Governance

Basic approach to
corporate governance

• (1) At SBI ARUHI, we consider the rights of our shareholders and establish an environment for the appropriate exercise of rights. To drive sustainable growth and enhance our corporate value, we actively engage with our shareholders through general shareholders’ meetings and other opportunities.
• (2) The Board of Directors and other relevant bodies will, based on their fiduciary duties and accountability to our shareholders, show the overall directions, including our strategies, and support appropriate executive risk-taking, while providing highly effective oversight.
• (3) For perpetual enhancement of corporate value, we work with our stakeholders, including customers, employees, shareholders, suppliers, creditors, and local communities, and respect mutual interests and values.
• (4) In addition to our business results and financial status, we proactively disclose non-financial information such as management strategies and issues, risks, and corporate governance, and ensure transparent business management through full disclosure of information.

Establishment of Personnel Compensation Committee

SBI ARUHI has established a Personnel Compensation Committee as an advisory body to the Board of Directors to ensure transparency of personnel and compensation decisions on officers. The majority of members of the committee consist of the Outside Directors and Outside Audit and Supervisory Board Members(excluding Full-time Audit and Supervisory Board Member). The chair is selected through mutual discussion by members, and Representative Director, President and CEO currently serves in this role.

Outside Directors and Outside Audit and Supervisory Board Members(excluding Full-time Audit and Supervisory Board Member) are involved in selecting candidates for Director of the Company, the compensation, etc,. from an independent standpoint.

Appointment of
Independent Outside
Directors
and
Female Directors

Appointment of independent outside directors

SBI ARUHI has a governance structure in which executive directors do not account for the majority of the board.

As independent outside directors with extensive experience and knowledge, we appoint business company leaders and corporate governance experts and ensure transparent business operations.

Appointment of Female Directors

In order to ensure diverse perspectives and values one of the six members of SBI ARUHI’s Board of Directors are women.

Reasons for Selection of Directors and
Audit ＆ Supervisory Board Members

The reasons for selection of Directors and Audit ＆ Supervisory Board Members are as follows. Representative Director, President and CEO serves as chair of the Board of Directors in accordance with the SBI ARUHI Articles of Incorporation and a resolution of the Board of Directors.
See the page listing officers for the career histories of Directors and Audit and Supervisory Board Members.

• List of officers

Reasons for Selection of Directors

Name	Reasons for Selection
Takeshi Yoshimura	Reasons for Selection Mr. Takeshi Yoshimura has many years of experience in business management at regional banks and has extensive knowledge and abundant experience in the financial services business and management overall. Since the Company expects him to be involved in its decision-making related to management policy and business strategy based on the perspective of a person having experience in managing regional banks and expertise in building business strategies. Therefore, the Company has selected him as a Director.
Toshihiko Katusya	Reasons for Selection Mr. Toshihiko Katsuya has engaged in business management for many years, leveraging his extensive experience and knowledge in financial business. After joining the Company in January 2021, he has played important roles as Representative Director and Executive Vice President from June 2021 and as Representative Director, President, CEO and COO from April 2022, accurately understanding and resolving business issues and leading organizational reform aimed at realizing the management strategy of the Company. Therefore, the Company has selected him as a Director.
Yasuko Matusmoto	Reasons for Selection Ms. Yasuko Matsumoto possesses advanced expertise and capability in the fields of finance, accounting and management planning. After joining the Company in July 2018, she was appointed to the position of Managing Director, CFO in June 2021 and to the position of Executive Vice President, CFO in April 2022 and has played an important role in accurately understanding and resolving business issues and providing finance work supervision aimed at realizing the management strategy of the Company. Therefore, the Company has selected her as a Director.
Kazuhiko Takahashi	Reasons for Selection Mr. Kazuhiko Takahashi has served as Representative Director at multiple corporations, and possesses a wealth of experience and knowledge as a corporate manager. He is also well versed in real estate- and financing-related businesses from his many years of experience in these businesses. By allowing the experience and insight that he possesses to be reflected in the Company’s management, the Company deems that he can be expected to contribute towards strengthening business strategies of the Company and finding solutions to challenges faced by these businesses. Therefore, the Company has selected him as a Director.
Hiroyuki Oshida	Reasons for Selection Mr. Hiroyuki Oshida possesses a wealth of experience and knowledge as a management executive and consultant. Especially in the areas of management strategy and mergers and acquisitions including capital alliances, he is expected to provide objective and long-term advice and oversight from a specialized perspective regarding the operational execution of the Company.
Tadayuki Sawada	Reasons for Selection Mr. Tadayuki Sawada possesses a wealth of experience and expert insight as a judge and an attorney. Especially in the field of human resources and labor relations and the field of legal affairs and compliance, he is expected to provide appropriate suggestions and supervision regarding the operational execution of the Company from an expert perspective and contribute to the Company’s sustainability management.

Reasons for Selection of Audit ＆ Supervisory Board Members

Name	Reasons for Selection
Yasuhiro Baba	Reasons for Selection Mr. Yasuhiro Baba possesses a wealth of knowledge regarding finance, financial affairs and compliance from his diverse experiences including work in the planning department of a major bank, work in the Japanese Ministry of Finance (currently the Ministry of Finance) and work in the compliance departments of securities companies. Also, from his experience as an Audit and Supervisory Board Member at an information systems company, the Company expects him to play an important role in the healthy and appropriate management of the Company. Therefore, the Company has selected him as an Outside Audit and Supervisory Board Member.
Makoto Imamura	Reasons for Selection The Company believes that Mr. Makoto Imamura is using his specialized knowledge and wide breadth of experiences as an attorney at law to provide objective opinions from a neutral point of view, thereby playing an essential role as an Outside Audit and Supervisory Board Member of the Company. Therefore, the Company has selected him as an Outside Audit and Supervisory Board Member.
Takeshi Nakano	Reasons for Selection Mr.Takeshi Nakano has extensive experience and knowledge in law, finance and accounting. Since it is expected that he can provide advice from specialized perspectives, particularly enhancing effectiveness of and strengthening auditing functions, the Company has selected him as an Outside Audit and Supervisory Board Member.
Mitsumasa Ueno	Reasons for Selection As a Certified Public Accountant, Mr. Mitsumasa Ueno has extensive experience and knowledge in finance and accounting. Since it is expected that he can provide advice from specialized points of view, particularly enhancing effectiveness of and strengthening auditing functions, the Company has selected him as an Outside Audit and Supervisory Board Member.

Improving board
effectiveness

To improve board effectiveness, an integral part of corporate governance, we have evaluation processes in place for identifying challenges and making improvements.

Method of analysis for effectiveness evaluation of the board of directors and overview of results of evaluation

As a part of improving the effectiveness of the board of directors, SBI ARUHI's board members analyze and evaluate the effectiveness of the board of directors as a whole and disclose the results every fiscal year.
The analysis method and results of the effectiveness evaluation in FY2022 are as follows:

1.Method of analysis & overview of evaluation results

(1) Conclusion

SBI ARUHI's board of directors evaluated at the meeting of the board of directors in March 2023 that the board is effectively functioning.

(2) Method of analysis

A survey was conducted in February 2023 for all Directors (6) and all Audit & Supervisory Board Members (4) as of the end of December 2022.It was a five-point scale questionnaire with free comments accepted for each item. Key questions included:

1. [1] Board composition
2. [2] Board management
3. [3] Board deliberations/decision-making
4. [4] Sharing of information with the board or board members/auditors
5. [5] Corporate governance
6. [6] Personnel Compensation Committee
7. [7] Sharing of information with independent directors and independent auditors

(3) Results of evaluation

Across many question items, directors/auditors gave Score 5 or 4 (higher end on a five-point scale).

• Directors/auditors believe that improvements had been made regarding the following issues identified in the effectiveness evaluation survey in FY2021:
  1. [1]Closer collaboration between the internal audit team and board of directors: Improvements were made including revising and enriching the content of reports submitted by the internal audit team to the board of directors, and submitting extraordinary reports as needed in addition to regular reports. Some directors/auditors have requested more detailed and frequent reporting. The internal audit team and board of directors will further strengthen collaboration based on these opinions.
  2. [2]Driving strategic and substantial deliberations at board meetings: Monthly sharing of information about progress in key action plans defined in the annual plan has led to active discussions at the meeting of the board of directors.
  3. [3]Discussions on signs and true causes of events that should be noted in terms of compliance: As for the quarterly incident reports, Multi-faceted risk analyses were conducted including analyzing the true causes common across all incidents in addition to simply identifying causes of each incident and preventing future incidents. Reports were also submitted on the PDCA process for improvement, which led to more substantial discussions at the meeting of the board of directors.
• Areas of improvement were identified in terms of the composition of directors, operations of the board of directors (appropriateness of theme selection, time spend for review, and the volume of documents), executive officer selection process, involvement in succession planning, and members and operations of Personnel Compensation Committee.

2. Future initiatives

Based on the results of the effectiveness evaluation, SBI ARUHI's board of directors will further boost the board’s effectiveness through the following activities:

• Composition of the board of directors: The Company will discuss and consider how the board of directors should be structured based on the company size and shareholder composition.
• Operations of the board of directors: The Company will have adequate time for fully discussing important agenda depending on the number and content of items on agenda and based on the content and priority of topics on agenda. Business execution side will provide the board of directors with full information, including better-organized and more informative materials as well as more detailed reports as needed.
• Executive officer selection process/involvement in succession planning: Through deliberations at Personnel Compensation Committee and board of directors, the Company will establish criteria for executive officer selection while also creating succession planning, which will be revised as needed.
• Members and operations of the nomination and remuneration committee: The Company will discuss how to revise the composition and operations of Personnel Compensation Committee to reflect changes in the environment surrounding the Company.

Skill Matrix

Skill Matrix for Directors and Audit and Supervisory Board Members(April 1, 2024)*

• * Each individual’s four main skills are indicated in the above table with black dots. This table does not indicate all the skills, abilities, and knowledge of these individuals.

Officer compensation

Officer compensation for the fiscal year ended March 2023 was as follows.

• * The numbers of applicable officers include one Outside Audit ＆ Supervisory Board Member who retired as of the conclusion of the 8th Annual General Meeting of Shareholders held on June 23, 2022.
• * The performance-linked compensation above is calculated based on the attainment level of quantitative performance measures (operating revenue and income before tax). Operating revenue and income before tax have been selected as quantitative performance measures with an objective to expand business in scale and improve business profitability and efficiency. The performance-linked compensation is finalized after adjustment by President and Representative Director based on quantitative and qualitative contribution of each Director during the current period and review by the Human Resources and Compensation Committee. Performance-linked compensation for the period ended March 2023 is not paid because the performance target of 80% was not reached for the performance measures.
  Performance-linked compensation begins to be paid at an attainment level of 80% and is set to have a payment rate of 100% when the attainment level of performance measures is 100%. The maximum attainment level of performance measures is 150%, and the payment rate is 200% when 150% is achieved. Note that variable compensation systems may be reconsidered if there is an event that has a material impact on performance.
• * Non-monetary compensation above includes employee stock options and restricted stock compensation. Employee stock options are based on the fair value in accounting determined at grant date of stock options provided before the current fiscal year. This is recorded at cost on the straight-line basis over the vesting periods and the amount recorded as an expense during the current fiscal year is mainly associated with stock acquisition rights. Restricted stock compensation is also based on the grant-date fair value and is recorded at cost on the straight-line basis over the vesting periods.
• * The objective of the Company's restricted stock compensation is to incentivize continuous improvement of its corporate value and promote value-sharing with its shareholders. For eligible Directors, on the condition that they remained in a position pre-defined by the Company's Board of Directors throughout a period pre-defined by the Company's Board of Directors, restriction on transfer is released on completion of the restricted period for all allotted shares. The Directors pay all monetary compensation claims provided by the Company as property contributed in kind and receive the common stock of the Company to be issued or disposed of by the Company. Compensation provided to Directors to grant restricted stock compensation is paid in the form of monetary claims. The maximum total amount of compensation payable as restricted stock compensation will be no more than JPY 200 million per year. Specific allocation to Directors will be determined by the Board of Directors. The maximum total number of common shares issued or disposed of by the Company as restricted shares will be no more than 100 thousand shares per year (however, the total number of shares will be adjusted to a reasonable extent in the event of a share split (including gratis allocation of common shares of the Company) or share consolidation, or if any circumstances arise that require adjustment of the total number of common shares of the Company issued or disposed of as restricted shares). Issuing or disposing of the Company’s common shares under the restricted stock compensation system is conditional upon the conclusion of an agreement between the Company and eligible Directors containing provisions stating (1) the shares must not be assigned, made the subject of a security interest or disposed of in any other way for a certain period, and (2) the Company shall acquire the shares for free if certain grounds arise.

Governance structure

SBI ARUHI’s governance structure is as shown below.

It is a governance structure in which Executive Directors do not account for a majority of the Board of Directors, and is a structure that enables adequate supervisory functions to be exercised.

Cybersecurity

Basic approach to cybersecurity

SBI ARUHI promotes cybersecurity activities to appropriately maintain the confidentiality (only being able to be accessed by approved personnel), integrity (maintaining it in an accurate and complete state) and availability (being able to be used at any time necessary) of information assets.

We have formulated rules and established systems in accordance with the directions indicated in the Financial Services Agency’s Policies and Cybersecurity Management Guidelines, etc., and periodically evaluate and review these to improve cybersecurity measures.

Cybersecurity structure

As cyberattacks are becoming more advanced and sophisticated, we have established CSIRT to ensure cybersecurity at normal times.
When a cyber security incident occurs, under the direction of our management team, we will organize a Taskforce composed of relevant divisions headed by the Risk Management Officer and deal with it.
The task force works not only within the Company, but also with relevant external organizations to take swift and appropriate action.

Cybersecurity initiatives

SBI ARUHI implements a variety of cybersecurity measures, and periodically evaluates the current conditions and reviews security measures.

Technical security measures

The Company implements the following technical security measures.

• Antivirus
• Measures against unauthorized access
• Access control
• Encryption (communication, data)
• Addressing vulnerabilities

System monitoring

In order to detect the occurrence of security incidents and signs of incidents, systems made public on the Internet and internal systems are monitored.

System audits / vulnerability diagnosis

The Company periodically performs system audits and vulnerability diagnosis of systems made public on the Internet, and checks whether any improvements can be made to security measures.

Implementation of cybersecurity education

SBI ARUHI periodically implements the following training and drills to increase employees’ knowledge of cybersecurity.

Information security training

We provide training for learning about information security knowledge and measures, examples of the latest incidents in Japan and overseas, and the Company’s rules.

Targeted e-mail attack drills

Training emails simulating a targeted email attack are sent in drills conducted to improve employees’ ability to deal with targeted email attacks.

Incident response drills

We conduct incident response drills for learning how to respond in the event of a cybersecurity incident.

Compliance

Promoting compliance

In “SBI ARUHI Compliance Code of Conduct”, SBI ARUHI stipulates basic compliance matters, including its approach to compliance promotion, whereas in “Compliance Regulations”, the Company stipulates more detailed implementation standards for various operations. Furthermore, “Compliance Manual” serves as a specific guide for compliance activities. To ensure that these codes of conduct are consistently remembered and acted upon in daily operations, we have adopted the slogan "compliance first" and created “Compliance Handbook” from some excerpts of “Compliance Manual”. This handbook is provided to all officers and employees, including those at FC offices.

Compliance first

SBI ARUHI has always been committed to compliance-first management. We have adopted the slogan “compliance first” and have established systems to enable appropriate operation in accordance with rules through the utilization of technology and the improvement of operations. Since February 2019, posters have been distributed and displayed to ensure Company-wide awareness, including FC offices.

Compliance system

SBI ARUHI has established the Compliance Committee, an advisory body to the Chief Ethics Officer (selected from among the representative directors), to deliberate important compliance-related matters. The Compliance Committee is chaired by the Chief Compliance Officer (CCO). Under the supervision of the officer, the Compliance Department is in charge of compliance-related matters, and the department is responsible for formulating and promoting “Compliance Program”, which is a practical action plan. “Compliance Program” is established each year after submission to the Compliance Committee and approval of the Board of Directors.

In addition, in order to promote compliance activities throughout the Company, the general manager of each division, office, and branch is responsible for compliance, and each division and branch has a compliance promoter. Furthermore, we have appointed compliance promotion managers (responsible for management and guidance regarding compliance at directly managed offices and FC offices under their jurisdiction) at directly managed offices and FC offices. These managers ensure compliance activities are implemented through detailed communication within offices.

We recognize the importance of continuing to strengthen these efforts, including at FC offices, and are striving to foster a compliance culture by maintaining a management system through periodic inspections in addition to regular education and training for all officers and employees, including those at FC offices, and voluntary inspections conducted once a month. The Compliance Department monitors and verifies achievement status throughout the year. The results of verification and internal audits are used to formulate improvement measures, which are reported to the Board of Directors.

In this way, we are striving to ensure and strengthen compliance by establishing a system that enables the continuous implementation of the PDCA cycle led by our management team, providing regular training, appointing outside experts, harnessing technologies, and improving operations to ensure appropriate business operations in accordance with rules.

Anti-corruption

SBI ARUHI has defined an anti-corruption policy for its executives and employees (collectively, "employees, etc.") to ensure compliance with bribery regulations in Penal Code and Unfair Competition Prevention Act in Japan, Foreign Corrupt Practices Act 1977 in the US, Bribery Act 2010 in the UK, and other anti-corruption laws and regulations in Japan and other countries.

In the policy, the Company ensures that its employees, etc. make decisions regarding transactions with external parties in a fair, impartial, and independent position. We prohibit employees, etc. from giving and accepting excessive business entertainment and gifts, engaging in any unlawful conduct, including bribery, and giving business gifts and entertainment to government employees, which is intended to eliminate conflict of interest with external parties. The Company does not make political contributions in any country.

Should we become aware of actual or potential violations of our anti-corruption policy or anti-corruption laws and regulations, we immediately fact-check it, identify causes, and take appropriate corrective measures accordingly.

Personal information protection

Initiatives aimed at the protection of personal information

In recent years, society has shown heightened interest in the importance of protecting personal information due to the use of advanced information, and we believe it is our social responsibility to protect the personal information we receive from all customers including affiliated companies and the personal information of SBI ARUHI employees. The Company has established “Personal Information Protection Policy” and “Basic Rules for Personal Information Management” in compliance with JIS Q 15001, and is building systems to protect personal information. We will promote the protection of personal information by ensuring officers and employees, etc. are aware of the importance and take action for the protection of personal information.

SBI ARUHI has appointed a Personal Information Manager to implement and operate a personal information protection management system. To ensure that the personal information protection management system is properly implemented, plans are formulated on a regular basis and progress is reported to management. In addition, under “Basic Rules for Personal Information Management”, a system is in place to respond promptly in the event of information leaks or other incidents, in accordance with the instructions of the Personal Information Manager.

Furthermore, SBI ARUHI regularly conducts the following training and other activities to improve employees' knowledge regarding personal information.

Regular compliance training

This training helps employees to learn about laws, regulations, and SBI ARUHI rules regarding the handling of personal information.

Compliance news

This regular newsletter provides reminders and other information regarding the handling of personal information.

• ※ Training and news include content related to compliance and important laws and regulations in addition to the handling of personal information.

Prevention of money laundering and financing of terrorism

SBI ARUHI has established “Basic Policy for Prevention of Money Laundering and Financing of Terrorism” and “Regulations for Prevention of Money Laundering and Financing of Terrorism”, with reference to “Guidelines for Anti-Money Laundering and Combating the Financing of Terrorism” established by Japan’s Financial Services Agency. In addition, we have established “Detailed Regulations on Confirmation Procedures, etc.”, which provide information for confirmation procedures at the time of transaction in our operations. By ensuring proper business operations, we strive to prevent the financing of terrorism and money laundering through timely and appropriate reporting of suspicious transactions.

Basic Policy for Prevention of Money Laundering and Financing of Terrorism

1. Establishing a system for the prevention of money laundering and financing of terrorism

SBI ARUHI strives to establish and maintain a system to prevent the products and services we provide from being used for money laundering or financing terrorism.

2. Involvement of management

SBI ARUHI’s management considers acting against money laundering and financing of terrorism to be an important strategic management issue and will proactively and aggressively address this issue.

3. Identification, assessment and mitigation of risks related to money laundering and financing of terrorism

SBI ARUHI adopts a risk-based approach to examine the risks associated with the products and services we offer, transaction types, countries and regions involved in transactions, and the attributes of our customers to identify money laundering and terrorism financing risks. Then, we assess the impact of the identified risks on the Company and take appropriate measures based on the results to mitigate these risks.

4. Customer due diligence

We will strive to eliminate business relationships with inappropriate customers, including antisocial forces, by implementing procedures such as identity verification in accordance with relevant laws and regulations, determining whether or not to accept new customers, and conducting appropriate customer management.

5. Monitoring for and reporting suspicious transactions

SBI ARUHI conducts appropriate transaction monitoring to detect suspicious transactions. When we detect a suspicious transaction, we report the transaction to the relevant supervisory authority.

6. Preservation of documents, records, etc.

SBI ARUHI properly preserves documents, records, etc. related to the fight against money laundering and financing of terrorism in accordance with applicable laws and regulations.

7. IT system utilization and data management

SBI ARUHI strives to utilize IT systems and appropriately manage data in the interest of improving the sophistication and efficiency of anti-money laundering and terrorism financing measures.

8. Continuous improvement

SBI ARUHI conducts regular inspections and internal audits of our anti-money laundering and terrorism financing measures, striving to continually improve our systems. In addition, we will take a forward-looking approach to strengthen our management systems to ensure that we will not be party to money laundering or financing of terrorism in the future.

9. Officer and employee training

At SBI ARUHI, we will strive to deepen the knowledge and understanding of our officers and employees through training and other means to prevent money laundering and the financing of terrorism.

Whistleblower system

SBI ARUHI has established “Whistleblower Rules”, creating a whistleblower system that allows officers, employees, and others who learn about a violation or a potential violation of compliance such as a legal violation or fraudulent activities to directly report to a contact able to appropriately respond to the matter outside the normal route (contacting the direct superior or the Compliance Department).

Its hotline is open to officers and employees (including former employees) of SBI ARUHI and its subsidiaries and officers, employees, etc. (including former employees) of Franchisees. Reports can be made by various means, including without limitation, telephone, letter, email, and in person.

Reports are also accepted through multiple other contact points (Compliance Department as internal compliance hotline, external attorneys acting as external compliance hotline). Unfair treatment of persons contacting a hotline is prohibited with regard to employment or otherwise. Reports can be filed anonymously.