Sustainability
Corporate Governance
Risk Management and Information Disclosure
At Hisamitsu Pharmaceutical, we identify and strive to reduce a wide variety of internal and external risks in order to continue and develop our business operations. We have established an appropriate risk management structure based on scenarios for responding to various risks, such as natural disasters and other contingencies, as well as threats against the security of information, including personal information, and the protection of intellectual property.
Business Risk Management
Hisamitsu Pharmaceutical addresses various business risks in a proper and effective manner, and formulates Business Risk Management Policy to minimize the impact if any business risk arises. We have established a company-wide risk management structure requiring each department head to report on the department’s response to business risks, strategic planning, decision making, etc. at the Management Advisory Board every quarter. Meanwhile, we have designated the COVID-19 pandemic as an “emergency risk that might threaten our continuation” and launched a COVID-19 task force early in the crisis.
Although infection control measures are executed throughout the company, we are also proceeding with work reform and other measures.
■Risk List
| Risk | Details of Risk | Countermeasures for Risk |
|---|---|---|
| Risks related to legal regulations and medical policies |
・Change in regulations of the drug price system and the healthcare insurance system may affect the performance of the Hisamitsu Group. |
・We prepare against any revision in advance, such as examining whether extra measures are needed or not, by seizing the trend to the revision of regulations related to pharmaceutical affairs promptly. |
| Risks related to quality and side effects | ・Occurrence of quality problems and unexpected side effects may lead to cases, such as cancelation of release and product recalls. |
・We comply with related laws and regulations including the Pharmaceutical and Medical Device Act and GxP Ministerial Ordinances, as well as internal regulations, to ensure thorough quality management of products. ・We are prepared to minimize the impact by paying attention to adverse events related to our products and implementing measures promptly including product recall. |
| Risks related to R&D activities | ・In R&D activities for new products and technologies, discontinuation of those activities due to various causes, such as the failure to achieve expected effects, may prevent us from recovering the investment in the R&D. |
・We practice portfolio management properly by expanding development pipelines and diversifying resources and risks. ・We examine the business feasibility of the pipeline at the time of a transitional stage. |
| Risks related to supply chains | ・Interruption of manufacturing or purchase due to some reason may affect the performance of the Hisamitsu Group. | ・We develop a BCP (Business Continuity Plan) and conduct drills at our manufacturing sites and work to secure safety inventory in order to maintain stable supply. |
| Risks related to environmental issues | ・If chemicals used in the R&D activities or manufacturing processes are judged to have a negative impact on the surrounding environment, it may affect the performance of the Hisamitsu Group. |
・We conduct periodic inspections of storage areas in our work to protect environment, as well as drills to handle an emergency. |
| Risks related to intellectual property rights | ・If business activities of the Hisamitsu Group infringe on patents or other intellectual property rights of other companies, business may be suspended, or a patent dispute may arise. ・If other companies infringe on the intellectual property rights of the Hisamitsu Group, we may file suit. |
・We have established a system to implement the best strategy in collaboration with outside experts including lawyers as needed. |
| Risks related to lawsuits | ・With regard to our business activities, we may be sued for side effects of pharmaceutical products, product liability, and other reasons. |
・We have established a system to implement the best strategy in collaboration with outside experts including lawyers as needed. |
| Risks related to natural disasters (climate change) |
・If our business activities or those of our business partners are damaged due to critical natural phenomena (weather, volcano eruptions, earthquakes, landslides, etc.) , it may affect the performance of the Hisamitsu Group. |
・For measures to minimize risks of disasters, we have developed a BCP (Business Continuity Plan), such as developing the Disaster Countermeasures Manual, and improve the Plan on an ongoing basis. |
| Risks related to IT security and information management |
・The Hisamitsu Group has a lot of in-house information (trade secrets) including personal information, and if any of the information leaks outside of the Company due to unauthorized entry into the system, system failure, accidents, etc., it may affect the performance of the Hisamitsu Group. |
・We have formulated the Information Security Management Regulations and established an information system management structure to strive to prevent information leakage and reinforce information security. ・We take measures to keep pace with changes in the social environment and technological advances, such as countermeasures against cyberattacks. In addition, information security awareness is raised by continuously alerting and educating relevant employees. |
| Risks related to the securement and development of human resources and work environment |
・If sufficient human resources cannot be secured or an environment where employees can continue working safely, securely, and healthily is impaired, our business may be difficult to continue or may stagnate, which may affect the performance of the Hisamitsu Group. |
・We will increase job satisfaction through the creation of employee growth opportunities and a comfortable work environment to realize the self-reliant career development of employees. |
| Sovereign risks in countries or regions to which we expand our business |
・In overseas business, we may lose initially expected revenues or may suffer unexpected losses from environmental changes in political, social or economic terms in countries or regions to which we expand our business, which may affect the performance of the Hisamitsu Group. |
・We collect and recognize information on risks related to countries or regions to which we expand our business, and develop a BCP (Business Continuity Plan), as well as improving it on an ongoing basis. |
| Risks related to changes in market environments | ・If the environment surrounding our products changes because of the launch of competitors’ products or generic products, it may affect the performance of the Hisamitsu Group. |
・We collect information on the launch or other matters of competitors’ products and generic products as well as working on the creation and development of drugs to reduce the impact. |
Information Security
We have formulated the Information Security Management Regulations to properly manage our information assets, such as personal information and trade secrets, and established an appropriate information system management structure, thereby striving to prevent information leakage and reinforcing information security.
In addition, we take measures to keep pace with changes in the social environment and technological advances, such as countermeasures against cyberattacks, which have become a threat in recent years. In addition, information security awareness is raised by continuously alerting and educating relevant employees.
Business Continuity Plan (BCP)
Leveraging our experience of the Great East Japan Earthquake, Hisamitsu Pharmaceutical will restore business operations promptly in the event of a disaster and sustain the medical care structure by maintaining quality of pharmaceutical products and ensuring their stable supply. To secure a stable supply of pharmaceutical products, we have decentralized our production and logistics bases and concluded purchase contracts with different suppliers. We have also installed in-house power generators, established an emergency contact system, and taken various measures to minimize disaster risks in accordance with the Disaster Preparedness Manual.
●Examples of Disaster and Information Security Measures
| Disaster simulation drill | Each business site has established own response team, and conducts drills in preparation for disasters by establishing an action plan in cooperation with the Disaster Response Task Force, which oversees these teams. |
|---|---|
| Regular drills for an emergency contact system for safety confirmation | In order to promptly confirm the safety of employees and provide accurate information to their families in the event of a disaster, regular drills are conducted for all employees to report the situation simultaneously using a cell phone e-mail service. |
| Wireless and satellite phone communication testing | Wireless and satellite telephones are installed at our main bases in Japan (Kyushu Head Office, Tokyo Head Office, Utsunomiya Factory, and Tsukuba Laboratory), and drills are conducted to prepare for disasters. |
| Voluntary fire brigade | Each business site has organized a voluntary fire brigade and regularly conducts evacuation and fire drills. For plants in Japan, the fire brigades regularly engage in fire drills and a water-discharge drills using outdoor hydrants in line with our fire defense plan and receive instructions and feedbacks from their local fire station. |
| Emergency kits and food stockpiles | We have distributed emergency kits to all employees to prepare for an emergency. Each business site keeps a stockpile of water and food in case employees are stranded due to disruption of the transportation system in the event of an emergency. |
| Securing logistics routes | Land transportation using trucks is shifted to sea transportation, thereby aiming to ensure a logistics channel in the event of an emergency. |
| Information security | As cyber-attacks are spreading around the world, exercise drills are conducted for all employees on how to respond when they receive suspicious e-mails (including distribution of pseudo-targeted attack e-mails that are actually disguised as normal e-mails). |
Information Disclosure
Hisamitsu Pharmaceutical has established the Disclosure Policy Regulations to ensure timely and appropriate disclosure of corporate information. In addition to corporate information required to be disclosed in a timely manner by the Financial Instruments and Exchange Act and the Timely Disclosure Rules stipulated by the Tokyo Stock Exchange, the Company deems information that does not fall under the scope of the Timely Disclosure Rules, but may have an impact on investment decisions, as Material Disclosure Information, and strives to disclose such information in a timely manner in accordance with these rules.
As an internal structure, the Disclosure Policy Team, chaired by the President and CEO, has been established to determine, manage, review and supervise the content of Disclosure Policy Regulations, determine Material Disclosure Information, confirm the announcement of such information, and control risks.
The Disclosure Policy Regulations are applicable to all officers and employees, who are required to report necessary information to the Disclosure Policy Team as needed according to the scope of their duties based on the segregation of duties. Members of the Disclosure Policy Team are designated as information disclosure staff, and material disclosure information shall, in principle, be made through the information disclosure staff.
Information Disclosure and IR Activities
We believe that it is critical to gain your understanding of our business operations by presenting our business results, future prospective, and other corporate information fairly and accurately thorough IR activities. We have formulated a disclosure policy in order to disclose our corporate information in an appropriate and timely manner in accordance with laws, regulations, and the listing rules. All our officers and employees strive to disclose information based on the policy.
To enhance our management transparency, we intend not only to disclose information even more actively, but also to ensure smooth communication with shareholders and investors through IR activities.
