We work to identify potential major risks to prevent them from occurring, and we have a structure in place to ensure that appropriate actions are taken in case they occur.
In addition, we have a company-wide risk management system with President and Representative Director as the chief risk management officer and the Executive Director of Corporate Strategy & Planning (a member of the Board of Directors and a Senior Executive Officer) as the risk management director in charge. In this way, we tackle issues related to risk management, recognizing them as important issues for management strategy. Furthermore, we have an Audit & Supervisory Board and an internal auditing department (Business Audit Department) working to increase the effectiveness of audits in risk management.
We introduced Enterprise Risk Management (ERM) in FY2019, aiming for total, rather than partial, optimization of risk management. For implementation, we have appointed a Chief Risk Management Officer (President, Representative Director, and Chief Executive Officer) and a Head Risk Management Officer (member of the Board of Directors). In addition, we made the Legal Department the managing department for risk management, and established risk management regulations to promote ERM.
ONO’s risk management system
To promote risk management activities across the Group, we provide our subsidiaries with guidance and advice on risk management, while respecting their autonomy. We provide such guidance and advice through various opportunities including regular meetings where we receive reports from subsidiaries regarding their business operations and discuss important matters.
We began to expand our ERM system to our subsidiaries in Japan and overseas in FY2020 to further enhance the risk management of the entire Group.In FY2021 we assessed the risks and extracts issues using a risk assessment sheet.
To ensure legal compliance across the Group, we provide appropriate consultation and guidance to our subsidiaries. While respecting their autonomy, we request that each company provide us with regular business reports and consult with us on important business issues in advance.
We have set up a BCP Management Headquarters under the Emergency Response Committee, chaired by the President and Representative Director, and established a system designed to minimize the impact on operations even if a natural disaster or serious accident occurs, so that we can continue business activities, and even if they are suspended, recover promptly and resume them. And for management during normal times, we have a Business Continuity Management (BCM) Committee, which is chaired by the Executive Director of Corporate Strategy & Planning and is in charge of business continuity management, and a Management Office to maintain and strengthen our abilities to respond to crisis and continue our business operations, and promote relevant management activities.
We have prepared for disasters by installing systems such as emergency generators and duplicate power service in our Headquarters, the Tokyo Building, and all of our plants and research institutes, and we have also introduced seismic isolation systems to prepare for earthquakes in our Headquarters, the Tokyo Building, Minase Research Institute, and the Yamaguchi Plant. Also, because we have transferred some of the functions of the Headquarters in Osaka to the Tokyo Building, the development of a two-base system, improves our ability to continue our business operations. The BCM Committee conducts drills under the assumption of a large-scale disaster, identifies issues, and redoes plans to improve BCP response capabilities.
The Group's business performance may be significantly affected by various risks that could in the future occur in its business activities.
The major risks that have the potential to affect the Group's business are listed below. However, this list does not cover all risks, and there are risks other than those described below that could potentially influence investor decisions.
The matters in this document relating to the future are based on the judgment of the Group as of the end of FY2021.
Identified risks are divided into three categories, “strategic risks,” “external factor risks,” and “operational risks,” and basic action policies and priority orders against risks are determined. The basic action policy for each risk category is stated below.
ONO’s “major risks” based on these three categories are stated below.
Risk field | Major risk item | Risk category |
---|---|---|
(1) New product development |
|
Strategic risk |
(2) Response to changes in the market environment |
|
Strategic risk |
(3) Compliance |
|
Operational risk |
(4) Product quality control |
|
Operational risk |
(5) Securing and developing human resources |
|
Strategic risk |
(6) Large-scale earthquakes, climate change-related natural disasters, and accidents |
|
External factor risk |
(7) Supply-chain (stable supply) |
|
External factor risk |
(8) Health insurance system reform |
|
External factor risk |
(9) Reliance on specific products |
|
Strategic risk |
(10) Newly discovered side effects |
|
Strategic risk |
(11) Intellectual property rights |
|
Operational risk |
(12) Litigation | (To be included in other risks.) | |
(13) Information management |
|
Operational risk |
(14) Overseas business expansion |
|
Strategic risk |
(15) Alliance with other companies |
|
Strategic risk |
(16) Fluctuations in financial market conditions |
|
External factor risk |
(17) Response to environmental issues |
|
External factor risk Operational risk |
(18) Spread of novel coronavirus infection (COVID-19) |
|
External factor risk |
(19) Deferred tax assets and impairment treatment |
|
Strategic risk |
Information assets are very important management resources.
ONO Pharmaceutical and its group companies have established, and implement and maintain the Information Securities Global Policies to strictly protect and not divulge the information assets, including R&D information, external information obtained for business use, and personal information of customers/suppliers, as well as to share and utilize information properly within the group.
The ONO Group has established the Information Security Global Policies and related regulations. To ensure their effectiveness, an information security management system has been established, including specific actions to be taken in the event of an information security incident.
Overall responsibility for information security rests with the Information Security Director (Corporate Executive Officer / Executive Director, Digital & IT Strategy). The Information Security Director is responsible not only for formulating the Group’s information security management strategy, but also for creating, revising, implementing and managing related regulations, etc., while taking into account changes in the environment surrounding ONO and the latest trends in information security-related laws and regulations. Under the Information Security Director, Information System Division Manager and the Division Directors of Information Security are appointed to perform information security management duties at each division and Group company*.
*A company of which 100% of voting rights are owned by ONO PHARMACEUTICAL CO., LTD..
Organizational Structure for Information Security Management
Click here for our Privacy Policy.