Internal Control System

Epson's Management Philosophy outlines the vital business principles to which the global Epson Group is committed, while Epson's Principles of Corporate Behavior describes the conduct required to live up to these principles. Epson has established the basic concept of internal control in the Basic Internal Control System Policy, and is taking action to steadily improve internal control across the entire Group.

Group Governance

The Epson Group is managed based on the concept: global consolidated responsibility of product-based divisions; and global responsibility of the Head Office supervisory functions. The head of the business operations divisions take the responsibility for the business execution systems of subsidiaries. And the head of Head Office supervisory sections take the responsibility for Group-level corporate functions. With this system, Epson strives to streamline operations throughout the Epson Group, including subsidiaries.

Compliance and Risk Management

Epson's goal is to continuously create value that exceeds customer expectations while building trust with all stakeholders based on the company's Management Philosophy. To maintain and strengthen this trust, Epson seeks to increase management transparency and fairness and effectively manage compliance through faster decision-making. There were no legal or regulatory violations subject to disclosure in FY2021, nor were there fines or settlements subject to reporting in audited financial statements.

Compliance Organization

As an advisory body to the Board of Directors, the Compliance Committee is made up of five outside directors and one director who is a full-time member of the Audit & Supervisory Committee. It is chaired by the full-time member of the Audit & Supervisory Committee, and supervises business affairs by discussing important compliance activities and making reports and suggestions to the Board of Directors. The Chief Compliance Officer (CCO) supervises and monitors the execution of all compliance operations, including that of the president, and periodically reports the state of compliance affairs to the Compliance Committee. The Regional Chief Compliance Officers (R-CCOs) assist the CCO as instructed by the CCO in order to promote effective compliance activities that take into account local laws, business practices and other societal demands. They promote and enforce compliance in their respective subsidiaries within the scope of their responsibilities. The CCO and R-CCOs periodically hold R-CCO meetings to discuss important matters relating to compliance activities at subsidiaries. In addition, a compliance control department monitors compliance in general, making corrections and adjustments as needed to enhance the completeness and effectiveness of compliance activities.

The compliance organization is defined in the Epson Group Compliance Basic Regulation.

Whistleblowing Systems and Reporting Channels

Epson provides reporting channels to obtain information from officers, regular employees, contract employees, and temporary workers to quickly call our attention to potential compliance problems that might go undetected. We set up a process for escalating reports of concern. The basic rules for whistleblowing systems, such as the need to strictly manage information contained in reports, forbid reprisals against whistleblowers, and protect anonymity, are set forth in Principles of Corporate Behavior and the Epson Group Whistleblowing Systems Regulation. Seiko Epson and all the Group companies provide reporting channels based on them. Whistleblowing systems comply with the laws and regulations of each country and region. They are available in Group companies in their local language.

Reporting channels are prescribed in the Epson Global Code of Conduct and accessible on the intranet. We inform officers, employees, and temporary workers about the channels and urge their use through Compliance Month activities every October and online courses.

In addition, Seiko Epson and all the Group companies have set up Supplier whistleblowing systems to receive reports from suppliers and other third parties. Suppliers are notified about supplier whistleblowing systems at supplier conferences and are encouraged to use them.

Whistleblowing system use and reports received in the Epson Group are reported regularly to the Board of Directors, Audit & Supervisory Committee, Compliance Committee, and Corporate Strategy Council. The identity of whistleblowers is kept confidential.

Support System in Japan

Epson has set up two types of Epson Helpline reporting channels. One type is operated internally. The other is operated by a third-party provider. Officers, employees, and temporary workers in domestic Group companies can use either type of channel to report their concerns. Instructions for using Epson Helplines are provided in a user manual posted on the company intranet. Trainings and other opportunities also cover helpline use. Reports can be lodged by e-mail or phone 24 hours a day, 365 days a year. We investigate reports from whistleblowers and take corrective action as needed. We have been taking the initiative in developing the whistleblowing system since establishing the first reporting channels for employees and temporary workers in conjunction with the enforcement of the Whistleblower Protection Act in 2006. In compliance with the amended Whistleblower Protection Act that came into force in June 2022, we are taking further action to establish internal systems under which we designate personnel to be engaged in receiving whistleblowing reports and that enable the company to respond to such reports from employees and temporary workers up to one year after leaving the company.

Our reporting channels in Japan received 93 reports, an increase of 15 over the previous fiscal year. Whistleblowers reported possible cases of internal rule violations, misconduct, and lawbreaking. Epson responded appropriately to each of these reports. Aside from Epson Helplines, we set up advisory services for specific concerns for officers, employees, and temporary workers. This helps us to maintain and operate an environment that makes it easier to seek advice.

Counseling and Support Services in Japan

Harassment counseling Management advisory service Counseling related to overwork and long working hours
Career counseling Employment counseling for persons with disabilities Diversity counseling
Women's health counseling Employee counseling Corruption (bribery) regulations advisory service
Competition laws advisory service Insider trading advisory service

Support System Outside Japan

All overseas Group companies have set up reporting channels that allow officers, employees and temporary workers to report. Each reporting channel complies with local laws and regulations. Information contained in reports is strictly protected and reprisals against whistleblowers are prohibited. Reports may be made anonymously.

We have also introduced an Epson Executive Compliance Hotline, a global reporting system that Epson uses to directly receive compliance-related reports involving executives in subsidiaries outside Japan. The system helps us to improve the completeness and effectiveness of the reporting system in the Epson Group.

Risk Management

The president of Seiko Epson acts as the Chief Risk Management Officer in the Epson Group, including subsidiaries. Group-wide risks are globally managed by Head Office supervisory departments with the cooperation of the operations divisions and subsidiaries. Risks unique to an individual business are managed by the Chief Operating Officer of that business, including at subsidiaries consolidated under them. The Seiko Epson risk management department monitors overall risk management in the Epson Group, makes corrections and adjustments thereto, and ensures the effectiveness of risk management programs.

The risk management organization is defined in the Epson Group Risk Management Basic Regulation.

Epson identifies business operations risks, business ethics risks, such as participation in bribery and cartels, and other serious risks that could materially impact the company. Epson evaluates these risks using The Committee of Sponsoring Organizations (COSO) and ISO 31000 as guides and sets priorities.
- Risks that could have serious adverse effects on Epson Group management are considered "serious Group-wide risks."
- Risks that could have serious adverse effects on business operations are considered "serious business risks."
- Risks that could have serious adverse effects on subsidiaries' management are considered "serious Group company risks."

Epson drafts and executes plans to control these serious risks and periodically monitors plan progress. The company also strives to ensure control plan effectiveness by evaluating serious Group-wide risks every quarter, evaluating serious business risks and serious Group company risks every six months, and revising the plans as needed. The president of Seiko Epson reports important risk management affairs to the Board of Directors quarterly.

Crisis Management

Epson has a standing Crisis Management Committee. The committee is chaired by the president. The general administrative manager in charge of risk management serves as vice-chair. The rest of the committee is made up of the general administrative managers of supervisory departments at the Head Office. An organization and a predetermined crisis management program are in place to enable us to rapidly mount an initial response in a crisis.

Epson responded to COVID-19 by invoking the Crisis Management Committee in accordance with the provisions of the crisis management program and, under the direction of top management, ascertained the situation at our global sites, issued specific instructions, and took actions according to the severity of local outbreaks. Measures were deployed to prevent infection and ensure the safety of Group personnel and their families, prevent the spread of infections, and the continuity of business.

The Crisis Management Committee regularly reports the situation to executive management, including outside directors, as well as to the Corporate Strategy Council and the Board of Directors.

Supply Chain Business Continuity Management

Each business in the Epson Group formulates a business continuity plan (BCP). BCPs are intended to ensure that the business fulfills its responsibility to supply products and services and minimizes its losses in the event of a disaster, accident, outbreak of emerging infectious disease, or other disruption in the supply chain. Epson also implements supply chain business continuity management (BCM) to ensure that these BCPs are properly maintained and improved.

The Epson Group's Supply Chain BCM

To establish a more robust supply chain, one that can withstand the challenges that tend to arise with increasing sophistication and complexity, we have established a basic strategy of distributing functions, securing alternatives, and increasing resilience. We have divided the functions into five categories and are addressing the priorities that have been set for each.

Functions Initiatives
Suppliers Acting on suppliers to enhance their own supply continuity capabilities by, for example, evaluating their emergency response capabilities and their safety management
Procurement Multi-sourcing, securing alternative sources for procured goods, executing long-term procurement contracts, strengthening partnerships, and maintaining inventory of parts and raw materials * Applies to direct materials and parts and to indirect materials
Production Strengthening the distributed production organization, increasing the resilience of facilities, strengthening measures to prevent the spread of infectious diseases, and securing product inventories
Sales Maintaining operations sites, human resources, and an IT backup system
Logistics Securing space on ships by strengthening relationships with shipping companies, improving the accuracy of shipping plan management, and securing multiple logistics modes and methods (carriers, transportation routes, and warehousing functions)

Schematic Diagram of the BCP

The vertical axis on this graph shows the operating level while the horizontal axis is recovery time. In an emergency, the operating level declines and stays at that level for a period of time. However, implementing actions in the BCM enable a business to keep the operating level as high as possible even in an emergency or enable it to quickly restore operations in the event of a shutdown.

Responding to Supply Chain Risks

  1. Production
    As COVID-19 infections spread, operations at the Epson Group's production sites either stopped or were slowed due to lockdowns or surges in worker infections and PCR testing. Our factories took steps to protect employees, first and foremost, and to stabilize operations by rearranging layouts to alleviate crowding and stepping up testing and vaccinations. We are also distributing production of key products at multiple sites to ensure that we are able to fulfill our responsibility to supply products.
  2. Procurement
    There is a global shortage of semiconductors and electronic parts due to a combination of factors, including US-China friction, the pandemic, and disasters at key manufacturers' sites. In addition, a protracted war in Ukraine could affect the procurement of raw materials and noble gases by parts manufacturers. Epson is working to secure parts and indirect materials by strengthening relationships with suppliers, multi-sourcing, and switching to alternative products. Moving forward, we will further stabilize procurement by increasing the visibility of our parts and raw materials supply chain and by forging strategic partnerships with suppliers.
  3. Logistics
    A rise in the number of people staying home due to COVID-19 helped to drive demand for goods so high that it exceeded shipping capacity. This created a serious shortage of space and shipping containers, schedule delays, and skyrocketing freight charges, especially in international ocean freight. Epson is trying to secure long-distance shipping by cooperating with the production sites to manage the volume of shipments and speed up dispatch and by strengthening ties with shipping companies. We will attempt to stabilize our logistics operations through partnerships with shipping companies, improved container loading efficiency, and greater shipment uniformity.

Internal Audits

The internal audit department conducts audits in accordance with a code of conduct to check for compliance and corporate ethics violations and to facilitate self-directed internal control at all Group divisions as well as subsidiaries and related organizations in Japan and overseas. Audits are used to check compliance and the effectiveness and efficiency of these units' risk management, internal controls, and governance processes. If problems are found, the internal audit department helps minimize business risks by conducting a follow-up audit to check the status of improvements. To ensure effective Group governance, the internal audit department also centrally oversees internal audits throughout the Group in collaboration with auditing departments at regional headquarters in Europe, the Americas, China, and Southeast Asia.

Each year, the units to be audited are chosen by assessing the risk at each division and each subsidiary and related organization in Japan and overseas. Then an auditing cycle is set that is designed for effectiveness and efficiency. Audits are then performed systematically. In the 2021 fiscal year, the internal audit department audited 19 business units and provided them with concrete advice on correcting 60 observed nonconformities. In the 2022 fiscal year, business units were grouped into 71 organizations. The internal audit department conducted risk assessments on the groups, selected the units to be audited, and is performing the audits.

Internal Controls over Financial Reporting

Every year, we audit internal controls to ensure the reliability of financial reporting (J-SOX). The Epson Group uses an autonomous distributed implementation system in which operations divisions and subsidiaries subject to external audits conduct a self-assessment on the design and operation of their internal controls, while the J-SOX Compliance Department ensures the validity of the assessment results. Operations divisions, subsidiaries, and affiliates not subject to external audits are required to independently assess their internal controls and make such improvements as are necessary.