FUJIFILM Holdings

Compliance and Risk Management

The Fujifilm Group defines “compliance” as “not only to pursue the law but to behave correctly within the framework of common sense and ethics.” Moreover, we think the promotion of compliance and the management of risk are two sides of the coin, as the lack of compliance awareness among employees would lead to grow the possible corporate risks. For this reason, the following four steps have been implemented in the PDCA (Plan-Do-Check-Act) cycle in the drive to maintain and increase awareness of compliance.

[figure]Basic Approach of Compliance and Risk Management

Promotion Structure

The Fujifilm Group appoints officers in charge of compliance and risk management at each of its operating companies and group companies, and implements a variety of measures to penetrate the spirit of an “open, fair and clear” corporate culture throughout the Group. Status on implementation of these measures is reported regularly from each company to the ESG Committee of FUJIFILM Holdings via the ESG Division, and from the ESG committee to the Board of Directors. The Board of Directors is responsible for supervising compliance and risk management for the entire Group. The Board also provides direction and advice on the report from the ESG Committee to assure the effectiveness of the processes.

Fujifilm Group Compliance and Risk Management System
[Figure]Fujifilm Group Compliance and Risk Management System

Compliance Promotion Policy

We have formulated the Fujifilm Group Charter for Corporate Behavior and Code of Conduct as the basic policies of the corporate activities. With these policies, we strive to ensure our activities to be carried out in compliance with laws and social ethics, as well as to communicate the priority of compliance in business operations to all employees of the Fujifilm Group through  Compliance Statement.

Relationship between the Fujifilm Group Corporate Philosophy/Vision and the Charter for Corporate Behavior/Code of Conduct

Risk Management Promotion Policy

Under the risk management regulations of Fujifilm Group, we identify issues for risk prevention and take action in the event of a risk incident.

To strengthen our risk prevention activities, especially in normal circumstances, we implement the following process every year on a global scale, covering all companies controlled by FUJIFILM Holdings, to identify the risks at each company and develop action plans to address them.

Risk Extraction and Process for Establishing an Action Plan
[Figure]Risk Extraction and Process for Establishing an Action Plan
Priority risks in FY2021

Please refer to the Yuka Shoken Hokokusho (Securities Report) for risk issues not listed below.

Risk item Reason for selection Countermeasures
Information security Rise in information security risks due to growth of sophisticated cyberattacks on a global scale, digitization in the Fujifilm Group (promoting DX, developing smart factories, etc.), increase in major technical data in healthcare, etc.
  • Improvements to internal rules and risk management systems
  • Thorough implementation of training in various fields
Healthcare-related Growth in the scale of the healthcare business of Fujifilm Group, FCPA violations by Japanese businesses, amendments to Japan’s Pharmaceutical Affairs Law, etc., raises the demand for more rigorous ethical behavior, transparency and fairness.
Large-scale natural disasters Possibility of a greater Tokyo earthquake and a Nankai Trough earthquake; increase in abnormal meteorological phenomena and natural disasters
Fraud and misconduct Although the number of risk reports are on the decline, stronger risk management and continued risk training are necessary.
Chemical substance management Recent reinforcement of regulations in the US and China
Export and import control Need to respond to changes in the international situation and changes in laws and regulations in the US and other countries.
Human rights and harassment Action must be taken with the global supply chain, particularly the human rights of employees of overseas suppliers.
Product safety and product liability Rise in risks with the market expanding into developing countries; expansion of regulations in those countries
Environment Enhancement of regulations to mitigate climate change; growing demand for decarbonized products
Occupational safety Growing awareness of occupational health and safety; expansion of the business that handles biological materials
Personal information protection Security control reinforced with implementation of stronger regulatory control on a global scale and amendment of the Act on the Protection of Personal Information of Japan in 2022.
Report and Response in case of crisis

Any crisis that takes place in a Group company is handled by the Compliance and Risk Management Promotion Structure and in accordance with our risk management regulations. When found, it is reported to each operating company and ESG Division of FUJIFILM Holdings, and at the same time addressed swiftly to prevent further propagation of the risk. If a potentially critical incident occurs, it is immediately reported to the ESG Committee for assessment and to determine the response to the issue.

Each operating company supervises the execution of recurrence prevention measures at the Group company in question. At the same time the operating company shares the incident details and the relevant preventative measures among its Group companies to avoid recurrence of the same or similar incidents.

Serving as Secretariat, the ESG Division of FUJIFILM Holdings reports incidents received through our operating companies to the ESG Committee and at the same time takes action to strengthen and promote risk management for the entire Group, based on the information received.

In the event of a serious incident, reports to the ESG Committee do not only include a summary of the incident, but also detailed information. We monitor the effectiveness of risk management in the Group through such information reports from the ESG Division to the Directors and Auditors in every quarter.

Milestones in Compliance and Risk Management

Since 1997, the Fujifilm Group has been committed to the establishment and enhancement of compliance and risk management frameworks at each group company. After introducing a holding company system in 2006, we have been actively implementing initiatives for both domestic and overseas sites at the entire group level.

Initiatives to Raise Employees’ Awareness and Monitoring

  • Providing education on the Fujifilm Group Charter for Corporate Behavior and Code of Conduct at a global level and obtaining Declaration of Compliance (Fujifilm Group)
  • Implementation of Fraud prevention Training and discussions at each workplace for domestic executive officers and employees (Fujifilm Group)
  • Dissemination of an educational video from the General Manager of Compliance Division to domestic employees in order to prevent fraud and misconduct (FUJIFILM Business Innovation and its subsidiaries)
  • Implementation of briefing sessions in Japan on key countermeasures against cyber-attacks, in order to raise awareness of information security (Fujifilm Group)
  • Implementation of briefing sessions in Japan on the detailed operation of the newly formulated Global Classified Information Management Regulations (Fujifilm Group)
  • Implementation of training on Personal Information Management (e-learning) and briefing sessions for personal information managers in Japan, prior to the enforcement of the Amended Act on the Protection of Personal Information on April 1, 2022 (Fujifilm Group)
  • Appointment of employees who handle whistleblowing issues in each domestic organization and implementation of briefing sessions, prior to the enforcement of the Amended Whistleblower Protection Act on June 1, 2022 (Fujifilm Group)
  • Provision of education on the Fujifilm Group Global Healthcare Code of Conduct at a global level for employees working in the Healthcare business (FUJIFILM and its subsidiaries)
  • Provision of education on healthcare-specific laws and regulations for domestic employees working in the Healthcare business (FUJIFILM and its subsidiaries)

Establishment of Organizations, Frameworks and Systems

  • Establishment of a risk manager system in each domestic and overseas organization in order to strengthen risk management (FUJIFILM Business Innovation and its subsidiaries)
  • Establishment of a system to comply with pharmaceutical laws and regulations in each domestic organization, based on the Amended Pharmaceutical and Medical Device Act of August 1, 2021 (FUJIFILM and its subsidiaries)
  • Establishment of a personal information manager system in each domestic organization in order to strengthen the protection of personal information (FUJIFILM and its subsidiaries)
  • Establishment of a system in each domestic organization where the person in charge of EPA (Economic Partnership Agreement) serves as the leader, in order to ensure the proper application and operation of EPA (FUJIFILM and its subsidiaries)

Enforcement of Charters, Codes and Regulations

  • Formulation of the Global Classified Information Management Regulations (Fujifilm Group)
  • Formulation of the Global Personal Information Management Regulations (Fujifilm Group)
  • Formulation of the Fujifilm Group Compliance Helpline Operational Policy (Fujifilm Group domestic companies)
  • Formulation of the Fujifilm Group Import Control Regulations (Fujifilm Group domestic companies)
  • Formulation of the Fujifilm Group EPA Management Regulations (Fujifilm Group domestic companies)