Compliance

Toshiba Tec Group works on compliance activities, while thoroughly observing laws and regulations, internal rules, and
social customs on a global basis.

Risk Compliance Promotion System

We appoint each company president and CEO as a CRO* in order to propagate and thoroughly implement the "Toshiba Tec Group Standards of Conduct" as well as advance the risk compliance measures. Top management exercises initiative to devise and promote various strategies in response to emergency situations.
We organize the Risk Compliance Committee under the leadership of the CRO, to maintain the system of the entire Toshiba Tec Group, devise and promote the advancement of risk compliance.

  • *CRO: Chief Risk Compliance Management Officer

Risk compliance system

Risk compliance system

Internal reporting system

We, Toshiba Tec Group, have established an internal reporting system as a way of consulting/reporting on illegal, dishonest and unethical behavior, as well as internal rules which enable executives and employees to provide information to the CRO or outside attorneys.
We give maximum consideration to ensuring the anonymity of whistleblowers, thoroughly managing information and protecting them from suffering any detrimental consequences, such as dismissal, as a result of their whistleblowing.
In addition, the "Toshiba Tec Partner Hotline" has been introduced and operated so that business partners can provide information through the website.

Risk compliance system

Fostering Compliance-conscious Culture

To foster high ethics and a law-abiding awareness in each employee, we fully disseminate our Group Standards of Conduct, provide compliance education on a variety of themes and workplace meetings on CSR.


Dissemination of "Toshiba Tec Group Standards of Conduct"

We prepared "Toshiba Tec Group Standards of Conduct" in 13 languages and delivered brochures to every employee of Toshiba Tec and its domestic and overseas group companies. We also provide e-learning-based education to ensure thorough dissemination of information.


Compliance education

We provide every executive and employee with e-learning while also holding educational seminars intended for specific employees, such as law-related education for business groups and education for employees to be stationed abroad.

Topics

e-learning programs for every executive and employee

•Standards of Conduct •Subcontract Act •Antitrust Law •Anti-Bribery •Timely Disclosure •Accounting Compliance •Harassment •Mental Health •Work-style Innovation (WSI) •Customer Satisfaction •Environment •Information Security and Personal Data Protection •Electrical Safety Law •Export Control •Engineering Ethics •Product Security, etc.

Educational seminars intended for specific employees

•Law-related education for business groups

This kind of educational seminar is held every year to promote recognition of legal risk in business activities, learn how to reduce such risks, and discuss various daily operation issues. In fiscal 2018, it was held a total of 38 times in 13 business sites throughout Japan.

Eligible: Employees from each business group
Time: 90 minutes (including Q & A)

photo

Workplace meetings on CSR

To create a positive workplace atmosphere through discussions, we develop compliance awareness in each employee, establish this as the corporate culture, and hold CSR meetings in each workplace.
In these meetings, the manager and their subordinates discuss various issues which may occur in the workplace and share opinions. The goal of the meetings is to create a frank and open-minded work environment as well as to prevent compliance violations.
In fiscal 2018, with the theme of "personal fraud", we discussed what factor would cause personal fraud and what points to pay attention to prevent personal fraud. We exchanged opinions based on fictional case studies in each workplace.

Information Security

We recognize all information including sales and technical data handled while carrying out our task as important property, and have established a basic policy to prevent and protect against inappropriate disclosure, leakage or improper use of such information. We define this policy in the Information Security section of the Toshiba Tec Standards of Conduct so that all executives and employees are fully informed. In fiscal 2018, there were no information security incidents that were likely to cause serious problems, such as unauthorized access to internal/external servers, falsification, loss or theft of computers/electronic media in which important company data or customers’ personal data is stored.

We also established a system and rules for information security management, and revise them in response to the changes in the social environment. Shizuoka Business Center (Mishima and Ohito), where the design, development, and quality assurance sections are located, received the ISO/IEC 27001:2005 certification in fiscal 2007 and 2012, and upgraded to the ISO/IEC 27001:2013 certification in fiscal 2014.

In terms of technical measures, we, Toshiba Tec Group, strengthen measures to protect the public server, in order to prevent cyber-attacks and other forms of unauthorized access from the outside, which are becoming more and more sophisticated year by year, as well as to avoid information leakage. We also enhance the monitoring of internal systems to enable a quick response in the event of a computer virus infection.

Each division continuously makes improvements by voluntarily auditing the status of compliance with the internal rules. We provide education to all employees, including executives, employees, and employees dispatched from affiliated companies, in order to prevent accidents in handling information and widely disseminate the information security measures. Information security education was provided to all Toshiba Tec employees in fiscal 2018.

Our group companies take similar measures, respectively, and make a concerted effort to maintain and improve information security throughout Toshiba Tec Group.

Security Export Control

Export control is aimed at preventing the proliferation of weapons of mass destruction and other sensitive items to countries and regions of security concern or terrorist organizations. Export transactions of goods and technology that have potential weapons of mass-destruction (WMD)/conventional weapons applications are restricted under laws and regulations.

Our basic policies of export control are as follows:
We shall comply with all applicable export control laws and regulations in each country and region of operation (the Foreign Exchange and Foreign Trade Control Law in Japan), and with those of the United States if we are engaged in transactions involving U.S. origin cargos and technologies. We shall refrain from any transactions that may undermine the maintenance of global peace and security.

Based on these basic policies, we have established the "Export Control Program" and built an export control system. Accordingly, we make cargo/technology relevance judgments and strict transaction screenings for determining the need for export permission, conduct periodic export control audits, and provide education and support to our group companies.

Intellectual Property

The "Toshiba Tec Group Standards of Conduct" specifies "Compliance with all applicable laws and regulations associated with intellectual property rights", "Protection and extensive use of the results of intellectual activities under the intellectual property rights", and "Respect for the legitimate intellectual property rights of third parties", as the Toshiba Tec Group's policy for intellectual property rights.

We also work to develop and proactively use our intellectual properties to contribute to the further achievement of our retail and printing solutions business groups. As a part of our approach, we hold an event called Invention Challenge to collect ideas from every Toshiba Tec Group employee regardless of the organization and motivate greater invention and creation.