Governance

Compliance

Spreading understanding of and respect for compliance norms among all Hitachi Group employees is a fundamental management issue as we seek to rigorously implement fair business practices and avoid risks around the globe. The Hitachi Group Codes of Conduct and the Hitachi Group Code of Ethics and Compliance spell out decision-making procedures and actions for all Hitachi Group executive officers and employees.

Key Actions

• Comply with the Hitachi Group Codes of Conduct
• Establish and strengthen a compliance framework
• Institute and integrate a compliance reporting system
• Prevent antisocial transactions and money laundering
• Prevent bribery and corrupt practices
• Comply with competition law
• Carry out strict export control
• Implement thorough tax compliance

Goals

• Comply with the Hitachi Group Codes of Conduct
• Strengthening compliance
• Instituting and integrating a compliance reporting system
• Thorough implementation of prevention of bribery and corrupt practices and compliance with competition law

Achievements in FY 2020

• Formulated the Hitachi Group Code of Ethics and Compliance
• Had more than 300,000 executives and employees complete an e-learning program on the Hitachi Group Code of Ethics and Compliance (provided in 15 languages)
• Hitachi Group Compliance Conference for working-level employees twice, each divided among four regions
• Held interviews and provided improvement guidance for Group companies deemed “high-risk” in the compliance risk survey
• Launched a Group-wide internal reporting system called the Hitachi Global Compliance Hotline and worked to integrate internal reporting systems within the Group with it (Total number of Group-wide compliance reports: 639)
• Established the Hitachi Group Anti-Bribery and Anti-Corruption Policy, as well as associated rules, and clarified the standards and procedures concerning entertainment, gifts, and other arrangements provided to or received from public officials and non-public officials alike
• Established the Hitachi Group Fair Competition Policy and clarified the participation of departments responsible for compliance in types of conduct other than cartels (vertical relationships with customers, channel partners, suppliers, and so on)

Risk Management

The Hitachi companies must have a clear understanding of opportunities and risks and take appropriate measures if they are to achieve sustainable growth. These risks include social and environmental issues, including climate change, resource depletion, the curtailment of business activity due to significant disasters, and social instability due to growing inequality.

Key Actions

• Understanding and responding to risks and opportunities related to investment, sustainability, etc.
• Implementing risk management to strengthen the business and ensure continuity
• Strengthen procurement BCPs
• Improve the safety of employees sent to dangerous regions

Goals

• Strengthen risk management systems
• Understanding risks and opportunities and take appropriate action
• Earthquake drills simulating a major seismic event
• Further strengthening procurement BCPs
• Continuously improving the safety of employees sent to dangerous regions

Achievements in FY 2020

• Established the new position of CRMO
• Continued to strive systematically to identify and address risks hindering the achievement of business objectives
  Disclosed information based on the TCFD’s recommendations
  Conducted drills to set up an earthquake task force on a remote-work basis
  Hitachi Group CSR/BCP Procurement Committee provided supplier diagnostic tools to procurement divisions
  Posted information form risk consultants internally through our intranet
  Provided medical assistance for Hitachi Group employees outside Japan

Information Management

Information and data are key value drivers for any business, and information security is one of the most critical issues companies face with risks from cyberattacks, leaks of information and operational stoppages. Information security governance is a key management issue alongside the protection of personal data and showing due consideration for privacy.

Key Actions

• Disseminate Information Security Policies
• Strengthen information management
• Prevent information leaks
• Provide education programs on information security
• Conduct thorough information security audits and inspections
• Protect personal information
• Manage customer information

Goals

• Strengthen information management
• Provide education programs on information security
• Conduct thorough information security audits and inspections
• Personal information leaks
• Privacy protection initiatives by Hitachi’s IT Sector

Achievements in FY 2020

• In addition to ISO/IEC27001, which is an international standard, we are promoting compliance with the U.S. government standard SP800-171 in our Global Information Security Management Regulations to strengthen information security governance globally.
• Built a cyber monitoring environment that continually adopts the latest technology to defend against increasingly sophisticated Cyberattacks.
• Held e-learning programs on information security and personal information protection (participating employees: around 40,000)
• Conducted Information security and personal information protection audits at all Group companies and business units (annual).
• Conducted audits of 153 Hitachi Group companies in Japan including Hitachi, Ltd., in the same manner as at Hitachi, Ltd., and Hitachi, Ltd. confirmed all results.
• Personal information leaks: 0
• Published opinion surveys on use of consumer data in big data businesses
• Hitachi initiatives were included in the “Guidebook on Corporate Governance for Privacy in Digital Transformation (DX) ver.1.1” released by Japan’s Ministry of Internal Affairs and Communications and Ministry of Economy, Trade, and Industry.