Casio Group Code of Conduct

Based on its Basic Risk Management Policies, Casio has built a system to manage risks efficiently. In fiscal 2008, Risk Management Committee was established to take measures with an emphasis on managing compliance risk.

In the committee's first year, fiscal 2008, it identified 70 laws relating to Casio's businesses, and listed measures being taken to comply with each law. Regarding laws where Casio had deficiencies relating to management cycle operation and manual preparation, the committee analyzed the importance of each risk based on the occurrence possibility and its impact on company management. Measures were then prepared to deal first with the risks of higher importance.

In fiscal 2008, there were 19 law types where the company's compliance was deficient and the risks were of high importance. By the end of fiscal 2011, specified measures had been put in place to deal with all of these laws.

As a result, Casio has changed its risk management method, and the Risk Management Committee Secretariat is regularly monitoring the risks identified by the Committee. The company has moved towards a system that checks for deficiencies in the status of management cycle implementation.

Risk management system

Compliance implementation status

In order to respond to emergencies with the resources of the company organization, Casio has created a Crisis Management Manual for securing the safety of all employees, directors, and their families, preserving corporate assets, and maintaining business activities.

Sequential updates of the manual keep pace with changes in the business environment, and the company is taking practical initiatives at the same time. Specifically, the following measures have already been undertaken:

However, with the Great East Japan Earthquake that struck in March 2011, circumstances were encountered that exceeded previous expectations. Learning from this, the Crisis Management Manual required substantial revision. Visits were made to the sales sites in the disaster zone and interviews conducted. By verifying emergency response activities at the headquarters and local sites from the victims' perspective, Casio was able to identify various points for improvement. These points have been carefully reflected in the revised Crisis Management Manual to make it even more effective.

Casio is aware of its important social responsibility to maintain the security of information that it collects from customers and other stakeholders in relation to its business activities. Casio strives to maintain the highest level of information security. With the full implementation of Japan's Act on the Protection of Personal Information in 2005, Casio launched the Protection of Personal Information Project and publicized the Privacy Policy on its web site. Furthermore, as part of Casio's drive to strengthen its system for safe and proper handling of personal information, Casio Computer Co., Ltd., worked to qualify for the Privacy Mark* certification and received it in December 2005.

Since obtaining certification, Casio has been properly carrying out the plan-do-check-act (PDCA) cycle to maintain its personal information protection management system. This includes the establishment of annual plans, having all employees undergo training and make a pledge, regular checking of personal information, access management on information systems, consignee supervision, and internal audits. Accordingly, Casio has been able to renew and maintain its certification.

In fiscal 2011, Casio worked to further raise the awareness of employees by conducting an information accident prevention campaign and putting up posters in the company. The aim is to reduce the risk of an information security accident occurring at the individual employee level, such as data theft or loss off premises, or mistakenly sending a confidential email to the wrong recipient.

In November 2007, Casio's Information System Department received information security management system certification (ISO 27001). The aim of applying for certification was to evaluate fulfillment of responsibility by the information system department, which has specialized skills and takes care of information assets for the entire company. Since then, Casio has further improved information security and its effectiveness, and continues to implement PDCA cycles for risk reduction activities. A certification renewal audit is held every three years. With the audit conducted in January 2011, the compatibility and effectiveness of Casio's information security management system was again evaluated.

Personal information protection system

As a way to help ensure compliance, Casio set up a Whistleblower Hotline in April 2006. The hotline has been functioning with neutrality and fairness across all of its internal and external contact points.

Operating on a basis of impartiality, the hotline follows up on all whistleblower reports and consultations, and takes resolute measures against any improper behavior discovered. Effort is put into preventing issues before they grow into real problems. In fiscal 2010, the hotline's intranet site was improved, and hotline awareness was raised within the company.

There were nine whistleblower reports in fiscal 2011. In each case, the callers were interviewed, and based on the content of their reports, investigations were made, and correction measures implemented to resolve the problems.

With the aim of making the hotline well known within the company, a Whistleblower Hotline website was established. In fiscal 2011, the website content was further improved, and Casio is working to increase awareness among employees.

Whistleblower Hotline

Export control, or export control security, aims to maintain international peace and security. It involves regulations on the export of goods and technology that could be diverted for the development of weapons of mass destruction or other weaponry. The regulations are designed to prevent such goods and technology from reaching countries and regions of concern or terrorist organizations.

In 1987, the Export Control Security Program of Casio Computer Co., Ltd. (a compliance program) was established in order to make sure proper measures are taken to ensure the security of exports. The program has since been continually updated along with changes in the Japanese Export Control Regulation.

Casio has appointed employees responsible for export control in relevant departments as part of an internal system to ensure observance of the program.

As the Exporter Compliance Standards took effect in April 2010, Casio has been striving to maintain and manage its system by conducting voluntary annual audits while ensuring through legal compliance, in response to the revision of applicable laws and regulations. Efforts include the strengthening of training activities at group companies in Japan.

Casio has also established a management system for complying not only with Japanese export laws but also with US Export Administration Regulations. The company is working to improve global export management, including the implementation of export management training at group companies outside Japan.

Casio continues to hold compliance seminars given by employee instructors at the sales offices of Casio Computer Co., Ltd., in Japan. In order to promote proper transactions as well as fair, transparent and free competition, it is essential for sales employees to have a proper understanding of Japan's Act on Prohibition of Private Monopolization and Maintenance of Fair Trade and Act against Unjustifiable Premiums and Misleading Representations. In fiscal 2011, ten seminars were given at sales offices, while three were held at the sales management department in the headquarters. A total of 738 employees received the training, expanding their understanding of fair transactions.

As a tool for promoting proper and fair competition and transactions, Casio distributed Sales Compliance Cards to its sales employees in Japan so that they could always have it with them. The cards contain information such as an ethics and compliance test for making difficult decisions and contacts for advice or to make a whistleblower report. This led to an increase in the number of employee consultations on potential issues in advance.

Casio Sales Compliance Card

Corporate Governance