Compliance and Risk Management Structure
The Hoshizaki Group defines its compliance and risk management structure as follows. All Hoshizaki Group employees are made aware of the guidance in the “Hoshizaki Compliance Handbook.”
- Hoshizaki shall establish and thoroughly publicize the “Hoshizaki Corporate Philosophy,” the “Compliance Regulations,” and other rules to constantly make the Directors and employees aware of compliance with laws, regulations, and the Articles of Incorporation in the execution of their duties.
- Hoshizaki shall establish the Compliance and Risk Management Committee in order to maintain and improve the internal control system and develop the compliance structure.
- A Director shall promptly report to the Audit & Supervisory Committee and the Board of Directors in the event that he or she discovers an activity in violation of laws, regulations, or the Articles of Incorporation. Group companies shall promptly report to auditors and directors, and relay this report to the Audit & Supervisory Committee of HOSHIZAKI CORPORATION.
- An internal reporting system shall be established as a reporting system for employees in the event that an employee discovers an activity in violation of laws, regulations, or the Articles of Incorporation.
- Hoshizaki shall work to firmly exclude anti-social forces by refusing all involvement with them, confronting any undue demands from anti-social forces in a forceful and resolute manner, and coordinating with the police and other external experts.
The “Compliance Regulations” apply not only to HOSHIZAKI CORPORATION but also to the entire Group. In accordance with the “Compliance Regulations,” the “Compliance and Risk Management Committee (“the Committee”)” is chaired by the Representative Director, President & COO of HOSHIZAKI CORPORATION. Hoshizaki's Legal Affairs Department acts as the Committee's secretariat and plans and formulates general compliance initiatives, and in order to ensure that the decisions of the Committee are carried out, the Executive Officer in charge of the legal affairs is appointed as the Chief Compliance and Risk Management Officer. In addition, each division and Group company has a Compliance and Risk Management Manager and Deputy Manager.
The Committee also defines the basic compliance policy of the Hoshizaki Group as follows. The policy and the “Hoshizaki Corporate Philosophy” are described in the “Hoshizaki Compliance Handbook,” ensuring that all executives and employees of the Hoshizaki Group are aware of these as a code of conduct.
Basic Compliance Policy
The Hoshizaki Group will
- Always recognize the importance of the social responsibility and public mission the corporate group has with respect to food environments and strive to establish unwavering trust from society through sound and appropriate business operations.
- Endeavor to proactively and fairly disclose accurate information (product and corporate), strive for broad communication with society, and devote ourselves to transparent management that can be evaluated by society.
- Strictly comply with laws and regulations and carry out honest and fair corporate activities that do not violate social norms.
- Have a sense of duty as a good citizen with a strong sense of ethics that can be applied in the international community and will contribute to the development of the economy and society at home and abroad.
- Take a firm stance against anti-social forces that threaten the order and safety of civil society, a stance we never compromise on.
In addition to the above policies, the “Hoshizaki Compliance Handbook” also includes “Compliance Regulations,” “Risk Management Regulations,” and “Internal Reporting Regulations,” and sets forth specific action guidelines and common rules regarding matters such as insider trading controls and harassment prevention.
This Compliance Handbook is distributed in booklet form to all executives and employees of the Hoshizaki Group and also used as a text for the Group’s compliance training. It has been translated into 14 languages including English and is distributed to the overseas Group companies as well. We will continue to strengthen our compliance with annual compliance training for all executives and employees.
<Compliance and Risk Management Structure>
The Hoshizaki Group distributes the "Hoshizaki Compliance Handbook" to all employees and conducts compliance training once a year to promote compliance throughout the company.
In fiscal 2020, the Legal Affairs Department was established to further strengthen governance and compliance, while the Group transitioned to a system under which compliance training is provided by the Legal Affairs Department to manager-level employees of the sales companies and Group companies. By taking advantage of a “cascading system,” by which the managers who received the training, in turn, teach their subordinates, we have been proactively and simultaneously encouraging learning by the managers as well as understanding by their subordinates. Additionally, we have been carrying out initiatives to raise the employees’ awareness of compliance by conducting training utilizing group work that deals with situations that might actually occur in practice.
In fiscal 2020, harassment prevention became a legal requirement for enterprises in Japan. We responded by conducting training for all employees on themes such as “the prevention of harassment.” We also re-informed the employees of cases in which internal reporting becomes necessary and about the protection of whistleblowers.
Overseas, we assigned overseas management officers to each base to strengthen our regional control functions, and support the establishment of compliance at each Group company through the cooperation of the head office and the regional headquarters.
Internal Reporting System
The Hoshizaki Group has established an internal reporting system. The whistleblower can choose to report to the Legal Affairs Department, which serves as the internal reporting desk, or to an external reporting desk, that is, the attorney-at-law other than in-house counsel, depending on the content of the report or consultation. Each case that is reported under the internal reporting system is considered by the “Internal Reporting Study Meeting” and measures are taken accordingly. The results of such measures are reported to the Compliance and Risk Management Committee and the Management Meeting.
The “Internal Reporting Study Meeting” consists of a standing committee comprising one Director and three Executive Officers, and other members. A female advisory group also takes part to allow for deliberations from a more diverse perspective.
Strengthening the Internal Management System
In October 2018, inappropriate activities came to light at HOSHIZAKI TOKAI, a consolidated subsidiary of Hoshizaki. A subsequent investigation by an internal investigative committee and a third-party committee revealed inappropriate transactions and cases relating to internal controls at HOSHIZAKI TOKAI and several other consolidated subsidiaries. Based on the recommendations by the third-party committee to prevent such inappropriate activities from recurring, Hoshizaki formulated comprehensive compliance and internal control reinforcement measures in May 2019, incorporating measures to remediate the significant deficiencies in internal controls, and has been making efforts to reinforce internal controls centering on the following six initiatives. As a result of these efforts to improve internal controls, significant deficiencies in internal controls that require disclosure had been resolved as of December 31, 2019. Hoshizaki, in the “Internal Control Report” dated March 26, 2020, disclosed that internal controls were functioning effectively. We are continuing to make ongoing and effective efforts to strengthen our internal management system.
- Establishment of an optimal governance method for the Group companies
- Addition of internal control items and the adoption of IT in preparation for the future
- Establishment of group risk management functions
- Revision of the target management and personnel systems for domestic sales companies
- Optimization of the management functions of Hoshizaki and its Group companies
- Development of an education system that contributes to the strengthening of compliance and internal controls
Risk Management System
The Hoshizaki Group has determined the following with regard to risk management. The Group also identifies and assesses the Group's risk in an effort to strengthen the Group's risk management. We also plan and execute measures in each of these areas.
- The Hoshizaki Group shall set forth the “Risk Management Regulations” as the basis for its risk management system, appoint managers for the management of each type of risk, and establish a risk management system in accordance with the regulations.
- The Board of Directors and other meeting bodies shall monitor the status of risk management and establish an oversight system by coordinating with the Audit & Supervisory Committee and the Internal Audit Office.
Responses at the Time of Major Disasters (BCP)
On April 1, 2010, Toyoake City in Aichi Prefecture, where Hoshizaki’s Head Office Plant is located, was designated an “Area under Intensified Measures against Tokai Earthquake Disaster.” In response, Hoshizaki’s Head Office Plant established a “BCP Formulation System,” a “System to Promote the Operation of BCP Under Normal Conditions,” and a “System for Invoking BCP During Emergencies,” headed by the President as the manager, as well as developing a system for coordinating with neighboring companies toward the early recovery of regional industries.
The Hoshizaki Group information security classifications are outlined in the “Information Management Regulations.” Information security management is carried out by the Information System Department.
Our domestic sales companies have appointed one or more persons at each company to promote IT. A system has been established in which the Information System Department is alerted in the event of an information security incident to prevent information leaks and other risks.
Hoshizaki has introduced a 24/7 external surveillance service to counter cyberattacks.
In fiscal 2020, we transitioned to a cloud system and implemented measures to improve security.
At our overseas bases, companies with IT divisions are practicing information security management on levels similar to that of our domestic Group companies, while overseas companies without IT divisions are improving security by coordinating with local vendors.
Employee education and enlightenment
As part of our compliance education, we provide information security education to all employees.
We also improve our employees' security awareness by conducting “targeted email attack drills” on our employees each year.
Information security when out of the office
We have adopted a system that allows the tracking of computers and other devices through GPS when our sales or service representatives take them out of the office. Furthermore, if a device is lost, the system is capable of shutting it off from the network and deleting information remotely.
Management of personal information
Personal information is managed in accordance with the separate Personal Information Protection Policy. In order to prevent information leaks, we prohibit the use of USB flash drives or other external memory devices, and keep a log of all emails and attachments sent from our systems in order to prepare for contingencies.
No major leaks of personal information have occurred at the Hoshizaki Group to date.
Initiatives to Prevent Corruption
The Hoshizaki Group, in accordance with its internal anti-bribery rules, prohibits all acts of bribery and thoroughly enforces compliance with relevant laws regarding transactions with public agencies and political donations. Going forward, Hoshizaki will continue to make efforts to prevent misconduct by carrying out anti-bribery training, in addition to education on the code of conduct.
Intellectual Property Rights
The Hoshizaki Group endeavors to prevent the infringement of intellectual property rights by having our design and intellectual property departments conduct prior investigations ahead of the launch of its products, etc., to ensure that the products, etc., the Group provides do not infringe the patents or other intellectual property rights of other companies.
The Group has concluded advisory agreements with patent offices with expertise in intellectual property laws and conducts appraisals and the like to confirm that the intellectual property rights of other companies are not infringed.