In July 2001, Sony Corporation established the Compliance Office, charged with exercising overall control over compliance activities across the Sony Group, to emphasize the importance of business ethics and compliance with applicable laws, regulations and internal policies. The Compliance Office establishes compliance policies and structures for the Sony Group and performs crisis management functions.
  In July 2003, Sony established a regional compliance network comprised of offices in the Americas, Europe, Japan^*1, East Asia^*2 and Pan-Asia^*3, which are charged with assisting the Compliance Office at Sony Corporation and exercising regional control over compliance activities to strengthen the compliance system throughout the Sony Group. Officers responsible for compliance in each region have the authority to issue instructions concerning compliance to Sony Group companies in their respective regions and, by cooperating with one another, are working to establish and maintain a comprehensive global compliance structure.

In May 2003, Sony adopted the Sony Group Code of Conduct, which sets the basic internal standards to be observed by all directors, officers and employees of the Sony Group in order to emphasize and further strengthen corporate governance, business ethics and compliance systems throughout the entire Sony Group.
  This Code of Conduct sets out, in addition to legal and compliance standards, the Sony Group's basic policies concerning ethical business practices and activities, on such topics as respect for human rights, safety of products and services, environmental conservation and information disclosure.
   It has been adopted and implemented by each Sony Group company globally as its own internal code of conduct. To date, the document has been translated into 26 languages.
  The Sony Group Code of Conduct reflects principles set out in the Organisation for Economic Co-operation and Development (OECD) Guidelines for Multinational Enterprises, the United Nations Global Compact and the United Nations Universal Declaration of Human Rights.
  Sony also participated in the formulation of and observes the standards outlined in the Charter of Corporate Behavior of the Nippon Keidanren (Japan Business Federation), an alliance of Japan's leading corporations.
  Since the implementation of the Sony Group Code of Conduct, Sony has centralized development and management of key internal rules to facilitate consistent Group-wide compliance with provisions of the Sony Group Code of Conduct.

With the adoption of the Sony Group Code of Conduct, Sony also established the Sony Group Compliance Hotline system as a resource for employees to report concerns or seek guidance about possible violations of laws or internal policies, and to allow the Sony Group to respond swiftly to potential risks of such possible violations. The Sony Group Compliance Hotline system is available in the Americas, Europe, Japan, East Asia and Pan-Asia, and is ready to receive the concerns of any Sony Group employee in any part of the world through a telephone call, e-mail or letter.
  The Sony Group Compliance Hotline system is directly linked to the Corporate Executive Officer in Charge of Compliance and is operated independently from the ordinary line of command. Summaries of hotline calls and of the operation of the system are reported to senior management and the Audit Committee. Calls received are handled in line with established procedures, and callers who report issues in good faith will be protected from any possibility of retaliation.
  During fiscal 2007, the Sony Group received approximately 340 hotline contacts covering issues relating to employment, labor, work environment, information management, environmental protection and possible conflicts of interest and thefts. All contacts received are investigated for the purpose of verification and appropriate action. In certain cases, these contacts have led to a review of internal procedures and the strengthening or enforcement of internal rules.

To ensure that all employees are aware of the Sony Group Code of Conduct and the internal hotline system, Sony Group companies inform their employees about the Code and hotline through the ongoing dissemination of e-mails, booklets, wallet cards, posters, postings on the company's intranet and/or feature articles in internal newsletters.
  Education and training sessions that use e-learning, case studies and other approaches presenting real-life examples also provide instruction both on business ethics generally and on individual aspects of the Sony Group Code of Conduct that are crucial to some or all of the Sony Group. Examples include education programs regarding fairness in competition and business dealings, and training to avoid discrimination and harassment in the workplace. In addition, senior Sony Group management send e-mails to all employees at least once each year that emphasize the importance of observing the Code and the availability of the Hotline; both in the context of business ethics, integrity and lawful conduct.
  Through ongoing messaging, awareness and training efforts, Sony will continue striving to promote a thorough understanding Group-wide of the importance of the policies and values set out in the Sony Group Code of Conduct.

As part of a broader compliance monitoring program, key Sony Group companies worldwide undertake compliance self-assessments, which involve self-inspection of enumerated compliance-related activities. The Regional Compliance Officers evaluate the results of the self-assessments and report their evaluations to the Corporate Executive Officer in Charge of Compliance. The Regional Compliance Officers also consider measures to address any reported issues and provide relevant instruction and supervision to Sony Group companies in their respective regions. Internal Audit and Compliance Audit programs supplement as warranted.

Each Sony Group business unit, subsidiary or affiliated company, and corporate division is tasked with reviewing and assessing business risks on a regular basis and establishing and maintaining necessary systems for, among others, detecting, communicating, evaluating and responding to risk in its particular business area.
  In addition, Sony Corporation's corporate executive officers have the authority and the responsibility to establish and maintain a system for identifying and controlling risks with the potential to cause losses or reputational damage to the Sony Group in the areas for which they are responsible.
  The Corporate Executive Officer in Charge of Compliance oversees the maintenance of a risk management system through the coordinated activities of the Compliance, Internal Audit, Group Risk, and other relevant groups.
  In the area of crisis management, Sony has established a Group crisis management system outlining procedures to enable a swift and organized Group-wide response to crises as needed. Under this system, crises are classified into three levels to ensure dynamic responses. Level 1 is defined as a crisis with the possibility of significant impact on the Sony Group and the possibility of serious negative impact on the business of the Sony Group or its reputation, and will be handled under the direction of the CEO. Level 2 is a crisis that is determined not to be Level 1, but still has the possibility of widespread impact within the Sony Group, and will be addressed by a cross-functional committee composed of headquarters executives appropriate to the issue. A Level 3 crisis is one that the Corporate Executive Officer in charge of the subject area determines may be resolved with his/her authority.

Sony has established the "Sony Global Information Security Policy" and its subordinate rules, the "Sony Global Information Security Standard," which sets forth our commitment to information security and states policies to be followed by all Sony personnel. Sony has established an organization charged with developing, maintaining and implementing this policy. The organization coordinates with individuals responsible for information security at Sony Group companies globally to create an effective Group-wide information security management system.
  Sony formulated the "Global Basic Principles on Personal Information" in July 2000, and is reinforcing internal rules and business processes to ensure the appropriate handling of the personal information of its customers and business partners. To encourage broad understanding of its principles on personal information management, in April 2005 Sony also introduced the Sony Group Privacy Policy ^*1 at all Sony Group companies in Japan.
  Recognizing that employee awareness is key, Sony Corporation requires training programs for its employees to increase their understanding of the issues and improve the overall level of information security and personal information management. These training activities are implemented at each of the Sony Group companies.

Sony is committed to fair business practices, transparency and equal opportunity in its procurement operations, where purchasing is conducted according to established policies and procedures. To protect the integrity of the process, Sony procurement agents in the electronics business are not permitted to form personal ties or relationships based on potential personal gain with any supplier. Among other things, this rule also prohibits the acceptance of personal gifts from or participation in a supplier's business while employed at Sony.
  The procurement department of Sony's domestic electronics business uses e-learning programs to ensure that procurement agents have a thorough understanding of the Company's "Working Principles for Procurement Personnel." The content of such programs is translated into English and Chinese to help train overseas procurement agents and thus assure the highest ethical standards on a global basis.
  Other Sony Group companies globally also are implementing new procedures to ensure that there are no improper conflicts of interest in their business dealings on behalf of Sony.