Why KDDI Established a New Governance Promotion Headquarters
In March 2025, news broke that KDDI had established a new Governance Promotion Headquarters. This move was prompted by a fictitious transaction scandal involving the company. It would be premature to dismiss this as just a “big company problem.”
While KDDI is a giant with revenues exceeding 5 trillion yen (approx. $33 billion), the governance failures that occurred there are not irrelevant to small and medium-sized enterprises (SMEs). In fact, SMEs, with their often weaker internal controls, face an even higher risk of similar issues.
Three Lessons for SMEs from a Corporate Scandal
1. Are You Verifying the Reality of Your Transactions?
In KDDI’s case, fictitious transactions were the core issue. This type of problem can easily occur in SMEs on a daily basis.
Examples include transactions with another company personally run by an executive or founder, or opaque deals conducted as a “custom” with a long-standing business partner. These situations easily become blind spots in governance.
As concrete countermeasures, check the following three points:
– Does a quotation and delivery note exist for each transaction?
– Does the invoiced amount match the actual service provided?
– Can you verify the reality of the business partner (location, representative)?
2. Has Your Check-and-Balance Function Become a Formality?
KDDI undoubtedly had an internal control system in place. The fact that a problem still occurred strongly suggests that the check-and-balance function had become a mere formality.
This problem is even more severe in SMEs. It’s not uncommon to have only one accounting staff member, or for the business owner to handle accounting themselves. In this state, no one can effectively check the work.
Possible solutions include:
– Establishing a system where an external tax accountant reviews the books monthly.
– Strictly separating the roles of accounting staff and the person authorizing payments.
– Undergoing an audit by an external third party at least once a year.
3. Is Your System Designed to Prevent You from Finding Fraud?
Many SMEs lack a culture of “questioning.” There is often a taboo against questioning the founder or long-standing employees.
However, from a governance perspective, everyone should be subject to appropriate checks. This is not a matter of trust, but of system design.
Three Golden Rules for a 5-Minute Risk Check
The “three golden rules from a due diligence pro” mentioned in the news can also be applied by SME owners.
Golden Rule 1: Find Numerical Anomalies
Check the following points in your financial statements or monthly trial balance:
– Has sales revenue changed drastically compared to the same month last year?
– Has the cost of sales ratio changed suddenly?
– Have sales to or purchases from a specific business partner increased sharply?
If you find an anomaly, make it a habit to always verify the reason.
Golden Rule 2: Trace the Transaction Flow
For one transaction, try writing down the following flow on paper:
“Order Received → Order Placed → Delivery → Invoice → Payment Received”
Visualize who is responsible for each step in this flow and where the checkpoints are. If the same person handles multiple steps, that’s a risk.
Golden Rule 3: Focus on Exception Handling
Many frauds occur through non-standard processes.
– Urgent payment requests
– Approvals through unusual channels
– Submitting documents after the fact
When such exceptions occur, create a system to always record the reason and review them periodically.
Concrete Actions SMEs Can Start Today
Action 1: Review Your Internal Rules
First, list all your current internal rules. If you don’t have any, start by establishing at least the following three:
– Expense reimbursement rules
– Criteria for selecting business partners
– Rules for creating and storing contracts
Action 2: Design a Check-and-Balance System
Instead of the owner handling all checks, consider a division of responsibilities like this:
– Daily checks: Management department staff
– Monthly checks: Business owner
– Quarterly checks: External expert
Action 3: Set Up a Reporting and Consultation Channel
Clearly define where employees should report if they discover fraud or problems within the company. For smaller companies, designating an external lawyer or tax accountant as the contact point can be effective.
Conclusion: Governance is About Design, Not Defense
The KDDI news shows that governance failures can happen even in large corporations. The key is not to react after a problem occurs, but to design your system proactively.
SME owners need to adopt these three perspectives:
– A habit of constantly verifying the reality of transactions.
– A system to prevent check-and-balance functions from becoming a formality.
– A culture where everyone, regardless of position, is subject to appropriate checks.
These measures don’t require special costs or personnel. They are all things you can start doing today. Use this as an opportunity to review your company’s governance design.
Comments