The Risk Management & Compliance Committee, directly reporting to the Board of Directors and headed by the President, oversees compliance globally for the Fujitsu Group, in accordance with our Basic Policy on Establishment of Internal Control System. The Risk Management & Compliance Committee raises awareness and secures compliance with Fujitsu Way Code of Conduct throughout the Group by appointing a Chief Risk Management & Compliance Officer (CRCO) who executes the committee’s decisions concerning compliance, establishing the Global Compliance Program, and coordinating with the Region Risk Management & Compliance Committee set up in each region as a subcommittee.
The Risk Management & Compliance Committee and the Region Risk Management & Compliance Committees monitor the implementation status of the Global Compliance Program on a periodical basis and report to the Board of Directors. Under the top management’s initiative and supervision, internal rules, training, and oversight systems required for compliance with laws and regulations concerning the business activities of the Fujitsu Group are implemented and operated.
The Fujitsu Way includes the following Code of Conduct, with which all Fujitsu Group employees must comply:
Fujitsu has also rolled out our Global Business Standards (GBS), which provides further guidance on how to apply the Fujitsu Way Code of Conduct and to ensure compliance with laws and regulations. The GBS are available in 20 languages to be applied uniformly across the Fujitsu Group.
Through active and continuous communication of management’s intention to take on compliance through initiatives such as top management’s messaging to employees, Fujitsu is working to promote the Fujitsu Way Code of Conduct and GBS across the Fujitsu Group. Fujitsu’s President sends repeated messages to all employees in Japan and overseas after the competition matter in connection with the sale of communication equipment to electric power companies, declaring again not to engage in any compliance breach, including bid rigging and cartel. In FY2017, the President’s interview video was distributed, in which he talked about his commitment to compliance. Other executives in the management also issued messages expressing commitments to prevent of recurrence of the matter as one Group based on their experience from impact to business or client relationships.
In overseas Group companies, the region heads and the top management of each company are continuously sending messages to their employees, explaining our corporate culture of “Zero Tolerance”.
Moreover, “Fujitsu Compliance Week” was newly designated on December, 2017, aligned with the United Nation’s “International Anti-corruption Day”, and coordinated messages were sent out across the Group to promote giving thought to compliance and discussions to raise awareness.
In order to promote and implement the Fujitsu Way Code of Conduct and GBS, Fujitsu has established the Global Compliance Program (GCP) and is working to maintain, review and improve its global structure for legal compliance across the Fujitsu Group.
The GCP systematically organizes our existing activities concerning compliance into five pillars, clarifies items that Fujitsu should continuously work on, and seeks to promote external understanding of our compliance structure and activities.
Various measures and approaches are taken in each region based on the GCP, as well as local laws and government guidelines.
The Fujitsu Group has established and implemented various internal rules to align globally with the GBS.
In Japan, to enforce compliance and enact sustainable improvement in our corporate value, we established the Compliance Policy with the approval of the Risk Management & Compliance Committee, and have applied the rule throughout domestic group companies. We established more specific and detailed regulations and guidelines based on the Compliance Policy in the areas with significant impact on business: antitrust, anticorruption and anti-social forces.
For overseas Group companies, Fujitsu Group’s minimum requirements for internal rules have been put together as global guidelines with the approval of the Risk Management & Compliance Committee, and they are adopted into the internal rules of each companies after coordination has been given with respect to the applicable laws, culture, and customs of each country. We issued the General Compliance Guideline, corresponding to the Compliance Policy in Japan above along with a global guideline on competition law, and other guidelines concerning the prevention of bribery. We indicate what the actions are that have high risk for being bribery, such as gifts and hospitality for government officials, charity and donations to political parties, and facilitation payments, implemented online systems to secure compliance of gifts and hospitality for government officials, and third party due diligence in the locations with high risk of corruption in major Group companies of EMEIA, Asia, Americas, and Oceania. Suppliers and partners are required to abide by the laws, regulations, and GBS by contracts and other means.
As noted above, Fujitsu is working to promote and implement the Fujitsu Way Code of Conduct and GBS across the Fujitsu Group through messages from top management to employees and other regular communication of our commitment to compliance.
We have also assigned compliance officers to each region, Japan, EMEIA, Asia, Americas, and Oceania, and have formed a global network with each risk and compliance representative, in order to secure a structure to execute our GCP.
The risk and compliance representatives in Fujitsu and domestic Group companies meet annually at the Risk and Compliance Seminar to share updates and knowhow related to risk management and compliance, and the compliance representatives from overseas Group companies meet annually at the Global Compliance Forum to share and discuss headquarters’ policies concerning the execution of GCP.
To embed and implement the Fujitsu Way Code of Conduct and GBS, Fujitsu Group conducts various compliance training and awareness raising activities for executives and employees.
During the Fujitsu Compliance Week held in December 2017, various activities were conducted, such as distribution of compliance articles and putting up hotline posters, to facilitate discussion on compliance at each workplace. The Fujitsu Compliance Week will be held continuously. The Fujitsu Group has been printing the Fujitsu Way on wallet-size cards and has been distributing these to Group employees. These cards are designed to serve as a quick reference of the Code of Conduct for employees when they are uncertain about a decision in the course of daily operations in dealing with customers and/or business partners.
Fujitsu and domestic Group companies conduct compliance training for newly assigned executives every year, which is provided by outside lawyers as well as Fujitsu’s legal and compliance function. For employees in managerial positions, we also regularly hold in-house training where a Fujitsu instructor explains the importance of the Code of Conduct and compliance, while also providing case studies of typical scenarios and difficult situations. In FY2017, Fujitsu and domestic Group companies provided an e-learning course called "FUJITSU Compliance Training 2017 - 2018: Cartels/Bid-Rigging/Bribery" for all the employees (Completion rate as of April 2018: Fujitsu 99%, the domestic Group companies 98%). Documentary drama that introduces Fujitsu’s antitrust case referenced above is provided to increase the effectiveness of the training by having real life example and employees are to think about Fujitsu’s corporate culture by setting things from the point of view of the people involved. We also conducted a series of face-to-face training for over 2,500 employees of public sector business and other sales divisions.
For overseas Group companies, we also conduct compliance training based on the local laws, customs and business in each country and region. In FY2017, we provided an e-learning course on GBS and anti-corruption, as well as antitrust/competition and export control. The course was provided in 20 languages to overseas Group companies in 72 countries (Completion rate as of April 2018: 97%). We also provide globally standardized e-learning courses for new employees. Moreover, according to the cartel and corruption risks, we conduct face-to-face trainings for different departments and entities focusing on the prevention of such risks. Compliance training for partners will be rolled out further.
Going forward, we will continue with these activities and further the trainings and awareness raising activities.
Fujitsu Group has been operating the Compliance Line/Fujitsu Alert for both internal and external reports (also covering anonymous reports) handling reports and providing consultations for all employees in the Fujitsu Group (including retired, seconded, contracted, part-time or other short-term employees as well as temporary staff). Additionally, Group companies have established and are operating their own internal reporting system. These reporting lines are made known to the employees via compliance trainings, websites, posters and wallet-size cards with contact information.
Our Compliance Line/ Fujitsu Alert forbids any and all retaliation against any individual who makes the report, and meticulous care is taken in handling the information so as to preserve their anonymity. When the report is received, appropriate investigation is conducted and if the issue is identified as a result of the investigation based on FUJITSU Way Code of Conduct and GBS, such is corrected (including a disciplinary actions) and prevention measures are implemented.
We opened a Compliance Line for Suppliers in Japan to handle reports and inquiries from the employees of companies that directly supply products, services or software, etc. to Fujitsu and domestic Group companies. For overseas Group companies, reports are accepted in 20 languages, at any time, on any day.
Employees are required by Risk Management Rule to report compliance violation or signs of violation and immediately to the Risk Management & Compliance Committee and the Board of Directors if necessary, following the reporting structure set by the Heads of Units.
The status of reports and consultations, or key compliance issues are reported regularly to the Risk Management & Compliance Committee and the Board of Directors.
Through activities such as risk assessments and audits, or review by external experts such as law firms, efficacy of the GCP is periodically checked and work is being done to continually improve it.
In FY2017, Fujitsu started audits in order to confirm observance of the Antimonopoly Act, and we will improve and continue the audit program as a communication tool with relevant departments.
For overseas, Fujitsu headquarters’ compliance team conducts risk assessments by visiting Group companies in countries and regions with a high risk of corruption, and through the interviews with executives and employees, as well as checks on internal policies and processes, the compliance team analyzes the potential compliance risks in local business and provides proposals and supports to mitigate these risks.
The outcome of all risk assessments and the status of the GCP implementation are reported regularly to the Risk Management & Compliance Committee, the Region Risk Management & Compliance Committees and the Board of Directors.
In July 2016, Fujitsu Limited was found to have violated the Antimonopoly Act concerning order coordination of electric power security communication equipment for Tokyo Electric Power Co., Ltd.(TEPCO) and received a cease and desist order and a surcharge payment order.
Subsequently, in February 2017, Fujitsu was found to have violated the Antimonopoly Act concerning transactions of hybrid optical communication equipment and transmission-path equipment for Chubu Electric Power Co., Inc. (CEPCO).
Because of the timely application for immunity from or reduction of surcharge for CEPCO case, Fujitsu was fully exempted from payment of the surcharge and was not subject to a cease and desist order. Fujitsu deeply apologizes for all the concerns we have caused by letting these regretful incidents occur.
Fujitsu took disciplinary action against the employees who were involved in the violations, and imposed salary reductions on seven executives, including the Chairman and the President, based on a resolution of the Board of Directors (10-30% of the monthly salary was reduced for 3 months).
Immediately following the detection of TEPCO case, the President promptly declared that all bid rigging and cartel behavior will not be tolerated, and sent repeated messages to all executives and employees. The executives in charge of each business also reminded employees of Fujitsu’s commitment to compliance. Additionally, as mentioned above, Fujitsu conducted compliance trainings to all its executives, employees, as well as to its Group companies.
Furthermore, in Japan, Fujitsu established a domestic compliance program based on the Japan Fair Trade Commission’s “Compliance Program for Companies to Comply with The Antimonopoly Act”, in order to secure effectiveness of the GCP. For FY2017, Fujitsu considered “training” and “audits” centered around the topic relating to the Antimonopoly Act as focused measures, and is working on to create an environment that fosters “zero tolerance” for bid rigging building relationship and two-way communication with relevant departments.
Fujitsu will continue to strengthen the compliance initiatives based on this program, aiming to win back the trust and striving to prevent reoccurrence.
For the purpose of maintaining global peace and security, the export of goods and the transfer of technology that could be utilized for the development or production of weapons of mass destruction, conventional weapons, etc. are strictly controlled under an international framework for security export controls (“International Export Control Regimes”). Japan is also implementing security export controls consistent with the same framework under the Foreign Exchange and Foreign Trade Act.
Following the stipulation to "comply with all laws and regulations" in the Fujitsu Way Code of Conduct, we are thoroughly working to implement our Security Export Control policy in line with not only Japan's Foreign Exchange and Foreign Trade Act, but also the U.S.'s extraterritorial Export Administration Regulations (EAR).
Fujitsu has established a system by which our President is the designated Chief Export Control Officer for the company and the Security Export Control Office in the Legal, Compliance and Intellectual Property Unit is the designated organization in charge. Product classification and transaction screening (of end use and end users) is performed by this office for all export of goods and overseas transfer of technology, so that the export of goods or transfer of technology will not happen without export licenses required by governments. Furthermore, the above Security Export Control policy requires us to issue a prompt report in the event of a legal violation. In terms of business execution, we strive for strict management to prevent any acts that could lead to non-compliance with export control laws, keeping close touch with the Ministry of Economy, Trade and Industry as the competent authorities for security export control in Japan. In order to maintain an appropriate level of export controls, we conduct annual export control audits and provide export controls training for executives and employees. In FY2017, we conducted regular internal audits of 30 in-house departments, assessed the appropriateness of internal operations, and provided guidance for making improvements.
Fujitsu also offers guidance to Group companies inside and outside Japan for developing frameworks for security export controls and tailoring in-house rules, provides in-house export control training and audits, and annually organizes the gathering of Group companies to exchange mutually beneficial information. In FY2017, the Security Export Control Office visited 6 Group companies in East Asia and Southeast Asia for the purpose of audits, training, and strengthening of frameworks for security export controls. Since FY2013, the Office has also been developing an e-learning training course covering security export controls in 20 languages for Group companies located across the globe.