NEOBANK SBI Sumishin Net Bank

Search
Menu

Management Policy

Risk Management

Risk Management System

SBI Sumishin Net Bank (SSNB)’s risk management policy stipulates that SSNB performs risk management to pursue profits or avoid losses.
Under this risk management policy, the Risk Management Department, as a supervising body, works to accurately understand the status of risks through a series of activities to identify, evaluate, operate, monitor, control, and reduce risks. In addition, SSNB implements risk management by taking the necessary measures based on the risk management plan established each fiscal year. The Risk Management Department’s Managing Officer reports on the status of risk management to the Board of Directors on a quarterly basis, and the Board of Directors receives the reports and, if necessary, commissions studies and other actions.
SSNB also performs enterprise risk management based on the scales and characteristics of each risk. Risk management is identified as the most critical management issue to ensure the soundness and appropriateness of business operations as a financial institution. Therefore, SSNB commits to developing and establishing the risk management system that functions in a PDCA (Plan, Do, Check, Action) cycle, based on the risk management policy stipulated by the Board of Directors.

Internal Structure

SSNB has established a basic policy for the development and establishment of a risk management system at the Board of Directors’ meeting, and in order to ensure that this system functions effectively, the following organizations have been established under the Board of Directors.

Integrated Risk Management

Risk Category
“Market risk,” “Liquidity risk,” “Credit risk,” and “Operational risk” are identified, and “Operational risk” is further managed by classifying into the following sub-categories: “Business processing risk,” “Information security risk,” “Compliance risk,” “Human resource risk,” “Event risk,” and “Reputational risk.”
Risk Management Committee
The Risk Management Committee discusses overall risk management, mainly about the establishment of risk management plans or management of the progress.
Product Examination Committee
The Product Examination Committee supports and assists in making decisions at the Management Meeting through discussions of the significance of initiatives, various inherent risks, and returns to the risks associated with new products and services.
Compliance and Operational Risk Management Committee
The Compliance and Operational Risk Management Committee understands and confirms the status of operations, sorts out the issues, and discusses the countermeasure policy related to compliance and operational risks.
BCM Liaison Committee
In order to minimize the impact of unforeseen circumstances, the BCM Liaison Committee considers the systems that enable prompt and speedy responses, such as establishing procedures for the business processes in advance.
System Risk Management Committee
The System Risk Management Committee understands and confirms the status of operations, sorts out the issues, and discusses the countermeasure policy related to the overall system risk out of information security risk.
ALM Committee
The ALM committee discusses optimizing risks and maximizing profits by comprehensively managing the assets and liabilities of SSNB.
Credit Risk Management Committee
The Credit Risk Management Committee conducts discussions regarding matters, such as monitoring the examination process, business processes, and risk and return analysis of various credit risk services, management of preservation and collection, and the risk management process of subsidiaries from the perspective of credit risk management.

Information Security

We do not sacrifice convenience and we protect our customers. We implement thorough user experience-based security measures with a “customer-centric approach.” We use a strong authentication system that complies with the FIDO international standard and biometric authentication to confirm the identity of users. We also have a multi-layered defense system in place to prevent unauthorized access and malware attacks, ensuring robust network security.