhance the risk mindset and risk practices of all employees. Specifically, we have a standardized Risk Management Manual for the JAL Group, based on JAL Group Basic Policies on Risk Management, to control risks in order to achieve our management goals. Organization leaders bear responsibility for risk management. Risk is defined as "events or behaviors which threaten the achievement of the missions, goals, or targets of individuals or organizations," and is classified into two types: operational risks and business risks. Priority risks are selected from among the risks confronting each organization with reference to risk assessment criteria, and dealt with by effectively allocating resources. All priority risks of the JAL Group are aggregated, and critical risks are identified and treated intensively.

The JAL Group defines risk as "any event or action that threatens the achievement of the mission, objectives, or goals of an individual or organization," thereby requiring all organization heads to manage risk as risk managers. For preventive risk management, risk managers conduct risk assessments twice a year, identify priority risks, and implement risk responses. Priority risks are reassessed by a specialized organization responsible for risk, and the risk responses are reinforced through workshop-style control self-assessments, and risk consulting is provided as necessary.

After classifying risks based on four characteristics (repeated, sporadic, external factor, internal factor), a risk map is prepared by evaluating risk probability and severity in each category.
Please seeBusiness risksfor details and handlings of each risk.

Please see Emerging RisksPDF that we identify with the most significant impact on the business in the future.

This Council is chaired by the President, and primarily comprises responsible General Managers of frontline divisions. The Council comprehensively manages operational risks and business risks to stabilize Group management. It also functions as a venue for providing progress reports, sharing information and making decisions on various matters, such as establishment of JAL Group Basic Policies on Risk Management, regular risk assessments, implementation of measures when risks eventuate, and risk auditing.

Operating under the Group Risk Management Council, the committee is chaired by the General Manager of General Affairs and comprises General Managers of relevant divisions. Its role is to conduct administrative work in support of the Group Risk Management Council, including any preparations that will contribute to making and executing decisions.
The committee also serves as the committee for personal information and information security, comprising General Managers of relevant divisions and chaired by the General Managers of the General Affairs and the IT Planning. The committee continuously looks at ways to strengthen information management.

This committee is chaired by the General Manager of Finance and Accounting and comprises the President, Executive Vice President and General Managers of relevant divisions. The committee identifies financial risks appropriately and strives to facilitate improvements in corporate management. Specifically, it conducts regular simulations of financial conditions and checks the content.
In case of a risk event which the committee determines will have a serious, quantifiable impact on the Group’s business performance, such as a major financial crisis or large-scale disaster, it will calculate the estimated financial impact and deal with the risk jointly with the Risk Management Council, as necessary.

This council is chaired by the President of Japan Airlines and comprises officers and presidents of Group airlines appointed by the general safety manager and Chair. The role of the committee is to ensure safety of the entire Group and promote safety management by establishing important policies on safety management, clarifying the status of corporate activities, and reviewing organizations, systems and measures, as necessary.

Operating under the Group Safety Enhancement Council, the committee maintains and strengthens collaborative, safety measures among departments, divisions and Group airlines with the aim of enhancing overall air transport safety of the Group. The committee comprises the General Manager of JAL Corporate Safety and Security (Chair), General Manager of safety management at JAL appointed by the Chair, and the general safety manager or responsible officer of safety of each Group airline.

To respond to specific risks that threaten our ability to fulfill our responsibilities as a public transport service provider such as pandemic influenza, unidentified infectious diseases or earthquakes, we have established a business continuity plan (BCP) that enables us to continue business effectively in a contingency based on guidelines established in collaboration with regulatory bodies and other relevant institutions. The BCP covers basic matters such as policies and procedures necessary to ensure the safety of customers, JAL Group staff and their families, and other affected persons, and to maintain air transport operations essential to the Group, including reservations, information provision, payments, and settlements. The plan is reviewed regularly and revised as required to improve its application.
During the outbreak of Ebola hemorrhagic fever in West Africa in 2014, we activated our BCP regarding responses to pandemic influenza or unidentified infectious diseases. We coordinated our actions with relevant government bodies, developed necessary systems and added the Policy for Handling the Ebola Virus Disease (International Flights) to our BCP. The same BCP was activated on January 21, 2020 for the COVID-19 outbreak, and is continuing at present.
In fiscal 2018, we reviewed regulations related to earthquakes and expanded our strategies and BCP to include, in particular, a potential earthquake striking Tokyo.
In fiscal 2019, we updated the JAL Group Risk Management Manual, including the establishment of regulations on business continuity management as the basis of each BCP. Japan Airlines Co., Ltd. was certified on November 30, 2019 as an Organization Contributing to National Resilience (Resilience Certification) by the Resilience Japan Promotion Council. On March 30, 2020, we received an A rating for BCM (special interest rate II) from the Development Bank of Japan.

In March 2020, we received a DBJ BCM rated loan from the Development Bank of Japan (DBJ), and the rating results commended Japan Airlines for "particularly advanced business continuity initiatives."

When risks (operational risks) associated with aviation safety, aviation security and other issues related to the air transport business eventuate, or are suspected or confirmed, they are reported quickly (within 15 minutes as a general guideline) to Integrated Operations Control (IOC). In JAL Group, the person responsible for determining the level of risk decides the applicable risk management level (from Level I to Level III) according to the situation and risk response is implemented. Exercises, reviews, education, and training are conducted regularly for each type of disaster or purpose in order to increase risk management awareness of every employee.

In light of the importance of information security in the advanced information and telecommunications society, we are working to strengthen the JAL Group's information security.