Compliance and Tax Strategy

Rakuten Group Regulations

Rakuten Group Regulations (RGR) comprise a set of common rules across the Rakuten Group. RGR were established with the aim of ensuring that all employees and executives adhere to the highest ethical standards, and that effective corporate governance is in place in order to maximize corporate value.
The RGR consist of guidelines covering important areas such as the Rakuten Group Code of Ethics, the core values of the Rakuten Group (Rakuten Shugi), legal compliance, labor practices, information security, quality management, sustainability and more. Group-level rules are completed by company-specific regulations to address the specificities of each service when necessary.
In addition, Group-wide audits are conducted on a wide range of topics, including legal compliance, human rights related to labor practices and information security, to confirm compliance with the Rakuten Group Code of Ethics, a part of the RGR.
RGR are periodically reviewed and revised to respond to the development of our business and changes in the business environment and to meet the expectations of our stakeholders and society at large.

Compliance Management

To ensure strong compliance management across the Group, the Rakuten Group has appointed an F-CCO (Function Chief Compliance Officer), who, under the leadership of the COO (Group Chief Operating Officer), oversees overall Group-wide compliance. A CCO (Company Compliance Office) is also appointed in each company in order to strengthen Group-wide compliance system by liaising with the F-CCO, promoting compliance programs and monitoring their effectiveness.
Under this structure, a variety of measures have been implemented as part of the Group Compliance Program, such as prohibition of bribery and corruption, prevention of money laundering and terrorist financing, compliance with antitrust and competition laws, improvement of Group-wide compliance education, elimination of antisocial forces, and monitoring of management systems and compliance with the Act against Unjustifiable Premiums and Misleading Representations and various business laws.
The Group Risk and Compliance Committee meets quarterly to identify risks related to laws and regulations that may hinder the implementation of management strategies, promote effective compliance throughout the Group, share best practices, propose and build consensus on compliance measures, and report on and discuss the status of the Group Compliance Program.
The Board of Directors receives reports from the COO and F-CCO periodically on the progress and results of compliance measures and oversees overall compliance of the Group.

Rakuten Group Compliance Program

In order to continuously improve compliance efforts and address new laws and regulations, Rakuten implemented a PDCA (plan-do-check-adjust) cycle called the Rakuten Group Compliance Program. The program consists of the following four steps: (1) Risk identification, (2) Solution planning, (3) Implementation and execution and (4) Evaluation.

Identify Risks

Risks facing the Rakuten Group are identified based on risk assessment, reported incident information and other concerns raised from top management and different departments.

Plan Solutions

The identified risks are prioritized and action plans are established accordingly.

Implement & Execute

Action plans are implemented and executed at the appropriate level — business, company and/or Group following the Compliance Management Framework.

Compliance Management Framework

Clear Responsibilities	The organization or person in charge has the authority to access information required to solve issues
Policy / Rules	Ensure that the rules, policies or criteria are documented in a way that is clear, comprehensive and easy to understand
Processes	Create and document business processes to ensure that the policy can be followed consistently
Training / Awareness	Conduct training so that all relevant employees are aware of the policy and processes Ensure that relevant documents are available at all times
Monitoring / Self-check	Monitor compliance with the policy Use self-check mechanisms to ensure processes are being followed

Evaluate

Finally, compliance risk is mitigated through reviewing the Group-wide operations and the compliance status with laws and regulations. The result of the review is reported to the Group Risk & Compliance Committee.

In order to conduct the Group Compliance Program smoothly, the headquarters maintains constant communication with F-CCO, CCO and the businesses, providing operational support from four angles: Audit, Communication & Reporting, Promotion and Advisory.

Prohibition of Bribery and Corruption

Rakuten Group Anti-Corruption Program

As part of the Rakuten Group Compliance Program, the Rakuten Group Anti-Corruption Program has been implemented. Designed to prevent, detect and remediate corruption for all of our operations worldwide, the program covers the following perspectives.

Risk Identification

A bribe may take place in direct collusion with the other party, such as public officials, or via third-party intermediaries. Therefore, due diligence is conducted to confirm that the intermediary is not associated with a corruption risk. It is also conducted before engaging in mergers and acquisitions or investments. Additionally, we avoid involvement in corruption by conducting corruption risk assessments for existing Group operations.

Raising Awareness

We provide training on anti-corruption to improve every employee’s understanding of corruption.

Reporting

All employees are required to report any violations of the Rakuten Group Anti-Corruption Instruction to the Rakuten Hotline, a confidential whistleblowing channel established within the Rakuten Group.
Anti-corruption compliance status and the implementation of the program is reported to the Board of Directors periodically.

Raising Employee Awareness

To spread awareness of compliance throughout the Rakuten Group, we periodically provide compliance education to all executives and employees.
Specifically, we promote awareness of business ethics and the RGR through Asakai, our weekly morning meeting attended by all Group employees, and e-learning focused on compliance provided to all Group executives and employees, including directors, corporate auditors, regular employees, contract employees, temporary staff, part-time employees, partner staff and interns. E-learning is completed by compliance pledges in which all Group executives and employees commit to complying with and adhering to social norms, laws and regulations, and internal rules.

Reporting Channel

Rakuten Hotline

The Rakuten Group has a whistleblowing system called the Rakuten Hotline where all group employees including not only full-time employees but also contract employees or temporary staff can report on illegal activity, violation of company rules and regulations, fraudulent acts or other ethical misconduct to inside and outside contacts.
The Harassment Help Desk is also available for reporting harassment-related complaints specifically, and to ensure that behavior constituting harassment is dealt with appropriately.
The hotline is operated in compliance with the Whistleblower Protection Act and protects the confidentiality of those whistleblowers who consult or report to the hotline and prohibits any disadvantageous treatment. It is also possible to report anonymously and any disadvantageous treatment for well-intentioned whistleblowers is prohibited.
All reported misconducts are investigated by the dedicated team for substantiating reports, and feedback is provided to whistleblowers that includes a conclusion, resolution and plans for improvement.
In all circumstances where a breach is substantiated, those involved in misconduct will be subject to disciplinary action in accordance with the provisions of the employment rules of the company.

Supplier Hotline

Rakuten Group has established a Supplier Hotline as a contact point for suppliers to report. Please see here for details.