IT Strategy and Management of Systemic Risk
The Daiwa Securities Group has established and is promoting the development of an IT platform that will drive digital transformation as part of the IT strategy (IT Basic Policy) in the Medium-term Management Plan "Passion for the Best" 2020. We are also working to further strengthen IT governance in order to respond to the diversification of our business portfolio and the evolution of technology.
We have established a Group IT Strategy Committee (subcommittee of the Executive Committee) at Daiwa Securities Group Inc., and an IT Strategy Committee (subcommittee of the Management Committee) at Daiwa Securities. These committees deliberate and decide on matters related to medium- to long-term IT investment policies and plans that take into account business needs and changes in the environment such as systems and regulations.
Global IT-related trends include the tightening of financial regulations, the escalation and sophistication of cyber attacks, digitization that is accompanying the evolution of technology, and the unbundling of financial services. Against this background, in order to realize risk management and business innovation across the Group, the CIO oversees all IT-related operations for the entire Group including overseas bases, and aims to improve our Group IT capabilities by strengthening IT resource management and cooperation.
Status of IT investment
We are proceeding with digital transformation that aims to build a customer-oriented sales system, provide products and services that meet customer needs, streamline existing operations to engage in high value-added operations, and reform business and operational processes. We are also making IT investments for the purpose of developing the infrastructure that is essential for business continuity, complying with legal requirements, and strengthening our risk management system. In fiscal 2018, we expanded products and services such as the "Daiwa Calendar Year Gift Service" and a login function that uses biometric authentication for our smartphone app. We improved operational efficiency using voice recognition and AI, developed an API* to provide high value-added financial services, complied with global financial regulations, and strengthened our cyber security measures
- *Abbreviation of Application Programming Interface. A specification or system that connects systems in a standard format
System risk management
The Group is working to maintain and strengthen its systemic risk management system in order to protect its information assets from various threats and risks originating from inside and outside the company and to stably provide high-quality services to customers. In particular, we recognize cyber security as an important issue for Group management in view of the increasing threat of cyber attacks, and have established a cyber security management system centered on a Group-wide specialized organization (Daiwa-CSIRT*). While collaborating with external organizations and companies to collect and analyze the latest information on attack methods and vulnerabilities, we are working to improve our defenses and resilience against cyber attacks.
- *Cyber security management organization. CSIRT stands for Computer Security Incident Response Team