move to main move to category
  1. HOME
  2. Sustainability
  3. Governance-SBI Group Risk Management

SBI Group Risk Management

Group Risk Management System

The SBI Group strives to strengthen its risk management system in order to detect risks at an early stage and prevent them from materializing. To prepare for the occurrence or possibility of a business crisis that could have a significant impact on the company's survival, the SBI Group collects information, examines and implements counterplans and measures to prevent the recurrence and reports and discloses information to the relevant authorities, under the Officer in charge of risk management in accordance with the Risk Management Rules and other regulations established by the Board of Directors. In terms of risk mitigation, a risk assessment body has been newly set up in 2021 to further improve the system for identifying risks and developing risk response measures. In addition, the assessment body identifies priority areas for risk evaluation and periodically assesses and analyzes risk factors with the relevant subsidiaries in that matter, and takes measures including the monitoring of the status of improvements .

Moreover, in order to manage the risks of loss of the Group, SBI Holdings' risk management department receives regular and timely reports on the status of risks of loss for Group companies from each company's risk manager. If necessary, SBI Holdings' Risk Management Officer and the risk management department will consult with the relevant risk management personnel to prepare for the occurrence of losses.

The SBI Group has established a system that fully prioritizes compliance through mutual supervision among multiple departments so that all processes of its business activities are ensured to thoroughly comply with the relevant laws and regulations, as well as contracts and agreements, etc.

Risk Management Department

The SBI Group has established the Group Risk Management Dept. as its risk management department. The purpose of this department is to ensure that the Group's overall business management system, the soundness of the Group's assets and the appropriateness of the Group's business operations are fully contemplated. In this regard, the Group can appropriately address the risks associated with being a financial conglomerate.
In addition, the SBI Group complies with the "Rules for Management of Affiliated Companies," "Rules for Risk Management " and "Risk Management Implementation Bylaws" and has established the "Management Policy for Conflicts of Interest" to protect the interests of customers.

Risk Management Initiatives by Business Segments

Financial Services Business

Primary initiatives are to enforce the importance of personal data, address the risks arising from the use of technology, manage information and respond to system risks.

[Protection of customer information]
The SBI Group recognizes the "risks that may arise from the use of information technology," which has become apparent with the development of an advanced IT society, including the spread of the Internet. Therefore, it strives to develop and operate services with maximum consideration for the reliability and stability of information systems. Especially, in view of the importance of the protection of personal information, we have established a "Personal Information Protection Policy " and appointed Takashi Nakagawa, Representative Director, Senior Executive Vice President as Personal Information Officer to prevent accidents and incidents and create an environment and system that enables our customers to use our services with a peace of mind.
Furthermore, as appropriate, each company handling personal information obtains a Privacy Mark from the Japan Information Processing Development Corporation (JIPDEC). Eight companies, including SBI Holdings, have been approved to use the Privacy Mark as of December 2, 2021.
We are also reinforcing measures to prevent information leaks derived from cyberattacks against our information systems using malware and other means, known as targeted attacks. In particular, we recognize that one of the most important factors in maintaining and improving information security systems is personnel. Hence, the SBI Group provides ongoing training for its employees through e-learning and other means. We will continue to take effective and efficient measures to improve the information security of all Group companies, for example, by sharing good practices from each company.

[Information management and system risk management]
In view of the increasing importance of information security measures in recent years, the Officer responsible for information security promotes the development of a Group-wide information management system, including customer information, and reinforcement of the management framework for system risks and information security risks throughout the Group. For this purpose, the Officer establishes a system for preventing and responding to cyber security incidents. In terms of business continuity, we promote the introduction of cloud computing environments and other measures to ensure the availability of system services in a variety of events. With regard to strengthening cyber security, we have implemented thorough security measures throughout the Group and have developed our own security services by utilizing state-of-the-art technologies of the Group's investee companies.

Asset Management Business

In the context of the global expansion of ESG investments, our focus is on the development and management of ethical standards.

The SBI Group's investment policy is to invest in companies that have a basic understanding that management executives must be aware that business is not about just making money but is based on virtue and that companies are entities within society that are able to survive only within society. Therefore, they must contribute to the maintenance and development of society." In the investment decision-making process, SBI Investment, the Group's core company of the venture capital business, conducts due diligence from qualitative and quantitative aspects, including the vision and qualities of the management of the company to be invested in, the growth potential and scale of the market, novelty, the feasibility of the business model and whether the company contributes to the growth and development of a sustainable society. In addition, after making investments in the startup companies, SBI Investment endeavors to mitigate the investment risks by overseeing the companies' operation through periodical meetings with business managers and attendance at the board of directors' meetings while sending executives and assisting them via business alliances to introduce new customers.

As of the end of March 2021, SBI Investment has no investments in companies dealing with tobacco, fossil fuels such as oil and coal, as well as companies manufacturing weapons or companies that generate nuclear power. This outcome is in line with the trend towards ESG investments. As stated in its management philosophy, "New Industry Creator," the SBI Group has concentrated its investments in growth areas such as IT, bio and life sciences, environment and energy, in order to create and nurture core industries of the 21st century since its inception. Currently, in addition to these fields, SBI Investment has actively been investing in next-generation innovative areas such as fintech, AI, blockchain, IoT and robotics. Moving forward, the SBI Group will continue to invest in startup companies with high levels of expertise and innovative ideas in the areas contributing to solving social issues such as the shortage of workers due to the falling birthrate and aging population and the depopulation of regional and local areas, thereby conducive to the realization of a sustainable society.

Biotechnology, Healthcare & Medical Informatics Business

Initiatives are taken with a focus on quality control and the handling of environmental pollution risks.

Since SBI Pharmaceuticals develops and manufactures products using 5-aminolevulinic acid (5-ALA), in order to ensure the quality and safety of the products, it has established a management system that complies with relevant laws and regulations, such as "standards for quality control," a requirement for pharmaceutical manufacturers and distributors. The company identifies risk factors such as defects and flaws in products and services, large-scale recalls and quality problems that could lead to product liability claims and has taken measures to address these issues. SBI ALApromo, which distributes products containing 5-ALA, also takes similar means. Furthermore, as SBI Biotech is engaged in the research and development of pharmaceuticals, it determines the risk of environmental contamination due to the loss of laboratory animals, risk of genetically modified organisms being released into the atmosphere, and risk of radioisotope (RI) being released into the environment and it has taken measures to address these risks.


Addressing cyber security risks and combating money laundering and the financing of terrorism (AML/CFT) are pivotal.

In the crypto-asset-related business, which the SBI Group positions as its next-generation growth area, given that all of the assets handled are digital assets, the Group strongly recognizes the importance of enhancing and strengthening the system risk management structure and is striving to build such a system. We identify risk factors such as computer system failure or malfunction, system inadequacies or computer misuse and have taken measures to address these issues. We also fully recognize the money laundering risks associated with the anonymity of crypto-assets and the risks of terrorist financing. Under the supervision of an Officer responsible for AML/CFT initiatives, we endeavor to further create a system of anti-money laundering and customer verification that meets international standards.

Related Page

The following page summarizes the risks that may have a material impact on investors' decisions concerning the SBI Group's business and accounting conditions.