JTB's corporate governance systems are multifaceted and multilayered. In addition to an Audit & Supervisory Board, we also maintain a Personnel and Compensation Advisory Board, the purpose of which is to ensure impartiality and objectivity in the appointment, dismissal and compensation of members of the board and our senior leadership team. Key decisions regarding our business are made by the board of directors, where the presence of outside directors helps to ensure quality decision-making. Independent, objective monitoring and oversight are provided by the Audit & Supervisory Board.

Corporate Governance Framework: Schematic Representation

（1）Board of Directors

The board of directors is responsible for establishing our organization's Mission and for making key business decisions regarding plans, strategies and policies. The board recognizes its collective duty to oversee the performance of individual board members as well as its duty to establish appropriate internal control mechanisms. In order to ensure board effectiveness, JTB strives to maintain a rightsized board with a balanced composition that includes members with diverse backgrounds and expertise.
As of March 31, 2023, the JTB board of directors is made up of 13 members, including six outside directors (three of whom are independent).
As part of its efforts to strengthen board oversight, JTB has recently delegated certain authority to its business execution teams and is conducting interviews with individual board members to obtain feedback regarding board efficacy. In the months ahead, JTB will use this feedback to make further enhancements to its corporate governance mechanisms.

（2）Audit & Supervisory Board

Guided by a fiduciary duty to our shareholders, the Audit & Supervisory Board as well as its individual members exercise their duties objectively and independently. These duties include reviewing the performance of individual members of the board of directors as well as decisions regarding the appointment, dismissal and compensation of independent external auditors. In order to ensure audit quality, members of the Audit & Supervisory Board are required to comply with JTB's auditing standards, policies and plans. As a general rule, a majority of the members of the Audit & Supervisory Board are appointed from outside the organization.
As of March 31, 2023, JTB Corp.'s Audit & Supervisory Board consists of three members, two of whom are appointed from outside the organization.

（3）Criteria for Appointment

Members of the board of directors are expected to have a good understanding of the company's business model and to possess the appropriate balance of expertise, experience and skills to effectively carry out their roles and responsibilities. They must also possess the judgment necessary to make appropriate decisions regarding key business matters.
Members of the Audit & Supervisory Board are expected to possess the appropriate experience and skills as well as the necessary financial, accounting and legal expertise to establish effective corporate governance mechanisms that support sustainable growth and help us live up to the trust placed in us by our stakeholders and the public.

（4）Outside Board Members

The presence of outside board members ensures effective oversight over the activities of individual board members. The presence of outside members on the Audit & Supervisory Board ensures that the internal audit function is executed independently and objectively. Recognizing the role and responsibility of independent outside directors in supporting sustainable organizational growth and creating medium- to long-term business value, JTB strives to ensure that roughly 30% of its board of directors is made up of qualified, independent outside directors. During the current fiscal year, we increased the number of independent outside directors on the board from two to three. In order to ensure a robust exchange of information/viewpoints and facilitate active participation by independent outside board members in board deliberations, JTB encourages regular communication between independent outside directors and executive officers.
In addition, independent and objective input is also furnished by the Personnel and Compensation Advisory Board. Qualification requirements and independence standards governing the appointment of independent outside directors are set forth in Article 24 of JTB Corp.'s Basic Policy on Corporate Governance.

（5）Internal Audit Office

The Internal Audit Office is tasked by the President & CEO to conduct internal audits covering all facets of the JTB Group's operations. The purpose of these audits is to ensure the achievement of business objectives through rational and effective operational execution, effective risk management and internal controls, and compliance with applicable laws, regulations and organizational by-laws.
The Internal Audit Office reports audit results to the President & CEO and furnishes specific advice and recommendations to the relevant departments in order to improve operations.

（6）Executive Officers

At JTB Corp., executive officers are tasked with ensuring agile decision-making and clear accountability.

The JTB Group Code Hotline serves as our in-house whistleblowing mechanism, allowing JTB Group employees as well as retired employees to report genuine concerns about illegal or improper conduct without fear of retaliation. Concerns reported to the Hotline are subject to an objective investigation and appropriate follow-up.

The President & CEO of JTB Corp. has ultimate responsibility for the implementation of effective internal control systems. These systems are regularly reviewed and assessed through independent monitoring conducted by the Internal Audit Office, which reports directly to the President & CEO.
Leadership teams at each of our business headquarters have primary responsibility for using these assessments to provide direction for improving internal controls with support from our Corporate Affairs Team. In addition, the JTB Group Internal Controls Committee, chaired by the President & CEO, continuously reviews the organization's internal control policies in order to keep pace with changes in the business environment, strengthen the efficacy of internal control systems, ensure the adequacy, effectiveness and efficiency of internal control mechanisms, and maintain/enhance business value.

Internal Controls: Schematic Representation

Through online training and periodic compliance quizzes, we promote workforce awareness and compliance with the legal requirements most relevant to our business, including those related to human rights, privacy, intellectual property, fair competition, and internal whistleblowing.

Managers at the JTB Group are required to conduct reasonable due diligence regarding local rules and regulations and to identify corruption risk levels in each country where business is conducted.
In order to prevent workplace corruption, managers are also required to develop appropriate anti-corruption mechanisms and procedures tailored to the risk level in each country.

• Protect the safety and health of our people as well as our business assets.
• Achieve prompt recovery in the event of damage to business assets.
• Avoid activity that compromises the safety, wellbeing or interests of stakeholders.
• Take responsible and appropriate action when confronted with imminent risk.
• Foster stakeholder trust through seamless risk management.
• Reflect stakeholder/societal concerns in our risk management processes.

Our risk management programs, guided by our Internal Controls Committee, represent an ongoing process involving comprehensive risk identification and systematic risk monitoring across our entire organization.

Risk Management Framework: Schematic Representation

In the event of an emergency, an internal Incident Response Task Force is created to coordinate the JTB Group's response and minimize impact to our business and stakeholders through prompt and appropriate action.

Crisis Management Framework: Schematic Representation

Our organization's policies on human rights are articulated in The JTB Group Policy. Aimed at preventing and mitigating human rights risks, these policies consist of our:

• Anti-Discrimination and Anti Harassment Policy
• Policy on Slavery and Human Trafficking
• Diversity & Inclusion Policy

In accordance with our Anti-Competitive Behavior Policy, the JTB Group is committed to compliance with laws designed to safeguard free and fair competition (commonly referred to as antitrust or competition laws) everywhere we do business.

• ・Confidentiality requirements
• ・Information security management systems
• ・Privacy management
• ・Incident response
• ・IT security training
• ・IT security audits
• ・Penalties for non-compliance

In accordance with the JTB Group's Information Security Policy, our information security systems　are overseen by our Chief Information Security Officer (CISO). JTB regularly reviews its Information　Security Policy in order to respond appropriately to changes in the business environment.
As part of our ongoing efforts to monitor and strengthen our IT security systems, we also retain outside consultants to conduct information system and security audits.

At the JTB Group, we view IT security as an integral part of our organization's social responsibility. We maintain appropriate security protocols and procedures to safeguard the confidentiality, integrity and availability of information assets.
In addition, our IT security team has assigned several Registered Information Security Specialists (RISS) to continuously develop measures to ensure a higher level of cybersecurity. (4 RISS as of April 1, 2024)

IT Governance

Our IT security policies, protocols and procedures are established and monitored in accordance with our Information Security Policy.

Raising Internal Awareness

We are continually working to raise IT security awareness through employee training, comprehension checks, and security drills.

IT Security Training

As part of our efforts to raise IT security awareness, JTB Group employees are furnished with our IT Security Handbook and IT Security Learning Resources.
Questions regarding IT security and privacy are also included in the JTB Group Code Comprehension Checks. Results from these tests are used to monitor employee understanding and refine in-house training efforts.

IT Security and Outsourcing

When outsourcing services to third-parties, the JTB Group asks service providers to complete and submit an IT Security Checklist in order to confirm security protocols and improve overall IT security.