Administrative Action against REVOLUT TECHNOLOGIES JAPAN, Inc.

(1) In order to provide funds transfer services in a proper and steady manner, take necessary measures by the management team of the services regarding the following matters:

(i) establish a control environment to ensure proper governance (including establishment of proper internal control and audits);

(ii) establish a control environment to ensure legal compliance;

(iii) establish a control environment to ensure proper management of outsourced contractors; and

(iv) establish a control environment to ensure proper money laundering and terrorist financing risk management.

(2) Submit a business improvement plan regarding (1) above with clear description of specific measures and an implementation schedule by October 3, 2022, and put the plan into action immediately after submission.

(3) Report the progress and implementation status quarterly by the tenth day of the following month over the course of the schedule stipulated in (2) above until the implementation of the plan is completed (the first report must be submitted by the end of October 2022).

　　The Financial Services Agency (FSA) conducted an on-site inspection of the Company under Article 54, paragraph (1) of the Act and requested that the Company submit report on factual recognition and improvement measures for issues pointed out in inspection results. As a result, the FSA found the following serious problems with the Company's control environments for governance, management of outsourced contractors, and money laundering and terrorist financing risk management.

(1) Control environment for governance, etc.
The Company fails to fully establish proper governance to provide funds transfer services in a proper and steady manner, including the inadequacy of the control environments mentioned in (2) and (3) below as (a) due mainly to insufficient involvement of the management team, the Board of Directors fails to function fully, and (b) both the internal control and internal audits environment was not properly developed.

(2) Control environment for management of outsourced contractors
The Company outsources a large part of its main services, such as verification at the time of transaction, to Revolut Ltd, its parent company. However, the Company did not check how the outsourced services were actually operated; for example, the Company did not know that the outsourced services were further outsourced to subcontractors, even multiple times (e.g. to sub-subcontractors). In addition, the Company did not verify whether the contractors operate the outsourced services in a proper and steady manner, and thus it did not provide guidance to the outsourcees or take other necessary measures to ensure the proper and steady operation of the services as provided in Article 50 of the Act.

(3) Control environment for money laundering and terrorist financing risk management
The Company did not fully develop a control environment for money laundering and terrorist financing risk management according to its business size. As a result, it was found that the Company violated the Act on Prevention of Transfer of Criminal Proceeds (Act No. 22 of 2007), such as the failure to check the customer's purpose of transaction and occupation. In addition, it was revealed that the Company did not take sufficient measures concerning the required actions under the Guidelines for Anti-Money Laundering and Combating the Financing of Terrorism. For example, the Company did not properly have in place neither a system to conduct strict verification at the time of transaction nor rules for determining suspicious transactions.