The Concordia Financial Group recognizes compliance as one of the most important issues for management, with executives and employees working together to enhance the compliance system based on our Basic Compliance Policy (*).
- (*)Basic Compliance Policy: https://www.concordia-fg.jp/compliance/index.html
At the Concordia Financial Group, the Chief Compliance Officer is in charge of the Risk Management Department and is responsible for overall group compliance, while the Risk Management Department, as the department responsible for compliance, centrally manages and guides compliance-related operations for the entire group and reports any serious matters to the Board of Directors.
The Group continuously conducts training for all officers and employees (including part-time and temporary employees) to ensure compliance throughout the Group. In addition, as a specific plan of practice to achieve compliance, we establish a Compliance Program for each financial year in accordance with the Basic Compliance Policy, and establish action principles for the realization of this program. In our FY2022 compliance program, we are focusing on initiatives such as maintaining a thorough awareness of compliance and a common-sense sales attitude, conducting customer-oriented services, managing information rigorously, combating money laundering and the financing of terrorism, and taking appropriate action against antisocial elements and financial crime.
In addition, in order to raise the effectiveness of the compliance program, a "Compliance Meeting" attended by directors, executive officers, and general managers is held regularly to monitor the progress of the program and the status of compliance, including the handling of whistleblowing and corrupt practices, and to report to the Board of Directors. The Board of Directors also receives the above reports and supervises the group companies.
In order to facilitate early detection and correction of compliance-related problems, such as violations of laws and regulations, fraud, corruption, violation of internal rules, and harassment, the Concordia Financial Group has established a Compliance Hotline, an internal reporting desk, at the Company, at the Bank of Yokohama, and at Higashi-Nippon Bank.
The whistleblower contact point is operated in accordance with the spirit and intent of the revised Whistleblower Protection Act and its guidelines, which went into effect in June 2022. For the protection of whistleblowers, information is accepted from both anonymous and confidential whistleblowers. A limited number of whistleblower response personnel handle the information and do so under strict information management. Investigations are carried out so as not to identify the whistleblower, and the whistleblower is not investigated or subject to unfair personnel or other treatment because of their whistleblowing activity.
When a whistleblowing report is received, an investigation is carried out to determine the facts of the case in accordance with the information received. If a violation of compliance is confirmed, corrective measures are taken and recurrence prevention measures are formulated, personnel measures such as disciplinary action against the subject of the whistleblowing are considered and implemented, and feedback is provided to the whistleblower to the extent necessary. Reports are also received at an external contact point set up at a lawyer's office and forwarded to the risk management personnel of each Group company via the Company's Risk Management Department. Each company takes action to resolve the problem after consulting with its lawyer.
The Group is making efforts to disseminate knowledge of the whistle-blowing system, including the protection of whistleblowers, by displaying posters, establishing a user's manual, and holding study sessions for all officers and employees. The Company was registered with the "Whistleblowing System Certification (Self-Compliant Declaration Registration System)" under the jurisdiction of the Consumer Affairs Agency in FY2020 and this registration was renewed in FY2021.
Whistleblowing Reception Desk
|Concordia Financial Group||
|Bank of Yokohama||
- *The Auditor Reporting Desk is a reporting desk that allows internal and external parties to directly report to members of the Audit and Supervisory Board any legal violations or inappropriate accounting matters involving directors and executive officers.
Initiatives to Prevent Money Laundering
With the increasingly widespread transfer of funds by criminal groups, terrorists, and other such groups, with international terrorist organizations showing more activity, and with the trend to the global proliferation of weapons of mass destruction, there is an increasing risk that financial institutions will become enmeshed in money laundering, terrorist financing, and proliferation financing.
In order to be ready for such risks, the Concordia Financial Group not only complies with basic items such as confirmation at the time of transaction as stipulated in the Act on Prevention of Transfer of Criminal Proceeds, the Foreign Exchange and Foreign Trade Act, and other relevant laws and regulations, but also plays its role as a participant in maintaining the soundness of the financial system by taking effective measures against money laundering and terrorist financing in accordance with the "Guidelines Concerning Measures against Money Laundering and Terrorist Financing" published by the Financial Services Agency.
Specifically, each company within the Group prepares its own specific risk assessment document based on the Act on Prevention of Transfer of Criminal Proceeds, comprehensively and specifically identifies and evaluates risk, and takes risk mitigation measures, such as proper notification of suspicious transactions. In addition, we continue our efforts to enhance our risk mitigation measures through the "Anti-MoneyLaundering Program," which is established annually to verify the effectiveness of our risk mitigation measures.
Elimination of Anti-Social Elements
Concordia Financial Group is deeply aware of the importance that banks must place on their public mission and social responsibilities. The Group absolutely refuses financing for antisocial elements that pose a threat to the order and safety of civil society. Our organization as a whole works towards the elimination of all relationships, including transactions, with antisocial elements, and takes a firm stance against unjustified demands and intervention by such elements.
Specifically, the Concordia Financial Group has used this basic principle to formulate a Basic Policy on Anti-Social Forces (*) from the perspective of preventing harm caused by antisocial forces. Executives and employees are provided with training and guidance, and the department responsible for action in each Group company works with lawyers and public administration agencies such as law enforcement to prevent transactions and interactions with anti-social elements.
Initiatives to Strengthen Customer Protection and Customer Information Management Systems
The Concordia Financial Group considers the management of customer protection to be one of the most crucial areas of corporate management. We stand in the customer's perspective, strictly follow all laws and regulations, and conduct our corporate activities fairly and in good faith.
The Group is working to ensure customer protection and compliance by providing continuous e-learning and group training to all officers and employees, according to their duties and positions, on topics such as fiduciary duty, management of customer information, abuse of dominant bargaining position, conflict of interest management, etc. We also conduct information security training for all employees based on the basic policies set out in the Security Policy in order to ensure the safety of our information assets.
The Bank of Yokohama and Higashi-Nippon Bank have designated their respective Customer Relations Offices as departments to centrally manage complaints in accordance with their respective regulations, and accept consultations and complaints from customers. Complaints at sales branches etc. are reported to the Customer Relations Office, which provides instructions and guidance for resolution. The content of complaints, analysis of their causes, and the status of actions such as improvement measures are regularly reported to the Management Committee and the Board of Directors, and improvement activities are constantly undertaken based on instructions and guidance from the Board of Directors etc. In addition, we have entered into a basic agreement with the Japanese Bankers Association, which is a "designated dispute resolution organization" under the Banking Law, to conduct the Financial ADR System, a procedure for resolving disputes with customers through the involvement of a third party.
As initiatives to protect personal information, we publish the purpose of use of personal information on our homepage and elsewhere in accordance with the relevant laws and regulations, manage this information appropriately, and in order to prevent information from being leaked outside the company or viewed by persons whose work does not require it, we control access physically and systematically. We have also developed various rules and regulations to strictly classify and define information and ensure that all executives and employees are fully aware of them. During planning and development stages, system specifications are reviewed for security by personnel specializing in security and system risk, and in order to enhance safety, we have an external security vendor carry out periodic vulnerability assessments before and after a new system is released to the public. When personal information such as customer information is stored in the system, it is encrypted using a dedicated tool, and when customers connect to the official website or internet banking from their terminals, this communication is also encrypted. The head of each department is responsible for these systems, for their security, and for managing them. The Audit Department conducts objective checks to ensure the appropriate and safe handling of customers' personal information. In addition, we run our credit card issuance operations in compliance with PCIDSS, the international security standard for the credit card industry.
The Concordia Financial Group prohibits bribery of public officials and others, whether domestic or foreign, directly or indirectly; ensures fair and sound relationships with all stakeholders, including customers, shareholders, outsourcing partners, and business partners; and prohibits all forms of corrupt behavior, including embezzlement, malfeasance, and offering or receiving entertainment or gifts that exceed socially accepted standards.
The Group has established internal regulations and posted them on the company intranet and ensures that all officers and employees comply with them. In addition, in order to prevent corrupt practices, the Company prepares accounting records for all transactions, expenditures, and disposition of assets in a timely and accurate manner in accordance with various laws, accounting regulations, and company rules, and properly maintains relevant documents. In addition, we conduct appropriate due diligence when selecting and renewing outsourcing and business partnerships.
Thanks to these efforts, there were zero disciplinary actions or dismissals for corruption in FY2021 and no fines or settlement expenses were incurred. We also comply with laws and regulations regarding donations for political activities. We did not make any donations for political activities in FY2021.
The Audit Department conducts internal audits of all departments at least once every three years, independently of the executive departments, and makes recommendations for correction and improvement of problem areas including from the perspective of executive departments anticorruption and compliance.