OMRON’s global promotion of compliance and risk management through integrated risk management initiatives
In a basic policy for the establishment of an internal control system, compliance and risk management in the OMRON Group is defined as follows:
The OMRON Group integrates compliance and risk management.
In promoting the integrated risk management framework, the Senior General Manager of the Global Risk Management and Legal HQ (GRL Manager) is in charge. The framework is summarized in the OMRON Group Rules for Integrated Risk Management, which GRL is in charge of, that clarify the position within the Group management.
To promote risk management activities in which management and employees on the frontline work together, risk managers are appointed (approximately 160 people) at each headquarters department, business divisions, regional headquarters outside Japan, and each group company worldwide. Using a global network, risk information is shared on a daily basis, and measures to deal with risks are discussed in a timely manner.
The three main activities are as follows:
In order to promote ethical practices and risk management, we have established a Corporate Ethics and Risk Management Committee, which is chaired by the GRL Manager and consists of key risk managers, and generally meets four times a year. The status of Integrated Risk Management activities is reported to the Executive Council and the Board of Directors as appropriate.
The OMRON Group has established the OMRON Group Management Policy and OMRON Group Rules as the foundation for fair and transparent management.
The OMRON Group Management Policy sets forth the policies for organizational management in the OMRON Group based on our corporate philosophy, so that employees with diverse values can think and act autonomously under a global sense of unity.
The OMRON Group Rules (OGR) are common rules for the OMRON Group that stipulate matters to be observed in order to realize the OMRON Group Management Policy. OGR is systematized by the OGR Management Rules and was established for major functions such as the OMRON Group Rules for Integrated Risk Management, accounting and finance, human resources, information security, and quality assurance. The rules are reviewed annually to ensure that changes in the internal and external environment are reflected in the rules in an appropriate and timely manner.
The OMRON Group considers corporate ethics and compliance to be one of its most important issues. In order to practice Socially Responsible Corporate Management, we have established the OMRON Group Rules for Ethical Conduct, which provide specific guidelines of conduct for directors and employees, in 25 languages.
We regard education and awareness-raising activities for directors and employees as the basis for promoting and ensuring corporate ethics and compliance, and we provide ongoing education through new employee training, position-based training, and other opportunities. In the employee performance appraisal process, we integrate ethical aspects such as compliance to OMRON Group Rules for Ethical conduct. We require employees to practice our corporate philosophy and assess how they act with integrity and trust. We give them feedback on evaluation results, and link the evaluations with their remuneration.
In addition to establishing the Corporate Ethics and Risk Management Committee as an organization to promote corporate ethics and compliance, we have designated October of each year as Corporate Ethics Month to educate employees on strict adherence to corporate ethics and compliance. We distribute top management messages to directors and employees on a global level, disseminate the OMRON Group Rules, which are the Group's common management foundation, provide compliance and risk education on the top themes such as cartel prevention, anti-bribery, greenwashing and AI, and raise awareness of the Whistleblower Hotline.
The OMRON Group Rules of Ethical Conduct stipulate fair trade and compliance with laws and regulations, and in particular prohibit cartels and other anti-competitive behavior, as well as bribery of public officials and others in and outside of Japan. It also prohibits entertainment and gift-giving in excess of moderation, even with business partners and related parties. In fiscal 2023, there were no cases of legal actions against anti-competitive behaviors, bribery-related violations, or sanctions.
The Information Disclosure Executive Committee convened regular meetings in order to ensure the accuracy, timeliness and completeness of disclosures, while trainings were held for the prevention of insider trading.
In fiscal 2023, there were no insider trading-related cases that we received legal actions or violations, or sanctions.
Based on the OMRON Group Rules for Integrated Risk Management, the OMRON Group identifies and analyzes risks related to the Group from a global perspective every year, and designates important risks at the Executive Council.
At its quarterly meetings, the Corporate Ethics and Risk Management Committee discusses and shares information on the occurrence of significant risks, environmental changes, and the status of risk mitigation measures. It also conducts a group-wide risk assessment to systematically promote initiatives.
In “SF2030,” the OMRON Group aims to solve social issues that arise in the transition to a new social and economic system. To this end, we are committed to creating value for society in our business domains and addressing sustainability issues as part of our business plan. We are currently implementing structural reforms under the Structural Reform Program NEXT2025, which runs from April 2024 to September 2025. We consider the key factors that must be addressed in the execution of these efforts to be risks.
In operating our group, we have identified the following two significant Group risks. S Rank: Risks of utmost importance to the operation of the Group, which may jeopardize its survival or bring severe social liability, A Rank: Risks that impede the achievement of important group goals. We monitor the implementation of measures and changes in the risk situation. If the Group does not take appropriate measures for the significant Group risks, it will incur serious social responsibility. It could also lead to the failure of business strategy, resulting in the loss of corporate value.
Themes of significant Group risks based on the OMRON Group’s risk analysis conducted at the end of fiscal 2023 are presented in the table below. We will pay particular attention to risks associated with the implementation of NEXT2025, such as optimization of the business portfolio and the headcount and capacity of personnel, as well as group governance and compliance risks that may arise as we seek to accelerate business operations and improve profitability.
For risk categories which the group focuses most on, we specify risk scenarios and response measures in Annual Securities Report, ‘Risks of Business, etc.’ section.
In case of crisis, if at all, we pursue “bad news first” rule by immediately reporting such risk to the appropriate level according to our Integrated Risk Management Rules. We have a central monitoring system in place to completely keep track of every stage, from reports received to necessary measures taken, in order to make sure to prevent recurrence.
The ideal structure for us at the OMRON Group is the one in which our front lines and management work together to solve issues arising from changes in the environment that cannot be addressed by those on the front lines alone. Accordingly, we have created the OMRON Risk Book – Risk Scenario 100 - a business risk casebook aimed at using previous case examples to look forward, and have been sharing with the management as an awareness-raising tool. The Group members who have never experienced the cases on their own learn from the lessons, and this is how we raise our risk sensitivity on a daily basis.
For IT systems and information security risks, the Cybersecurity Executive Officer organizes the Group under the supervision of the Cybersecurity Director of the Board. The Executive Officer leads each of Head Office Administrative Division Managers, who are responsible for controlling and managing three categories: information security; product security; compliance with laws and regulations, and risk management.
In addition, the Board of Directors sets "risk responses in times of uncertainty" as one of its focus themes, with "strengthening cybersecurity" as a key supervision aspect. This is how the Board monitors and supervises the cybersecurity issues and measures to realize stronger cybersecurity.
Regarding information security, the head of Global Business Process and IT Innovation HQ - the Managing Executive Officer, Senior General Manager of the HQ - serves as the Group Information Security Officer, supervising the overall status of information security management in the OMRON Group. Underneath, Information Security Responsible Department is responsible for grasping the overall status of information security management in the OMRON Group and planning and promoting the overall measures necessary for the OMRON Group.
For product security, as part of product quality assurance, the Product Security Department has been established. The Department is under the supervisory of the head of Global Procurement, Quality and Logistics HQ, who is the Managing Executive Officer, Senior General Manager of the HQ.
Similarly, regarding compliance with laws and regulations, and risk management, the head of Global Risk Management and Legal HQ - the Executive Officer, Senior General Manager of the HQ – is responsible for the issues. Under the Officer, the affiliated departments monitor the latest trends in laws and regulations of each country, to promote necessary measures.
For cross-sectional issues, the Cybersecurity Integration Conference is held as necessary to solve the issues. The Conference is chaired by the Cybersecurity Executive Officer, and is supervised by the Cybersecurity Director.
At the OMRON Group, should we have cybersecurity beaches in and out of Japan, we report the cases to the CSIRT (Computer Security Incident Response Team) located in Japan.
In fiscal 2023, there were no serious incidents that affected our business.
The OMRON Group Rules for Ethical Conduct stipulate the appropriate protection and management of information. We have established the OMRON Group Rules Concerning Personal Information, and have established management measures for the acquisition, use, and disposal of information according to its rank of importance. We are also promoting necessary measures by keeping abreast of trends in laws and regulations in various countries concerning the protection of personal information and the status of the OMRON Group.
In fiscal 2023, there were no incidents or accidents related to personal information that required public disclosure, following the guidance from regulatory authorities, or violations of laws or regulations.
In order to ensure the soundness and efficiency of organizational operations, the OMRON Group's Global Internal Auditing HQ (GIA) conducts regular internal audits based on the Basic Policy for the Maintenance of Internal Control Systems.
In addition to regular department-level internal audits, GIA also leads group-wide initiatives: listing countermeasures, monitoring and other activities in relation to the “significant Group risks” drawn up by the Corporate Ethics & Risk Management Committee; visualizing residual risks for the Company as a whole; conducting theme audits centered on the status of governance by the head office for the material risks selected from the list. Theme audits categories include export management and protection of personal information.
The OMRON Group has a whistleblowing system in place to monitor if corporate ethics and compliance are working.
We accept reports of any conduct that violates or may violate the OMRON Group Rules of Ethical Conduct, employment regulations, or laws and ordinances. Our internal rules require strict confidentiality and prohibit retaliatory action as a result of reporting or maintaining secrecy. Information about the Whistleblower Hotline is disseminated through the intranet and internal training programs.
In Japan, we accept notifications from OMRON Corporation and its group companies’ executives and employees, and temporary employees, as well as families, retired personnel, suppliers and on-site contract workers. Besides handling whistleblower reports by a dedicated department within the company, we also have an external law firm commissioned to accept reports from whistleblowers. A whistleblower system is also available outside Japan, with contact desks in place at major sites in the Americas, Europe, Greater China, Korea, and Asia. This system is operated in accordance with the rules in Japan.
Furthermore, we have established operational guidelines to comply with the amended Whistleblower Protection Act, which came into effect in Japan in June 2022. Globally, we are establishing a system to accept reports from suppliers in all regions starting from the fiscal 2023, aiming to enhance continuous operational improvements.
We consider the number of whistleblowing cases to be one of the indicators of the effectiveness of the whistleblower system, and regard it as appropriate to have a certain number of reported cases. The number of reports were down during fiscal 2019 and 2020, due to the impact of COVID-19 pandemic, and saw increase in the following year, to record-high of 106 reports in fiscal 2023.
The most frequent reports were related to power harassment, followed by possible violation of regulations or rules, and labour management.
Examples of actions taken include warnings to individuals engaging in micro-management, reassessment and strengthening of controls for operations with problems or vulnerabilities. For serious cases, we take disciplinary actions to make improvements and prevent recurrence.
| FY2019 | FY2020 | FY2021 | FY2022 | FY2023 | |
|---|---|---|---|---|---|
| Japan | 27 | 23 | 39 | 30 | 29 |
| Outside Japan | 30 | 11 | 27 | 54 | 77 |
| Total | 57 | 34 | 66 | 84 | 106 |
When any conduct is found to be in violation of the OMRON Group Rules of Ethical Conduct, employment regulations, internal rules, or laws and regulations, the Company takes disciplinary actions and other strict measures, in accordance with the employment regulations and other rules established by each company at the OMRON Group. Violations are integrated into personnel appraisal, and are linked to employee remuneration.
In fiscal 2023, there were three significant disciplinary actions reported to the Board of Directors.
By proposing solutions through participations in various business and industry associations, OMRON contributes to achieving a sustainable society.
| Name of organization | Activities and OMRON’s engagement |
|---|---|
| Japan Electrical Manufacturers' Association (JEMA) | The Japan Electrical Manufacturers' Association (JEMA) consists of major Japanese companies in the electrical industry including: power & industrial systems, home appliances and related industries. JEMA will contribute to sustainable global development through improvement and enhancement of social and living infrastructures by strengthening international competitiveness of Japanese electrical machinery equipment industry. To realize our vision, JEMA will provide further development and problem solutions to Japanese electrical machinery by fulfilling our mission and role with the three key words, “Leadership”, “Innovation” and “Globalization”. OMRON is involved in the operation of this association as a director. |
| Japan Electronics and Information Technology Industries Association (JEITA) | The Japan Electronics and Information Technology Industries Association (JEITA) is one of Japan's largest industry associations that aims to create a platform that connects various stakeholders centered on the IT and electronics industries in order to solve social issues for Society 5.0. JEITA cooperates with member companies, the government, and related organizations to solve social issues such as carbon neutrality, strengthen competitiveness, and create markets, further revitalize the Japanese economy, and contribute to future society and lifestyles. As a member of this association, OMRON works with other member companies to obtain information on trends in countries around the world related to the electronic components industry and to create regulations and rules. |
| Nippon Electric Control Equipment Industries Association (NECA) | The Nippon Electric Control Equipment Industries Association (NECA) is a private voluntary organization promoting the growth of the electric control equipment fields, and aims to solve social issues through conducting surveys, research, drafting standards regarding electric control equipment, and implementing safety measures for the use of the equipment. As a vice chair, OMRON is involved in the operation of this association. Besides, members in the Industrial Automation Division and the Device & Module Solutions Division belong to the Technical Committee and the Business Affairs Committee, and revise and establish IEC standards, compile and analyze statistical data on shipment and orders for electric control equipment, forecast demands, and acquire information on market trends and economic situation and so on. |
| KEIDANREN (Japan Business Federation) | KEIDANREN (Japan Business Federation) is a comprehensive economic organization with a membership comprised of 1,542 representative companies of Japan, 106 nationwide industrial associations and the regional economic organizations for all 47 prefectures (As of April 1, 2024). It establishes consensus in the business community on a variety of important domestic and international issues for their steady and prompt resolution, and strives for the resolution of international issues and the development of closer economic relations with various countries through policy dialogue with the governments and economic associations of each country as well as international organizations. As a chair of the Committee on Supply Chains, OMRON is committed to achieving a supply chain that leads to industrial resilience, including promoting digitalization. |
| KEIZAI DOYUKAI (Japan Association of Corporate Executives) | DOYUKAI is a private, nonprofit, nonpartisan organization that was founded in 1946 with an aim to contribute to reconstructing Japan's economy. each member sheds her/his corporate identity and participates as an individual, free to express opinions and ideas unconstrained by the interest of any specific company or industry. Fumio Tateishi, an honorary advisor of OMRON, is a member and is involved in various committee activities. |
