Risk Management and Compliance

Transcription

1 Risk Management and Compliance Our Risk Management & Compliance Committee plays a central role in our commitment to advancing risk management, both in times of emergency and normal circumstances. Through our philosophy that advancing risk management is our corporate social responsibility, we are committed to managing risk more efficiently. Basic Risk Management Policy The materialization of any significant risk at the company may not only damage our management resources (people, physical and financial assets, and information), but also adversely affect our stakeholders (e.g., customers, suppliers, alliance firms, partner companies, shareholders, local communities and employees). Any resulting loss of stakeholder trust or public reputation could leave the company severely damaged. We formulated the following Basic Risk Management Policy to effectively respond to this risk and ensure the continuity and sustainable growth of our business. In line with this policy we are creating our risk management system and pursuing effective risk management activities to reduce significant risks and minimize loss in the event any risk materializes. Basic Risk Management Policy 1. We prevent and reduce risks in order to ensure the quality and safety of our products and services, protect the lives and safety of our employees and their families, and earn greater trust from our stakeholders. 2. We create a system to appropriately manage a wide range of risks associated with our business activities. 3. We promote risk management through a plan-do-check-act cycle. 4. We quickly and appropriately deal with risks as they are identified. 5. In collaboration with group companies we build a system for immediately detecting new risks arising from changes in our business environment and for quickly and appropriately dealing with risks at the group level. Risk Management System Our president has ultimate responsibility for risk management. The officer in charge of risk management (officer in charge of the General Affairs Department) is appointed by the president and presides over and runs the Risk Management & Compliance Committee in order to advance organized and planned risk management activities. The committee plays a core role in our risk management system. In addition to advancing company-wide risk management activities based on PDCA cycles, the committee studies and proposes the creation and revision of risk management rules, and gives instructions for advancing the awareness and education of employees. We strive to counter risks in a fine-grained way. Working groups and other bodies are also created under this committee as needed in order to prevent and respond to foreseen risks. Each business site has an officer responsible for risk management and compliance and a risk management and compliance promoter, who carry out such duties as promoting specific initiatives relating to risk management. Each group company also has an officer responsible for risk management and compliance and a risk management and compliance promoter, and each of them is supported by the Risk Management & Compliance Committee. Risk Management System (Compliance Promotion System) Ultimate responsibility: President Officer in charge: Officer in charge of General Affairs Department Risk Management & Compliance Committee Chair: Officer in charge (Officer in charge of General Affairs Department) Members: Managers of business sites of headquarters Annual action plans for risk management Business sites of headquarters (including Research Center), plants, branches Officers responsible for risk management and compliance Risk management and compliance promoters Employees Identify and evaluate risks Group companies Officers responsible for risk management and compliance Risk management and compliance promoters Employees Risk management practices and education Evaluation system (Audit system) Secretariat: General Affairs Department Whistleblower Program Whistleblower Program on status of risk countermeasures TAIHEIYO CEMENT CSR REPORT

2 Risk Management and Compliance Activities One of the key roles of the Risk Management & Compliance Committee is to develop and discuss annual company-wide action plans for risk management and compliance activities, which form the basis for annual action planning by officers responsible for risk management and compliance at individual business sites, enabling the entire company to work together to reduce risks through PDCA cycles. Each business site develops its annual action plan using the results of an independent review of its activities. The committee reviews the action plans and the status of self checks conducted by each business site to continuously improve risk management. In fiscal 2011 we conducted risk management and compliance activities to boost the risk management and compliance promotion system throughout the company, including the group companies, further broaden and deepen awareness of compliance, respond quickly and appropriately to crises, and provide support during emergencies. Promotion of Compliance Our Business Principles pledge that we will act in strict compliance with the law and in accordance with societal mores. Fully aware that compliance is the foundation of CSR management, we are committed to ensuring compliance with a focus on employee education and awareness raising. Basic Compliance Policy In March 2005 we published a Basic Compliance Policy and simultaneously created compliance rules. We do not limit our definition of compliance to legal compliance; our definition includes compliance with the social mores from which our laws originate, the mission and business principles of our group and internal regulations. Basic Compliance Policy (Summary) Compliance with the Mission, Business Principles and social norms Maintaining internal systems and rules and ensuring broad-based awareness of them Cooperation with all group companies and promotion of educational activities Working out appropriate responses and policies for occurrence of problems Timely and appropriate disclosure and communication of necessary information Compliance with international standards and rules, and respect for local cultures and customs Rejection of corrupt and unfair requests from antisocial influences or organizations Compliance Promotion Activities Under the leadership of the Risk Management & Compliance Committee we conduct integrated promotional activities for risk management and compliance. In compliance education we conduct various training programs by organizational level and training for officers and promoters responsible for risk management and compliance in the group companies (held on October 28, 2011 with 87 attendees from 86 companies) to broaden and deepen awareness of compliance. We have also developed curriculum materials that draw upon actual case studies from other companies for circuit training and for training risk management and compliance promoters of group companies. In addition, we implemented an e-learning program in fiscal 2011 for all employees to instill awareness of our Standard of Conduct. Group Legal Round Tables Since fiscal 2005 we have been holding round-table discussions attended by management and legal affairs representatives from our group companies. These discussions provide opportunities to share legal information (including revisions to laws) in order to further our understanding of major laws relating to corporate management and to assist in the creation of our group s compliance regime. In fiscal 2011 we discussed the following issues. Fiscal 2011 Group Legal Round Tables Date Number of Attendees Topics 16th October 28, companies 108 people Revised edition of the Antimonopoly Law Compliance Manual Case study of power and sexual harassment and points to keep in mind when dealing with these issues 28 TAIHEIYO CEMENT CSR REPORT 2012

3 Risk Management and Compliance Whistleblower Program In August 2005 we created a compliance hotline in accordance with the newly enacted Whistleblower Protection Act. We have whistleblower hotlines, both internally (at the CSR Group of our General Affairs Department) and externally (at a law firm). Our internal hotline is located in a dedicated locked room that is only accessible to hotline staff. It is equipped with dedicated phone and fax lines, and a computer with a dedicated address. We have created regulations so that whistleblowers who use the program are not subject to unfavorable treatment. No reports were made in fiscal Whistleblower Program Illegal action Discovered Survey follow-up Whistleblower Protection Internal hotline External hotline Business Continuity Plan General Affairs Department Instruction Officer in charge of General Affairs Department Our Business Continuity Plan (BCP) is developed by the Risk Management & Compliance Committee, and risk management actions are conducted using a PDCA cycle on a regular basis. In fiscal 2011, as in previous years, we focused on raising the level of our initial response and business continuity readiness at our plants and branch offices through the dissemination of Guidelines for Handling Earthquake Damage, which was distributed to enable more effective response to future earthquake disasters as well as provide an update of existing regulations. As part of this activity we held a briefing session on the Disaster Communication System for department managers and conducted demonstrations and hands-on training in August To prepare for a potential outbreak of a new influenza virus we have continued working on formulating our Emergency Response Manual and Action Plan for New Influenza Virus, which describes a risk management system for each phase, from initial outbreak to widespread dissemination of influenza, as well as actions we should take in each phase. In addition, we interviewed relevant departments toward potentially introducing telecommuting. Instruction President Information Security Our Information Security Management Regulations are the basic regulations of our information security management system. We have created an Information Security Management Regime in accordance with these regulations and we actively work to maintain information security under this regime. In fiscal 2011 we conducted training on activating our backup center in response to a disaster, introduced thin client network environments to sales staff to prevent information leakage and promoted employee awareness of information security. We are also conducting PDCA cycles in which we identify issues that are not being dealt with in a timely manner and implement remedial actions after reviewing the results of the Information Security Survey we conduct across the entire group. Information Security Structure CSR Management Committee (Ultimate responsibility for information security: President) Information Security Committee Officer in charge of information security Director of information security Information Security Survey scores for entire group Scores with 2006 as the base year (2006 = ) (FY) 125 Business sites Risk management officer (business site manager) Information handling officer (operations department managers/ selected individuals) TAIHEIYO CEMENT CSR REPORT

4 Protection and Use of Intellectual Property Number of Domestic Patent Applications by Segment (Taiheiyo Cement Corporation) Intellectual Property Policy Our fundamental intellectual property policy is to contribute to the profitability of the Taiheiyo Cement Group by enhancing collaborations with our business and R&D divisions and managing intellectual property activities in line with their respective strategies. Intellectual Property Management System The Intellectual Property Department assigns its personnel to our headquarters and the R&D Center. At the R&D Center we assign representatives of the Intellectual Property Department to each R&D focus area to identify inventions and work toward filing quality, unassailable patent applications. In addition, intellectual property promoters are assigned to business divisions, the administrative division of the headquarters and the R&D Center. We periodically hold joint meetings of the Intellectual Property Department with other divisions as well as intellectual property promoters meetings. During these sessions and meetings we confirm our intellectual property strategies and exchange ideas to ensure close communication between the Intellectual Property Department and other divisions. In addition, we regularly convene members in charge of intellectual property at key group companies to exchange information and conduct study meetings. We also provide guidance for their respective business categories to promote IP activities in the group companies. Outline of Our Intellectual Property As of the end of fiscal 2011 the company (non-consolidated) had filed 900 patent applications and owned 957, bringing total group-owned patents to about 1,500. The following table summarizes the growth in the number of domestic patent applications by segment and the ratio of domestic patents owned by the company in each segment. The cement segment accounts for the largest share of patents owned by the company. However, over the past several years the share of patent applications in the environmental and mineral resources segments has been growing. The number of these applications in the mineral resources segment particularly increased in fiscal 2011, in line with our business and R&D strategies Risk Management for Intellectual Property Our acquisition and control of intellectual property is conducted under the Intellectual Property Strategy Guidelines. These we formulated based on the Guideline for Acquisition and Control of Intellectual Property (the Ministry of Economy, Trade and Industry) to make sure that the implementation of intellectual property strategies corresponds with the reality of our individual businesses. The management of intellectual property, including pending patent applications, is handled through a centrally controlled database by the Intellectual Property Department. On a daily basis we strive to prevent patent infringements through the circulation of SDI* information, a monitoring and patent review service. We are also increasing employee awareness through in-house training, as described in the following section. To both manage trade secrets and prevent technology leaks, we formulated and enforce Risk Management Rules, Information Security Management Regulations, and Document Management Rules. As a safeguard against technology leaks, we developed and implemented our Know-how Judgment Guidelines in fiscal 2007 to support decisions on applying for patents and maintaining trade secrets. Others 10% Ceramics and Electronics 28% Construction Materials 10% Cement Environment Mineral Resources Construction Materials Ceramics and Electronics Others Total 957 patents Domestic Patents by Segment (Taiheiyo Cement Corporation) 205 Cement 30% Mineral Resources 2% Environment 19% (FY) 30 TAIHEIYO CEMENT CSR REPORT 2012

5 Risk Management and Compliance In addition, our corporate rules include a Rule on the Handling of Intellectual Property Rights, which describes a system of performance compensation as an incentive for inventors. In line with the revision of article 35 of the Patent Act, which defines employee invention, we reviewed the Rule on Handling of Intellectual Property Rights and implemented a new rule in April The second performance compensation was paid to inventors under the new rule in We have instructed group companies to reinforce rules for handling intellectual property rights and ensure agreements are made for the transfer of rights with each inventor, which, for the most part, were completed. * SDI (Selected Dissemination Information): A service for searching for patents with specific conditions that regularly delivers relevant patent information Training and Awareness raising To raise awareness of intellectual property the company encourages employees, especially members of the research division and the technology development division, to take the Intellectual Property Management Skills Test, a national licensing examination. Other employee training efforts include workshops held by the Japan Intellectual Property Association in addition to in-house training (introduction to intellectual property, patent description writing, preventing patent rights infringement, etc.) at our R&D Center and headquarters. We conducted training at our branches in fiscal 2008 and at our plants in fiscal 2011 to raise branch and plant employee awareness about intellectual property and instructed them about the risks of infringing rights and how to detect potential infringement of our rights by competitors. Employees from group companies also attend these in-house sessions. We further enhance IP management and the capability of the group to make use of intellectual property through various activities including information exchange gatherings and study meetings for employees who are in charge of intellectual property. We launched an intranet portal site, managed by the Intellectual Property Department, in April Its goals were to boost recognition of department activities and to reinforce awareness of intellectual property across the company by providing employees with a tool for easily accessing a variety of IP information. In-house Training Held by the Intellectual Property Department (Level) High Prevention of patent rights infringement training Low Patent search training Patent description writing training Introductory training Plant and branch training New recruits Mid-level engineers Leaders Managers Licensing Activities While the company primarily conducts R&D to ensure competitive business advantages, it also proactively licenses useful technologies to other companies. Of course, the company also licenses technologies from other enterprises that are likely to contribute to business. The company s licensing balance (licensing revenue minus expenditure) has remained at around 200 million yen for the past several years and was approximately 200 million yen in fiscal TAIHEIYO CEMENT CSR REPORT