IT Strategy and Management of Systems Risk
Daiwa Securities Group has raised pursuing the best mix of digital and real as one of its basic policies for the Medium-Term Management Plan “Passion for the Best” 2023. Based on this basic policy, the Group is advancing a digital strategy intended to achieve a higher top lines and more sophisticated, efficient business by fusing the respective strengths of its people and data/digital technologies starting from those of data.
IT Organization and Structure
The Group IT Strategy Committee is established at Daiwa Securities Group Inc. as a sub-committee of the Executive Management Committee, and the IT Strategy Committee is created at Daiwa Securities as a subcommittee of the Management Committee. These subcommittees serve to deliberate and decide upon matters for accelerating decision-making involving the integration of management and IT strategies, as well as involving IT investments, and for enhancing the efficiency of IT investments.
Amid a rapidly changing and difficult-to-predict business environment, the Group believes it is important for those employees on the frontlines who interact with customers to take the initiative on fully utilizing data and digital technologies in an effort to improve the experience of the customer (CX: Customer eXperience). Similarly, the Group believes it must heighten the experience of the employee (EX: Employee eXperience) so that each and every employee can focus their efforts on enhancing CX. In order to achieve a higher order of balance between business model reform and optimization for the entire Group, the Group has established and is strengthening a digital transformation (DX) promotion system that includes training for digital professionals, the establishment of a new Digital CoE*, and other avenues that are unique to Daiwa.
- *An organization that provides knowledge and know-how associated with data and digital technologies in support of the business departments. CoE stands for Center of Excellence.
The Group has been investing in IT in order to provide products and services responding to customer needs from the perspective of customer-oriented operations, promote a digital transformation which aims at improving the efficiency of existing business and advance business innovation and business process innovation in order to engage in high value-added business, establish basic infrastructure that is indispensable to the continuation of business, comply with legal requirements, and enhance the risk management system.
In FY2020, we worked toward implementing Investment Planning*1, Asset based free plan for investment trust *2, and web service for stock-based compensation and benefit plans*3 all of which are provided by Daiwa Securities Co. Ltd. In addition, by utilizing mobile business devices, the Group worked on digitizing a series of processes related to customers’ services, and on increasing the sophistication of risk management such as by strengthening cyber security and compliance.
- *1 A customized risk analysis solution service WealthBench provided by MSCI Inc. Daiwa Securities is the first company in Japan to provide WealthBench to individual customers.
- *2 A new plan in which there is no purchase fee for investment trusts. Instead, a management fee is charged based on the appraised value of the fund.
- *3 An Internet service that manages stock compensation plans, company benefits utilizing shares, etc., such as stock ownership plans, Workplace NISA, defined contribution pension plan system.
Systems risk management
Daiwa Securities Group has worked to maintain and enhance the management of systems risk in order to reliably provide high-quality services to customers while protecting information assets from various threats and risks originating from inside or outside the company. We recognize the importance of cyber security as a group management issue, and continue to work toward improving its resistance and resilience to ever-more sophisticated cyber-attacks. At the same time, we also collaborate with outside organizations in an effort led by a dedicated organization (Daiwa-CSIRT*) that works throughout the Group.
In line with the proliferation of telecommuting, full- fledged use of cloud services, and advancements in system coordination with partners and other outside companies, the locations of and access routes to data assets have become increasingly diverse. This change has led the Group to revise those conventional countermeasures intended to defend the boundaries between internal networks and the Internet included in the new Medium-Term Management Plan, and to advance the development of a zero trust security infrastructure that verifies the authenticity of every access request.
- *Computer Security Incident Response Team: The organization that manages cyber security across departments.