Ethical business conduct and compliance with applicable laws and regulations are fundamental aspects of Sony's corporate culture. To this end, Sony has established a Global Compliance Network comprised of the Compliance Division at the corporate headquarters, a global compliance leadership team and regional compliance officers around the world. Additionally, it has adopted and implemented the Sony Group Code of Conduct and set up Compliance Hotline systems through its Global Compliance Network. Sony has taken these actions in order to reinforce the Company's worldwide commitment to integrity and help assure resources are available for employees to raise concerns or seek guidance about legal and ethical matters.
In July 2001, Sony Corporation established the Compliance Division, charged with exercising overall control over compliance activities across the Sony Group, to emphasize the importance of business ethics and compliance with applicable laws, regulations and internal policies. The Compliance Division establishes compliance policies and structures for the Sony Group.
In July 2003, Sony established a regional compliance network, comprised of regional compliance officers in each region worldwide, who are charged with exercising regional control over compliance activities to strengthen the compliance system throughout the Sony Group.
In May 2003, Sony adopted the Sony Group Code of Conduct, which sets the basic internal standards to be observed by all directors, officers and employees of the Sony Group, in order to emphasize and further strengthen corporate governance, business ethics and compliance systems throughout the Sony Group. In addition to legal and compliance standards, the Code of Conduct sets out the Sony Group's basic policies concerning ethical business practices and activities on such topics as respect for human rights, safety of products and services, environmental conservation and information disclosure. The Code of Conduct has been adopted and implemented by each Sony Group company globally and is the subject of frequent "tone from the top" messaging and other training.
Following the adoption of the Sony Group Code of Conduct, Sony also established a Sony Group Compliance Hotline system as a resource for employees to report concerns or seek guidance about possible violations of laws or internal policies, and to allow the Sony Group to respond swiftly to potential risks of such possible violations.
The Sony Group Compliance Hotline system is available worldwide. It is directly linked to the Corporate Executive Officer in charge of Compliance. It is operated independently from the ordinary line of command, and callers who report issues in good faith are protected from any possibility of retaliation for the report. Summaries of hotline calls, results of investigations and updates on the operation of the system are reported to senior management and the Audit Committee.
A compliance monitoring program helps to ensure thorough global adherence to the Company's Code of Conduct, internal policies, and training and other protocols. The program relies on self-assessments, compliance audits and internal audits, along with monitoring of hotline and other reporting.
As one example of its compliance-related initiatives, Sony has adopted the Sony Group Anti-Bribery Policy, which builds on the anti-bribery and accurate record-keeping requirements in the Sony Group Code of Conduct to help ensure that Sony Group personnel do not violate, or appear to violate, any applicable anti-corruption laws or regulations. This policy reflects Sony's strong commitment to business integrity and, in particular, establishes practices and procedures that must be followed to help ensure integrity in Sony's dealings with government officials, as well as training requirements.
Sony has established an Information Security and Privacy organization headed by a Chief Information Security Officer (CISO) reporting directly to a Sony Corporation Corporate Executive Officer. Sony also has established global information security policies and standards, and global privacy policies, which set forth Sony's commitment to information security and privacy and define practices and procedures to be followed by all Sony personnel. The CISO and his organization are charged with developing and implementing these policies and standards globally to ensure network security and the protection of privacy. This organization coordinates with individuals responsible for information security and privacy at Sony Group companies globally to create a Group-wide information security and personal information management system. Under the supervision of the CISO, Sony continuously reinforces internal rules and business processes to further strengthen the information security management framework of the Sony Group and contribute to the protection of personal information. Recognizing that employee awareness of information security and privacy is vital, Sony requires training programs for its employees to increase their understanding and improve the overall level of information security and protection for individuals' privacy.