In July 2001, Sony Corporation established the Compliance Office, charged with exercising overall control over compliance activities across the Sony Group, to emphasize the importance of business ethics and compliance with applicable laws, regulations and internal policies. The Compliance Office establishes compliance policies and structures for the Sony Group and performs crisis management functions. In July 2003, Sony established a regional compliance network comprised of offices in the Americas, Europe, Japan, East Asia^*1 and Pan-Asia,^*2 which are charged with assisting the Compliance Office at Sony Corporation and exercising regional control over compliance activities to strengthen the compliance system throughout the Sony Group. Officers responsible for compliance in each region have the authority to issue instructions concerning compliance to Sony Group companies in their respective regions and, by cooperating with one another, are working to establish and maintain a comprehensive global compliance structure.

 In May 2003, Sony adopted the Sony Group Code of Conduct, which sets the basic internal standards to be observed by all directors, officers and employees of the Sony Group in order to emphasize and further strengthen corporate governance, business ethics and compliance systems throughout the Sony Group. This Code of Conduct sets out, in addition to legal and compliance standards, the Sony Group's basic policies concerning ethical business practices and activities, on such topics as respect for human rights, safety of products and services, environmental conservation and information disclosure. It has been adopted and implemented by each Sony Group company globally as its own internal code of conduct. To date, the document has been translated into 26 languages.

 The Sony Group Code of Conduct reflects principles set out in the Organisation for Economic Co-operation and Development (OECD) Guidelines for Multinational Enterprises, the United Nations Global Compact and the United Nations Universal Declaration of Human Rights. Sony also participated in the formulation of and observes the standards outlined in the Charter of Corporate Behavior of the Nippon Keidanren (Japan Business Federation), an alliance of Japan's leading corporations.

 With the adoption of the Sony Group Code of Conduct, Sony also established the Sony Group Compliance Hotline system as a resource for employees to report concerns or seek guidance about possible violations of laws or internal policies, and to allow the Sony Group to respond swiftly to potential risks of such possible violations. The Sony Group Compliance Hotline system is available worldwide. Callers who report issues in good faith will be protected from any possibility of retaliation.

 The Sony Group Compliance Hotline system is directly linked to the Corporate Executive Officer in Charge of Compliance and is operated independently from the ordinary line of command. Summaries of hotline calls, results of investigations, and of the operation of the system are reported to senior management and the Audit Committee.

 During fiscal 2008, the Sony Group received approximately 380 hotline contacts covering issues primarily relating to employment, labor, work environment, information management and possible conflicts of interest. All contacts received are investigated for the purpose of verification and appropriate action. In certain cases, these contacts have led to a review of internal procedures and the strengthening or enforcement of internal rules.

 To ensure that all employees understand the importance of observing the Sony Group Code of Conduct, as well as to promote use of the internal hotline system, Sony Group senior management informs executives and employees about these topics through ongoing dissemination of e-mails, as well as implementation of online and class room training. Further, Sony Group executives and senior management with a certain level of authority are annually requested to submit a certification stating that they understand the importance of ethical behavior and the need, in their role as managers, to communicate the importance of ethics and compliance with applicable laws, regulations and internal policies. Sony Group companies inform their employees about the Code and the internal hotline system through the ongoing dissemination of e-mails, booklets, wallet cards, posters, feature articles in internal newsletters, and/or postings on the company's intranet.

 In addition to these initiatives, the Sony Group provides education and training sessions that use e-learning and other approaches presenting real-life examples to impart more in-depth expertise regarding business ethics and individual aspects of the Sony Group Code of Conduct that are crucial to compliance by the Group. These include fairness in competition and business dealings, and the prevention of discrimination and harassment in the workplace. Through ongoing communication, awareness and training efforts, Sony will continue to promote a thorough Group-wide understanding of the importance of the policies and values set forth in the Sony Group Code of Conduct.

 The framework for monitoring the compliance program consists of reports received through the internal hotline system and from Regional Compliance Officers, periodic self-assessments by key Sony Group Companies, and compliance and internal audits. With respect to self-assessments, key Sony Group companies worldwide periodically undertake compliance self-assessments, which involve self-inspection of enumerated compliance-related activities.The Regional Compliance Officers evaluate the results of the self-assessments and report the results thereof to the Corporate Executive Officer in Charge of Compliance. The Regional Compliance Officers also consider measures to address any reported issues and provide relevant instruction and supervision to Sony Group companies in their respective regions.

 Each Sony Group business unit, subsidiary or affiliated company, and corporate division is expected to reviewing and assessing business risks on a regular basis, and to detect, communicate, evaluate and respond to risk in their particular business areas. In addition, Sony Corporation's Corporate Executive Officers have the authority and responsibility to establish and maintain systems for identifying and controlling risks with the potential to cause losses or reputational damage to the Sony Group in the areas for which they are responsible.The Corporate Executive Officer in Charge of Compliance is tasked to promote and manage the establishment and maintenance of such risk management systems through the coordinated activities of the Compliance, Internal Audit, Group Risk, and other relevant groups. One aspect of risk management is the proper handing of crises if and when they arise, and the proper preparation for such crises. Sony's crisis management and business continuity activities predominately occur at the business and operational level closest to the events we may encounter. Since some events can have a significant impact on the entire Sony Group as a whole, Sony has established a Group crisis management procedure to enable a swift and organized Group-wide response to crises as needed. Under this system, crises are evaluated and classified into three levels to ensure dynamic and appropriate responses. Level 1 is defined as a crisis with the possibility of significant impact on the Sony Group, and the possibility of serious negative impact on the business of the Sony Group or its reputation, and will be handled under the direction of the CEO. Level 2 is a crisis that is determined not to be Level 1, but still has the possibility of widespread impact within the Sony Group, and will be addressed by a cross-functional committee composed of headquarters executives relevant to the issue. Level 3 is a crisis that the Corporate Executive Officer in charge of the subject area determines may be resolved within his/her authority.

 Sony has established the "Sony Global Information Security Policy" and its subordinate rules, the "Sony Global Information Security Standard," which sets forth Sony's commitment to information security and states policies to be followed by all Sony personnel. Sony has established an organization charged with developing, maintaining and implementing this policy. This organization coordinates with individuals responsible for information security at Sony Group companies globally to create an effective Group-wide information security management system. Sony formulated the "Global Basic Principles on Personal Information" in July 2000, and is reinforcing internal rules and business processes to ensure the appropriate handling of the personal information of its customers and business partners. To encourage broad understanding of its principles on personal information management, in April 2005 Sony also introduced the Sony Group Privacy Policy^*1 at all Sony Group companies in Japan. Recognizing that employee awareness is vital, Sony Corporation requires training programs for its employees to increase their understanding of the issues and improve the overall level of information security and personal information management. These training activities are implemented at each of the Sony Group companies.