The General Insurance Association of Japan (GIAJ) has reaffirmed that the management policy of the GIAJ and its member companies is to place the highest priority on thorough compliance with laws and regulations, customer-oriented business operations, and a fundamental review of old industry practices, said Mr Hiroaki Shirota, chairman of the association.
Mr Shirota, who was appointed GIAJ chairman on 28 June, made these remarks in a statement on 19 September which gave an update on developments in the non-life insurance industry in Japan.
He said, “In addition to reinforcing preventive measures at respective member companies, we will ensure ‘compliance with laws and regulations’ and ‘customer-oriented business operations’ throughout the industry, as well as a fundamental review of old industry practices.”
Mr Shirota said that in the three months since he took office as GIAJ chairman, he had been working with member companies with a strong sense of urgency to address a number of industry-wide issues to restore trust.
One issue is information leakage at insurance companies. The GIAJ has requested its member companies to thoroughly review instances of information leakage and to implement stringent measures to prevent any recurrence,
“We must take a serious look at the information leakage cases that have been identified during this process, and make necessary corrections,” he said.
He added that the member companies that received orders from the Financial Services Agency (FSA) regarding the information leaks reported back to the authority at the end of August, covering the facts of the cases, the policy for dealing with customers, the root causes, and prevention measures.
He said that the root causes of this incident should include: lack of awareness and insufficient education on relevant laws and regulations such as the Act on the Protection of Personal Information; a blunted sense of risk that resides within the industry custom of contacting and information sharing with other companies; ineffective risk management systems given the actual business practices and inherent risks; and sales activities focusing too much on sales results.
In May 2024, four major non-life insurers disclosed that an estimated 2m to 3m customer records had been leaked in a data breach. Kyodo News Agency reported that information leaked from the insurers included customer names, insurance policy numbers, insurance types, maturity dates and premium amounts.
It was learnt that insurance agencies sent emails containing contract information of particular insurers, and employees of their competitors ended up being included as recipients. The insurers did not see the leak as problematic and failed to stop the practice. The four insurers are Tokio Marine & Nichido Fire Insurance, Sompo Japan Insurance, Mitsui Sumitomo Insurance, and Aioi Nissay Dowa Insurance.
In December 2023, Japan's financial watchdog ordered the insurers to improve their business operations after finding they colluded over insurance premiums for corporate customers and government agencies.
Then, in January 2024, Sompo Japan was censured by the FSA for maintaining a business relationship with used car chain Bigmotor Co despite the revelations of the dealer’s involvement in insurance fraud.