We work to identify potential major risks to prevent them from occurring, and we have a structure in place to ensure that appropriate actions are taken in case of their occurrence.
In addition, we establish a company-wide risk management system with President, Representative Director as the chief risk management officer and Executive Director, Corporate Strategy & Planning (Member of the Board of Directors, Senior Executive Officer) as the risk management director in charge. In this way, we tackle issues related to risk management, recognizing them as important management strategic issues. We also have an Audit & Supervisory Board and an internal auditing department (Business Audit Department) that work towards improvement of the effectiveness of auditing in risk management.
We started preparations for the introduction of an Enterprise Risk Management system (hereinafter, “ERM") in FY2018, and introduced the system in FY2019, aiming for total, rather than partial, optimization of risk management.
In conjunction with the introduction of ERM, we have appointed a Chief Risk Management Officer (President, Representative Director, and Chief Executive Officer) and a Head Risk Management Officer (Member of the Board of Directors). Furthermore, in addition to newly establishing the "Risk Management Office" in 2019, we have also formulated the "Risk Management Regulations" to promote ERM.
ONO’s risk management system
To promote risk management activities across the Group, we provide our subsidiaries with guidance and advice on risk management, while respecting their autonomy. We provide such guidance and advice through various opportunities including regular meetings where we receive reports from subsidiaries regarding their business operations and discuss important matters.
We began to expand our ERM system to our subsidiaries in Japan and overseas in FY2020 to further enhance the risk management of the entire Group.
To ensure legal compliance across the Group, we provide appropriate consultation and guidance to our subsidiaries. While respecting their autonomy, we request that each company provide us with regular business reports and consult with us on important business issues in advance.
According to the instructions of the Emergency Response Committee chaired by the President, Representative Director, we have organized the BCP Management Headquarters and established a system designed to minimize the impact of an emergency on operations even in the case where an emergency occurs such as a natural disaster or serious accident, so that we can continue business activities or recover promptly and resume them if they are suspended. The BCM Committee, which is chaired by Executive Director, Corporate Strategy & Planning (Member of the Board of Directors, Senior Executive Officer) and in charge of business continuity management (BCM), and the Management Office have been formed to maintain and strengthen our abilities to respond to crisis and continue our business operations, and promote relevant management activities during normal times.
We have installed systems prepared for disasters such as emergency generators and duplicate power service in our head office, the Tokyo Building, and all of our plants and research institutions, and we also have introduced seismic isolation systems to prepare for earthquakes in our head office, the Tokyo Building, the Minase Research Institute, and the Yamaguchi Plant. As we have transferred some of the Osaka Head Office’s functions to the Tokyo Building, we can use resources such as internal systems and inventories at either base in the event of natural disasters in one area. The development of our two-base system prevents us from having to stop our business activities and improves our ability to continue our business operations.
In FY2020, we prepared a detailed incident response manual and provided employees with education and practical response training (reporting and public communication systems), with anticipation of multiple individual risks (personal information leaks, plant/laboratory accidents, etc.), to enhance their ability to respond to major incidents.
The Group's business performance may be significantly affected by various risks that could in the future occur in its business activities.
The major risks that have the potential to affect the Group's business are listed below. However, this list does not cover all risks, and there are risks other than those described below that could potentially influence investor decisions.
The matters in this document relating to the future are based on the judgment of the Group as of the end of FY2020.
Information assets are very important management resources.
ONO Pharmaceutical and its group companies have established, and implement and maintain the Information Securities Global Policies to strictly protect and not divulge the information assets, including R&D information, external information obtained for business use, and personal information of customers/suppliers, as well as to share and utilize information properly within the group.
The ONO Group has established the Information Security Global Policies and related regulations. To ensure their effectiveness, an information security management system has been established, including specific actions to be taken in the event of an information security incident.
Overall responsibility for information security rests with the Information Security Director (Member of the Board of Directors, Senior Executive Officer / Executive Director, Corporate Strategy & Planning). The Information Security Director is responsible not only for formulating the Group’s information security management strategy, but also for creating, revising, implementing and managing related regulations, etc., while taking into account changes in the environment surrounding ONO and the latest trends in information security-related laws and regulations. Under the Information Security Director, the Digital ＆ IT Department Manager and the Division Directors of Information Security are appointed to perform information security management duties at each division and Group company*.
*A company of which 100% of voting rights are owned by ONO PHARMACEUTICAL CO., LTD..
Organizational Structure for Information Security Management