Compliance and Risk Management
Basic Policy
Promoting compliance and risk management globally through integrated risk management initiatives
Based on OMRON Group Rules for Integrated Risk Management, the OMRON Group promotes compliance and risk management at the global level. Specifically, OMRON identifies and analyzes global compliance and other Group-related risks, specifying significant risks and devising measures to deal with them.
Should a significant risk occur, the Crisis HQ will be set up to deal with that risk through an organizational approach. To quickly assess frontline risk information, the risk reporting system and whistle-blower system are in operation.
Integrated Risk Management Policy
OMRON’s basic policies for integrated risk management are defined in the Basic Policy on Maintenance of Internal Control System resolved by the Board of Directors as follows:
- 1. We will integrate and carry out risk-related activities from a global perspective for the purpose of securing the continued existence of the companies and enabling them to achieve their targets and fulfill their corporate social responsibilities.
- 2. Based on the OMRON Group Rules of Integrated Risk Management, we will endeavor to avoid, reduce, and transfer losses by collecting risk information, conducting risk analyses, and implementing countermeasures against risks.
- 3. We will identify critical risks to the Group and enable Groupwide responses through the Executive Council.
- 4. In a time of crisis, we will make reports in accordance with established procedures and form response teams necessary to address the crisis.
Integrated Risk Management Framework
- Basic Policy
- Integrated Risk Management Framework
- Initiatives
- Whistle-blower system
Establish Global Promotion Structure
At the OMRON Group, the Corporate Ethics and Risk Management Committee is tasked with promoting compliance and risk management in an integral manner. Consisting of members from the OMRON global headquarters and business companies as well as regional headquarters overseas, the committee deliberates on measures on a quarterly basis for implementation.
A risk manager in charge of compliance and risk management is in place at each Group company across the world. These risk managers use OMRON’s global network to exchange risk information and quickly devise and take action in response to changes in internal and external environments by combining the efforts of frontline staff and the management team.
The progress in risk management, including initiatives to address significant risks, is regularly reported to the Executive Council and the Board.
Initiatives
Specifying the most significant risks and strengthening response to risks
In fiscal 2017 as well, the departments in charge of dealing with risks were selected and countermeasures were taken in a well-planned manner.
Specifically, the most significant risks identified were failure in crisis response, and information/IT security. The next significant risks included internal fraud, conformance with RBA*1, and quality issues.
As a specific measures against these risks, for failure in crisis response, OMRON established a global communication system for risk response, conducted training to respond to crisis, to further strengthen risk response capabilities.
As for information/IT security risks, with the recent surge in the number of cyber-attacks and stricter acts on personal information protection on a global level, the OMRON Group has been working to restructure its information security management system globally. In fiscal 2017, OMRON launched cyber security integrated meetings and CSIRT*2 system on a global level, strengthening its measures against cyber-attacks.
As for internal fraud risks, the OMRON Group periodically offers training for executives and employees based on the OMRON Group Rules for Ethical Conduct, which specifies action guidelines for legal and regulatory compliance. This is intended to promote business practices with fairness and integrity across the OMRON Group. In every October, which the Group sets as the Corporate Ethics Month, CEO delivers message globally. In fiscal 2017, the number of languages to translate the message into was increased notably. Also, global major sites carried out their own education programs. In this way, the OMRON Group acted more locally to enhance ethical awareness of executives and employees.
- *1 RBA: Responsible Business Alliance. Renamed from EICC in October 2017. Global CSR alliance working on ethical issues in supply chain and other issues.
- *2 CSIRT: Computer Security Incident Response Team
Whistle-blower system
- Basic Policy
- Integrated Risk Management Framework
- Initiatives
- Whistle-blower system
Implementing whistle-blower system globally based on fair treatment and guaranteed protection of whistle-blowers
The OMRON Group implements a whistle-blower system as the framework for monitoring ethical conduct across the Group.
Whistle-blowers are accepted widely from OMRON Group executives, employees and temporary staff, as well as their families and suppliers. Besides handling whistle-blowers at a dedicated department within the company, an external law firm is also commissioned to accept reports from whistleblowers. Outside Japan as well, whistle-blower systems are available at major sites in the regions of the Americas, Europe, Greater China, Korea, and Asia, and are implemented in the same manner as in Japan.
Regarding the implementation of the whistle-blower system, the internal regulations clearly state strict maintenance of security and protection of whistleblowers from any detrimental treatment. OMRON also informs employees of the availability of the hotline through bulletin boards and during employee training.
In fiscal 2017, a total of 43 whistle-blowing reports were made in Japan, and 54 abroad. This shows steady global penetration and proper functioning of the whistle-blower system.
