The Board of Directors of LY Corporation has resolved on the "systems for ensuring the properness of business activities" as stipulated in the Companies Act and Regulation for Enforcement of the Companies Act, established this internal control system in its Basic Policy for Internal Control, and designated "internal audit" as a role to check various controls from within the company.
The Company has established an internal audit office as a dedicated organization directly under the President and CEO. In accordance with the "Internal Audit Regulations," the office audits and provides recommendations regarding the effectiveness and efficiency of areas such as compliance and information security operations.
1. Organization, Personnel, and Expertise
The Company’s internal audit office comprises a total of 38 members (as of the end of March 2025). Its staff includes employees who are well acquainted with the Company’s services and systems, as well as qualified professionals such as Certified Internal Auditors (CIA), Certified Information Systems Auditors (CISA), and Certified Fraud Examiners (CFE). In addition, subsidiary companies—including ZOZO, ASKUL, and PayPay—maintain their own independent internal audit functions.
2. Role
Based on the three lines model, the Company’s internal audit office independently conducts internal audits of both business and administrative units. It also provides necessary advice, evaluations, and support (including personnel support via staff secondments) regarding the establishment and operation of internal audit systems at subsidiary companies. Furthermore, for subsidiaries that do not have an internal audit function, the Company conducts internal audits based on their risk profiles.
3. Status of Internal Audits
The internal audit office attends management meetings and other relevant sessions to collect information on controls in high-priority areas, which is utilized during the formulation of audit plans. These audit plans primarily consist of.
Risk-based theme audits, and Regular scheduled audits, all of which are executed with due consideration to risk management and compliance perspectives. Individual audit results are reported to the Chairman & President as well as to the standing audit committee members (e.g., the Chairperson of the Audit Committee). Moreover, if there are significant audit findings or other matters that warrant reporting to the Board of Directors, a mechanism is in place to table such matters for Board review.
Example Audit Achievements for Fiscal 2024
・An audit of the improvement status of issues raised through administrative guidance (e.g., related to data protection of personal information, security, and outsourcing management).
・An audit on the Company’s compliance with laws such as the Export Control Act and the Transparency Law.
・An audit related to proxy operations such as electronic payment services.