risk
categories |
risk
scenarios |
risk-reduction
measures |
contingency plans |
|
1. |
Malfunction or stoppage of systems developed in-house
(including systems developed by systems development subsidiaries). |
|
1. |
Are all systems covered? |
2. |
Have tests been conducted to validate the compliance? |
3. |
Have tests been done for the century date change period
and leap day? |
4. |
Have tests been done for mission-critical or special
business dates (dates specified by the Federation of Bankers Associations of Japan,
FFIEC(Federal Financial Institutions Examination Council) of the United States, etc.)? |
5. |
It is preferable to validate the compliance using
equipment normally in use. |
|
1. |
Have preparations been made for high-risk dates? |
|
(1) |
Communications within company |
(2) |
Communications with vendors |
|
2. |
Has procedure been established for monitoring
malfunction and data error? |
3. |
Have contingency plans been developed for each core
business? |
4. |
Have existing manuals for system shutdown been
developed? |
5. |
Have rehearsals of contingency plan been conducted? |
6. |
Have trigger events for execution been included in
contingency plan? |
7. |
Have manuals been developed for each section? |
8. |
Have arrangements been made for reserved resources
(particularly personnel with necessary skills)? |
9. |
Has procedure been established against malfunctions? |
|
2. |
Malfunction or stoppage of systems supplied by external
vendors (including OS and other basic software). |
|
1. |
Have operations of OS and other software been adequately confirmed? |
2. |
Have business systems supplied by external vendors been subjected to
same or more rigorous testing than in-house systems? |
3. |
If in-house testing is not feasible: |
|
(1) |
Have tests by vendors conducted in the presence of the
institution? |
(2) |
Have procedure and results of tests been confirmed. |
(3) |
Has company received the warranty? |
(4) |
Has the warranty checked at legal department? |
|
|
3. |
Malfunction or stoppage of systems under user section. |
|
1. |
Are systems under user section subject to compliance? |
2. |
Are End User Computing systems subject to compliance? |
3. |
Have appropriate instructions been given for
operational confirmation? |
4. |
Have systems under user section been subjected to the
same level of operational confirmation with internal systems? |
5. |
Is progress in compliance being monitored? |
|
4. |
Malfunction caused by external error data. |
|
1. |
Is the financial institution participating in external
tests within industry? |
2. |
Have external tests been done for specific
data-exchange parties? |
3. |
Have results of external tests with data-exchange
parties been monitored? |
4. |
If external tests with data-exchange parties have not
been done, has the financial institution confirmed the reasons and monitored their Y2K
compliance? |
|
1. |
Has procedure been established for monitoring
malfunction and data error? Have arrangements been made with untested data-exchange
parties concerning procedure for checking the first data exchanged after the century date
change? |
2. |
Have plans been prepared for legal risks pertaining to
above contingency? |
|
5. |
Malfunction or stoppage of systems of group companies
(including affiliated companies and overseas offices). |
|
1. |
Are group-company systems subject to compliance? |
2. |
Have instructions been given for the same level of
operational confirmation with internal systems? |
3. |
Is progress in compliance being monitored? |
|
1. |
Have contingency plans been developed and rehearsals
conducted on the same level with internal systems? |
2. |
Have contingency plans been developed for reputational
risks of group companies (especially overseas offices)? |
|
6. |
Malfunction of facilities (building management systems, entry-exit
security systems, etc.). |
|
1. |
Have proper operations of facilities been adequately
validated? |
2. |
If in-house testing is not feasible: |
|
(1) |
Have tests by vendors conducted in the presence of the
institution? |
(2) |
Have procedure and results of tests been confirmed. |
(3) |
Has company received the warranty? |
(4) |
Has the warranty checked at legal department? |
|
|
1. |
Have procedures for switching from automatic to manual
operations been confirmed? Have rehearsals been conducted? |
2. |
Have communications means with vendors been
established? |
3. |
Has initial operational confirmation system been
established after the century date change? |
|
|
1. |
Media coverage of Y2K compliance will increase. |
|
1. |
Has information on Y2K compliance been properly disclosed to the media
in press conferences, etc.? |
2. |
Has information been properly disclosed in annual reports and other
published media? |
3. |
Have public relations personnel been properly trained for responding
accurately to media questions? |
4. |
Are Web sites regularly updated? |
|
1. |
Has a list of likely media questions been made and have rehearsal
according to the list conducted? |
2. |
Can Technical-question be answered properly? |
|
2. |
Questions from customers regarding Y2K compliance will
increase. |
|
1. |
Has appropriate information on Y2K compliance been
included in pamphlets and other materials for customers? |
2. |
Have branch personnel been trained to respond properly
to customer questions? |
|
1. |
Has a list of likely customer questions been made and
have rehearsal according to the list conducted? |
|
3. |
Operations will increase at the end of 1999. |
|
(1) |
Issuance of certificates of current balance. |
(2) |
Entry to pass books. |
(3) |
Withdrawal of deposits. |
|
|
1. |
Has information been disclosed properly to keep
customer confidence? For example, announcement that data on year-end deposit balances will
be secured by bank. |
2. |
Have maximum capacities for clerical processing been
analyzed in case of concentrated work load. |
|
1. |
Have countermeasures been prepared for concentrated
work load? |
2. |
Have rehearsals been conducted? |
3. |
Have preparations been made to meet increasing demand
for office supplies and extra personnel available in branches and offices? |
4. |
Have preparations been made for coping with liquidity
risks? |
|
4. |
The financial institution may face a shortage of office
supplies because of suppliers' failure to achieve Y2K compliance. |
|
1. |
Has the compliance status of suppliers been confirmed
through questionnaires and other means? |
2. |
Have questionnaires been collected and analyzed? |
|
1. |
Will orders be placed for extra stock of supplies? |
2. |
If extra orders are not placed, has alternative
procurement been arranged? |
3. |
Have measures been prepared to cope with ill-prepared
suppliers? |
|
5. |
Inquiries seeking to confirm normal operations will
increase after the century date change period. |
|
1. |
Have appropriate measures been taken to confirm that
systems and facilities will operate normally at the start of business in January 2000? |
2. |
Has a list been drawn up concerning the systems and
facilities which cannot be confirmed during 1999? |
3. |
Has information been disclosed properly to keep
customer confidence? |
|
1. |
Has procedures been established for confirming normal
operations after the century date change? |
2. |
Have procedures been prepared for disclosure of
information on operations after the start of the year? For example, preparation of
"all clear" or "emergency" announcements. |
|
6. |
Affiliated companies to which operational tasks are consigned fail to
achieve Y2K compliance, leading to work backlog. |
|
1. |
Have appropriate instructions been given not only for
system risks but for other management risks? |
2. |
Have affiliates been instructed to develop contingency
plans comparable to internal contingency plans? |
3. |
Have affiliates been instructed to submit regular
reports on progress in compliance? |
4. |
Are inspections being conducted on Y2K compliance? |
|
1. |
Have affiliates prepared contingency plans comparable
to internal contingency plans? |
2. |
Have contingency plans of affiliates been coordinated
with internal ones? For example, have triggering standards been established for cases of
work backlog at affiliates? |
3. |
Have joint rehearsals been conducted? |
|
|
1. |
False rumors spread about Y2K compliance of the financial institution? |
|
(1) |
Delay in progress. |
(2) |
Not taking problem seriously. |
|
|
1. |
Is the financial institution participating (planning to
participate) in external tests within industry? (Participation in all tests is desirable.) |
2. |
Active disclosure concerning compliance status is
desirable. |
3. |
Have appropriate responses been made in questionnaires
by rating agencies and others? For example, does person responsible for responding
correspond in standing to sender of questionnaire? |
4. |
Have personnel at counters been trained properly to
respond properly to questions? Also, personnel at affiliates and overseas offices? |
5. |
Will branch manager meetings and other scheduled
functions be canceled on high-risk dates? |
6. |
Has information been properly disclosed to the
government, Bank of Japan, and industry associations? |
|
1. |
Have rebuttal materials been prepared? |
|
(1) |
Decision of person in charge. |
(2) |
Disclosure of testing policies and results. |
(3) |
Results of external tests. |
(4) |
Evidence of Y2K compliance. |
|
- |
Y2K compliance plan. |
- |
Test-results of Y2K operational confirmation. |
- |
Record of directions from top management concerning
Y2K. |
|
(5) |
Preparation for legal action (legal risks
countermeasures). |
English version of above
materials should be prepared if necessary. |
|
2. |
Has reporting system been established against Y2K trouble? |
|
(1) |
Decision of person in charge. |
(2) |
System and rules for generating flash reports on
trouble. |
(3) |
System for reporting on causes of trouble. |
(4) |
Post-trouble recovery. |
(5) |
Trigger events switching to contingency plans. |
(6) |
Reporting to the supervisory authorities. |
English version of above
materials should be prepared if necessary. |
|
3. |
Have policies and measures been prepared to cope with
spread of false information during 1999? |
4. |
Have measures been prepared to cope with liquidity
risks', market risks, operation risks resulting from impact of rumors on rating agency
evaluations, share prices and customer behavior? |
|
2. |
False rumors spread concerning Y2K compliance of
affiliates. |
|
3. |
False rumors spread concerning Y2K compliance of
overseas offices. |
|
4. |
Doubts cast on compliance of the whole industry or
specific financial business category. |
|
|
1. |
Borrowers has trouble making repayments due to Y2K
problems. |
|
1. |
Have selection standards been established for borrowers
to be confirmed for compliance? |
2. |
Have questionnaires and interviews been conducted for
borrowers on Y2K compliance? |
3. |
Have contents been verified by systems department? |
4. |
Has contents been checked by legal department? |
5. |
Have personal conducting questionnaire received proper
training to evaluate borrower conditions? |
6. |
Has ranking system been established for Y2K compliance
of borrowers? |
7. |
Have results been analyzed and have measures been established based on
results? |
|
(1) |
Has regular follow-up system been created? |
(2) |
Have seminars been planned for borrowers? |
|
|
1. |
Have measures and trigger events for execution been
established based on Y2K compliance rankings? |
2. |
Have responses been established for cases of failure to
comply which become known before 2000 through disclosure by borrower? |
|
2. |
Borrowers fail to achieve Y2K compliance, leading in
worst case to failure to recover principal. |
|
|
1. |
Suffer damages caused by Y2K problems of business
partners. |
|
1. |
Have business operations and systems been identified
which are prone to losses resulting from failure of business partners to achieve Y2K
compliance? |
2. |
Have contracts been reviewed from the perspective of
Y2K compliance? |
3. |
Has compliance status of business partners been checked
and ranked according to progress? |
|
1. |
Have preparations been made for legal measures
corresponding to ranking of Y2K compliance status, and have trigger events for execution
been established? |
|
2. |
Suffer damages caused by Y2K problems of systems
supplied by external vendors. |
|
1. |
Have contracts with vendors been reviewed from the
perspective of Y2K compliance? |
2. |
Have warrantees been received from vendors, and have
those contents been checked for legal content? |
3. |
Have tests to validate the compliance been conducted
within in-house as far as possible? |
4. |
If in-house testing is not possible, have test
procedure and results been received from vendors? |
|
1. |
For systems whose operations cannot be confirmed, has
procedure been established for operational confirmation at the beginning of 2000, and have
alternatives been prepared in case of failure? |
|
3. |
Suffer damages caused by Y2K problems pertaining to
malfunction of facilities. |
|
4. |
Cause damages to business partners and customers
resulting from failure to achieve Y2K compliance. |
|
1. |
Have the financial institution classified business
partners and customers which may suffer losses if the financial institution fails to
achieve Y2K compliance? |
2. |
Have appropriate actions been taken to ensure
compliance of systems supplied by the financial institutions? |
3. |
Have public statements and announcements been checked from legal
aspects? |
|
(1) |
Contents of Web site and other published media. |
(2) |
Responses to external questionnaires. |
|
|
1. |
Have materials been prepared supporting due diligence?
(1) |
Decision of person in charge. |
(2) |
Disclosure of testing policies and results. |
(3) |
Results of external tests. |
(4) |
Evidence of Y2K compliance. |
|
- |
Y2K compliance plan. |
- |
Test-results of Y2K operational confirmation. |
- |
Record of directions from top management concerning
Y2K. |
|
English version of above
materials should be prepared if necessary. |
|
2. |
Have materials been prepared supporting appropriate
implementation of operational confirmation as vendor? Have emergency preparations been
made for after the start of the year 2000? |
|
5. |
Top management will be exposed to legal claims. |
|
1. |
Has top management given appropriate directions for Y2K
systems risks as well as other Y2K risks? |
2. |
Has top management received reports on responses to
risks other than systems risks? |
3. |
Has top management given appropriate directions to all
parties, including affiliates and overseas entities, and has a system been created for
prompt reporting? |
4. |
Have the checklists and guidelines issued by the
authorities been properly understood? Have comprehensive measures been planned and
implemented? |
5. |
Have timetables for various measures been adhered to? |
6. |
It is preferable to undergo third-party (internal and
external) verification of Y2K compliance. |
|
|
1. |
Withdrawal (or cancellation) of deposits may reduce
liquidity on hand. |
|
1. |
Has information been disclosed properly to keep
customer confidence? |
2. |
Have measures been taken to reduce operational risks? |
|
1. |
Have preparations been made for procurement of funds
for year-end and year-start? |
2. |
Is contact maintained with Bank of Japan and industry
associations regarding procurement of liquidity? |
|
2. |
Institutional investors, as sources of funds, may avoid
investing as 2000 nears. |
|
|
1. |
Concern regarding Y2K compliance expressed by rating
agencies |
|
1. |
Has information been actively and appropriately
disclosed to rating agencies and others? |
2. |
Have questionnaires from rating agencies been
appropriately responded to? |
3. |
Have questionnaires and interviews been conducted on
Y2K compliance of issuers of the securities portfolio? |
|
1. |
Have measures been prepared in case of unreasonable
assessment by rating agencies? |
2. |
Have measures been prepared against market fluctuations
ofthe securities portfolio? |
3. |
Have measures been prepared against valuation losses at
the end of the fiscal year? |
|
2. |
Effect on fund availability from the market. |
|
3. |
Effect on own stock prices. |
|
4. |
Effect on stock prices of the securities portfolio. |
|
|
1. |
Delays in revised systems may lead to failure in Y2K
compliance. |
|
1. |
Are revised systems subject to more rigorous schedule
for compliance management? |
|
1. |
Has compliance schedule specified cut-off date for
deciding whether or not to suspend development of revised system? |
2. |
Have alternative plans been developed in case delays
are expected in revised system, such as modification of existing system? |
3. |
Have trigger events for execution been established for
suspending development and switching to alternative plan? |
|
2. |
External vendor systems validated Y2K compliant are
reported to have failed compliance. |
|
1. |
Have risk-reduction measures been taken for
vendor-supplied systems? |
2. |
Has system been established for confirmation of vendors
regularly? |
3. |
It is preferable that operational confirmation of
vendor-supplied systems be conducted internally as far as possible. |
|
1. |
Have alternatives been prepared for systems whose
operations are to be confirmed at the beginning of 2000, or for which problems are
expected? |
2. |
Have alternative plans been prepared in case reports
are received of compliance failure? |
|
3. |
Testing does not proceed smoothly, leading to
expectations that Y2K compliance will fail. |
|
1. |
Has sufficient testing period been allocated in case
testing does not go smoothly? |
2. |
Have arrangements been made for sufficient reserved
resources (particularly personnel)? |
|
1. |
Have arrangements been made for procurement of
personnel (skilled personnel) in case of personnel shortage? |
2. |
To allow for personnel shift, have priorities been
established for interruption of system development projects? |
|
|
1. |
Malfunction occurs in financial infrastructure. |
|
1. |
Have measures been taken to reduce systems risks by
participating in external tests within the industry and outside the industry? |
|
1. |
Have contingency plans been developed for systems
risks? |
|
2. |
Malfunction occurs in other social infrastructure
(communications, electric power, etc.) |
|
1. |
Is information on compliance conditions affecting the
social infrastructure being collected regularly? |
|
1. |
Have contingency plans been developed for problems
arising from the social infrastructure? |
|
|
1. |
Other possible risks affecting the financial
institution. |
|
1. |
Have measures been taken to reduce other possible
risks? |
|
1. |
Have contingency plans been developed for other
possible risks? |
|