Compliance and Risk Management

Compliance and Risk Management Structure

Alfresa Holdings Corporation has established the Compliance and Risk Management Committee, which promotes overall compliance and risk management for the Group. The Committee comprises members selected from the management teams of Alfresa Holdings Corporation and also Group companies, and is held regularly twice a year with the goal of reducing risk. In addition, Alfresa Holdings Corporation established subcommittees as subordinate bodies of the Compliance and Risk Management Committee, which are limited to particular business segments, business categories, or types of operations. We aim at more appropriate and systematic response to inherent risks in specific highly specialized businesses.
Alfresa Holdings Corporation and its Group companies also hold the Compliance and Risk Management Promotion Committee regularly with the aim of promoting compliance and risk management for each company.

  • Alfresa Group
    Compliance and Risk Management Promotion Structure

Basic Policy and Approach for Compliance

The Alfresa Group defines compliance as “officers and employees complying with laws, internal and external regulations, and social norms, and proactively taking the initiative to fulfill legal responsibilities and ethical responsibilities expected by society.” The Company’s employment regulations stipulate disciplinary action for compliance violations in accordance with their severity. Companies bear legal and ethical responsibility, and if they lose society’s trust their very business foundation may become destabilized, threatening the stability of the life and happiness of its employees, as well as their families. To remain trusted by society, the Group’s individual employees are required to take the importance of compliance personally and act with a constant awareness of reliability, safety, and sincerity espoused in the Group’s principles. Such behavior will help create corporate value.

Compliance Training and Awareness-Raising Activities

The Alfresa Group has established the Alfresa Group Compliance Guidelines which is standards of conduct for all Group officers and employees and distributed the Compliance Handbook to them in a bid to promote thorough compliance.

The Alfresa Group
Compliance Handbook

Tax-related Compliance

The Alfresa Group complies all tax-related laws and regulations and fulfill tax obligation at all times.

Compliance Consulting Offices (Internal Reporting System)

The Group has compliance consulting offices in place as a means for Group employees to consult and make reports. This ensures that violations of laws and corporate ethics are discovered early or prevented.
Compliance consulting offices are set up within the Group companies, and the Company operates the general compliance consulting office, which is open to consultations from the entire Group. In addition, external hotlines are available at Group companies to make it easier for people at Group companies to make a report.
In 2020, Group companies in the Ethical pharmaceuticals wholesaling business established internal and external telephone consultation lines dedicated to the Antimonopoly Act, and began receiving various questions and internal reports regarding strict compliance with the Antimonopoly Act and other laws.

Alfresa Group's Internal Reporting System

See relevant ESG Data

Due consideration is given to the privacy and other human rights of users, with confidentiality ensured. As for people who provide information for the benefit of the public, whistleblowers’ rights are protected and they are dealt with fairly.

Corruption Prevention Initiatives

The Alfresa Group Compliance Guidelines prohibits provision of profits to civil servants, etc. This means prohibiting the provision of or encouragement to accept anything that could be mistaken for a bribe in Japan or overseas. Furthermore, anticorruption laws in overseas countries may apply to acts of bribery that take place outside those countries, and since the Alfresa Group has close relationships with pharmaceuticals manufacturers and suppliers, the Group takes steps to deepen its understanding of such laws and conduct appropriate sales activities.
Each Group Company provides education and training programs mainly for managers, salespersons, and delivery staffs to ensure corruption prevention.

See relevant ESG Data

Basic Policy and Approach for Risk Management

The Alfresa Group defines risk as “phenomena that will or may have a negative impact on the Company’s management, and which could occur at an unpredictable time.” To enable timely and accurate management and implementation of measures for various risks, the Group engages in risk management, including measures aimed at preventing risks at ordinary times, and measures for responding after the occurrence of a crisis that has a serious negative impact on the corporate management.

Crisis Management

Disaster Countermeasures

The Alfresa Group focuses on ensuring that every Group company is ready to respond in the event of a disaster, as a Groupwide initiative. For example, Group companies update their regulations and manuals and hold disaster response training events. They also check and secure the environment and emergency stockpiles.

Disaster Training

Group companies conduct safety confirmation drills every year, along with yearly drills for communicating safety confirmation results of all Group employees to the Company via a Group emergency contact network. For the case of damage to the Group’s mission-critical systems, the Group conducts drills for switching to backup systems every year.

Business Continuity Plan (BCP)

The Alfresa Group has reinforced its BCP in preparation for a large-scale disaster or pandemic. Group companies engaged in the Ethical pharmaceuticals wholesaling business have established a support system that is prepared for a disaster. A nationwide response system is in place so that even if distribution centers or branches in specific areas are affected in a disaster, other locations will be able to step in and continue supplying pharmaceuticals where they are needed.
During the COVID-19 pandemic, which became a serious social problem in 2020, the Alfresa Group has continued a stable supply of pharmaceuticals by following its BCP, implementing basic infection prevention practices and a rotation work shift system.
In the area of information systems, disaster recovery* plans are in place. If the Group’s data center becomes damaged, systems can be switched over to a backup data center, ensuring that shared-use mission-critical systems keep functioning.
The Group has adopted a new email system that able to remain in use in time of disaster, in order to secure post-disaster communication between Group companies. In addition, while remaining vigilant with regard to cyber- security, we are also taking the necessary measures in a timely manner.

* Disaster recovery: Rapid switching of a disaster-damaged computer system to a backup system

The Alfresa Group Business Continuity Plan in the Ethical Pharmaceuticals Wholesaling Business

Information Management

The Alfresa Group not only complies with the relevant laws and regulations in order to respond to the requirements of an advanced information society, but has also formulated the Basic Policy on Information Management to establish systems and ensure proper management of the information it possesses as part of its business activities.

Protection of Personal Information
The Alfresa Group recognizes that the protection of personal information is an important social obligation in its business activities and is committed to protecting personal information based on the Alfresa Group Privacy Policy.

Further Strengthening Information Security Measures

Alfresa System Corporation, which operates, maintains and develops information systems for the Alfresa Group, has acquired ISMS certification (ISO/IEC27001) and works proactively on information security measures. This corporation promotes the standardization and strengthening of security measures Group-wide and raises awareness of information security by offering regular training and other means. Moreover, it conducts questionnaires for all employees twice a year in order to confirm compliance with information security operation rules in an effort to prevent information security incidents.

Business Risks

The Group has compiled the issues relating to business conditions that may have a significant impact on the decisions of investors.