Internal Control System
- Group Governance
- Compliance and Risk Management
- Risk Management
- Supply Chain Business Continuity Management
- Internal Audits
- Internal Controls over Financial Reporting
The entire Epson Group embraces “the Epson Way”, which was founded on Epson’s Management Philosophy. Epson also established “the Basic Internal Control System Policy” to help ensure that operations across the Group are conducted appropriately in line with the Epson Way, and Seiko Epson is committed to steadily improving the overall level of the Group.
The Epson Group is managed based on the concept: global consolidated responsibility of product-based divisions; and global responsibility of the Head Office supervisory functions. The head of the business operations divisions take the responsibility for the business execution systems of subsidiaries. And the head of Head Office supervisory sections take the responsibility for Group-level corporate functions. With this system, Epson strives to streamline operations throughout the Epson Group, including subsidiaries.
Compliance and Risk Management
Epson's goal is to continuously create value that exceeds customer expectations while building trust with all stakeholders based on the “Epson Way.” To maintain and strengthen this trust, Epson seeks to increase management transparency and fairness and effectively manage compliance through faster decision-making. There were no legal or regulatory violations subject to disclosure in FY2022, nor were there fines or settlements subject to reporting in audited financial statements.
As an advisory body to the Board of Directors, the Compliance Committee is made up of six outside directors and one director who is a full-time member of the Audit & Supervisory Committee. It is chaired by the full-time member of the Audit & Supervisory Committee, and supervises business affairs by discussing important compliance activities and making reports and suggestions to the Board of Directors. The Chief Compliance Officer (CCO) supervises and monitors the execution of all compliance operations, including that of the president, and periodically reports the state of compliance affairs to the Compliance Committee. The Regional Chief Compliance Officers (R-CCOs) assist the CCO as instructed by the CCO in order to promote effective compliance activities that take into account local laws, business practices and other societal demands. They promote and enforce compliance in their respective subsidiaries within the scope of their responsibilities. The CCO and R-CCOs periodically hold R-CCO meetings to discuss important matters relating to compliance activities at subsidiaries. In addition, a compliance control department monitors compliance in general, making corrections and adjustments as needed to enhance the completeness and effectiveness of compliance activities.
The compliance organization is defined in the Epson Group Compliance Basic Regulation.
Whistleblowing Systems and Reporting Channels
Epson provides reporting channels to obtain information from officers, regular employees, contract employees, and temporary workers to quickly call our attention to potential compliance problems that might go undetected. We set up a process for escalating reports of concern. The basic rules for whistleblowing systems, such as the need to strictly manage information contained in reports, forbid reprisals against whistleblowers, and protect anonymity, are set forth in Principles of Corporate Behavior and the Epson Group Whistleblowing Systems Regulation. Seiko Epson and all the Group companies, including in the Americas, Europe, China, and Southeast Asia, provide reporting channels based on them. Whistleblowing systems comply with the laws and regulations of each country and region, including, in Japan, the Whistleblower Protection Act. They are available in Group companies in their local language.
Reporting channels are prescribed in the Epson Global Code of Conduct and accessible on the intranet. We inform officers, employees, and temporary workers about the channels and urge their use through Compliance Month activities every October and online courses.
In addition, Seiko Epson and all Epson Group companies around the world have set up supplier whistleblowing systems to receive reports from suppliers and other external business partners. As with Epson’s internal reporting channels, the information contained in reports is strictly protected, reprisals against whistleblowers are prohibited, and anonymity is ensured. Suppliers and other external business partners are notified about supplier whistleblowing systems in written supplier guidelines and at supplier conferences and are encouraged to use them.
Whistleblowing system use and reports received in the Epson Group are reported regularly to the Board of Directors, Audit & Supervisory Committee, Compliance Committee, and Corporate Management Council. The identity of whistleblowers is kept confidential.
Supplier Whistleblowing System
Support System in Japan
Epson has set up two types of Epson Helpline reporting channels. One type is operated internally. The other is operated by a third-party provider. Officers, employees, and temporary workers in domestic Group companies can use either type of channel to report their concerns. Instructions for using Epson Helplines are provided in a user manual posted on the company intranet. Trainings and other opportunities also cover helpline use. Reports can be lodged by e-mail or phone 24 hours a day, 365 days a year. We investigate reports from whistleblowers and take corrective action as needed. We have been taking the initiative in developing the whistleblowing system since establishing the first reporting channels for employees and temporary workers in conjunction with the enforcement of the Whistleblower Protection Act in 2006. In compliance with the amended Whistleblower Protection Act that came into force in June 2022, we are taking further action to establish and operate internal systems under which we designate personnel to be engaged in receiving whistleblowing reports and that enable the company to respond to such reports from employees and temporary workers up to one year after leaving the company.
Our reporting channels in Japan received 114 reports in the 2022 fiscal year (ended March 31, 2023), an increase of 21 over the previous fiscal year. Whistleblowers reported possible cases of internal rule violations, misconduct, and lawbreaking. Epson responded appropriately to each of these reports. Aside from Epson Helplines, we set up advisory services for specific concerns for officers, employees, and temporary workers. This helps us to maintain and operate an environment that makes it easier to seek advice.
Counseling and Support Services in Japan
|Management advisory service
|Counseling related to overwork and long working hours
|Women's health counseling
|Corruption (bribery) regulations & Competition laws advisory service
|Insider trading advisory service
Support System Outside Japan
All overseas Group companies, including in the Americas, Europe, China, and Southeast Asia, have set up reporting channels that allow officers, employees and temporary workers to report. Each reporting channel complies with local laws and regulations. Information contained in reports is strictly protected and reprisals against whistleblowers are prohibited. Reports may be made anonymously.
We have also introduced an Epson Executive Compliance Hotline, a global reporting system that Epson uses to directly receive compliance-related reports involving executives in subsidiaries outside Japan. The system helps us to improve the completeness and effectiveness of the reporting system in the Epson Group.
The president of Seiko Epson acts as the Chief Risk Management Officer in the Epson Group, including subsidiaries. Group-wide risks are globally managed by Head Office supervisory departments with the cooperation of the operations divisions and subsidiaries. Risks unique to an individual business are managed by the Chief Operating Officer of that business, including at subsidiaries consolidated under them. The Seiko Epson risk management department monitors overall risk management in the Epson Group, makes corrections and adjustments thereto, and ensures the effectiveness of risk management programs.
The risk management organization is defined in the Epson Group Risk Management Basic Regulation.
Epson identifies business operations risks, business ethics risks, such as participation in bribery and cartels, and other serious risks that could materially impact the company. Epson evaluates these risks using The Committee of Sponsoring Organizations (COSO) and ISO 31000 as guides and sets priorities.
- Risks that could have serious adverse effects on Epson Group management are considered "Corporate serious risks."
- Risks that could have serious adverse effects on business operations are considered "Business serious risks."
- Risks that could have serious adverse effects on subsidiaries' management are considered "Group company serious risks".
Epson drafts and executes plans to control these serious risks and periodically monitors plan progress. The company also strives to ensure control plan effectiveness by evaluating serious Group-wide risks every quarter, evaluating serious business risks and serious Group company risks every six months, and revising the plans as needed. The president of Seiko Epson reports important risk management affairs to the Board of Directors quarterly.
Epson maintains a Crisis Management Committee structure to respond to emergency situations. The committee is chaired by the president. The general administrative manager in charge of risk management serves as vice-chair. The rest of the committee is made up of the general administrative managers of supervisory departments at the Head Office. An organization and a predetermined crisis management program are in place to enable us to rapidly mount an initial response in a crisis.
The activities of the Crisis Management Committee are regularly reported to executive management, including outside directors, through meetings of the Corporate Management Council and Board of Directors.
Supply Chain Business Continuity Management
Each business in the Epson Group formulates a business continuity plan (BCP). BCPs are intended to ensure that the business fulfills its responsibility to supply products and services and minimizes its losses in the event of a disaster, accident, outbreak of emerging infectious disease, or other disruption in the supply chain. Epson also implements supply chain business continuity management (BCM) to ensure that these BCPs are properly maintained and improved.
Supply Chain BCM
To establish a more robust supply chain, one that can withstand the challenges that tend to arise with increasing sophistication and complexity, we have established a basic strategy of distributing functions, securing alternatives, and increasing resilience. We have divided the functions into five categories and are addressing the priorities that have been set for each.
|Acting on suppliers to enhance their own supply continuity capabilities by, for example, evaluating their emergency response capabilities and their safety management
|Multi-sourcing, securing alternative sources for procured goods, executing long-term procurement contracts, strengthening partnerships, and maintaining inventory of parts and raw materials * Applies to direct materials and parts and to indirect materials
|Strengthening the distributed production organization, increasing the resilience of facilities, strengthening measures to prevent the spread of infectious diseases, and securing product inventories
|Maintaining operations sites, human resources, and an IT backup system
|Securing space on ships by strengthening relationships with shipping companies, improving the accuracy of shipping plan management, and securing multiple logistics modes and methods (carriers, transportation routes, and warehousing functions)
Schematic Diagram of the BCP
The vertical axis on this graph shows the operating level while the horizontal axis is recovery time. In an emergency, the operating level declines and stays at that level for a period of time. However, implementing actions in the BCM enable a business to keep the operating level as high as possible even in an emergency or enable it to quickly restore operations in the event of a shutdown.
Responding to Supply Chain Risks
Since 2019, global supply chains have been interrupted and disrupted by a series of challenges, not least of which were the COVID-19 pandemic along with chip and shipping container shortages. However, in 2022, the pandemic began to recede, and countries around the world began resuming normal social and economic activities. Moreover, challenges such as semiconductor and shipping container shortages have significantly eased as market conditions improved. Still, the conflict in Ukraine, the global geopolitical situation, disasters, and other supply chain risks have not been resolved. If anything, they have increased and become more serious. Epson is addressing these risks by taking the actions described below.
In preparation for future outbreaks of infectious disease, we have established preventive guidelines to protect our employees–our top priority–and to minimize the impact on production.
To fulfill our product supply obligations, we are moving toward geographically distributed. We are also increasing the resilience of all our production facilities, particularly the domestic Japanese factories responsible for manufacturing the core components of each of our businesses.
We are gathering more in-depth supply chain information and enhancing our ability to detect risks. Furthermore, we will implement effective, practical procurement risk avoidance measures (preventive measures) to ensure stable material procurement.
We will secure multiple sourcing options, expand the evaluation of alternative products, keep BCP inventory, and strengthen relationships with partners to achieve these objectives.
In addition to further strengthening partner relationships, we will increase the visualization of logistics, improve the communication and coordination of information between manufacturing sites and sales sites, and deliver goods to meet the demands of our customers.
We will diversify the means and modes of distribution, including transport routes, ocean and air freight, and warehouse facilities. Additionally, we will continue to improve product loading efficiency in all businesses, mitigate logistics risks, improve logistics efficiency, and minimize environmental impact.
The internal audit department conducts audits in accordance with a code of conduct to check for compliance and corporate ethics violations and to facilitate self-directed internal control at all Group divisions as well as subsidiaries and related organizations in Japan and overseas. Audits are used to check compliance and the effectiveness and efficiency of these units' risk management, internal controls, and governance processes. If problems are found, the internal audit department helps minimize business risks by conducting a follow-up audit to check the status of improvements. To ensure effective Group governance, the internal audit department also centrally oversees internal audits throughout the Group in collaboration with auditing departments at regional headquarters in Europe, the Americas, China, and Southeast Asia.
Each year, the units to be audited are chosen by assessing the risk at each division and each subsidiary and related organization in Japan and overseas. Then an auditing cycle is set that is designed for effectiveness and efficiency. Audits are then performed systematically. In the 2022 fiscal year, the internal audit department audited 16 business units and provided them with concrete advice on correcting 51 observed nonconformities. In the 2023 fiscal year, business units were grouped into 75 organizations. The internal audit department conducted risk assessments on the groups, selected the units to be audited, and is performing the audits.
Internal Controls over Financial Reporting
Every year, we audit internal controls to ensure the reliability of financial reporting (J-SOX). The Epson Group uses an autonomous distributed implementation system in which operations divisions and subsidiaries subject to external audits conduct a self-assessment on the design and operation of their internal controls, while the J-SOX Compliance Department ensures the validity of the assessment results. Operations divisions, subsidiaries, and affiliates not subject to external audits are required to independently assess their internal controls and make such improvements as are necessary.