Compliance and Risk Management

Basic Approach of Compliance and Risk Management

At the Fujifilm Group, the following four steps have been implemented in the STPD (See-Think-Plan-Do) cycle in the drive to maintain and increase awareness of employees’ compliance.

With the growing speed of social change, our previous business experience and accumulated knowledge no longer apply to a growing range of our business activities. For this reason, the Fujifilm Group has upgraded its existing approach to PDCA and established STPD (See-Think-Plan-Do) independently to facilitate action from new perspectives.

See phase is to assess conditions both inside and outside the company from social conditions, reports received etc./Think phase is to analyze information and consider points to be strengthened/Plan phase is to conduct awareness survey, etc. to confirm the effectiveness of measures/Do phase is to declaration of compliance with the Charter of Corporate Behavior and Code of Conduct by all officers and employees, etc.

Promotion of Compliance and Risk Management

Promotion Structure

The Fujifilm Group appoints officers in charge of compliance and risk management at each of its operating companies and group companies, and implements a variety of measures to penetrate the spirit of an “open, fair and clear” corporate culture throughout the Group. Status on implementation of these measures is reported regularly from each company to the ESG Committee of FUJIFILM Holdings via the ESG Division, and from the ESG committee to the Board of Directors. The Board of Directors is responsible for supervising compliance and risk management for the entire Group. The Board also provides direction and advice on the report from the ESG Committee appropriately to assure the effectiveness of the processes. Furthermore, the Audit & Supervisory Board conducts audits to ensure that the internal control systems are functioning appropriately.

Fujifilm Group Compliance and Risk Management System

Compliance Promotion Policy

We have formulated the Fujifilm Group Charter for Corporate Behavior and Code of Conduct as the basic policies of the corporate activities. With these policies, we strive to ensure our activities to be carried out in compliance with laws and social ethics, as well as to communicate the priority of compliance in business operations to all employees of the Fujifilm Group through  Compliance Statement.

  • Charter for Corporate Behavior
    Document defining the corporate philosophy and principles that are to be regarded as important for the entire Fujifilm Group and to be complied with by all Group companies and their employees.
  • Code of Conduct
    Document establishing what action each employee should take in their daily operations when implementing the Fujifilm Group’s business activities.
Fujifilm Group Charter for Corporate Behavior
Fujifilm Group Code of Conduct

Risk Management Promotion Policy

The Fujifilm Group employs Risk Management Regulations that specify the group-wide basic policy and risk management system. Based on these regulations, we identify the tasks required to counter various risks related to our business and are fully prepared to make appropriate responses in the event of a critical incident.

The decision-making process for priority risks

The Fujifilm Group has identified 60 items as risks that are likely to have a significant impact on the business management and has organized them into five areas: strategy risks, financial and taxation risks, operation risks, natural disasters & infectious diseases, and climate change. Each risk has been evaluated quantitatively based on the level of the impact multiplied by the occurrence probability. Priority risks that require preferential action are decided by the ESG Committee, and the action status on these risks is reported to the Board of Directors semiannually.

Priority risk issues that are related to our groupwide business environment are deliberated on and approved by the ESG Committee each year. 

Read initiatives for compliance and risk management

Priority risks in FY2023

We recognize that the following major risks might affect our financial condition and the results of our business operations.

On the page for Risks on business. etc. of the Yuka Shoken Hokokusho, in addition to the following items, economic risks such as loss of business opportunities are described.

Annual Securities Report Yuka Shoken Houkokusho (In Japanese only)
Risk Items Status of Action
Information security (cyberattacks, confidential data leakage & personal information leakage) To reinforce measures against cyberattacks, installation of sensors to monitor the behavior of PCs, servers and development of a global scale security surveillance centers have been completed.
Rising prices and shortfalls in raw and other materials Procurement from multiple origins for raw and other materials used in priority businesses and products.
Geopolitical risks The manufacturing, development and marketing sites of the Group, as well as our suppliers, are distributed across various countries. The latest information on conditions is collected, and instructions on employee safety, asset protection and economic activities decided as part of the risk management system. The instructions are delivered promptly to minimize damage.
Large-scale natural disasters Risk assessment, monitoring and BCP development have been conducted for each business site and supply chain.
Climate change risks Low-carbon investments are made by reducing CO2 emissions in the product lifecycle, developing manufacturing methods with low environmental impact and the internal carbon pricing scheme.
Reinforcement of chemical substances management Strict regulation requirements are likely to lead to prohibition of the use of existing raw materials. We recognize that PFAS control is a priority issue and plan to minimize the impact by developing substitute or alternative materials.
Corruption and bribery Due to the strict restrictions and the government approval required in the healthcare business, corruption poses a high risk. Preventive measures will be strengthened, chiefly through employee education and monitoring middlemen through outside vendors.
Pandemic and infectious diseases To reduce the impact of infectious diseases spreading through the business, each organization has developed its own BCP for comprehensive prevention of infection within the organization.
Fires and accidents Knowledge and skills on handling chemical substances and facility safety are employed to implement measures to prevent fires and explosions.
Product liability and product defect In the healthcare business, problems with product quality pose risks that lead to customers experiencing health hazards. Accidents are prevented through product design and quality assurance.
Fraud by executive officers or employees Fraud is prevented through the development and appropriate implementation of internal control. Monitoring is also carried out for early detection and prevention.

Report and Response in case of crisis

Any crisis that takes place in a Group company is handled by the Compliance and Risk Management Promotion Structure and in accordance with our risk management regulations. When found, it is reported to each operating company and ESG Division of FUJIFILM Holdings, and at the same time addressed swiftly to prevent further propagation of the risk. If a potentially critical incident occurs, it is immediately reported to the ESG Committee for assessment and to determine the response to the issue.

Each operating company supervises the execution of recurrence prevention measures at the Group company in question. At the same time the operating company shares the incident details and the relevant preventative measures among its Group companies to avoid recurrence of the same or similar incidents.

Serving as Secretariat, the ESG Division of FUJIFILM Holdings reports incidents received through our operating companies to the ESG Committee and at the same time takes action to strengthen and promote risk management for the entire Group, based on the information received.

In the event of a serious incident, reports to the ESG Committee do not only include a summary of the incident, but also detailed information. We monitor the effectiveness of risk management in the Group through such information reports from the ESG Division to the Directors and Auditors in every quarter.

Milestones in Compliance and Risk Management

Since 1997, the Fujifilm Group has been committed to the establishment and enhancement of compliance and risk management frameworks at each group company. After introducing a holding company system in 2006, we have been actively implementing initiatives for both domestic and overseas sites at the entire group level.

Topics in FY2021

Initiatives to Raise Employees’ Awareness and Monitoring

  • Providing education on the Fujifilm Group Charter for Corporate Behavior and Code of Conduct at a global level and obtaining Declaration of Compliance (Fujifilm Group)
  • Implementation of Fraud prevention Training and discussions at each workplace for domestic executive officers and employees (Fujifilm Group)
  • Dissemination of an educational video from the General Manager of Compliance Division to domestic employees in order to prevent fraud and misconduct (FUJIFILM Business Innovation and its subsidiaries)
  • Implementation of briefing sessions in Japan on key countermeasures against cyber-attacks, in order to raise awareness of information security (Fujifilm Group)
  • Implementation of briefing sessions in Japan on the detailed operation of the newly formulated Global Classified Information Management Regulations (Fujifilm Group)
  • Implementation of training on Personal Information Management (e-learning) and briefing sessions for personal information managers in Japan, prior to the enforcement of the Amended Act on the Protection of Personal Information on April 1, 2022 (Fujifilm Group)
  • Appointment of employees who handle whistleblowing issues in each domestic organization and implementation of briefing sessions, prior to the enforcement of the Amended Whistleblower Protection Act on June 1, 2022 (Fujifilm Group)
  • Provision of education on the Fujifilm Group Global Healthcare Code of Conduct at a global level for employees working in the Healthcare business (FUJIFILM and its subsidiaries)
  • Provision of education on healthcare-specific laws and regulations for domestic employees working in the Healthcare business (FUJIFILM and its subsidiaries)

Establishment of Organizations, Frameworks and Systems

  • Establishment of a risk manager system in each domestic and overseas organization in order to strengthen risk management (FUJIFILM Business Innovation and its subsidiaries)
  • Establishment of a system to comply with pharmaceutical laws and regulations in each domestic organization, based on the Amended Pharmaceutical and Medical Device Act of August 1, 2021 (FUJIFILM and its subsidiaries)
  • Establishment of a personal information manager system in each domestic organization in order to strengthen the protection of personal information (FUJIFILM and its subsidiaries)
  • Establishment of a system in each domestic organization where the person in charge of EPA (Economic Partnership Agreement) serves as the leader, in order to ensure the proper application and operation of EPA (FUJIFILM and its subsidiaries)

Enforcement of Charters, Codes and Regulations

  • Formulation of the Global Classified Information Management Regulations (Fujifilm Group)
  • Formulation of the Global Personal Information Management Regulations (Fujifilm Group)
  • Formulation of the Fujifilm Group Compliance Helpline Operational Policy (Fujifilm Group domestic companies)
  • Formulation of the Fujifilm Group Import Control Regulations (Fujifilm Group domestic companies)
  • Formulation of the Fujifilm Group EPA Management Regulations (Fujifilm Group domestic companies)
Past Initiatives (FY1997 - FY2022)

Plans and Activities Relating to Compliance and Risk Management

CSR Plan
CSR Activity Reports