Risk management system
Credit Saison Co., Ltd. (the “Company”) considers the risks surrounding the Company and each Group company (including overseas bases and overseas affiliated companies) to be an important management issue for achieving sustainable growth and enhancement of corporate value as a “GLOBAL NEO FINANCE COMPANY—A global comprehensive life services group with finance at the core—.”
Taking changes in business characteristics and changes in the external environment into consideration, the Company assesses and evaluates risks and takes action to address them according to risk characteristics. We also regularly check action taken and make revisions where necessary. Furthermore, as we expand our business globally, we take factors such as differences in regulatory environments and commercial practices into consideration when managing risks.
The Company has established the Risk Management Committee, which works with each business department to assess and evaluate major risks, check action plans, and monitor action taken. The committee reports important matters to the Board of Directors where necessary.
In addition, we work to ensure financial soundness through use of the risk capital management (RCM) method to build appropriate financial foundations where necessary.
Risk management based on the "Three Lines of Defence" model
We have organized the division of roles for risk management based on the "Three Lines of Defence" model, to clarify roles and responsibilities for addressing risks associated with business operations.
While cooperating with each other, each line of defence ensures independence and objectivity according to their respective role, helping prevent the materialization of risk, minimize the impact in the event of materialization and bring about continuous improvement.
First line of defence (Business departments: Risk owners)
The first line of defence is responsible for assessing risks in routine operations, developing and operating necessary controls, rectifying issues, and reporting in a timely manner.
Second line of defence (Administrative departments such as risk management and compliance departments)
Administrative departments such as risk management and compliance departments develop the companywide framework (policies, regulations, procedures, etc.) and provide advice and support to business departments. The second line also monitors the status of the first line's initiatives and encourages improvement where necessary.
Third line of defence (Audit Dept.)
The Audit Dept. audits the effectiveness of business operations, internal controls and risk management processes, identifies any issues and makes recommendations for improvement from an independent standpoint as the Internal Audit Office.
Risk management processes
We operate risk management processes based on the PDCA cycle as our basic risk management approach. In managing the risks surrounding the Company and each group company, we assess, evaluate, address and monitor risks as a series of processes and make ongoing revisions in light of changes in the external environment and business envirornment.
Major risks
We organize risks that might impact business activities and assess them through the risk assessment process.
Risks that need to be managed are classified into multiple categories according to their nature and characteristics, and we take action necessary to address them based on confirmation of the status and importance of risks.
Risk categories
| Management strategy risk | Credit risk |
| Market risk | Funding liquidity risk |
| Administrative risk | Information security risk |
| System risk | Compliance risk (including legal risk) |
| Human risk | Business continuity risk |
| Reputational risk |
Top risks
In managing risks that might impact our business operations, our Risk Management Committee leads discussions on risk domains that are especially noteworthy for management and priorities to be addressed, taking factors such as the evaluations of the departments in charge of the risks and hearings into consideration.
Based on the information confirmed through such discussions, the committee continuously checks the direction of action being taken to address risks and the state of progress and reports to the Board of Directors where necessary.
The committee also make appropriate revisions to the information that needs to be checked as a priority in light of changes in the business environment and the status of risks.
Overview of risks in main businesses
We disclose risks associated with the Credit Saison Group's main businesses in the Business and Other Risks section of our securities report. The information on this page is the same as the information contained in the securities report.
(1) Risks related to the external environment
a. Impact of changes in the external environment, etc.
The Credit Saison Group engages in business activities not only in Japan but also in India, Southeast Asia and Latin America. The materialization of risks such as economic volatility in these regions, exchange rate volatility, political, legislative and regulatory risks, natural disasters, cybersecurity risks and risks related to human resources and environmental regulations could impact the Group's performance and financial position.
The Group seeks to mitigate risk and ensure sustainable growth by continuously monitoring risk trends in each country of operation and building appropriate risk management systems and also by deploying flexible business strategies.
Our overseas subsidiaries also work closely with local financial institutions, law firms and other experts to monitor changes in the economic situation, regulatory requirements, laws and regulations and other aspects, leveraging their expertise to avoid and mitigate risk.
b. Impact of competition with other companies
Our Payment Business Segment is facing fierce competition due to developments associated with deregulation and technological advances, such as new entrants from other industries, the diversification of payment methods including code payment and smartphone payment, and the points-based customer retention strategies deployed by our competitors.
In face of such competition, we will aim to generate stable revenue and further expand profit by leveraging DX and AI to drive labor savings and cost reductions in our business operations and by transforming the member structure in the affluent customer and corporate markets (targeting small and medium enterprises or SMEs), strengthening the revenue base, and expanding the share of high activity, high spend customers. Meanwhile, in response to changing competition, we will seek to strengthen our cost competitiveness and increase the efficiency of our business operations while at the same time encouraging expansion of our customer base and the development of new services.
Our Finance Business Segment is engaged in the finance business, primarily real estate finance. In the real estate finance market, we face stiff competition on all fronts including transaction conditions and service quality, with many non-banks and other financial institutions entering the market.
In face of such competition, the Group has introduced electronic contracts for contractual procedures with customers, with a view to further improving convenience and increasing the efficiency of business operations. Going forward, we will further accelerate DX to offer more sophisticated and differentiated services to our customers and business partners.
In our Global Business Segment, we are expanding the lending business and investment business in India, Southeast Asia and Latin America. In addition to changes in the financial regulations in each country, foreign currency risks and economic and political instability, local banks, non-bank financial institutions, fintech companies and other global players from overseas are expanding financial services for underserved customers in these markets, and this could impact our business development.
In face of such competition, we will promote digitalization and the use of AI in our business processes and conduct business operations flexibly according to market characteristics in each country. We will strive for business diversification, and aim for improvement in profitability and improvement in asset efficiency. Additionally, under the leadership of our IHQ (International Headquarters), we will drive efforts aimed at strengthening governance in each country Through this, we will drive sustainable growth and the establishment of a stable revenue base.
c. Impact of regulatory and legislative changes
When conducting business activities, the Credit Saison Group is subject to domestic and foreign laws and regulations, including general laws and regulations related to company management such as the Companies Act and financial laws and regulations such as the Installment Sales Act, Money Lending Business Act, Banking Act, Financial Instruments and Exchange Act and the Insurance Business Act, as well as guidelines of the supervisory authorities, voluntary regulations of industrial associations and other rules. Especially in emerging markets, there is a great deal of regulatory uncertainty and compliance with laws and regulations is essential for business continuity. Being subject to the laws and regulations of each country and region means that any amendment, change in interpretation or tightening of these laws and regulations in the future or any new regulations introduced could impact the Group's performance and financial position.
We endeavor to gain an understanding of the enactment or amendment of laws and regulations from a wide range of sources, including industry associations and various specialist organizations. In cooperation with law firms and other experts, we will respond to any regulatory changes through internal systems and rules in line with the changes and the consideration and development of operations.
d. Impact of the occurrence of a large-scale disaster
The Credit Saison Group is engaged in business in various regions both in Japan and overseas. In the event of a large-scale natural disaster such as an earthquake in these regions that causes physical damage to our assets or injury to our employees, this may impact our performance and financial position.
We have formulated a BCP plan and regularly confirm its effectiveness, and we regularly implement BCP education and training. Especially in the Payment Business Segment, the continuous rollout of services as social infrastructure is essential. In light of this, we are taking action such as improving the credit card usage environment by decentralizing authorization systems to the Kanto and Kansai regions.
In addition, the processing centers responsible for important business operations (Tokyo Ubiquitous Building and Kansai Ubiquitous Building) integrate seismic isolation, emergency power supplies in case of prolonged power outage and other disaster management solutions. Going forward, we will continue to take stock of and control risks through continuous crisis management and various risk management-related meetings.
e. Impact of climate change
We recognize that climate change is a major issue with wide-ranging impacts for the planet, the economy and society, and we position it as a top priority for the realization of a sustainable society. If appropriate action is not taken on climate change, changes in the business environment due to developments such as tighter regulation or the introduction of carbon pricing (transition risks) as well as damage to assets and disruption to business operations caused by abnormal weather events or natural disasters (physical risks) could lead to an increase in credit costs and operational costs, decline in the value of assets and loss of social trust and may have an impact on the Group's performance and financial position.
To properly assess and manage these risks and build resilience in the medium and long term, we have established the Climate Change Strategy Promotion Working Group under the Sustainability Committee, which is attended by senior management, and we are implementing groupwide initiatives. Based on the TCFD recommendations, we are also striving to enhance disclosure about action on climate change.
(2) Financial risks
a. Liquidity risk (Fund procurement risk)
The Group mainly procures funds by borrowing from banks and other financial institutions and also by issuing securities such as corporate bonds and commercial paper (CP) in capital markets. Since we have a considerable amount of debt maturing within a year such as short-term borrowings and CP as well as the current portion of long-term liabilities, when factors specific to the Group (such as deterioration in our performance or the downgrading of our credit rating) or external factors (such as an economic or financial crisis or a natural disaster) cause liquidity risk to increase, this may have a severe impact on our performance and financial position.
We strive to reduce liquidity risk by maintaining a certain percentage of long-term, fixed-rate funding, establishing commitment lines and other means of accessing supplemental liquidity, and diversifying our direct funding through the securitization of corporate bonds and receivables and other means.
b.Market risk
The Group invests in assets such as stocks of listed and unlisted companies, venture investment funds, bonds, real estate, and real estate funds. If the prices of these investment assets fall in market trading, this may have an impact on our performance and financial position. Especially if the value of the real estate we own decreases due to a downturn in the real estate market, our performance and financial position may be adversely affected. When procuring funds, we use indirect finance by borrowing from banks and other financial institutions and direct finance such as corporate bonds, and this includes some financing at variable interest rates. If market interest rates rise dramatically, this may impact the Group's performance and financial position.
We have introduced risk capital management (RCM) and asset and liability management (ALM) and use these methods to establish investment policies and limits and maintain a certain percentage of long-term, fixed-rate funding in case of a sharp increase in interest rates. We also conduct preliminary screening when acquiring securities and derivatives and continuous monitoring. In addition, at meetings of the Board of Directors and ALM Committee, we conduct multi-faceted analysis from both short-term and medium-to-long-term perspectives to properly control the Group's market risk.
c. Credit risk (Impairment losses on financial assets (Allowance for doubtful accounts))
The Group has various loans and other receivables in each business as well as guaranteed payables associated with its credit guarantee business operations. These include receivables associated with credit card usage for shopping, lease receivables and finance-related receivables. Due to changes in the economic environment in Japan or overseas, many customers may not be able to repay receivables in accordance with contract conditions and this might impact the Group's performance and financial position.
In accordance with regulations relating to the management of credit risk, we work to maintain the soundness of receivables. We also develop and operate systems for credit management, including credit limits, credit information management, and internal ratings, and strengthen credit management systems by monitoring the status of receivables via monthly receivable management meetings and other means. Through this, we properly estimate the status of creditors and value of collateral, and record allowances for doubtul accounts in an appropriate manner.
Additionally, as part of efforts to mitigate credit risk, we have integrated credit card screening using a machine learning model into the credit card eligibility screening process. This allows us to quickly identify high risk applications through analysis of past transaction histories and diverse risk factors and more precise credit judgments and prevents uncollectible receivables arising after cards are received. By using technologies like these, we are driving more sophisticated credit risk management and greater business efficiency, and working to maintain a portfolio of sound receivables.
Additionally, in our Global Business Segment, our overseas subsidiaries are working to maintain sound receivables in accordance with regulations on the management of credit risk, as we do in Japan. We are also developing systems for credit management spanning each country, with India and Singapore at the center. Furthermore, our Global Business Division analyzes and checks the results of such efforts, and monitors the status of receivables in each country through monthly global receivables management meetings and other means.
d. Provision for loss on interest repayment
We may receive demands from customers for the repayment of interest paid in the past in Japan that was higher than the interest rate cap set by the Interest Rate Restriction Act, on the grounds of unjust enrichment. To address this risk, we have recorded a provision for loss on interest repayment. When determining the provision, we take into consideration historic repayments as well as the outlook, including the future economic environment, claim trends and and the claim processing cost.
However, in the event of a dramatic change in the economic situation, a greater-than-anticipated increase in the number of overpayment claims or processing cost, or a greater-than-anticipated increase in repayment claims due to legal or regulatory developments, the Group's performance and financial position may be impacted.
e. Impairment of goodwill
The Group prepares its consolidated financial statements in accordance with IFRS. Under J-GAAP, goodwill is amortized systematically, which means that, as time passes, the balance of goodwill decreases and the risk of impairment loss also diminishes. However, under IFRS, goodwill is not amortized periodically, which means that the risk of impairment loss persists into the future. Each time goodwill arises due to M&A or similar, the balance of goodwill continues to increase and the recognition of impairment losses could impact the Group's performance and financial position.
We set investment limits based on RCM to establish mechanisms for avoiding excessive risk. In addition, supervisory divisions and specialized departments hold deliberations on the appropriateness of acquisition prices at the investment stage, investments are followed up to ensure achievement of the income and expenditure plan and the management environment of investees is regularly monitored.
(3) Operational Risks
The Group is expanding and diversifying channels for acquirng members and selling products and services through business alliances with many companies and organizations. We have also formed capital relationships with some partners, and are leveraging the customer bases and other resources of the Group and our business partners to expand business. While business with each business partner is an important business strategy of the Group, in the event of deterioration in the performance of a partner, a change in the conditions of the business alliance with a partner, or the termination of a partnership, the Group's performance and financial position may be impacted.
We will strengthen our relationships with our existing partners. At the same time, we will build a business model that is not dependent on a specific partner by pursuing partners and new alliances in diverse industries and sectors.
a. System risk
Our main businesses use computer systems and communication networks to conduct high volume and wide ranging operations. In the event of malfunction due to system failure, communication failure, a failure at an outside contractor or a cloud service outage, our business operations may be impacted. Additionally, if operations are suspended or delayed or customer service is disrupted as a result of the failure, this may also lead to a loss of social trust or reputational risk.
To address such risks, we constantly work to maintain stable system operation. We also ensure that important systems are backed up, formulate contingency plans based on our Business Continuity Plan (BCP), and habitually develop emergency response procedures and hold periodic training and simulations. When utilizing external system contractors, we regularly evaluate contractors in accordance with internal regulations and ensure thorough management. Furthermore, any major system failure will be promptly reported to the Crisis Management Committee and dealt through the full capabilities of the Group, in accordance with internal regulations. We are also using case studies of incidents at other companies as a reference to bring about improvement and working to constantly reduce risk.
b. Information security risks
Our main businesses use computer systems that store large amounts of credit card member information and other personal information. Cybersecurity threats, which have grown increasingly serious in recent years, pose risks such as the risk of malfunction due to system failure or communication failure and the risk of leakage of personal information and confidential information. In the event of materialization of such risks, the Group's performance and financial position may be impacted by a loss of trust, compensation of damage or other consequences.
Under the leadership of senior management, all our employees are actively involved in addressing information security risk, and we also implement measures in accordance with international guidelines and guidelines set out by the supervisory authorities. In particular, we develop, maintain and operate information security management systems and we establish systems that will allow us to take prompt and appropriate action in the event of an information security iemergency.
c. Compliance risks
Impact of laws and regulations
When conducting business activities, the Credit Saison Group is subject to domestic and foreign laws and regulations, including general laws and regulations related to company management such as the Companies Act and financial laws and regulations such as the Installment Sales Act, Money Lending Business Act, Banking Act, Financial Instruments and Exchange Act and the Insurance Business Act and is also under the supervision of the supervisory authorities. Moreover, with the enactment of the Act on the Promotion of Ensuring National Security through Integrated Implementation of Economic Measures, we must comply with the government's preliminary review system requirements when outsourcing the installation, maintenance and management of critical equipment. In the event of violation of laws and regulations in the future, the Group's performance and financial position may be impacted by an administrative penalty, reputational damage or other consequences.
Under the leadership of the senior management, the Group implements preventive measures to ensure compliance with laws and regulations such as strengthening compliance systems, continuously providing employee training, and monitoring the status of business execution. We will also develop the whistleblowing system and put in place systems for the early detection of fraud, misconduct, potential conflicts of interest and similar on the part of senior management and employees and systems for taking prompt action.
In addition, at meetings of the Company's Compliance Committee, approval for compliance-related employee education is obtained and the status of implementation is reported.
Impact of the leakage or unauthorized use of personal information
The Group holds a large amount of diverse data such as credit card member information as well as other personal information and corporate information. Accordingly, any leakage or unauthorized use of personal information could lead to a significant loss of trust in the Group and may impact its performance and financial position due to compensation of damage, an administrative penalty, reputational damage or other consequences.
In accordance with the Act on the Protection of Personal Information, we develop systems for the implementation of measures to protect personal information and handle information in an appropriate manner.
Impact of Response to Money Laundering and Terrorism Financing
Amid the rise in nuclear missile and terrorist threats around the world, cutting off funding for criminals and terrorists is a major challenge for Japan and the international community. Ineffective measures to combat money laundering and terrorism financing ("anti-money laundering measures") could lead to violations of laws and regulations, administrative penalties such as business suspension or financial sanctions, reputational damage or other consequences, which might impact the Group's performance and financial position.
With anti-money laundering measures positioned as an important management issue, we develop systems for conducting business activities in Japan and overseas that are in compliance with laws and regulations and continue to further strengthen anti- money laundering measures.
Litigation risk
If the Group caused damage to the users of services it provides in Japan or overseas due to system failure or other reasons attributable to the Group or if the Group infringed on third-party intellectual property, legal action may be taken again the Group or other claims may be made against the Group.
The Group endeavors to provide proper services through prior consultation with outside experts, the supervisory authorities and others. However, litigation or similar might impact the Group's performance and financial position, with potential consequences such as the payment of compensation and service disruption.
d. Administrative risk
The Group provides may different types of services, carrying out administrative processing to meet the detailed requirements of customers. In many of our business operations, especially in the Payment Business Segment, we are working to save labor, increase business efficiency and improve accuracy through the use of DX and AI. However, in certain processes, employees still need to carry out checking tasks and manual tasks and this is sometimes the cause of administrative errors. Going forward, we will continue building systems and strengthening measures to ensure that the Group's business operations, performance and financial position are not impacted by the occurrence of losses, administrative penalties, reputational damage or similar consequences.
In addition, the Company's Compliance Committee will share any administrative errors that occur and report on improvement measures.
Across the Group, we are implementing preventive measures, including establishing and updating administrative manuals, regularly inspecting the status of administrative processing, providing ongoing employee training, and monitoring the implementation status of operations. On the financial reporting front, we have formulated regulations such as the Management Regulations for Internal Control over Financial Reporting and have developed systems for the development and operation and evaluation of internal control over financial reporting. We also make those in charge of the evaluated departments aware of the importance of evaluation of the effectiveness of internal control to increase the effectiveness of internal control. Moreover, to further expand the digitalized domains of business processes, our IT departments and other relevant departments are playing a central role in efforts to increase business efficiency and improve business accuracy by driving the review and improvement of business processes and promoting data processing automation and the creation of workflows.
e. Human risk
The Group is working to hire and develop diverse, talented human resources to provide high-level services to customers and develop advanced products and services. If it is difficult to secure the human resources the Group needs, or if we lose human resources, this may impact our business operations and the Group's performance and financial position. An imbalance of measures and human resources within the Group may also prevent the Group as a whole from reaching its full potential
We have put in place systems to secure diverse human resources, including allowing remote working, shorter working hours, and side jobs to enable employees to choose the work style that meets their needs. Moreover, we provide equal opportunities by standardizing employment patterns, and secure talent by adopting personnel systems that can utilize the abilities and characteristics of employees, such as our specialist and expert systems. In addition, we have introduced leave programs that can be utilized for self-development and fertility treatment to help employees achieve fulfilment in both their personal and professional lives. In terms of the development of human resources and career advancement, we have introduced training and support systems such as an assessment program, a new business proposal system, a voluntary selective training program, career development seminars by age group, and personnel allocation based on employee requests centered on open recruitment. Through this, we have developed an environment that allows for long-term and multifaceted training and career development, with the aim of creating a culture of taking on challenges. Meanwhile, through the promotion of the exchange of human resources among Group companies and other measures, we aim to create synergy and maximize performance. In addition, the HRBP (Human Resource Business Partner) within our human resources departments is responsible for supporting business growth from a human resources perspective through the resolution of issues related to "people and organizations," serving as an HR business partner for business departments and group companies.
f. Reputational risk
Negative reviews or the spread of rumors about the Group, regardless of whether or not they are true, may cause a loss of trust among customers and undermine relationships with business partners, which in turn could adversely affect the Group's performance and financial position.
We are always working to build good relationships with stakeholders and also implement preventive measures in relation to reputational risk such as providing internal training on media literacy. At the same time, we develop monitoring systems aimed at the early detection of information and respond in a timely, appropriate fashion according to the source of the negative information and the degree of impact, in an effort to minimize the impact of reputational risk on business.
