Displaying present location in the site.
Compliance and Risk Management
As a company engaged in the social solutions business, NEC believes earning and sustaining the trust of customers and society are by far the most important considerations. In its Principles, NEC subscribes to “Uncompromising Integrity and Respect for Human Rights,” and conducts continuous Companywide activities involving everyone from officers to employees with management firmly based on compliance. In addition, our risk management activities include properly understanding risks that have an impact on our business, and taking preventive measures efficiently and effectively, including against compliance violations.
NEC Corporation received notification of a violation of the Antimonopoly Act from the Japan Fair Trade Commission in July 2016 regarding a deal concerning telecommunications equipment for electrical power security systems with Tokyo Electric Power Co., Inc. (currently Tokyo Electric Power Company Holdings, Inc.). A further notification relating to a violation of the same act was received in February 2017 regarding (i) transactions for wireless digital emergency firefighting equipment and (ii) a deal concerning telecommunications equipment for electrical power security systems with Chubu Electric Power Co., Inc.
In order to keep these events fresh in mind and use them as a basis for reflection, we established NEC Compliance Day on November 18, being the date on which we received an on-site inspection by the Japan Fair Trade Commission, as an annual event for further underscoring the importance of compliance.
NEC considers compliance to not only mean compliance with the law, but also in the broad sense to include compliance with socially accepted norms and common sense.
In line with the key concepts of “awareness” and “information sharing,” our basic approach to implementing compliance is to foster awareness so that irregularities are clearly recognized as “being not in conformance.” In addition, we encourage consultation with and reporting to managers, related departments, or the Compliance Hotline, and sharing information with a view to resolving those issues and improving our practices systematically as an organization.
Furthermore, NEC aims to establish compliance within its corporate culture by ensuring that each officer and employee treats compliance as their own responsibility and practices conduct in accordance with the NEC Group Code of Conduct. Moreover, the Code has been translated into Japanese, English, Chinese, Portuguese, and Spanish. By promoting the Code at consolidated subsidiaries abroad, we are creating a corporate culture in Japan and abroad that gives first priority to compliance. Also, we recognize that the Code should be revised regularly.
In order to realize effective compliance measures, the general managers of every NEC Corporation division have taken leadership and responsibility for discussing and implementing the optimal measures for their divisions with support from the corporate divisions. Further, identifying compliance as one of NEC’s priority management themes from an ESG perspective.materiality.the Mid-term Management Plan 2025 sets as a goal zero cases of serious involvement with cartels or bid-rigging.
Moreover, as part of our risk management activities, we manage risk in order to avoid oversights and overlap of measures, under NEC’s “Rules of Basic Risk Management.”
Every year, we identify risks whose materialization would have a particularly large impact on NEC Corporation’s business and sales targets. Among these, we select certain risks that require priority measures as “Priority Risks” for Companywide management. We then formulate, implement, and assess measures to address those risks. In addition, each of our business units and subsidiaries are also conducting specific activities to manage particular risks in their unit or company.
Periodic Rotation and Reengagement of Accounting Auditors
Pursuant with regulations such as those that are based on the Certified Public Accountants Act and which concern accounting auditors, the Company manages operations based on the following rules.
- Engagement partners may not be engaged for more than seven accounting periods in duties that entail conducting audits of the Company. Lead engagement partners may not be engaged for more than five accounting periods in duties that entail conducting audits of the Company.
- For two accounting periods after being replaced, engagement partners may not be engaged in duties that entail conducting audits of the Company. For five accounting periods after being replaced, lead engagement partners may not be engaged in duties that entail conducting audits of the Company.
NEC Corporation enforces and implements compliance with top management and conducts activities led by the Risk Control and Compliance Committee, the Compliance Division, and the Corporate Auditing Bureau. The meeting bodies and management structure are as follows:
Board of Directors
Given its oversight role with respect to business execution, the Board of Directors receives reports related to material misconduct and reports on the measures taken for the Priority Risks. In addition, the Board regularly confirms the effectiveness of risk management, including prevention of corruption and fraud and the operational status of internal control systems.
The Executive Committee discusses important NEC management issues such as policies and strategies, including Priority Risks and other important risks related to management and strategies.
Audit & Supervisory Board Members (KANSAYAKU)
The Audit & Supervisory Board Members audit the performance of duties within NEC Corporation by regularly discussing reports of audit results received from the Corporate Auditing Bureau, or reports on the status of operations of the Compliance Hotline, the internal reporting system pertaining to business ethics and violations of laws and regulations.
Chief Legal & Compliance Officer (CLCO)
The CLCO chairs the Risk Control and Compliance Committee and oversees Companywide compliance promotion activities.
Risk Control and Compliance Committee
The Risk Control and Compliance Committee, whose members are officers, investigates the underlying causes of serious compliance breaches, studies related to prevention of recurrence and preventive measures, and deliberates on policies for risk management activities and policies for selection of and countermeasures to the Priority Risks. The committee executes a supervisory function in Companywide risk control by, for example, regularly receiving reports from the divisions in charge of deliberations and progress status related to specific Priority Risk measures, validating the activity results and issues and future activity plans and providing direction for improving and enhancing measures as needed.
The committee is chaired by the CLCO, who reports on important matters within the proceedings and results of the committee meetings to the Executive Committee and the Business Progress Committee and other meetings, which are attended by the CEO.
The Compliance Division formulates and implements various initiatives designed to enforce compliance, including instilling knowledge of the NEC Group Code of Conduct. In addition, the division provides the necessary support, coordination and guidance to ensure that risk management in the business and corporate staff divisions is implemented systematically and effectively.
For example, the division enhances the risk control function for the entire NEC Group by continuously supporting risk control activities in each division including subsidiaries. This is accomplished by collecting external information, investigating using a risk management survey, and exchanging information with subsidiaries worldwide.
In addition, the division regularly receives and discusses reports on audit results from the Corporate Auditing Bureau and receives status reports on the operations of the Compliance Hotline, the internal reporting system pertaining to business ethics and violations of laws and regulations.
Corporate Auditing Bureau
The Corporate Auditing Bureau functions as an internal auditing department directly under the supervision of the president and is composed of members who are experts in internal audits. The bureau carries out audits aimed at ensuring that NEC is operating lawfully, properly, and efficiently, as well as in pointing out problems and making proposals for improvement.
Compliance Promotion at Consolidated Subsidiaries
The presidents of our consolidated subsidiaries in Japan take ownership of proposing and implementing compliance measures with guidance and support from the Compliance Division, corporate divisions, units, and business units responsible for each subsidiary.
In regard to consolidated subsidiaries abroad, the five Regional Headquarters (RHQ), including the subsidiaries under them worldwide, further strengthen compliance.
NEC has also established channels for reporting compliance-related issues regularly, and as the need arises, from the consolidated subsidiaries in Japan and abroad to Headquarters in Japan.
Measures and Main Fiscal 2021 Activities
For the second consecutive fiscal year, in fiscal 2021 there were no cases of serious involvement with cartels and/or bid-rigging in the NEC Group, thanks to implementation of the following measures.
Conducting Various Initiatives for NEC Compliance Day
To establish compliance as part of NEC’s corporate culture, we conduct various activities to spread information and raise awareness for NEC Compliance Day.
First, officers including the President and CLCO and all department managers (approximately 130 people), and the presidents of consolidated subsidiaries in Japan and abroad communicate messages to underscore the importance of compliance to all employees. In addition, each employee of NEC Corporation makes a “Compliance Action Declaration” to show their own initiatives to make compliance part of the corporate culture.
At NEC Business Ethics, an annual corporate ethics forum for NEC Corporation and its consolidated subsidiaries in Japan, lectures are given by NEC’s President and an external lecturer with expertise in compliance, and the Compliance Excellent Award is presented. The award is presented to divisions that have taken ownership for thoroughly implementing compliance. By introducing their specific initiatives, the award helps to improve the level of activities among all divisions.
Furthermore, NEC held online lectures to encourage employees to recollect and reflect on three Antimonopoly Act violations caused by the Company in the past. We also, we organized dialogues so that the personnel of different divisions could share ideas and think together about measures for creating an open atmosphere in workplaces.
An online portal for NEC Compliance Day was set up on our intranet to enable employees to browse activities and information related to the event at any time.
Education and Awareness-raising Activities throughout the World
NEC Corporation and its subsidiaries in Japan conduct web-based training regarding compliance for all officers and employees once a year (completion rates in the training period—NEC Corporation: 99.0%; consolidated subsidiaries in Japan: 98.5%—and those unable to take the course within the period are committed to taking it in the next round). Also, NEC Corporation is deploying training content for consolidated subsidiaries abroad translated into multiple languages (Japanese, English, Spanish, Portuguese, and Chinese). We collected from officers and employees pledges to follow the NEC Group Code of Conduct and other internal policies. Furthermore, NEC Corporation emphasizes the importance of conduct that complies with the NEC Group Code of Conduct using the opportunities of training and education for new employees, and stratified education programs for new corporate officers and new department managers.
(Whistleblowing System for Employees and Business Partners)
The Compliance Hotline is NEC’s whistleblowing system for preventing corruption, fraud, and other compliance matters in general. We have also established an additional contact point for the hotline at a third-party agency as an additional contact point in order to enhance convenience and to address a broader range of risks at an early stage. This contact point receives whistleblower reports from not only employees of NEC Corporation but also its subsidiaries in Japan and business partners. The identity of whistleblowers who contact the hotline and the nature of their reports are guaranteed confidentiality by the personnel in charge. Whistleblowers will never suffer retaliation for having made a report.
NEC and its consolidated subsidiaries in Japan have taken steps to ensure the protection of confidentiality and prevention of retaliation by establishing the Compliance Hotline Regulations as internal regulations. This is made known to employees through training programs and other means.
In fiscal 2021, the number of reported cases was 76, down 14 from the previous fiscal year. The reported cases included ethical behavior violations, fraud or violations against the NEC Group Code of Conduct or company rules, and other possible violations. These cases have been appropriately handled.
Examples of the measures taken are as follows.
In a report of harassment, the facts were confirmed and the offender was given guidance and transferred, giving consideration to the whistleblower’s wishes.
In response to reports on the effects of COVID-19 pandemic, including reports in relation to teleworking, the facts were confirmed, and such measures as the issuance of reminders were implemented.
For NEC’s consolidated subsidiaries abroad, Regional Headquarters (RHQ) also set up whistleblowing systems operated by third parties in each region, which are available for local officers and employees to use in the native local language (English, Spanish, Portuguese, and Chinese). The consulted/reported cases and their handling by consolidated subsidiaries abroad are shared with NEC Corporation.
The status of Compliance Hotline implementation and operation (including the internal reporting systems of NEC Corporation subsidiaries) is regularly reported by the Corporate Auditing Bureau to the Board of Directors and the Audit & Supervisory Board Members.
Survey on Compliance Promotion Initiatives
We conducted a survey of all officers and employees in conjunction with web-based training regarding compliance in order to evaluate the status of their initiatives on compliance promotion and their awareness of compliance. Furthermore, in a survey conducted after NEC Compliance Day, we asked division employees to evaluate the messages delivered by their division’s department managers. The results of the surveys were posted as feedback on the intranet portal, and will be useful for proposing and implementing measures to further enforce compliance going forward.
Exchanges of Opinion with Business Divisions
To further increase each division general manager’s ownership of ensuring compliance, in fiscal 2021 the Compliance Division held a face-to-face exchange of opinions with approximately 70 business divisions and subsidiaries. Through active discussions on the latest compliance- related topics, the Compliance Division was able to understand the situations of each division and subsidiary, and they all are working together to improve compliance activities Companywide.
Selecting Priority Risks and Countermeasures
NEC Corporation annually identifies “important risks,” selected from the perspectives of the need for additional countermeasures and the magnitude of the impact on corporate business and society. These are based on the result of risk assessment for each division, which was obtained through a questionnaire-based risk management survey, and findings in the internal audit by the Corporate Auditing Bureau, among others. Important risks that are evaluated as having a particularly large impact are selected as Priority Risks and reported to the Board of Directors, which puts countermeasures in place for them.
In fiscal 2021, the Priority Risks that we selected were “risks related to harassment,” “risks accompanying inadequate establishment of accounting processes at international subsidiaries,” “risks related to the management of confidential information,” and “invasion of privacy-related risks accompanying new technologies.” The respective divisions responsible for each of the risks are taking the necessary countermeasures.
Response to Emerging Risks
NEC minimizes emerging risks—namely, risks that could arise in the near future and have a long-term effect on corporate management—by predicting their potential impact on businesses and taking countermeasures accordingly.
Examples of Countermeasures for Emerging Risks
1. Risks Regarding Privacy Infringement Related to New Technologies
NEC has businesses engaged in the social implementation of AI and the utilization of biometrics and other data—activities exemplified by face recognition systems. Such businesses risk being significantly affected by inadequate establishment of measures aimed at respecting privacy and other human rights or by failure to comply with principles and legal systems with due consideration for ethics and social acceptability.
To reduce the aforementioned risk, we have set out the NEC Group AI and Human Rights Principles and established and strengthened in-house systems. As well as ensuring that our employees are fully aware of these principles and systems, we manage operations in line with these measures.
2. Risks Regarding Management of Confidential Information
In addition to its own information assets, NEC possesses information assets entrusted to it by customers and business partners. Consequently, we have security-related risk in the form of the loss of social trust and the significant impact on related businesses that would result from a leakage of information, which could occur due to such factors as a cyber attack made possible by inappropriate management of information.
Aiming to mitigate such risk, we have built an integrated information security promotion framework, which connects the Information Security Strategy Committee with other in-house bodies. Based on this framework, we take an array of different measures that account for security-related risk on a comprehensive, global basis. Further, the NEC Group Code of Conduct includes stipulations on the appropriate management of confidential information and personal information. Also, we are further developing systems and capabilities for the protection of personal information to strengthen information management measures.
Participation in Activities of External Organizations
Business Ethics Research Center (BERC)
NEC Corporation has been a BERC member since its establishment in 1997. BERC collects worldwide information relating to business ethics, undertakes research on ethics, offers consulting on business activities, and educates businesspersons while promoting ethics. We have utilized information on examples of initiatives in other companies obtained through BERC in the enforcement and planning of measures to promote compliance.