Internal Control and Internal Audit

SBI Holdings believes that in order to enhance its corporate governance, it is crucial to create an internal control system and to conduct business through a sound internal control system. With respect to developing the internal control system, the Representative Director （Chief Ethics Officer） ensures every executive and employee thoroughly apprehends that compliance with the law and adherence to ethical behaviors are the cornerstones of realizing the SBI Group's corporate management philosophy and vision.

To identify compliance problems and issues, the Board of Directors has determined a director in charge of compliance while establishing the Legal and Compliance Dept. to serve as the compliance division under the direct control of the aforementioned director. Moreover, SBI Holdings has installed a whistle-blowing system that enables directors and employees to directly report to the Statutory Auditors and the internal audit division an organization independent from both operations management and administrative divisions, upon perceiving any violation of the laws, regulations, the Articles of Incorporation, or other compliance-related material facts within SBI Holdings. The Company has established a system that fully prioritizes compliance through mutual supervision among multiple departments so that all processes of its business activities are ensured to thoroughly comply with the laws, as well as contracts and rules.

"IV. Matters Related to the Internal Control System" of the Corporate Governance Report
Compliance

The Statutory Auditors are responsible for ensuring an effective corporate governance structure worthy of public trust by auditing the execution of duties by Directors as organs that are independent from executive organs. The SBI Holdings' Board of Statutory Auditors is composed of four Statutory Auditors, of whom two are Outside Statutory Auditors.
One of the Outside Statutory Auditors is a Standing Statutory Auditor and has many years of experience working for financial institutions and the financial authorities and has extensive knowledge of the financial sector in general, and the other has vast experience and expertise as a certified public accountant and tax accountant and has a considerable degree of acumen in finance and accounting. Meanwhile, one out of the two Statutory Auditors who are not Outside Statutory Auditors has experience of working for many years at financial institutions and has extensive knowledge of the financial sector in general, while the other has many years of experience in accounting operations and knowledge of finance and accounting as a certified public accountant.

As for the actual auditing procedures, by conforming to the Statutory Auditors' Audit Standards determined by the Board of Statutory Auditors, the Statutory Auditors attend Board meetings and other important meetings, view important approval documents and others, while exchanging opinions as appropriate with Representative Directors and Directors. In addition, they conduct their audits of the Company's internal control system in accordance with Audit Practice Standards for Internal Control Systems.

The Board of Statutory Auditors work closely with the internal audit division through regular information exchanges, as well as receive summaries on the annual audit plans and quarterly and full-year auditing results, discuss major auditing considerations with the accounting audits while conducting information sharing and exchange of opinions where necessary on managerial problems and issues.

Thus, SBI Holdings obtains the appropriateness of its corporate governance by organically combining various audits performed by the Statutory Auditors, the internal audit division and the accounting audits. In the fiscal year ended March 2023, SBI Holdings held 17 Board of Statutory Auditors' meetings.

The Company has an internal audit division which is an organization that is independent from both business operation management and administration divisions. The internal audit division comprehensively and objectively evaluates the appropriateness of internal control systems which includes legal compliance, the appropriateness of business operations and the appropriate operation of internal controls and proposes improvements for and follows up any issues identified as a result of the audit. The internal audit division obtains assistance from Executive Officers and outside experts if necessary, when conducting audits.

The audit results are reported to the Representative Directors and the Board of Directors once or more every 6 months without delay after completion of individual audits and are also reported regularly to the Statutory Auditors.
The internal audit division is composed of a general manager and members who have specialist knowledge of audits (internal audits, accounting audits, internal control, etc.), and it conducts audit procedures with reference to general internal audit standards, etc. The internal audit division groups the audit targets by considering capital relationships, etc., and then conduct scoring based on credit risk, market risk, liquidity risk, operational risk, and other risks. Based on the results, the auditor determines the audit frequency starting from those with high overall scores. In internal audits, the auditor combines methods such as document audits, interviews, and on-the-spot inspections, and if necessary, conducts audits on equity method affiliates in addition to subsidiaries.

After the completion of each individual audit, the results are regularly reported to and opinions are exchanged with the Board of Statutory Auditors separately from the Board of Directors. In addition, organic collaboration is carried out by incorporating the requests of the Board of Statutory Auditors into the selection of audit themes and the scope of the audit.

In terms of the relationship with the accounting auditor, the internal audit division exchanges information centered around internal control over financial reporting as appropriate.

To understand the risks and information of the audited parties, opinions are exchanged as appropriate with the Internal Control Division and related materials and information are obtained in each audit.