Mizuho Financial : Presentation Material (PDF/503KB)

Presentation material

-Business improvement plan

January 17, 2022

Mizuho Financial Group

Mizuho Bank

Overview of the business improvement plan

2

Making a company-wide effort to implement business improvement plans and ensuring stable operation of systems and business to transition to the next generation of financial services

• Stable systems and business operations are the first priority, and all Mizuho employees, including executives, share the same purpose of structural reforms to continuously meet the expectations and needs of customers and society, and promote the reforms appropriately.
• Transforming Mizuho into an organization that continues to deliver value that is unique to Mizuho under the Mizuho Values, which aid us in addressing the various issues and situations presented by customers and society
• Positioning this initiative as the most important aspect of management, executives will change their own behavior and implement specific and continuous changes in business operations.

Enhancement of multilayered system failure response capabilities:

Preventing system failures and minimizing impacts on customers in the event a system failure occurs

Preventing system

failures

Minimizing impacts on

customers in the event

a system failure occurs

IT system	Response to customers /
Crisis management
 Enhancing frameworks suited to the	 Reviewing customer service based on
maintenance and operation phase
feedback from customers and frontline
 Deep inspection with wide scope for both
offices
of application and infrastructure platform

• Capturing total process to response failures, and enhancing capability and framework to response failures
• Keeping to enhance response during the normal times and in emergency by such as continuous drills with system and user

•	Customers
	perspective /
	feedback from
	frontline offices
•	External knowledge
	(expertise)
•	Establishing proper
	process (continuity)

	Enhanced business management response:	Reforming corporate culture:
	Strengthening governance functions, compliance framework, and IT system
	Continuous enhancement of our personnel and organization
	risk management structure
			 Enhancing governance functions to		Collaboration and unity among		 Management commitment
				ensure stable systems and business		organizations based on		 Specific initiatives
				operations supporting strategy		common values
	Balance between					•	Management policy to commit to
		•	Understanding actual frontline
						customers and society
	"strategy" and "execution			conditions through multifaceted		Work environment and
					•	Open communication
			information channels		atmosphere to promote open
	and internal control to		•	Sophistication of business strategy			•	Framework that encourages
			discussion and initiatives
	support strategy"			proposals and resource allocation					proactive action
			processes				•	Working group based on employee
		Continuing and solidifying
			•	Multilayered and specialized
						participation
				initiatives to reform our
				examinations by both of supervision
				and execution side		corporate culture		 Ongoing initiatives

Enhancement of multilayered system failure response capabilities

3

• Ensure that customers can trust Mizuho's services, preventing system failures with a significant impact on customers
• Building strong structure that will help minimize impacts on customers in the event of a failure, and continually implementing initiatives in the ever-changing environment

			Preventative measures based on reverification	☞ Details next page
		Reverification	1) Customers/frontline offices; 2) Utilizing external viewpoints and expert insights; and 3) Process to
		Perspective	sustain and firmly establish the measures
			IT systems	Response to customers / Crisis management
			 Enhancing frameworks suited to the maintenance
		Preventing	and operation phase	 Reviewing customer service based on feedback
		system failures	 Deep inspection with wide scope for both the	from customers and frontline offices
			application and infrastructure platform
		Minimizing impacts	 Capturing total process of failure response, and enhancing capability and framework to respond to
		on customers in event	failures
		 Continually enhance responses during normal times and in emergencies by frequent drills for IT
		of failure	systems staff and users, etc.

• To date, preventative measures have been implemented, including changing ATM specifications; checking systems that experienced failures, replacing equipment, and inspecting similar potential issues; and an enhanced checking framework for development projects.
• Additional measures are being carried out one by one, including inspections of important systems. All measures that include addressing human resources and frameworks will be implemented by the end of September 2022. We will subsequently implement initiatives to ensure the measures become well established and monitor their progress.

Enhancement of multilayered system failure response capabilities

4

Detail; Preventative measures based on reverification

* Updates to the measures to prevent further system failures announced on June 15 are in blue. For the status of each measure, please refer to the press release "Submission of Business Improvement Plan."

IT systems	Response to customers / Crisis management

• Enhancing frameworks suited to the maintenance and

	Preventing			operation phase	 Reviewing customer service based on feedback from
	system failures		 Deep inspection with wide scope for both the		customers and frontline offices
				application and infrastructure platform
			•	Reassess MINORI services that have not yet been put into use	•	Confirming feedback from customers and frontline offices,
			•	Checking system behavior leading to serious failures,		and computer system failures over the past three years, as
				well as assessing if there are system specifications that could
				assessing maintenance
	Application				lead to serious problems and addressing in a proper manner
		•	Checking and confirming system specifications and the		⁻ Changed ATM specifications to prevent bankbooks and
				occurrence status of events of risk concern (limit		cards from becoming stuck
				management, etc.)
				•	Multifaceted communication including gathering feedback
	Inspection		•	Inspecting/replacing equipment (firmware/disk device) from		from customers and frontline offices
	and			time of system failures, as well as inspecting similar		⁻ Establishing positions in charge of communication between
	maintenance			potential issues		frontline offices and Head Office and adopting a system for
	Infrastruc-		•	Reviewing controlling items such as maintenance terms		gathering comments from employees prior to launching
			new initiatives
	ture			and IT system-related bugs
		•	Special log check of important system/equipment and	•	Establishing a framework for multifaceted checks on the
	platform
			adequacy and effectiveness of customer service quality
			preventative maintenance (in cooperation with vendors)
			•	Checking if infrastructure platform, such as redundant
				configurations, works as required (redundant configuration,
				etc.)
					•	Confirmation of the impact on customers when implementing
	Development		•	Strengthening check and monitoring systems in the		a release, and development of response framework
	project /			development process		assuming maximum impact
	IT system modification		• Modification of system specifications based on inspection	• Enhancement of users' system ownership and exchange of
						personnel

Enhancement of multilayered system failure response capabilities

5

Detail; Preventative measures based on reverification

* Updates to the measures to prevent further system failures announced on June 15 are in blue. For the status of each measure, please refer to the press release "Submission of Business Improvement Plan."

			IT systems		Response to customers / Crisis management
Minimizing impacts on	 Capturing total process of failure response, and enhancing capability and framework to respond to failures
	customers in event of	 Continually enhance responses during normal times and in emergencies by frequent drills for IT systems staff
	failure		and users, etc.
		•	Improving monitoring system and establishing communication	•	Deliberate on response within one hour of a failure being
			system after detection		detected
	Initial response	•	Enhancing monitoring tools such as dashboards	•	Establish a system that clarifies experts for each business
					and enables immediate identification of business impact
		•	Reviewing and improving effectiveness of SCP	•	Refining BCP (adoption of tools to improve BCP processing
			⁻ Adding scenarios based on system configuration, etc.,		capabilities, etc.)
			and early identification of business impact	•	Hold walkthroughs and trainings with IT systems staff,
			⁻ Introducing tools to utilize SCP documentation, and		users and crisis management, risk, and compliance
				departments in order to confirm SCP and BCP
			establishing education and awareness of SCP
				implementation during normal times
		•	Practical drills using real hardware	•	Hands-on training focused on impacts on customers, and
	IT system recovery /	• Improving ability to analyze system failures, and enhancing		training to ensure the measures don't weaken over time
	Response to		early warning indicator management (expanding	•	Quicker external notification (settlement channel) and
	customers		scope/content)
			diversified communication methods at ATMs
		•	Strengthening of recovery response systems and recovery	•	Expanded collaboration with frontline offices (expanded
			management (infrastructure/system development and
				communication tools)
			collaboration with external vendors)
		•	Enhancing IT system risk management and quality control	•	Strengthening risk control functions by Crisis Management
			Office during normal times and in times of emergency
			framework through external knowledge
					* SCP: System Contingency Plan, BCP: Business Contingency Plan