Our Approach

Management positions the strengthening of compliance and risk management as a key issue in enabling SMBC Group to fulfill its public mission and social responsibilities as a global financial group. We are therefore working to entrench such practices into our operations as we aim to become a truly outstanding global group.

Compliance Management

SMBC Group seeks to maintain a compliance system that provides appropriate instructions, guidance, and monitoring for compliance to ensure sound and proper business operations on a group-wide and global basis. Measures have been put in place to prevent misconduct and quickly detect inappropriate activities that have occurred to implement corrective measures.

SMBC Group has established the Compliance Committee, which is chaired by the Group CCO responsible for overseeing matters related to compliance. This committee comprehensively examines and discusses SMBC Group's various work processes from the perspective of compliance.

In addition, SMBC Group formulated Compliance Program to provide a concrete action plan for practicing compliance from the perspective of groupbased management. The Board of Directors and the Management Committee annually determines the Group Program and, in principle, semiannually (twice a year) receives its progress updates from the Group CCO to which they give instructions to the entire organization when needed. Group companies develop their own compliance programs based on the Group program and take necessary steps to effectively install compliance frameworks.

The Company receives consultations and reports on compliance-related matters from Group companies, providing suggestions and guidance as necessary to ensure compliance throughout the Group.

From the perspective of global-based management, compliance departments for major overseas offices have been recognized within the Compliance Unit, which facilitated to develop an integrated group-based compliance management framework for overseas offices.

Compliance Systems at SMBC Group

Compliance Systems at SMBC Group zoom

Initiatives for Supporting Healthy Risk Taking and Appropriate Risk Management

In order for companies to coexist with society and develop sustainable growth, it is crucial to take an appropriate amount of risks and to maintain appropriate risk management, including compliance. In particular, financial institutions should emphasize compliance and risk management, considering its public mission and the heaviness of the social responsibility.

Based on this recognition, management positions the strengthening of compliance and risk management as a key issue in enabling SMBC Group to fulfill its public mission and social responsibilities. SMBC Group is therefore devoted to improving its systems in these areas in order to become a truly outstanding global group.

Specifically, SMBC Group has defined the Principles of Action on Compliance and Risk to serve as guidelines for executives and employees in practicing compliance and risk management. Continuous reviews are carried out to improve compliance with these guidelines and to ensure their effectiveness.

Policies and Measures for Anti-Money Laundering (AML), Countering the Financing of Terrorism (CFT) and Adhering to Economic Sanctions Regulations

SMBC Group recognizes the importance of preventing money laundering and terrorist financing (ML/TF) and adhering to economic sanctions regulations, and therefore, undertakes every effort to prevent ourselves and employees, from engaging in, and/or providing assistance to, the commission of ML/TF, and from violating economic sanctions regulations.

SMBC Group strictly complies with AML/CFT and economic sanctions regulations by establishing a Group Policy and by implementing effective internal control systems in each of the Group companies to ensure that our operations are sound and appropriate.

The Group Policy and systems are implemented in accordance with the requirements of the relevant international organizations (e.g. the United Nations, the Financial Action Task Force Recommendations) and the laws/regulations of relevant countries including Japan in which the SMBC Group has operations (e.g. U.S. "Office of Foreign Assets Control Regulations").

The policies and measures for AML/CFT and economic sanctions regulations implemented across the SMBC Group include, but are not limited to, the following:

  • SMBC Group has established an organizational structure to adhere to AML/CFT including Know Your Customer (KYC) / Customer Due Diligence (CDD) ,and economic sanctions regulation and policies and operating guidelines for reporting suspicious transactions.
  • SMBC Groups' KYC/CDD including non-face-to-face CDD, are conducted in accordance with applicable laws and regulations, and its procedures include screening against lists of persons designated to be involved in acts of terrorism or other crimes, by the resolutions of the United Nations Security Council and applicable laws and regulations in other jurisdictions where the Group has operations.
  • SMBC Group applies appropriate risk mitigation measures including due diligence to its customers and/or transactions, according to the level of ML/TF risk and decides whether or not starts business with customers and/or conducts transactions. When customers and/or transactions which present a higher risk of ML/TF, such as involvement of foreign politically exposed persons (PEPs), based on the applicable laws and regulations, stricter measures will be taken, which include Enhanced Due Diligence and/or the approval of senior management.
  • SMBC Group files suspicious transaction report appropriately to the regulatory authorities based on the applicable laws and regulations, in case there are suspects or reasonable grounds to suspect that the funds are the proceeds of a criminal activity or are related to terrorist financing.
  • SMBC Group keeps relevant documents and records relating to the AML/CFT measures undertaken in accordance with applicable laws and regulations.
  • SMBC Group periodically conducts internal audit for assessing the adequacy and effectiveness of the internal controls related to AML/CFT framework and economic sanctions regulations.
  • SMBC Group provides appropriate training, on an ongoing basis, to ensure that all employees are familiar with the AML/CFT obligations and requirements. SMBC provides training on AML/CFT and international sanctions compliance several times a year, such as s online training for all employees in domestic branches and offices, training for senior management, and role or position specific trainings.

Response to Anti-Social Forces

SMBC Group has established a basic policy stipulating that all Group companies must unite in establishing and maintaining a system that ensures that the Group does not have any connection with anti-social forces or related individuals.

Specifically, the Group strives to ensure that no business transactions are made with anti-social forces or individuals. Contractual documents or terms and conditions state the exclusion of anti-social forces from any business relationship. In the event that it is discovered subsequent to the commencement of a deal or trading relationship that the opposite party belongs to or is affiliated with an antisocial force, we undertake appropriate remedial action by contacting outside professionals specializing in such matters.

Basic Policy for Anti-Social Forces

  1. 1.Completely sever any connections or relations from antisocial forces.
  2. 2.Repudiate any unjustifiable claims, and do not engage in any “backroom” deals. Further, promptly take legal action as necessary.
  3. 3.Appropriately respond as an organization to any anti-social forces by cooperating with outside professionals.

Customer Information Management

SMBC Group has established Group policies that set forth guidelines for the entire Group regarding proper protection and use of customer information. All Group companies adhere to these policies in developing frameworks for managing customer information.

Privacy Policy of SMFG is mainly intended for personal information of shareholders, and Privacy Policy of SMBC, the core banking subsidiary of SMBC Group, is mainly intended for personal information of customers. SMBC’s Privacy Policy determines the use, collection and processes, etc., of personal information in its "Handling of a Client's Personal Information" in detail.

Other Group companies also establish and disclose privacy policies for their measures regarding the proper protection and use of customer information and customer numbers. Appropriate frameworks are established based on these policies.

Privacy Policies of SMFG and SMBC were established after the resolution of the Management Committee of both entities, and their revision/abolition are subjected to the Management Committee as well. Measures to protect personal information based on the policies are under responsibility of the head (Executive Officer) of Compliance Department. These measures are embedded in the group-wide compliance program, and when issues arise, they will be reported to and be subjected to remedial actions by the Compliance Department. When violation to the policy is discovered, disciplinary actions could be taken under internal policies. In addition, for suppliers and external vendors, how they will use personal information and its risks associated will be confirmed before deals start based on internal policies and procedures, and when deals are determined to have high risks, additional detailed memorandums concerning information management are exchanged. As such, we are strictly addressing the issue of personal information protection in our entire operation including the supply chain. Also, effectiveness of privacy policies are ensured by periodical risk assessments and audit by the Compliance Department.

Moreover, especially in SMBC, all employees are required to take a training course concerning customer information protection at least once a year.

Internal Reporting Systems and Hotline for Inappropriate Accounting and Auditing Activities

SMBC Group has Internal Reporting Systems and whistle-blowing systems designed to promote self-correction through early detection and rectification of actions that may violate laws and regulations*. All of our stakeholders within and beyond our company can report issues/concerns through the Internal Reporting Systems 24 hours a day, 365 days a year. These systems are introduced by displaying posters, distributing employee mobile cards, and holding training program. Our internal stakeholders that can utilize this mechanism are all the Group employees listed below:

  1. a.Employees, including contract employees, employees during their trial or probation period, temporary-hired employees and part-time employees.
  2. b.Part-time employees and employees on temporary contracts that are dispatched by outside service providers who work at SMBC Group and Group Companies, or are employees of other companies seconded to SMBC Group and Group Company offices.
  3. c.Employees of service providers to which businesses operations have been outsourced, and employees of business agents.

Employees can report issues/concerns anonymously to the lawyer, designated as the external channel within our Internal Reporting System. In response to raised issues/concerns, appropriate steps are taken to maintain the confidentiality and the privacy of the employees who submitted the report. Any form of retaliation against the employees as a result of a report is strictly prohibited. If any form of retaliation is confirmed, strict measures, including disciplinary action, will be taken. Furthermore, overseas branch offices have their own internal reporting systems, which allows local employees to report issues/concerns in their local languages.

Investigation is conducted mainly by the designated department such as General Affairs Dept. Human Resources Dept for all the issues/concerns raised through Internal Reporting Systems. If a violation is found as a result of the investigation, corrective measures will be taken in accordance with laws and regulations, including personal disposal. And after some time since the corrective measures were taken, follow-up actions will be made to see if the corrective measures are being taken in function and if there are any problems from the perspective of whistle blower protections. In addition, the SMBC Group Alarm Line has adopted management System, which gives top priority to protect in whistle blower, and strictly handles information pertaining to the reports. The results of such investigations, progress regarding corrective actions taken in response, as well as regular updates regarding the Internal Reporting Systems are reported to the Compliance committee, the Group Management Committee, and the Audit Committee on a regular basis. In FY2022, throughout all our Group companies, we have received 353 reports through the Internal Reporting Systems from internal and external stakeholders.

  • * Specifically, any violations of the Principles of Action on Compliance and Risk (SMFG) , human rights as set out in the International Bill of Human Rights, and the International Labor Organization's (ILO) Declaration on Fundamental Principles at Work can be reported to Internal Reporting Systems.

Sumitomo Mitsui Financial Group Accounting and Auditing Hotline is aimed at strengthening the Group's self-correction function by encouraging early detection and rectification of improper actions relating to accounting, accounting internal controls, and auditing at the Group. The hotline can be used from to report accounting and auditing irregularities. The Hotline receives reports from not only officers and employees of SMBC Group and external contractors, but also from the public.

SMFG Accounting and Auditing Hotline/Designated Dispute Resolution Agencies

SMFG Accounting and Auditing Hotline

Reports may be submitted by regular mail or e-mail to the following addresses.

Mailing address

SMFG Accounting and Auditing Hotline
Iwata Godo Attorneys and Counselors at Law
10th floor, Marunouchi Building
2-4-1, Marunouchi, Chiyoda-ku, Tokyo

E-mail address

  • The hotline accepts any alerts of inappropriate activities concerning accounting and auditing at the Company or its consolidated subsidiaries.
  • Anonymous reports will also be accepted. Since an investigation cannot be conducted without adequate information, please provide as much detail as possible of the circumstance.
  • Personal information will not be disclosed to any third parties without your consent, unless such disclosure is required by law.

Designated Dispute Resolution Agencies

For the handling of any complaints received from and conflicts with our clients, SMBC has executed agreements, respectively, with the Japanese Bankers Association, a designated dispute resolution agency under the Banking Act, and the Trust Companies Association of Japan, a Designated Dispute Resolution Organization under the Trust Business Act and Act on Provision, etc. of Trust Business by Financial Institutions and the specified non-profit organization of "Financial Instruments Mediation Assistance Center," one of the "Designated Dispute Resolution Agencies" under the Financial Instruments and Exchange Act.

Japanese Bankers Association

Contact information
Consultation office, Japanese Bankers Association
0570-017109 or 03-5252-3772
Business hours
Mondays through Fridays
(except public and bank holidays)
9:00 am to 5:00 pm

Trust Companies Association of Japan

Contact information
Consultation office,Trust Companies Association of Japan
0120-817335 or 03-6206-3988
Business hours
Mondays through Fridays
(except public and bank holidays)
9:00 am to 5:15 pm

Financial Instruments Mediation Assistance Center

Contact information
Financial Instruments Mediation Assistance Center
Business hours
Mondays through Fridays
(except public and bank holidays)
9:00 am to 5:00 pm

Anti-Bribery and Corruption

SMBC Group has developed the Anti-Bribery Compliance and Corruption risk control framework.

  • Group CEO has presented "Management's Commitment to the Prevention of Bribery and Corruption" and informed Group executives and employees to fully and completely comply with "Policies for Anti-Bribery (the "Policies")", in which the compliance to all applicable laws and regulations, the code of conduct, and the prevention of bribery and corruption are written.
  • SMBC Group has "Policies" to prohibit bribery and facilitation payments in any form. We also have other related rules and procedures require that the appropriateness of the circumstances, value and purpose shall be carefully considered prior to the provision or receipt of business entertainment or gifts and that the applicable approval procedures are strictly followed. Providing and offering to provide gifts (Anything tangible or intangible of economic value, such as money, goods, service, provision of Business Entertainment, or recruiting employee relatives) on purpose to effect recipient is prohibited by the Policy. Receiving and demanding to provider in convenience on purpose is also prohibited by the Policy. Moreover, Iin the event of a violation, the Policies clearly provide for disciplinary actions including punitive dismissal. The Policies require to document the business entertainment and provision/receipt of anything of value, as well as the implementation of related training, in a prompt and accurate manner. For provision of Business Entertainment Gifts, we comply with all laws, regulations and policies including FCPA and UKBA. Acts only with proper purposes and manners are acceptable. Each company has its own judgment rules and approving procedures on provision of Business Entertainment Gifts. Before the provision, the providing department examines its content and confirmation, and the Compliance Department examines the risks involved.
  • SMFG Compliance Department conducts annual risk assessments of bribery and corruption toward main group companies, SMBC subsidiaries and branches including overseas offices. It identifies our risk profile related to our business and its business partners, also evaluates the effectiveness of control measures. All results are reported to the management. In detail, questionnaire is sent to group companies, SMBC subsidiaries and branches, then answers will be analyzed and evaluated by perspective point of bribery and corruption risk. The result is reported to the Compliance Committees, and for the group companies, SMBC subsidiaries and branches, those had high risks will have consultation with SMFG Compliance Department to execute appropriate risk mitigating measures as stipulated.
  • The "Policy", other related rules and procedures stipulates the rules of appropriate due diligence from bribery and corruption risk perspective before, and proper management will be conducted afterwards when considering security investment including M&A.
  • For bribery and corruption risk of business relationships with third party including intermediary and subcontractor, risk assessment and due diligence are carried out periodically when newly making a contract, or in case that contract is for a long term. In detail, prior check and contract processes when outsourcing business to them are clarified based on the third-party risk management framework.
  • Monitoring on compliance with the "Polices" and other related rules and procedures is conducted periodically by the Compliance and other relevant departments.
  • The Compliance and other relevant departments run compliance training including anti-bribery and corruption trainings to penetrate proper understanding of the content, purpose and operation of the "Policies" and related rules, starting with anti-bribery and corruption to all employees. To enable reference at all time, the location of policies uploaded on internal intranet is provided in the training material. The attendance rate of training for all SMBC domestic offices was full for FY2021 again. Overseas subsidiaries and branches also complete them periodically according to the risk level. Moreover, group executive and employee from overseas and domestic shall sign the attestations that they will not engage in any bribery, corruption, or fraud in accordance with the policy.
  • The Board of Directors is responsible for overseeing the operation of overall compliance framework on a global group basis, including the compliance and the execution of the Policies, other relevant rules and regulations. Group CCO regularly report to the Board about the progress in prevention of bribery and corruption. Under the direction and responsibility of the Group CCO, the SMFG Compliance Department plans the basic policy, and undertakes check and support for business units and other Group companies to secure Compliance.

In FY 2021, there was no material case found to be in violation of the Policies, nor the cost of fine and reconciliation.

  • * Bribery refers to the acts of offering things of value (including, but not limited to, money, goods, services, entertainment, employment of family relatives, other tangible and intangible items having economic value regardless of their nature) with the intent of improperly influencing the recipient and the acts of receiving or demanding things of value with the intent of improperly providing benefits to the offeror.

Group Tax Policy

SMBC Group has been committed to fulfilling its obligations for filing tax returns, making tax payments and reporting to the tax authority, whilst ensuring compliance with all tax laws, regulations and treaties across each jurisdiction.

In order to strengthen the tax compliance framework, SMBC Group has established the group tax policy.

Under this policy, SMBC Group will continue to fulfill its obligations for filing tax returns, making tax payments and reporting to the tax authority appropriately.

This policy was established based on a resolution of Group Management Committee and a report to Audit Committee and has been implemented under the co-responsibility of Group CFO and Group CCO.

Profit before Income Tax and Corporate Income Tax per Region(FY2022)

Profit before Income Tax and Corporate Income Tax per Region Table 拡大画像を表示する