Tax practices, risk management &
information security

Tax Practices

We are fully committed to paying our fair share of taxes at levels that are not only within the letter and spirit of local laws but are in accordance with our responsibilities to all stakeholders in our 4S model. We do not engage in aggressive and artificial tax planning or tax avoidance schemes, and never use legal entities for tax purposes only.
Nor do we undertake any transactions whose sole purpose is to reduce our tax contribution.

Our approach to tax is guided by a global tax function that requires all entities to issue detailed annual reports showing how they meet local tax obligations and ensure that appropriate expert advice is sought on all commercial and financial decisions. In 2017 we paid a total of 112,591 million Yen in corporate tax across the JT Group, compared with 185,285 million Yen in 2016.

Our tax practices

Tax legislation and practice have become increasingly complex in recent years, but we try to nurture good relationships with tax authorities in order to increase certainty on both sides.

In 2016 the U.K. introduced a law that requires large U.K. businesses to publish an annual tax strategy which sets out, among other things, the approach toward tax planning and how tax risk is managed. We have taken this opportunity to update our tax strategy, which was published on our website in 2017.

In other countries, governments are beginning to implement new tax rules based on the OECD’s Base Erosion and Profit Shifting (BEPS) Project, which aims to clamp down on artificial tax planning strategies. One consequence is the emergence of new country-by-country tax reporting requirements.
In line with these requirements, we submitted country-by-country tax reporting for FY2016 and prepared a Master File, which provides an overview of our global operations.

In 2016, we organized training for more than 200 employees, including heads of our accounting function in each of the companies within our Group. This was to raise awareness of BEPS issues and other recent tax developments.

The JT Group Tax Policy can be viewed on the JT website, www. jt.com.

Risk management

Our group operates a diverse business which includes tobacco, pharmaceutical and processed food. We also operate on a global basis with offices in Europe, CIS, Africa, or the Middle East, among others. Due to this diversity and as we operate in changing business environment, we are exposed to various risks.

We look at emerging risk such as increase in cyber/IT security risk, risk of natural disasters arising from climate change or increase in political risk. We examine financial and business risks such as effect of currency fluctuation or impact of regulatory developments. Our approach to addressing key risks is detailed in our latest annual report under 'Risk Factors'. We also address compliance risk as we strive to ensure all of our business operations are carried out with integrity.

Our key financial and business risks are considered by the Board of Directors on a quarterly basis. Internal audits are carried out by a division independent of the business, which reports directly to the Group President. We have a crisis management and disaster response protocol, whereby a project team, headed by the Group President, can be swiftly called upon in times of crisis or disaster.

We recognize the need for a Group-wide global risk management framework: this would allow us to be conscious of, and appropriately deal with, more complex, wide-ranging risk factors. We are exploring more systematic ways to analyze and respond to risk factors surrounding our Group and our stakeholders, with a view to further strengthening our risk governance.

Information security

Our information security risks relate to damage, or leakage of, information that we hold on our customers, consumers, suppliers, and employees, as well as data on our business strategy and relating to our engineering and experimental data, including results from research.

We are committed to continuously enhancing our information security framework. We regularly update our policies and procedures to adapt to evolving business and technical landscapes.

Whilst we continuously strengthen our technical defenses against the threat of cybercrime, we also focus our efforts on engaging all our employees to better understand the value and vulnerability of information. We are empowering them with the knowledge to defend our data assets via our e-learning and Global Information Security awareness programs. In 2017, 11,472 employees in our Japanese operations underwent security training, and in our international tobacco business, 88% of employees were involved in our Global Information Awareness campaign.

Due to the ever-increasing regulatory environment, both in Japan and the EU, our information security division continues to work closely with other business functions to further enhance data privacy and develop incident-reporting capabilities to ensure that we meet all new regulatory requirements.