Tag: japan

[Summary] Evolution of GCCs in India

FINOLAB COLUMN, RESEARCH

[Summary] Evolution of GCCs in India

Original article in Japanese by Makoto Shibata was published for FinTech Journal on Mar. 1, 2026) https://www.sbbit.jp/article/fj/182208

The Black Swan Summit India 2026, held in Bhubaneswar, Odisha, highlighted a significant transformation in India’s Global Capability Centers (GCCs). Traditionally known as an offshore development hub focused on cost efficiency, India is now evolving into a global center for financial innovation and advanced digital capabilities.

Historically, Japanese and global financial institutions leveraged India for IT outsourcing, including system development and back-office operations. However, this model is rapidly shifting. GCCs are increasingly established as in-house, strategically controlled global hubs responsible for high-value functions such as AI development, data analytics, risk management, and even global business strategy. India has become the world’s largest GCC hub, with over 1,700 centers.

This shift is particularly evident in the financial sector, where increasing regulatory complexity, AML requirements, fraud detection, and AI-driven risk management demand deeper integration of business knowledge and technology. As a result, companies are moving away from outsourcing toward internal capability building through GCCs.

Odisha represents a new phase in this evolution. While traditional GCC hubs were concentrated in major cities like Bengaluru and Hyderabad, rising costs and talent competition are driving expansion into Tier-2 cities. Odisha is positioning itself as a FinTech-focused GCC destination, leveraging India’s Digital Public Infrastructure (DPI)—including UPI, Aadhaar, and ONDC—to create a unique environment for financial innovation. The state is also investing in advanced talent development, particularly in AI.

For financial institutions, this marks a structural shift. GCCs are no longer limited to downstream implementation tasks but are increasingly responsible for upstream functions such as business design, algorithm development, and innovation. In areas like credit modeling and fraud detection, GCCs are becoming central to competitive advantage.

For Japan, the implications are significant. Amid domestic IT talent shortages, Indian GCCs—especially in emerging regions like Odisha—can be redefined not merely as cost-saving options but as strategic partners in co-creating financial digital transformation (DX). This perspective is already reflected in the growing interest of major Japanese financial institutions, such as MUFG and SMBC, in expanding their presence and collaboration in India.

Overall, the evolution of GCCs in India represents a transition from efficiency-driven outsourcing to innovation-driven global R&D strategy, supported by both the scale and quality of India’s talent pool.ns capable of making concrete strategic choices will capture the next wave of growth.

[Summary] Key FinTech Predictions and Strategic Actions for 2026

FINOLAB COLUMN, RESEARCH

[Summary] Key FinTech Predictions and Strategic Actions for 2026

(Original article in Japanese by Makoto Shibata was published for FinTech Journal on Jan. 4, 2026)   https://www.sbbit.jp/article/fj/177565

The report outlines major trends shaping the fintech landscape in 2026, marking a transition from experimentation to full-scale implementation. Over the past decade, collaboration between startups and traditional financial institutions has matured, moving beyond “proof-of-concept fatigue” toward meaningful business integration, including investments and acquisitions. Against this backdrop, 2026 is expected to be a decisive year for execution and scaling.

1. Expansion of Stablecoins and Crypto Regulation

Global momentum around stablecoins has accelerated following regulatory developments such as the U.S. GENIUS Act. In Japan, yen-denominated stablecoins have emerged, and further practical use cases—such as cross-border payments and interoperability with USD stablecoins—are expected. At the same time, crypto assets may be reclassified as financial instruments, introducing stricter regulations including insider trading rules.

2. Growth of Tokenization

Tokenization of assets, particularly real estate, is expanding rapidly in Japan, with market size doubling year-on-year. New asset classes such as private equity are entering the space, signaling broader adoption. Standardization of issuance, custody, and trading infrastructure will be critical for scaling.

3. Practical Use of Generative AI and AI Agents

Generative AI is moving from experimental use to real-world applications, including customer-facing advisory services. The evolution toward AI agents—capable of autonomously executing tasks—is expected to reshape operational processes, starting with workflow-based systems and progressing toward more autonomous models.

4. Advancement of Personalization

AI-driven personalization will transform financial services by leveraging customer data to provide tailored financial advice and products. In insurance, usage-based models incorporating behavioral and IoT data (e.g., wearables, smart homes) will become more prominent.

5. Expansion of Cloud Adoption

Cloud migration in core banking systems is accelerating, driven by improved security, regulatory flexibility, and cost efficiency. While digital banks are leading, regional banks face challenges in expertise and governance, highlighting the need for talent development.

6. Rise of Embedded Finance and BaaS

Financial services are increasingly embedded into non-financial platforms, making finance seamless within everyday services. BaaS models are diversifying, enabling tailored banking solutions for SMEs, foreign residents, and specific industries.

7. Evolution of Digital Identity and KYC

Japan’s digital ID infrastructure, centered on the My Number card, is becoming the foundation for identity verification. Regulatory changes will phase out less secure methods, pushing financial institutions toward more robust digital authentication systems.

8. Corporate Account Risks and Opportunities

Corporate accounts are under greater scrutiny due to fraud and money laundering risks. At the same time, competition to serve SMEs is intensifying, with opportunities to expand lending using alternative data and improved user experience.

9. Increase in Digital Financial Crime

Cybercrime is becoming more sophisticated, including account takeovers and ransomware attacks. Financial institutions must adopt multi-layered security strategies, while AI-driven fraud detection will play a key role.

10. Emergence of Quantum Technology Risks

Although practical quantum computing is still years away, the threat to current cryptography is driving early adoption of post-quantum cryptography (PQC). Financial institutions are expected to begin preparing migration strategies.

Conclusion

These ten trends are interconnected and collectively push fintech into a new phase of implementation. Technologies such as stablecoins, tokenization, AI, and cloud are no longer theoretical—they are actionable. In 2026, success will depend on how decisively organizations move from concept to execution.

  • Financial institutions must redesign their business models to integrate into broader ecosystems.
  • Fintech companies must deliver scalable, regulation-compliant solutions.
  • Policymakers must balance innovation with risk management.

Ultimately, 2026 will be a year where only organizations capable of making concrete strategic choices will capture the next wave of growth.

[Summary] Detecting Fraud Signals in Startups through AI

FINOLAB COLUMN, RESEARCH

[Summary] Detecting Fraud Signals in Startups through AI

(Original article in Japanese by Makoto Shibata was published for FinTech Journal on Oct. 9, 2025) https://www.sbbit.jp/article/fj/172629

The report examines recurring cases of fraudulent disclosure among startups, highlighted by the accounting scandal of a recently listed Japanese company that collapsed shortly after its IPO. Similar cases—such as inflated revenues through circular transactions, fictitious sales, premature revenue recognition, and misleading disclosures—demonstrate that financial misconduct is not isolated but systemic.

Why Fraud Repeats

The report identifies common underlying factors:

  • Strong pressure to show rapid growth and achieve high valuations
  • Lack of integrity in top management
  • Weak internal controls and governance
  • Inadequate responses to auditors
  • Investor bias toward cutting-edge sectors such as AI or biotech

Fraud often begins even before IPO preparation and typically follows three patterns: revenue manipulation (e.g., circular transactions), exaggeration of business performance, and governance failures.

Key Investor Checkpoints

Investors—especially in growth-stage startups—should critically assess:

  1. Revenue credibility (e.g., circular flows, concentration of clients, cash collection evidence)
  2. Validity of technology and business claims
  3. Related-party transactions and goodwill accounting
  4. Strength of internal controls and audit quality
  5. Disclosure practices and management behavior

The report stresses that financial figures alone are insufficient; understanding the underlying business reality is essential.

Role of AI in Fraud Detection

Advances in AI are enabling earlier detection of fraud signals through:

  • Automated analysis of contracts, invoices, and financial transactions
  • Cross-checking external data (registries, news, credit data)
  • Verification of scientific and technical claims via global databases
  • Sentiment and consistency analysis of disclosures
  • Continuous monitoring of news, social media, and business metrics

AI can generate risk scores, dashboards, and audit trails, improving transparency in investment decisions. However, it should be viewed as a “sensor” for early warning, not a definitive detector.

Implications for Startup Investment

The adoption of AI shifts the paradigm from post-fact detection to early-stage prevention of fraud. As regulatory reforms expand startup investment opportunities in Japan, enhancing disclosure reliability becomes increasingly important.

Going forward, investors will need to integrate not only financial data but also non-financial and societal impact metrics, supported by AI-driven analysis, to make more robust investment decisions.

[Summary] Future of Payment Systems in Japan: From the Study Group Report from Zengin System | FinTech Topics #126

FinTech Topics

[Summary] Future of Payment Systems in Japan: From the Study Group Report from Zengin System | FinTech Topics #126

(Original Video in Japanese was published on the FINOLAB CHANNEL on Mar. 31, 2026 by Makoto Shibata)

The study group report on the Future of Payment Systems in Japan was published on Mar. 19, 2026, focusing on the Zengin System, Japan’s core interbank settlement infrastructure. While the Zengin System has long supported reliable bank transfers, it now faces growing pressure to evolve due to rapid changes in the financial landscape.

1. Limitations of the Current System

  • The Zengin System is highly stable but not designed for real-time, 24/7 digital demands.
  • It reflects a legacy structure optimized for traditional banking rather than modern, data-driven finance.

2. Rise of New Payment Needs

  • Increasing demand for instant payments, always-on availability, and seamless user experience.
  • Growth of cashless payments, fintech services, and platform-based economies is reshaping expectations.

3. Competition and External Pressure

  • Non-bank players and fintech companies are introducing more flexible and user-centric payment solutions.
  • Global trends (e.g., real-time payment systems in other countries) highlight the need for Japan to modernize.

4. Direction of Reform

  • The report suggests upgrading infrastructure toward:
    • 24/7 real-time processing
    • Open and interoperable systems
    • Enhanced data utilization (beyond simple fund transfers)
  • Emphasis on collaboration between banks, FinTech companies, and other industries.

5. Strategic Implications

  • Payment systems are no longer just “infrastructure” but a core competitive domain.
  • Future financial services will be built around embedded finance, APIs, and ecosystem integration.

Conclusion

The video concludes that Japan’s payment system must transition from a bank-centered, batch-processing model to a real-time, ecosystem-driven platform.
This transformation is essential not only for maintaining competitiveness but also for enabling innovation in the broader digital economy.

[Summary] Implementation of Enterprise Value Collateral: Expanding Funding Options for Startups | FinTech Topics #125

FinTech Topics

[Summary] Implementation of Enterprise Value Collateral: Expanding Funding Options for Startups | FinTech Topics #125

(Original Video in Japanese was published on the FINOLAB CHANNEL on Feb. 24, 2026 by Makoto Shibata)

On May 25, 2026, Japan will reach a historic milestone in its financial evolution with the enforcement of the “Act on Promotion of Business-Based Financing.” The centerpiece of this legislation is the introduction of “Enterprise Value Collateral Rights”—a new lending framework designed to move away from the traditional reliance on real estate collateral and personal guarantees from business owners.

1. What is “Enterprise Value Collateral”?

Historically, Japanese bank loans have required “tangible assets” such as land or buildings as security. However, the core strengths of modern startups and service industries lie in “intangible assets”—brands, proprietary know-how, and customer bases.

  • Scope of Collateral: This right covers a company’s “total assets.” This includes future assets, intellectual property, business models, and projected cash flows.
  • Evaluation Perspective: Instead of looking solely at past financial statements or real estate appraisals, lenders will evaluate a company’s future potential and growth capacity.
  • The Mechanism: The right is established and registered via a trust agreement. In the event of default, the principle is to pursue a “business transfer” (selling the business as a whole) rather than liquidating individual assets, ensuring business continuity.

2. Why is this Reform Necessary Now?

Japan’s traditional financial system has faced long-standing criticism for two main reasons:

  1. Limited Growth Support: Even high-growth companies were often unable to secure sufficient loans because they lacked physical collateral.
  2. Rigid Supply of Capital: It was difficult to provide capital flexibly for critical stages such as business succession or corporate restructuring.

Under the new system, if a business can prove its future viability, it is expected that the flow of “risk money” will improve across all phases: from founding and growth to turnaround.

3. Benefits for Startups: The Coexistence of Debt and Equity

For startups—particularly those between Series A and Series B rounds—this system serves as a powerful new tool.

  • Preventing Equity Dilution: Previously, founders were forced to rely almost entirely on Venture Capital (equity), often leading to excessive dilution of their ownership. Now, “Bank Loans (Debt)” become a viable alternative.
  • Lending Possible Despite Deficits: For SaaS companies that are in the red due to heavy upfront investment, banks can now provide growth capital if they can verify healthy KPIs, such as low Churn Rates or high LTV (Lifetime Value).
  • Clearer Role Division: A synergy will emerge where VCs provide “aggressive risk money” for high-stakes bets, while banks provide “stable growth capital” based on business value.

4. The Challenge of “Advanced Discernment”

For this system to succeed, several hurdles must be overcome:

  • Establishing Evaluation Models: Determining who measures business value and how is critical. There is an urgent need for specialists and models capable of judging market growth and human capital.
  • Monitoring Burden: Startups will be required to maintain transparent KPI management and actively disclose both financial and non-financial information.
  • Regional Bank Capabilities: A major focus will be whether regional banks, which may have limited specialized personnel, can effectively step into this advanced form of credit judgment.

5. Case Studies: Pioneers of Venture Debt in Japan

While the formal introduction of the “Enterprise Value Collateral” system is set for 2026, several forward-thinking financial institutions and startups are already paving the way. By utilizing creative debt structures, these players are providing vital capital to startups that have traditionally been overlooked.

  • Aozora Bank: A true pioneer in the space, Aozora has a long-standing history of actively promoting debt financing for venture companies, leveraging internal expertise to evaluate high-growth potential where others saw only risk.
  • UPSIDER & Mizuho Bank: One of the most notable recent developments is the “UPSIDER Blue Dream Fund.” This collaboration combines the speed of a fintech startup with the capital strength of a megabank, creating a fund specialized specifically in venture debt.
  • Flex Capital (Fivot): As a representative of fintech-led lending, Flex Capital provides data-driven venture debt. They offer a flexible alternative to equity financing, allowing founders to fuel growth without immediate dilution.
  • Siiibo Securities: In a clever use of existing financial instruments, Siiibo enables startups to raise what is essentially venture debt by issuing corporate bonds via private placement. This demonstrates how existing systems can be innovated to create new pathways for capital.

Summary: A System that Tests the “Power of Belief” in the Japanese Economy

The introduction of Enterprise Value Collateral is more than just a new loan product. It is a system that tests how much Japan’s indirect financial sector can truly “believe in” and support the future potential of its companies.

If banks can accurately evaluate the growth margins of startups and deepen their relationships, the Japanese economy stands a real chance of returning to a path of powerful, sustained growth.

[Summary] Japan’s Crypto Transformation: Shifting from “Means of Payment” to “Financial Instruments” | FinTech Topics #124

FinTech Topics

[Summary] Japan’s Crypto Transformation: Shifting from “Means of Payment” to “Financial Instruments” | FinTech Topics #124

(Original Video in Japanese was published on the FINOLAB CHANNEL on Jan. 20, 2026 by Makoto Shibata)

On December 10, 2025, the Financial System Council’s Working Group (WG) released a report that marks a historic turning point for digital assets in Japan. Based on these recommendations, specific legislative amendments are expected to be finalized over the next one to two years, fundamentally reclassifying crypto assets within the Japanese legal framework.

1. Background: The Evolution into an Investment Asset for 13 Million Users

While crypto assets like Bitcoin were originally introduced as a “means of payment” for seamless transactions, the reality in Japan has shifted significantly:

  • Market Scale: Domestic crypto accounts have exceeded 13 million, with assets under custody reaching approximately 5 trillion yen.
  • User Intent: Nearly 90% of users hold crypto for long-term investment purposes—a higher ownership rate than Forex (FX) or corporate bonds.
  • Critical Issues: Challenges such as opaque information disclosure, scams by unregistered operators, cybersecurity breaches, and a lack of measures against unfair trading have necessitated a more robust framework.

To address these realities, a new system is required to protect users as “investors” rather than just “consumers.”

2. Fundamental Regulatory Overhaul: Transitioning to the FIEA

The most significant change is the shift of the legal basis from the Payment Services Act to the Financial Instruments and Exchange Act (FIEA).

  • Unified Regulation: By integrating crypto under the FIEA, Japan aims to enhance market fairness and investor protection to the same standard as traditional stocks and bonds.
  • Scope: While “Crypto Assets” are the primary focus, NFTs and Stablecoins will continue to be regulated under existing frameworks tailored to their specific functions.

Strengthening Information Disclosure

To eliminate information asymmetry, the following obligations are being considered:

  • Issuers: Mandatory disclosure of information at the time of new sales for centralized projects.
  • Exchanges: An obligation to gather technical data and provide it to users in an easy-to-understand format.
  • Continuous Disclosure: Ongoing reporting of material events that could impact investment decisions, alongside periodic financial disclosures.

3. Cracking Down on “Unfair Trade”: Insider Trading Regulations

Insider trading regulations, previously reserved for the securities market, will now be applied to crypto assets.

  • Prohibited Acts: Individuals with access to “material non-public information” will be banned from trading before public disclosure.
  • Examples of Material Facts: Bankruptcy of an issuer, discovery of major security risks, info regarding new listings or delistings, and large-scale trades exceeding 20% of the circulating supply.
  • Enforcement: The introduction of a monetary surcharge system (administrative fines) will significantly strengthen legal enforcement.

4. The Long-Awaited 20% Separate Taxation

Perhaps the most impactful change for investors is the tax reform. Following a Cabinet decision on December 26, 2025, a major policy shift was announced:

  • Current Status: Classified as “Miscellaneous Income” subject to aggregate taxation (with a maximum tax rate of 55%).
  • New Policy: Transition to 20% separate taxation (15% income tax and 5% local inhabitant tax), aligning crypto with other financial instruments under the FIEA.

This change is expected to allow for profit/loss carryforwards and significantly elevate the status of crypto assets as a legitimate investment vehicle.

5. Impact on Business and Future Outlook

The regulatory landscape for businesses will undergo a dramatic transformation:

  • Increased Burden on Exchanges: Operators will face stricter “ancillary business restrictions” and security requirements equivalent to Type I Financial Instruments Business operators. Requirements for “liability reserves” against hacks may increase operational costs and entry barriers.
  • Lower Barriers for Financial Institutions: Following the reform, banks and insurance companies may be permitted to hold crypto assets directly. Furthermore, their subsidiaries are expected to be allowed to engage in exchange services and investment management.

Conclusion

By reclassifying crypto assets as financial instruments, this shift effectively resolves the issues found under previous payment-focused regulations.

While increased compliance costs remain a challenge for operators, the transition to 20% separate taxation provides a massive tailwind for general investors. Though full implementation may take up to two years, the roadmap is now clear, and the industry is entering a new era of institutional maturity.

[Summary] New Developments in Corporate Transactions: Business Opportunities and Risks Surrounding Corporate Accounts | FinTech Topics #123

FinTech Topics

[Summary] New Developments in Corporate Transactions: Business Opportunities and Risks Surrounding Corporate Accounts | FinTech Topics #123

(Original Video in Japanese was published on the FINOLAB CHANNEL on Dec. 17, 2025 by Makoto Shibata)

The wave of digitalization is drastically changing not only individual financial transactions but the very nature of corporate banking. Currently, the environment surrounding corporate accounts is accelerating in two directions simultaneously: a strengthening of “defensive” regulations to prevent illicit use, and an “offensive” expansion of digital services targeting SMEs.

Based on the insights from Fintech Topics #123, this article breaks down the latest trends in corporate accounts from the dual perspectives of “Risk & Regulation” and “Business Opportunities.”

1. The “Defensive” Side: Tightening Regulations and Fraud Countermeasures

Abuse of corporate accounts for money laundering, fraud, and phishing has surged in recent years. In response, the regulatory frameworks of authorities and related organizations are shifting significantly.

Strengthening “Beneficial Owner (BO)” Verification

In March 2025, the Japan Business Federation (Keidanren) announced a push to raise awareness for the “Beneficial Owner List System.” This procedure identifies the actual individuals (business owners) who control a corporation.

  • Impact: New corporations, companies with complex ownership structures, and Japanese subsidiaries of foreign firms will face more standardized and rigorous screening processes, such as the mandatory submission of lists issued by the Legal Affairs Bureau upon account opening.

Thorough Implementation of the Risk-Based Approach

The Financial Services Agency (FSA) published its “Status and Challenges of Measures against Money Laundering, CFT, and Financial Crimes (2024 Edition).”

  • Requirement for Specificity: Financial institutions are now required to provide proof of effectiveness based on concrete risk evaluations (e.g., business nature, transaction regions, transaction patterns) rather than just stating that they have “measures in place.”
  • Operational Shifts: For transactions involving high-risk industries or specific countries, the outlook includes an increase in requests for additional documentation and longer timeframes for account opening.

The Evolution of eKYC and Regulatory Reform

The method for identity verification (eKYC) is changing due to amendments to the Act on Prevention of Transfer of Criminal Proceeds.

  • New Method: Public Personal Authentication using My Number Card information stored on smartphones will become the mainstream.
  • Scheduled Abolition: The current mainstream method—matching a “face selfie” with a photo of an ID document—is scheduled to be abolished in April 2027. Consequently, online corporate account opening needs to be redesigned based on the My Number Card system.

Requests for Fraud Prevention Measures

The National Police Agency and the FSA have jointly requested the strengthening of fraud prevention for corporate accounts.

  • Multi-layered Detection: Monitoring focused on access environments, transaction amounts, and frequency will be enhanced. If suspicious activity is detected, institutions are requested to promptly suspend withdrawals, freeze accounts, or terminate contracts.

Alerts on Voice Phishing and Literacy Improvement

The Japanese Bankers Association has issued a warning regarding “voice phishing” targeting corporate accounts.

  • Method: Scammers pose as bank employees over the phone to skillfully lure victims to fake websites, stealing internet banking login IDs and passwords.
  • Countermeasures: High literacy is required not only from banks but also from corporate users. It is essential to strictly enforce basic principles: “Banks will never ask for passwords via phone or email” and “Always log in via bookmarks, never through links in emails or messages.”

2. The “Offensive” Side: Business Opportunities for SMEs

Conversely, financial institutions face challenges such as the reduction of staff and branches and the need to secure profitability. This has enhanced an effort by banks to support corporate clients efficiently through digital offerings.

Digitalization Support by Megabanks

  • SMBC (Trunk): This service aims to capture share among small and micro-enterprises by offering low fees, supporting automated payments for social insurance and taxes, and providing speedy account opening.
  • MUFG (Partnership with LayerX): Through “Bakuraku MUFG,” the bank offers a system that uses AI OCR to automatically read invoices and provides an end-to-end workflow for approvals, internal decisions, and accounting, helping SMEs streamline back-office operations.

API and App Strategies by Net Banks

  • GMO Aozora Net Bank: Provides a dedicated corporate app to enable agile operations entirely via smartphone. They also provide BaaS (Banking as a Service) functions to Ikeda Senshu Bank (01BANK), which utilizes data from cloud services to build new credit models that do not rely solely on traditional financial statements.

3. FinTech Startups Supporting Corporate Transactions

The future of corporate transactions will be supported by FinTech companies collaborating with financial institutions.

  • Identity & Existence Verification: Startups like Liquid and TRUSTDOCK (eKYC) and SimpleForm (corporate existence verification and ongoing follow-up) are highly active.
  • Fraud Detection: Services such as Caulis (FraudAlert) ensure the safety of transactions.
  • Functional Expansion: Value-added services for corporate accounts are being enhanced by freee and Money Forward (accounting), LayerX, Rakus (Raku Raku Seikyu)., and TOKIUM (invoicing/expense management), and Kaikei Bank (tax filing).

Summary: The Digital Touchpoint is the New Battlefield

The movements surrounding corporate accounts can be summarized into two key points:

  1. Sophistication of Risk Response: Due to tightening regulations, more precise data and digital identity verification have become indispensable for opening and maintaining accounts.
  2. Providing Added Value: The ability to provide seamless integration between payment functions and back-office operations (accounting, invoicing, credit) will determine the competitiveness of financial institutions.

Business opportunities in the corporate FinTech sector—covering both “defensive” solutions and “offensive” functional expansions—are highly likely to continue expanding through the utilization of startup technologies.

[Summary] Expanding Utilization of My Number and My Number Card in the Financial Sector | Fintech Topics #122

FinTech Topics

[Summary] Expanding Utilization of My Number and My Number Card in the Financial Sector | Fintech Topics #122

(Original Video in Japanese was published on the FINOLAB CHANNEL on Nov. 21, 2025 by Makoto Shibata)

This article delves into the details and specific advancements of the expanding use of My Number and the My Number Card in the financial sector, as explained in FinTech Topics #122.

The Foundation of the My Number System and the Significance of the Card

While often confused, the roles and functions of the My Number and My Number Card are clearly distinct.

Firstly, the My Number is a 12-digit number assigned to every resident in Japan, including foreign nationals. Once assigned, this number never changes and serves as a “Common ID for Administration,” utilized in administrative fields such as taxation, social security, and disaster response.

On the other hand, the My Number Card is a plastic identification card with an IC chip on which the My Number is printed. The card contains basic information such as the holder’s name, address, date of birth, gender, and photograph. Furthermore, the embedded IC chip stores an electronic certificate containing this basic information. It is important to note that the IC chip does not contain highly sensitive personal information such as tax records or medical history.

Regulatory Relaxation Driving Expansion of Use

When the My Number system launched in 2016, its use was severely restricted to statutory matters in social security, tax, and disaster response, imposing major constraints on private businesses. However, deregulation of the scope of use has been gradually advanced to promote the system and enhance convenience.

A significant development was the promulgation of the revised law in June 2023, which legally explicitly authorized the My Number Card for use as a health insurance card. Moreover, the Digital Agency has signaled a direction to expand the card’s use for identity verification beyond the traditional administrative-only framework to encompass private-sector applications.

Behind this expansion is the strict control over the use of the My Number itself, while simultaneously promoting the use of the electronic certificate on the My Number Card for identity verification, and exploring the future use of the IC chip’s empty space to store various information. Therefore, the discussion must distinguish between the use of the My Number and the use of the My Number Card as a means of identity verification.

Concrete Examples of Advancing Use in the Financial Sector

The My Number Card is already being utilized in various ways within the financial sector and public procedures:

FieldUsage Type/ServiceDescription/Example
Myna PointPoint reduction for cashless paymentsA system where My Number Card holders use a registered cashless payment service (QR payment, electronic money, etc.), and receive points from the national government.
Deposit Account Numbering SystemMy Number notification to financial institutions & account linkingA system introduced in 2025 that links deposit accounts to the My Number. It is also possible to register other financial institution accounts (e.g., other bank accounts).
Public Fund Receiving Account Registration System)Account registration for receiving public payments like benefitsA system for registering deposit account information along with applications for public payments, such as benefits, pensions, and child allowances, to simplify the application process.
eKYCIdentity verification using the My Number Card’s IC chipA method used by financial institutions and payment service providers to conduct online identity verification (eKYC) using the My Number Card’s IC chip (electronic certificate and recorded data) and facial photographic information.
Facial Recognition Payment – PoCUtilization of My Number Card’s facial photo dataProof-of-concept experiments are underway to use the facial photo data linked to the My Number Card for face authentication payments at stores (e.g., NEC or regional payment and collaboration experiments).
Local Government Cashless PaymentUsing cashless payments as a payment method for administrative proceduresAn increasing number of local governments are enabling cashless payments for resident registration procedures, certificate issuance, etc., via the Myna Portal or related services (QR payment, credit card, etc.).

The Japanese Approach Contrasted with International Examples

Looking at how national individual numbers are used overseas, there is a fundamental split between the approach where the ID number is used as the payment address and the approach where identity verification is done, but the national individual number itself is not used as the primary ID for payment.

Country/SystemID/Number SystemPayment/Financial Linkage & StatusKey Notes / Points of Interest
India – Aadhaar + UPI (Unified Payment Infrastructure)Aadhaar (National identification number linked to biometrics)UPI is an instant payment interface linked to bank accounts. Research proposing an Aadhaar-based wallet method is also emerging.UPI has a very high adoption rate and is considered a success story for payment infrastructure. However, the Aadhaar number is not fully adopted as the payment ID; the concept of an Aadhaar-based virtual wallet is still in the research proposal stage.
Singapore – PayNowNRIC (National Registration Identity Card, etc.) or mobile numberPayNow is an interbank real-time payment platform that links to the mobile number or NRIC (ID). The ID is actually used as one of the payment keys.The ID is actually used as one of the payment keys.
Malaysia/ASEAN Countries – QR SystemID systems exist in each country (varies by country)Systems aimed at standardizing QR payments among member countries, such as the ASEAN Integrated QR Code Payment System.The main purpose is the integration of the payment infrastructure, rather than a direct link to the ID number. However, the possibility of linking with ID authentication in the future is also being considered.
Ghana – e-zwichProprietary smart card (supported by banks and the state)A national payment and remittance system using its own smart card. Allows payment/transfer between payment, bank, and non-bank entities.Features include linking the smart card with biometrics and fingerprints.

In this international comparison, Japan’s ID usage adopts an approach where the My Number itself is for limited use, and identity verification is conducted outside of the number’s direct utilization. This aims to balance the strict control over the number’s use with the convenience provided by the card.

Latest Private Sector Utilization Solutions

In tandem with regulatory relaxation and technological advancement, private companies are rapidly introducing innovative services based on the My Number Card.

  1. Digital Wallet Integration: Myna Wallet and Myna Pay
    • “Myna Wallet”, developed by startups, links the My Number Card to a digital wallet to provide secure payments and ID verification, also looking toward Web3 integration. The related “Myna Pay” envisions a world where payment is possible simply by possessing the My Number Card. These trademarked services are expected to expand into regional resident discounts and preferential services by leveraging the card’s ID verification capability.
  2. Regional Currency and Transportation Payment Linkage
    • Regional Currency “Amakusa no Sari”: A regional currency established by a joint venture involving SBI Holdings and Kyushu Electric Power, which has introduced a mechanism for payment using the My Number Card. This is an example of linking regional currency with a public ID.
    • stera transit: A transportation payment platform by Sumitomo Mitsui Card that partners with an eKYC provider. It offers a system for smooth use of public transportation by performing ID verification with the My Number Card.
  3. Authentication Platform: VeriMe
    • Following the ability to register and use the My Number Card on iPhones, Panasonic Connect announced the “VeriMe” authentication platform for companies and local governments. This service allows for integration with payments, ID verification, and various applications, with expectations for broad future use.

Conclusion: Expansion of Private Use and Future Outlook

In the financial industry, the use of the My Number Card for identity verification and related payment solutions is steadily increasing.

Under the current policy, the My Number number itself is not permitted to be used as a payment address, and this policy is expected to be maintained. However, the My Number Card is seeing increased convenience through links like the health insurance card, and the scope of private-sector use, such as electronic authentication for ID verification, is significantly expanding.

As a result, innovative payment solutions like “Myna Wallet” are emerging, and it is anticipated that practical use cases will continue to increase.

[Summary] The Persistent Ransomware Threat: The Evolution of an Old yet New Cyber Attack | Fintech Topics #121

FinTech Topics

[Summary] The Persistent Ransomware Threat: The Evolution of an Old yet New Cyber Attack | Fintech Topics #121

(Original Video in Japanese was published on the FINOLAB CHANNEL on Oct. 14, 2025 by Makoto Shibata)
https://www.youtube.com/watch?v=K8leas2QQPU

Defining the Modern Ransomware Threat

Ransomware, a compound word of “ransom” and “software,” is malicious programming designed to infect systems and encrypt data files, rendering them unusable. The attackers then demand a ransom payment—often in cryptocurrency—in exchange for the decryption key. While this threat is decades old, its evolution has led to devastating, large-scale attacks targeting major corporations.

In recent high-profile cases, the scope of damage has been immense. Beverage giant Asahi Group Holdings recently faced operational disruption to its shipping business following a ransomware attack. Last year, the attack on KADOKAWA caused major service outages (including the video platform “NICO-NICO”), coupled with the exposure of over 250,000 pieces of personal information, underscoring the severe social impact of these breaches.

The Evolving Threat Landscape

The journey of ransomware has moved far beyond simple, indiscriminate attacks to sophisticated, high-impact operations.

From Spray-and-Pray to Targeted Extortion

The earliest forms of ransomware relied on “spray-and-pray” tactics, relying on phishing emails or malicious websites to infect wide swaths of users. However, the scene quickly changed around 2013 with the emergence of powerful tools like CryptoLocker and the rise of Ransomware-as-a-Service (RaaS), which diversified and scaled attacks.

Today, the primary trend is targeted attacks, where highly sophisticated groups focus on specific, high-value entities like government agencies or major corporations, ensuring a larger payoff and maximizing disruption.

The Shift to Multi-Layered Blackmailing

Modern ransomware groups rarely rely solely on encryption. They have adopted advanced extortion tactics to increase pressure:

  • Double Extortion: Attackers first exfiltrate (steal) the data before encrypting it. They then demand a ransom not only for the decryption key but also in exchange for not publishing the stolen data on the dark web.
  • Triple Extortion: This method adds another layer of pressure, often involving a Distributed Denial of Service (DDoS) attack on the victim’s network during the crisis to prevent business recovery and force compliance.
  • Non-Encryption Extortion: Some groups skip the encryption step entirely, simply stealing the data and demanding ransom in exchange for keeping the theft and data secret.

The primary entry points for these sophisticated attacks often include vulnerabilities in VPNs (Virtual Private Networks) used by remote workers and flaws in Remote Desktop Protocol (RDP) systems.

The Critical Threat of Third-Party Risk in Finance

Financial Institutions (Fls) are prime targets due to the high value of the data they hold (account details, personal information, transaction records) and the massive societal impact of system disruption. While major FIs maintain robust, state-of-the-art security, the attacks are shifting to their peripheral partners.

Supply Chain Attacks: The Weakest Link

Direct successful ransomware attacks on the core systems of major FIs remain relatively rare. However, increasing threats are being seen through supply chain attacks targeting third-party vendors who provide crucial, yet often less-protected, services.

Examples of Vendor Breaches Affecting Japanese FIs:

  • Accounting/Consulting Firms: A ransomware attack on the Takano Comprehensive Accounting Group led to the potential leakage of customer information belonging to client FIs, including Tokyo Marine & Nichido, Iyo Bank, and Sumitomo Mitsui Trust Bank.
  • Printing Services: The printing major Iseto was attacked, resulting in the confirmed outflow of customer data from multiple FIs (including over 250,000 records from Iyo Bank alone), as the firm handled confidential print jobs and stored associated client data.

These incidents highlight that any vendor, from specialized IT services to seemingly low-risk functions like accounting and printing, represents a potential security vulnerability—a Third-Party Risk—that FIs must mitigate.

Regulatory Imperatives and the Path Forward

In response to the growing severity of ransomware and supply chain attacks, the Japanese Financial Services Agency (FSA) has tightened its regulatory guidance, emphasizing proactive prevention and robust response capabilities.

The FSA’s directives across various guidance documents establish strict requirements for FIs:

Focus AreaFSA Guidance Requirement
Third-Party ManagementFIs must pre-assess the security posture of external vendors, clearly define responsibilities and oversight in contracts (including procedures for sub-contracting), and periodically monitor the vendors’ security status.
Incident Response & RecoveryResponse plans must prioritize the customer and include procedures for rapid identification of affected areas. Crucially, plans must detail steps for rapid recovery from backups, which must be secured offline.
Defense in DepthFIs must implement multi-layered defenses: Inlet (strong filtering against phishing/malware), Internal (privileged ID management and network segmentation), and Outlet (log analysis and blocking suspicious communication).
Board GovernanceThe Board of Directors must acknowledge cyber risk as a critical business issue, integrating it into enterprise-wide risk management and ensuring adequate resources and specialized personnel are allocated.


Conclusion: Actionable Checklist for FIs and FinTech startups

For FinTech startups seeking partnerships with major FIs, and for FIs managing their vendor relationships, compliance with these regulatory requirements are non-negotiable.

CategoryKey Action Items (Based on FSA Guidance)
Vendor ManagementPre-assess the security posture of external vendors. Ensure contracts clearly stipulate responsibilities, oversight, and procedures for sub-contracting. Monitor the vendor’s security compliance status regularly.
Defense in DepthInlet: Implement robust filtering against phishing and web intrusion. Internal: Secure privileged ID management and maintain network segmentation. Outlet: Block suspicious communications and conduct log monitoring.
DetectionImplement systems (like EDR) for the early detection of ransomware infection. Establish mechanisms for log analysis and unauthorized access detection.
Incident ResponseCreate a clear response plan for incidents, prioritizing the customer. Securely and regularly back up critical data, storing backups offline (air-gapped). Periodically test rapid recovery procedures from backups.
GovernanceThe Board of Directors must recognize cyber risk as a key management issue. Ensure specialized departments and personnel are in place, and conduct regular security audits and reviews.
Information SharingParticipate in industry information networks (like FISC) and maintain frameworks for sharing threat intelligence with domestic and international authorities.


The era of ransomware requires both FIs and their entire ecosystem to move from simple defense to comprehensive, multi-layered risk management where vendors are held to the same high security standards as the institution itself.

[Summary] Ikeda Senshu HD’s Digital Bank for SMEs: A Strategic Move to Challenge Mega-banks?

FINOLAB COLUMN, RESEARCH

[Summary] Ikeda Senshu HD’s Digital Bank for SMEs: A Strategic Move to Challenge Mega-banks?

(Original article in Japanese by Makoto Shibata was published for FinTech Journal on Sep. 16, 2025)
https://www.sbbit.jp/article/fj/171238

In July 2025, 01Bank, the new digital bank launched by regional banking group, Ikeda Senshu HD, is capturing significant attention. Unlike traditional financing models reliant on collateral and balance sheets, 01Bank pioneers “business value-based lending” by leveraging transaction data from e-commerce and cloud services. It is not a coincidence that the mega-bank like SMBC is expanding their reach to SME customers with their new digital banking offering  “Trunk” service. These digital finance competitions to capture the SME market in Japan seem to heat up.

Ikeda Senshu HD’s 01Bank: New Challenge

Ikeda Senshu Holdings, long dedicated to SME support, recognized the limitations of conventional lending for evaluating the growth potential of micro-businesses and new ventures. To solve this, the firm, which announced the concept in September 2023, officially launched 01Bank as a wholly-owned subsidiary in July 2025.

The launch is driven by three core strategic objectives: (1) To establish a new revenue model for regional financial institutions. (2) To expand data-driven finance. (3) To cultivate new markets through platform collaborations.

The Core Model: Business Value-Based Lending

01Bank’s primary service is an online-only lending model designed to visualize creditworthiness using data that traditional financial reports cannot measure. Companies apply via the web, sharing data on sales performance and project completion rates (in addition to financial statements) to enable faster screening and loan execution.

This evaluation relies heavily on Platformers (PFers)—partner companies like the major crowdfunding platform Makuake—which provide data integration infrastructure. This “PFer data model” enables a multifaceted assessment of business viability, allowing funding for newly established or unprofitable companies based on their customer base and business model. The reliability of this data model is crucial to mitigating fraud seen in the past score model lending.

Infrastructure and Strategy

01Bank’s infrastructure utilizes “BaaS by GMO Aozora Net Bank,” ensuring a flexible and scalable system while keeping development costs low. This lean approach is reflected in its initial capitalization of 2 billion yen (4 billion yen including capital surplus), a small fraction of the 10 billion yen typically raised by the past  net banks.

Looking forward, 01Bank plans to expand services beyond lending into payments and account services, aiming to evolve from a regional bank model into a comprehensive digital platform dedicated to supporting startups and local entrepreneurs.

SMBC’s Trunk: The Mega-bank Strategy for Efficiency

Sumitomo Mitsui Banking Corporation (SMBC) launched “Trunk” in May 2025, targeting SMEs and new corporations. The initiative aims to replicate the success of its individual-focused service, “Olive,” while addressing the corporate need for greater account convenience and efficient fund management.

Trunk offers a major differentiator in speed, allowing applications via smartphone or PC with service starting as early as the next business day, matching or exceeding net bank speeds while retaining mega-bank reliability. Notably, the service restricts enrollment to non-existing SMBC corporate account holders, positioning it as a tool for new customer acquisition.

A Deep Dive into Trunk: Low Cost and Integration

Trunk’s core features include:

  1. Low Cost: Free transfers to SMBC accounts and a flat 145 yen (tax included) fee for other banks, significantly undercutting existing mega-bank services.
  2. Operational Efficiency: It automates payments for taxes, social insurance, and Japan Finance Corporation repayments. Future integration includes features like a bill payment function that uses smartphone photos to automate data entry and transfers.
  3. Ecosystem Integration: Trunk integrates financial and business support by offering simultaneous application for the Sumitomo Mitsui Card Business Owners card (requiring no corporate registration documents) and providing free limited-time access to key SaaS platforms (Google Workspace, Microsoft 365, freee accounting, etc.).

Trunk is designed to evolve into a comprehensive financial platform offering factoring and AI-powered financial advice. By the 2026 fiscal year, SMBC plans to introduce new cards with an AI credit engine and the “Finance Agent” concept, an AI that predicts funding needs and assists with subsidy applications.

The Evolving Landscape of SME Finance

The concurrent launches of 01Bank and Trunk underscore the escalating demand for digital services among Japan’s over 3 million SMEs. This growth is attracting major financial players, as seen by Mizuho Bank’s acquisition of a controlling stake in UPSIDER (July) and Mitsubishi UFJ Bank’s collaboration with LayerX (September) on operational efficiency tools.

The competitive landscape now includes net banks like GMO Aozora Net Bank (BaaS provider) and Sumishin SBI Net Bank (which launched Bill One Bank in 2024). Traditional players like Rakuten Bank and PayPay Bank are also actively expanding their corporate account base.

For regional banks, maintaining customer engagement requires enhancing digital capabilities. The specialized, lending-focused service of 01Bank, supported by BaaS, offers a clear roadmap for other regional financial institutions. Since competing with mega-banks on comprehensive strength is difficult, regional players must focus on developing distinctive, targeted services.