Compliance and Risk Management
Everlasting spirit of foundation
"Xerox is made up of a group of enthusiastic, revolutionary people. They believe not only in profit or success in business, but also in the responsibility to provide services that have value for the customers. They want to serve society, and that service will become a source of self-respect." These were the word of Joseph C. Wilson, Chief Executive Officer, when the company started business as Xerox
In the current trend where corporate social responsibilities are more spreading over enterprise, we are required to conduct moderate business activities from perspective of society and stakeholders.
Upon establishment, Fuji Xerox management was full of spirit to build up a company here in Japan like Xerox with passion, stimulated by innovation of Xerox which played a social role with the supreme idea. Since then, Fuji Xerox has created its corporate culture to discuss and pursue candidly what the right action is and what responsibilities of a corporation to society are.
Furthermore, taking an opportunity as we expanded our business areas, we established our "Mission Statement" and "Shared Values" in 1998 (redefined in 2019) to share common values among colleagues across the globe with diverse cultures and to support global activities. "Shared Values" naturally include "High Ethical Standards" as its composition.
"High Ethical Standards" are the most fundamental values for Fuji Xerox and its affiliates.
Compliance and Risk Management Structure
Based on the idea that compliance promotion and risk management are closely related, Fuji Xerox has established the Compliance & Risk Management Department (CP&RM Department) in April 2018 to oversee compliance promotion and risk management activities.
Each affiliated company of Fuji Xerox has also established its compliance and risk management systems to efficiently and effectively promote measures to maintain and improve compliance on both perspectives of appropriate actions required in all corporate activities and risks that could impede these appropriate actions.
This organizational structure ensures risk management for emergencies such as natural disasters, terrorism, and cyber-attacks, and enhances the framework for swift and appropriate organized responses in the event of an emergency.
Approach to Compliance
The general interpretation of compliance as simply adherence to regulations can frequently lead to the pitfall that everything is fine as long as we simply follow the letter of the law. The Fujifilm Group interprets compliance as the appropriate action of individuals and companies in accordance with ethical principles and common sense, in addition to observing the laws. We believe that we achieve compliance by flexibly responding with a keen sensibility to the needs of society.
Declaration of Compliance with the Code of Conduct
Annually, all executives and employees at Fuji Xerox and its affiliates go through a refresher training and declare compliance with the company’s Code of Conduct which prescribes the behavior and spirit that each person should follow.
We provide arrays of educational programs for compliance management, including the training for new employees and newly appointed managers, as well as basic legal education (e-learning) for general employees.
Fuji Xerox and its affiliates have established points of contact for consultations and reports from executives and employees about any perceived compliance-related matters, in order to prevent compliance-related problems from arising, and to detect them and respond to them at an early stage.
This procedure would promptly address matters at hand, triggered by consultation and reporting in relation to compliance to ensure better corporate culture and a healthy workplace environment.
Fuji Xerox accepts any compliance-related inquiries from its business partners in regard to the transactions with Fuji Xerox and its affiliates.
Business Partner Compliance Helpline
Approach to Risk Management
Fuji Xerox and its affiliates believe that risk management is "to control identified risks to prevent them from materializing and to manage generated crises (emergency situations) to bring them to an end and to prevent them from recurring."
To prevent crises and ensure proactive risk management in our business operations, we engage into precautionary actions, such as early risk extraction, assessment, implementation of countermeasures, monitoring and enhancement in any areas of improvement.
Basic Policy on Risk Management
In order to maximize values for stakeholders and fulfill corporate responsibilities, Fuji Xerox and its affiliates are committed to carry out risk management based on the following policies:
- We consider risk management to be a company-wide management issue, and endeavor to manage risks in all our organizations, business activities, and operations.
- As the business environment changes, the organization would proactively identify any potential risk and put early countermeasures to prevent the realization or mitigate its impact.
- We establish a procedure for a swift process in reporting any information of a potential and existing risks.
- Through the continuous training and constant communication, we aim to develop awareness of risks and strengthen the capabilities in responding to risks among our employees.
- In the event of a crisis, we forecast the maximum impact and strive to mitigate the damage and promptly recover from the damage to meet social demands.
The “Crisis Escalation Guidelines” stipulate how Fuji Xerox and its affiliates respond to any untoward event, such as accidents, disasters, scandals and other events that clearly endanger our assets, business and reputation or the lives, health and property of our associates and against which we must take urgent measures.
The guidelines clarify the rules for reporting to management. In the event of a crisis, it will be promptly reported to the management team in consideration of its materiality and impact for appropriate decision making.
Risk Management in Daily Operations
Fuji Xerox and its affiliates conduct an annual risk management assessment by setting the priority themes for the year in consideration of the changes in social conditions, the business environment and its nature, the feasibility of potential risks, and its impact on the business operations.
Specifically, all our in-house organizations including those outside Japan identify their risks and implement countermeasures. Based on the risk identification results, All-FX Risk Management Committee examines and selects significant risks and CP&RM Council determines those with the highest priority as serious managerial risks to be managed at the management level.
CP&RM Department monitors the progress of countermeasures against significant risks with necessary instructions for improvement and support. The results will be reviewed at the CP&RM Council and linked to the assessment for the next fiscal year.
Disaster Response and Business Continuity
Fuji Xerox and its affiliates are proactive in implementing wide range of countermeasures from initial response to business continuity, based on their policies for dealing with large-scale disasters.
In the event of large-scale earthquakes such as Tokyo Inland Earthquake or Nankai Trough Earthquake, forecasted to occur with a high probability of occurrence, we have been making efforts not only to prepare supplies in case a disaster would occur but also to improve the employees’ awareness of disaster prevention and establish a cross-organizational promotion system.
Action Policies for Large-Scale Disasters
Based on the following policies, Fuji Xerox and its affiliates strive to deliver ease of mind to all customers and other stakeholders.
- We respect the lives of all employees and visitors to our sites. We put priority on securing safety, including taking measures to minimize damage to our facilities in the event of a disaster and measures to protect people from disasters.
- We fulfill our social responsibilities through the delivery of products and services to customers.
- We provide support for restoration and restructuring activities in disaster-stricken areas.
For information security initiatives, please see the Information Security Report.