Risk Management

Our Approach

Strengthening of compliance and risk management is positioned as a key issue in SMBC Group's Principles of Action on Compliance and Risk. SMBC Group is therefore devoted to improving its systems in these areas in order to become a truly outstanding global group.

Risk Culture

In order for SMBC Group to realize and maintain a sustainable growth in corporate value as a “Top Tier Global Financial Group,” each one of our colleagues should think and judge on their own if their actions meet the expectations and requirements of customers, markets, and other stakeholders, not just if they are compliant with laws and regulations. SMBC Group has established “Principles of Action on Compliance and Risk” for every colleague to hold onto as a “keystone” of their daily business. The principles include “Business based on the Risk Appetite Framework” and “We will conduct business operations with risk ownership of the risks, such as credit risk, market risk, liquidity risk, operational risk, and conduct risk, that arise in our own business.” Concrete measures include internal surveys for monitoring the compliance awareness and risk sensitivity of our colleagues as well as internal training for fostering a sound risk culture.

Risk Appetite Framework

SMBC Group has introduced a Risk Appetite Framework for controlling group-wide risks that clarifies the types and levels of risk that we are willing to take on or are prepared to tolerate in order to grow profits (risk appetite).

The Risk Appetite Framework is one of two pivots of our business management alongside business strategies. It functions as a management framework for sharing information on the operating environment and risks facing SMBC Group among management and for facilitating appropriate risk taking based thereon.

Risk Appetite Framework Positioning

Risk Appetite Framework Positioning

Risk Appetite Composition

Risk Appetite Composition
  • *1   Conduct risk is the risk that our conduct negatively affects customers, market integrity, effective competition, public interest, and SMBC Group's stakeholders, through acts that violate laws and regulations or social norms.

Individual risk appetites have been established by strategies for each business unit as necessary based on the overall risk appetite of SMBC Group. Risk appetites are decided during the process of formulating business strategies and management policies. These risk appetites are set based on Top Risks that threaten to significantly impact management and on risk analyses (stress testing) that illustrate the impact if a risk should materialize.

In addition, risk register and Key Risk Events (KRE) are utilized as part of a system for assessing the risks present in new and existing business activities and for verifying the adequacy of Top Risks, risk appetites, and business strategies.

The outlooks for the operating environment and risks and the risk appetite situation are monitored throughout the course of the fiscal year. Risk Appetite Measures and business strategies are revised as necessary. For example, overall risk capital*2 has been selected as an indicator for risk appetite, which displays the soundness of SMBC Group. Overall risk capital is the aggregate of the risk capital amounts for each risk category. Management standards have been set for the upper limit for overall risk capital based on group-wide management constitution. Overall risk capital levels are thus monitored throughout the course of each fiscal year to clearly indicate risk-taking capacity and promote the sound taking of risks.

In addition, specific risk appetite indicators have been set for credit risk, market risk, liquidity risk, and other risk categories to facilitate appropriate management based on a quantitative understanding of risk appetite.
*2 The amount of capital required to cover the theoretical maximum potential loss arising from risks of business operations.

Top Risks

SMBC Group identifies risks that threaten to significantly impact management as Top Risks.

The selection of Top Risks involves comprehensive screening of risk factors, evaluation of each risk scenario’s possibility of occurrence and potential impact on management, and discussion by the Risk Management Committee and the Management Committee. Top Risks are utilized to enhance risk management by being incorporated into discussions of the Risk Appetite Framework and the formulation of business strategies and into the creation of risk scenarios for stress testing.

Top Risks
  • World economic stagnation
  • Disasters such as large-scale earthquakes, storms, and floods
  • Highly volatile commodity price and financial / foreign exchange markets
  • Lack of preparedness against cyber attacks and financial crimes
  • Sudden deterioration of the foreign currency funding conditions
  • Changes in industrial structure due to technological innovation
  • Japanese economic stagnation
  • Inadequate responses to climate change risk and environmental issues
  • Japanese fiscal instability
  • Inadequate responses to human rights issues
  • The U.S. - China struggle for supremacy
  • Improper labor management
  • Growing tensions around Russia-Ukraine conflict
  • Misconduct such as an employee's inappropriate behavior
  • Unstable situations in the Middle East and Asia
  • Inadequate improvement in the operational resilience system
  • Political turmoil and social instability
  • Inadequate preparedness for heightened regulatory and supervisory scrutiny
  • Outbreak of serious infectious disease
  • Difficulty in securing human resources
  • Note: The above is only a portion of the risks recognized by SMBC Group. It is possible that the materialization of risks other than those listed above could have a significant impact on our management.

Please see Appendix for Top Risks.

Stress Testing

At SMBC Group, we use stress testing to analyze and comprehend the impact on SMBC Group's businesses of changes in economic or market conditions, in order to plan and execute forward-looking business strategies.

In our stress testing, we prepare multiple risk scenarios including macroeconomic variables such as GDP, stock prices, interest rates, and foreign exchange rates based on the aforementioned Top Risks, discussions with experts and related departments.

When developing business strategies, we set out scenarios assuming stressed business environments such as serious economic recessions and market disruption for the sake of assessing risk-taking capabilities at SMBC Group and verifying whether adequate soundness can be maintained under stress. For example, we are conducting stress testing assuming prolonged monetary tightening in the U.S. and Europe, a global credit crunch, and economic stagnation in Japan to verify the soundness of SMBC Group’s capital and confirm the appropriate actions to be taken.

During a fiscal year, we will conduct stress testing in a timely manner to assess the potential impact on our business and to take the appropriate actions in case a serious risk event occurs.

In addition, we conduct detailed stress testing for individual risks such as credit risk, market risk, and liquidity risk, so as to decide and review risk-taking strategies.

We are also conducting scenario analyses on physical and transition risks related to climate change.

Please see "Efforts Addressing Climate Change" for information on our approach to climate change

Risk Register

A risk register is formulated by each business unit for the purpose of realizing more sophisticated risk governance and enhancing business units’ risk ownership. In formulating these registers, business units communicate with risk management departments to identify the risks present in their business, and these risks are reflected in business strategies after they have been evaluated and the adequacy of measures for controlling them has been verified.

Key Risk Events

Key Risk Events (KRE), external events that indicate the increased threat of risks, have been identified to ascertain the symptoms of the potential risks. KRE are utilized to analyze and assess how likely similar cases will occur in SMBC Group and what effects such similar cases will have on SMBC Group, and to enhance our risk management system.

Risk Management Systems

Based on the recognition of the importance of risk management, top management is actively involved in the risk management process, and systems are in place for verifying and monitoring the effectiveness and appropriateness of this process. Specifically, the group-wide basic policies for risk management and the Risk Appetites for entire SMBC Group are determined by the Management Committee and authorized by the Board of Directors. After that, the status of risk management based on these policies and risk appetites is reported to the Board of Directors by the Group CRO four times per year.

If the outlooks for the operating environment and risks change drastically from the assumption in the beginning of the fiscal year, we will review the Risk Appetite for entire group in a timely and appropriate manner with approval by the Board of Directors.

Also, we have defined three lines of defense and clarified related roles and responsibilities of relevant divisions. With these provisions in place, risk management systems have been established based on the characteristics of particular businesses, and measures are being put in place to strengthen and improve the effectiveness of these systems in accordance with these basic policies for risk management.

Furthermore, SMBC Group is strengthening group-wide risk management systems through the Group CRO Committee and the Global CRO Committee.

SMBC Group's Risk Management System

SMBC Group's Risk Management SystemEnlarge image

Definition of SMBC Group's Three Lines of Defense

The Basel Committee on Banking Supervision's “Corporate governance principles for banks” recommends “three lines of defense” as a framework for risk management and governance. Based on this framework, we have clarified the roles and responsibilities of each unit as indicated below and we are taking steps to achieve more effective and stronger risk management and compliance systems.

Definition of SMBC Group's Three Lines of Defense Enlarge image

Risk Management Initiatives Amid a Volatile Financial and Economic Environment

In FY 2022, interest rates in various countries rose as monetary policy authorities in the U.S., Europe, and other countries tightened monetary policy due to sharply rising inflation and other factors.
We identified “highly volatile financial / foreign exchange markets” and “sudden deterioration of foreign currency funding conditions” as our top risks, and conducted stress testing. We discussed this at the Management Committee and the Risk Committee to determine the action for better addressing market deterioration.

In the face of the market turmoil triggered by the bankruptcy of Silicon Valley Bank and the subsequent bank failures in March 2023, we analyzed our risk profile, including testing the survival period in terms of liquidity risk under the stress, and decided policy quickly, while closely communicating and coordinating with the relevant departments.
We also recognize these incidents as Key Risk Events (KRE) and analyze our deposit and securities portfolios. Through these efforts, we will continue to further enhance our risk management.