OMRON’s global promotion of compliance and risk management through integrated risk management initiatives
Based on OMRON Group Rules for Integrated Risk Management, the OMRON Group promotes compliance and risk management at the global level. Specifically, OMRON identifies and analyzes global compliance and other Group-related risks, specifying significant risks and devising measures to deal with them.
Should a significant risk occur, the Crisis HQ will be set up to deal with that risk through an organizational approach. To quickly assess frontline risk information, the risk reporting system and Whistle-blower System are in operation.
OMRON’s basic policies for integrated risk management are defined in the Basic Policy on Maintenance of Internal Control System resolved by the Board of Directors as follows:
At the OMRON Group, the Corporate Ethics and Risk Management Committee is tasked with promoting compliance and risk management in an integral manner. Consisting of members from the OMRON global headquarters and business companies as well as regional headquarters overseas, the committee deliberates on measures on a quarterly basis for implementation.
A risk manager in charge of compliance and risk management is in place at each Group company across the world. These risk managers use OMRON’s global network to exchange risk information and quickly devise and take action in response to changes in internal and external environments by combining the efforts of frontline staff and the management team.
The progress in risk management, including initiatives to address significant risks, is regularly reported to the Executive Council and the Board.
At the same time as starting our VG2020 long-term vision formulated in 2011, we also launched our existing integrated risk management program. We are becoming more attuned to risk and confronting any risks as they emerge in the face of a faster pace of change in the operating environment and rising levels of uncertainty.
OMRON faces a variety of risks as we expand across the globe. In response, we have categorized the entire spectrum of risks that impact management and financial performance. Having categorized these risks, we then chart their interrelationships. (For details, refer to Businesses and Other Risks)
We use this framework as a link between management and the working level, in order to, alongside management, address issues that cannot be resolved at the working level. Accordingly, we have created the OMRON Risk Book – Risk Scenario 100 — a business risk casebook aimed at using previous case examples to look forward, and have shared them group-wide. This will use case examples from others as object lessons in increasing our sensitivity to risk. Additionally, our VG2.0 medium-term management plan includes measures related to business risk management that supports innovative creation.
In case of crisis, if at all, we pursue “bad news first” rule by immediately reporting such risk to the appropriate level according to the internal rules. We then centrally manage such information to be able to place a measure to prevent recurrence, tracing whether such measure worked well.
In fiscal 2019, we conducted a global risk analysis, picked out critical risks to our group, decided upon departments responsible for countermeasures, and systematically promoted initiatives to counter these risks.
Specifically, this set failure to respond to crises, global information/IT security, and quality issues as most critical risks, product compliance, geopolitical and country risks, and vulnerability of management in emerging economies as important risks.
For failure to respond to crises, we are strengthening our capabilities to respond to risks by means such as crisis communications, media response training, and rapid reputation detection through monitoring of social media.
Next, for the risk of global information/IT security, given the increasing numbers of cyberattacks in recent years and strengthened laws worldwide related to the protection of personal information, we have started to rebuild our global information security management system. OMRON considers Cyber Security as one of the most important social issues along with protection of information assets of OMRON and its customers/partners from cyber attacks, and realization of a safe and secure digitalized society through providing secure products and services. In 2017 OMRON appointed a Cyber Security Officer, an executive officer who is in charge of integrating all the cyber security related activities. This executive officer is responsible for making decisions on the related policies as well as monitoring the implementation through various initiatives. He then appoints each organization to cover each area of the initiatives and leads the discussion to solve emerging issues across the organization. In 2019, OMRON provided training sessions for all employees, implemented website vulnerability analysis and increased level of management monitoring globally.
Furthermore, for geopolitical and country risks, we keep a keen eye on diplomatic incidents occurring worldwide and on the current state of affairs, use careful scrutiny of multifaceted information to rapidly respond to trends and measures in each country, and take measures within the Group.
In response to the rapid global spread of COVID-19, we launched the Pandemic Response Headquarters in late January 2020, taking early measures to ensure employee safety and the continuity of our businesses. We coordinated with OMRON Group companies worldwide to ensure the health and safety of our employees. We have placed the highest priority on preventing the spread of COVID-19 in the communities surrounding our facilities, arranging for support materials for employees working in regulated areas, and preparing IT and other measures to expand telecommuting. We will continue to ensure the safety and security of our employees and prevent the spread of infection in local communities in anticipation of a with-COVID-19 era. In so doing, we believe we will fulfill our role in supplying our customers and meeting or social responsibilities.
The OMRON Group implements a Whistle-blower System as the framework for monitoring ethical conduct across the Group.
Such notifications are accepted from a wide range of personnel, including executives, employees, and temporary employees; their families; as well as retired personnel, suppliers and on-site contract workers. Besides handling whistle-blowers at a dedicated department within the company, an external law firm is also commissioned to accept reports from whistleblowers. Outside Japan as well, Whistle-blower Systems are available at major sites in the regions of the Americas, Europe, Greater China, Korea, and Asia, and are implemented in the same manner as in Japan.
Regarding the implementation of the Whistle-blower System, the internal rules clearly require strict confidentiality and prohibit retaliatory actions against whistleblowers. OMRON also informs employees of the availability of the hotline through bulletin boards and during employee training.
In fiscal 2019, a total of 27 whistle-blowing reports were made in Japan, and 30 abroad. This shows steady global penetration and proper functioning of the whistle-blower system.