Home > CSR > CSR Performance > Fair Operating Practices > Risk Management and Compliance

CSR - Corporate Social Responsibility
Committed to People, Committed to the Future.

Risk Management and Compliance


At Toshiba, throughout our worldwide operations, we strive to ensure compliance with laws and regulations, social and ethical norms, and internal rules. Giving top priority to human life and safety and to compliance in everything we do underpins our commitment to promoting business activities through fair competition and serving the interests of customers to the best of our ability.
We consider thorough adherence to the Toshiba Group Standards of Conduct (SOC), which embody the Basic Commitment of Toshiba Group, to be the foundation of our compliance. Thus we are working toward making the SOC an integral part of the entire Toshiba Group

To Top

Management Structure

In order to ensure thorough risk compliance management at Toshiba, a board member is assigned the responsibility of overseeing risk compliance.
If a serious noncompliance incident occurs, we swiftly consider how to deal with it and take the necessary action in the risk compliance system.
Furthermore, we endeavor to reinforce risk compliance management by closely examining ways to prevent SOC violations and the recurrence of similar incidences through cooperation among the relevant divisions.

Management Structure

Management Structure

*CPL is an abbreviation combining CL (contractual liability) and PL (product liability)

To Top


Booklets on Toshiba Group Standards of Conduct in various languages
Booklets on Toshiba Group Standards of Conduct in various languages

Toshiba Group has translated Toshiba Group Standards of Conduct (SOC) into 15 languages and distributed copies to overseas subsidiaries for compliance training. With a view to ensuring compliance with the SOC, Toshiba Group provides various education programs such as education based on the needs of different organizational levels and job functions, as well as seminars on compliance topics for top executives. We also provide e-learning for all employees on a continual basis.
For overseas subsidiaries, we have developed e-learning materials in English with a view to preventing serious SOC violations such as the formation of cartels and bribery. We offer such e-learning to our subsidiaries in Europe, the United States, and Asia. In China, we have compiled risk compliance examples based on local circumstances and distributed these materials for compliance education in Toshiba Group companies in China.

Developing various measures to promote rigorous compliance

Trainer education for subsidiaries in Asian countries
Trainer education for subsidiaries in Asian countries

In light of global regulatory trends, Toshiba has been making rigorous efforts to prevent cartelization and bribery. In FY2012, the Company continued to step up its initiatives to ensure thorough compliance.
Specifically, the initiatives involve Toshiba Group companies worldwide performing self-audits based on two Toshiba- developed guidelines: one on antitrust and the other on anti-bribery. Through these audits, Toshiba Group aims to identify compliance levels at the companies concerned and to provide thorough compliance education.
Furthermore, in order to ensure compliance with relevant anti-trust laws and prevent bribery to foreign public officals, Toshiba managers visited major subsidiaries in Southeast Asia to inspect their states of compliance, including conducting interviews with their top management, and provided compliance training to Japanese and local personnel.
Toshiba promotes rigorous compliance with business-related laws and regulations by providing education, effectively utilizing databases that contain relevant information, and performing periodic self-audits.
In addition, Toshiba’s compliance initiatives are objectively evaluated by outside lawyers once a year. We make improvements to reduce risks pointed out by third parties in order to continue to enhance our compliance structure.

To Top

Response to Compliance Violations

In the event of a major noncompliance incident, Toshiba investigates all facts to identify the cause of the violation, treats the facts seriously, and handles such violations rigorously by imposing appropriate disciplinary sanctions on the offenders or implementing other such measures. It makes every effort to prevent recurrence and discloses information in a proper and timely manner as necessary.
In FY2012, in response to a dishonest act committed by a Group company employee that was revealed in FY2011, Toshiba Group took up “illegal transactions” as a subject for its workplace meetings on integrity topics. Thus the Group continues to make efforts to prevent the recurrence of similar inappropriate business dealings.

Whistleblower System

In January 2000, Toshiba established a whistleblower system to collect internal information on SOC violations, particularly those concerning laws and regulations, and to deal with wrongdoing through a self-rectification system. Under this system, an employee can report an incident and seek advice. In April 2006, Toshiba also set up a supplier whistleblower system to receive reports from suppliers and business partners to prevent SOC violations by employees in charge of procurement and order placements for construction and other works.
By putting in place systems to receive reports from inside and outside the company, Toshiba anticipates that the system will play a role in deterring SOC violations in addition to self-rectification. Toshiba Group companies have also introduced a similar whistleblower system.

Toshiba’s Whistleblower System

Toshiba’s Whistleblower System

To Top

Compliance Situation Inspection and Audit

The Legal Affairs Division periodically communicates with the Corporate Audit Division in order to confirm the state of implementation with respect to the various compliance measures. Based on the actual state of implementation, steps are taken to enhance the effectiveness of management audits and the audit results are reflected in compliance measures.
Every year Toshiba conducts an intranet-based employee survey on the Toshiba Group Standards of Conduct(SOC). The results are used in formulating measures for enhancing awareness on compliance.

Developing measures to continue breaking relationships with anti-social groups

In 1997, the Board of Directors resolved to end relations with anti-social forces such as sokaiya (groups of racketeers). In 2006, Toshiba Group revised its Standards of Conduct to state expressly that it refuses all involvement in the business activities of such forces. Since then, the Group has strictly dealt with approaches from third parties to obstruct our lawful and appropriate corporate activities.
In addition, in order to further ensure that all relations with anti-social forces are cut off, all Toshiba Group companies have taken various measures, such as reviewing their contract clauses on the exclusion of dealings with crime syndicates and educating all employees about the need for compliance in this area. Toshiba Group also works with the police, corporate attorneys, and third-party organizations such as the National Center for the Elimination of Boryokudan to establish systems that enable us to respond to approaches from anti-social forces in an appropriate and timely manner.

Fostering a compliance-oriented culture through workplace meetings

Meeting at which participants actively exchange opinions
Meeting at which participants actively exchange opinions

Toshiba Group places the highest priority on “life, safety, and compliance” as part of its CSR management. Each workplace holds meetings focusing on integrity to raise the awareness of each and every employee with regard to compliance matters so as to make compliance an integral part of the corporate culture.
These meetings aim to prevent SOC violations by encouraging managers and employees to discuss various problems that are likely to arise in the workplace and to share their thoughts with each other in order to create a work environment where they can easily seek advice on all kinds of problems.
In FY2012, meetings were held on topics concerning compliance related to illegal transactions as well as other topics, such as efficient ways of working.
In addition, having created a database to compile information about the implementation status of the meetings as well as by soliciting the frank opinions of employees via their workplace managers, we are now able to monitor the level of compliance awareness at each workplace and to develop new measures in the future.

To Top

Political Contributions

The Toshiba Group Standards of Conduct stipulates that Toshiba Group shall not provide inappropriate benefits or favors to any politician or political organization.
In the case of offering political contribution, procedures in accordance with internal rules are followed as well as compliance with the Political Funds Control Law in case of Japan is strictly ensured.

Toshiba Group Standards of Conduct Chapter 3 18.Political Contributions

To Top

Business Continuity Plan (BCP)

Failure to respond appropriately to large-scale disasters such as earthquakes, typhoons, and floods could result in the long-term closure of operations, triggering significant financial losses, ultimately affecting our stakeholders.
Toshiba implements measures to ensure the safety of employees and their families, support recovery of devastated areas, and maintain business sites and factories. In addition, Toshiba continually updates its Business Continuity Plan (BCP) covering those businesses that have large social and economic impacts in order to minimize any interruption in the supply of goods and services in the event of natural or other disasters such as an influenza pandemic.
Following the Great East Japan Earthquake, Toshiba Group reviewed the damage expected under our BCP, which we had worked out on a nationwide scale starting in 2007. Based on the revised assumptions, the Group is confirming ways to ensure the safety of all employees at each business site and taking measures to ensure business continuity.

Developing measures to provide a stable supply of parts based on BCP procurement guidelines

In response to the Great East Japan Earthquake and the floods in Thailand, both of which occurred in 2011, Toshiba’s procurement division is aiming to establish a more disaster-resistant procurement system.
In order to respond to the risk of supply chain disruption in the event of an emergency, the division included “ensuring continuous supply when an unforeseen disaster occurs” in its procurement policy and has asked suppliers for their cooperation. In addition, the division is working on risk assessment and risk hedging daily in accordance with the BCP Procurement Guidelines. It also considers procurement from diverse suppliers and from wider geographical areas to be one of its most important measures and aims to minimize the risk of supply chain disruptions and to reduce the amount of time required for resolving supply chain disruptions. In 2012, the procurement division built a system for managing information on upstream suppliers in the supply chain. Global implementation of this system has reinforced the Group’s ability to respond to emergencies.
In addition to these initiatives, the division works with related divisions to cope with other risks such as unavailability of products containing rare earths and power shortages caused by the suspension of operation of nuclear power stations.

To Top

Support for Customers’ Business Continuity

In July 2012, Toshiba Solutions Corp. built the Tokyo No.2 Data Center. It features the latest seismic base-isolating systems, and is located in the least earthquake-prone area of Tokyo. In January 2013, it opened the Sapporo Data Center, which will be used as a remote backup facility. In order to support customers' business continuity, the company will provide safe and secure cloud computing services via technologies allowing for no-fuel-supply datacenter operation and disaster recovery among others.
In December 2012, Toshiba Digital Products & Services Company developed technology for detecting hard disk drive failures in advance. Collecting data obtained from notebook PCs on the number of HDD read errors and the length of operating time as well as data from failed HDDs and analysis of large amounts of data thus obtained has enabled the company to detect failures in advance. This technology allows backups of HDD data before the HDD fails, preventing important data from being lost at the customers and thereby contributing to ensuring business continuity.

To Top