OMRON’s global promotion of compliance and risk management through integrated risk management initiatives
We at the OMRON Group established the Corporate Ethics and Risk Management Committee as an organization for integrated compliance and risk management. The Global Risk Management and Legal HQ is in charge of related responses, and enhances the Group's ability to respond to changes through the promotion and consistent implementation of these activities.
The OMRON Group has been working on integrated risk management under a common group framework. Become more attuned to risk and identify risks at the earliest stages in the face of a faster pace of change in the operating environment and rising levels of uncertainty.
We are working to improve the quality of our activities by implementing the PDCA cycle on a global basis to address issues arising from environmental changes that cannot be handled at workplace.
We also aim for active risk management between management and employees in the front line to solve problems.
We are working to achieve our long-term vision SF2030 to establish a system that enable the field to make risk decisions efficiently, effectively, and promptly, while preserving the company's philosophy and rules.
OMRON’s basic policies for integrated risk management are defined in the Basic Policy on Maintenance of Internal Control System resolved by the Board of Directors as follows:
The integrated risk management framework clarifies the position of risk management in group management. The OMRON Group summarize them in internal rules (OMRON's Integrated Risk Management Rules), which are under the control of the Global Risk Management and Legal HQ. To promote global activities between management and employees, risk managers are selected within each headquarters department, each business division, each overseas region, and within each Group company (approximately 160 people).
We have established a Corporate Ethics and Risk Management Committee (in principle, the committee meets four times a year), which is composed of risk managers. In addition, we implement the following measures through the Emergency Response Headquarters, which is set up in the event of a crisis. We regularly reported to the Executive Council and the Board of Directors.
The three main activities are as follows:
In our long-term vision SF2030, the OMRON Group aims to solve social issues that arise in the transition to a new social and economic system. To this end, we are committed to transformation of business and transformation of corporate management and organizational capability based on the factors that influence social issues. We consider the key factors that must be addressed in the execution of these efforts to be risks.
For major risks, we regularly (at least once a year) conduct comprehensive analyses of expected actual risk cases that have occurred, and rank these risks accordingly.
We have identified the following two significant Group risks. S Rank: Risks of utmost importance to the operation of the Group, which may jeopardize its survival or bring severe social liability, A Rank: Risks that impede the achievement of important Group goals. We monitor the implementation of measures and changes in the risk situation.
In case of crisis, if at all, we pursue “bad news first” rule by immediately reporting such risk to the appropriate level according to our Integrated Risk Management Rules. We then centrally manage such information to be able to place a measure to prevent recurrence, tracing whether such measure worked well.
We describe risk scenarios and response measures under Business and Other Risks for risk categories which the group focuses on in particular.
The ideal structure for us at the OMRON Group is the one in which our front lines and management work together to solve issues arising from changes in the environment that cannot be addressed by those on the front lines alone. Accordingly, we have created the OMRON Risk Book – Risk Scenario 100 - a business risk casebook aimed at using previous case examples to look forward, and have been sharing with the management as an awareness-raising tool. This will use case examples from others as object lessons in increasing our sensitivity to risk.
We at the OMRON Group regard corporate ethics and compliance as one of our most important issues. To practice business management that accomplishes our social responsibility, we established and communicated the OMRON Group Rules for Ethical Conduct, which provide specific guidelines for the conduct of directors and employees.
The Corporate Ethics and Risk Management Committee meets regularly. In addition, we designate October as Corporate Ethics Month. During Corporate Ethics Month, messages are sent from top management to directors and employees, compliance education is provided on corporate ethics and compliance (including education related to cartels and other anti-competitive behavior and bribery), and the internal reporting system (whistleblowing system) is publicized.
For IT systems and information security risks, under the supervision of the Cybersecurity Director, each Head Office Administrative Division Managers are responsible for controlling and managing in each area such as information security, product security, and confidential/personal information as the Executive Officer. In addition, the Board of Directors sets "Strengthening Cybersecurity" as a supervisory perspective with " Risk Responses in times of uncertainty" as one of the priority themes. The Board of Directors monitors and supervises cybersecurity issues and initiatives for future enhancement.
Regarding information security, the Head of the Global Business Process and IT Innovation HQ, as the Group Information Security Officer, supervises the overall status of information security management in the OMRON Group. Underneath, Information Security Responsible Department is responsible for grasping the overall status of information security management in the OMRON Group and planning and promoting the overall measures necessary for the OMRON Group. For product security, as part of product quality assurance, Product Security Responsible Department has been established under the supervisory of the Head of the Global Procurement, Quality, and Logistics HQ to strengthen it. Similarly, regarding management of confidential and personal information, the Head of the Global Risk Management and Legal HQ as the person responsible, grasps the trends in laws and regulations of each country and the situation of the OMRON Group in the affiliated departments and promotes necessary measures.
Issues that are across each area are resolved by holding the Cybersecurity Integration Conference, chaired by the Cybersecurity Director, as needed.
The OMRON Group implements a Whistleblower System as the framework for monitoring ethical conduct across the Group.
In Japan, we accept notifications from a wide range of personnel, including executives, employees, and temporary employees, as well as families, retired personnel, suppliers and on-site contract workers. Besides handling whistleblower reports by a dedicated department within the company, we also have an external law firm commissioned to accept reports from whistleblowers. A whistleblower system is also available outside Japan, with contact desks in place at major sites in the Americas, Europe, Greater China, Korea, and Asia. This system is operated in accordance with the rules in Japan.
Our internal rules related to the whistleblower system clearly require strict confidentiality and prohibit retaliatory action against whistleblowers. We have established a whistleblower protection system that complies with the Whistleblower Protection Act, which was revised and enforced in Japan in June 2022. Further, we are committed to fully informing employees of the availability of the whistleblower hotline through our intranet and internal training programs.
The status of reports and consultations is as follows.
We consider the number of whistleblowing cases to be one of the indicators of the effectiveness of the whistleblower system, and regard it as appropriate to have a certain number of reported cases. The number of reports overseas varies by region, increasing and decreasing over time in general. In Japan, the number of reports increased steadily until fiscal 2018. Reports decreased beginning in fiscal 2019, partly due to the impact of COVID-19 infections and other factors. The number of reports in Japan began to increase once again in 2021.
The most frequent reports were related to power harassment, followed by labor management. These two categories account for about half of all reports.
Examples of actions taken include warnings to individuals engaging in micro-management, reviewing work operation methods, and corrective actions and guidance to supervisors for inadequate explanations and responses regarding personnel transfers.
FY2017 | FY2018 | FY2019 | FY2020 | FY2021 | |
---|---|---|---|---|---|
Japan | 43 | 44 | 27 | 23 | 39 |
Overseas | 54 | 39 | 30 | 11 | 27 |
Total | 97 | 83 | 57 | 34 | 66 |