Compliance System in the EKK Group
Given the growing importance of Group-wide compliance and risk management in the wake of diversification and globalization of corporate activities, EKK has established the Sustainability Committee and, under that, the Risk Management Subcommittee, setting up systems to continuously maintain appropriate risk management and compliance at the EKK Group. The General Manager of EKK’s Corporate Administration Division is in charge of compliance throughout the Group. We comply with key laws and regulations applicable to each respective operation by establishing units in charge of individual laws and regulations, as well as creating internal rules and regulations. Both domestic and overseas Group companies also have their own internal auditing and compliance staff.
The Group has prescribed Compliance Rules and the EKK Employee Compliance Code of Conduct based on the EKK Charter of Corporate Behavior. The Group clearly demonstrates a high-priority commitment to compliance and promotes universal knowledge of said rules and code of conduct throughout its entire workforce.
Compliance RulesWhistleblower Rules
EKK’s Compliance management activities
|Compliance Promotion Month||Whistleblowing System||Internal Audits|
|The EKK Group has designated October of every year as Compliance Promotion Month. Every October, the Group conducts consciousness-raising and educational activities on compliance, mainly domestically.||The EKK Group has set up (internally and externally accessible) internal whistleblower hotlines available to personnel of all Group companies globally. Through the hotlines, the Group aims to prevent improprieties in its business operations and gather information on legal/regulatory compliance.
Reported incidents are investigated. If an investigation reveals impropriety, corrective action is implemented organizationally.
|Internal auditors appointed by the president audit whether internal organizational units and affiliates’ operations are being executed properly and rationally.
Such activities enable effective internal audits to be conducted through periodic reporting to and discussion with Audit & Supervisory Board members. Internal audit findings are also periodically reported to the Meeting of Division Managers and the Board of Directors.
EKK formulates and implements Risk Management Policy and Risk Management Regulations on an ongoing basis to identify latent risks inherent in business activities, prevent their manifestation and effectively respond when emergencies occur.
The Risk Management Subcommittee, a body established under the Sustainability Committee, discusses Company-Wide Risk Management Annual Goals for each fiscal year in addition to identifying and assessing risks in internal departments and Group companies and promoting risk prevention on an organization-wide basis. After being reported to the Board of Directors and the Meeting of Division Managers, the goals are cascaded down to internal departments and Group companies.
Examples of Risk Management Activities
|Business Continuity Management as a Natural Disaster Countermeasure||Information Security Measures|
|The EKK Group identifies potential risks and implements risk prevention/mitigation measures to ensure business continuity even in the event of a major natural disaster such as a catastrophic earthquake, typhoon or flood.
Every plant and Group company formulates business continuity plans and conducts business continuity management activities tailored to its operations and environment and annually updates its list of identified risks. Plants and Group companies identify natural disaster and other risks that warrant particular caution and devise preventive/mitigative measures against them. The Risk Management Subcommittee, established under the Sustainability Committee, singles out risks among these that pose a major threat to business continuity and discusses risk management targets for particularly serious threats.
Additionally, the EKK Group is building a global production network that enables alternate production to be coordinated among multiple sites so that supplies of products and services to customers are not interrupted by a major natural disaster.
|EKK is strengthening the EKK Group’s information security, establishing a CSIRT (Computer Security Incident Response Team) Department.
The CSIRT Department takes the lead in information sharing and server security exercises. We are also expanding the scope of this program to include overseas group companies.
Regulations regarding information security are in place and the Group uses an online training course presented in Q&A format to increase employees’ knowledge of information security.
Through questions about the content of regulations and standards related to information security and security incidents that have occurred in recent years, we strive to disseminate the necessary knowledge, items to keep in mind during operations, and countermeasures. We also provide emergency training on IT systems.