Every one of our employees, as part of the organization and based on our business philosophy, is expected to guide their own actions and fulfill their duty as a member of society. We also strive to foster an awareness of compliance that compels employees to not only comply with legislation and contracts, but also act with high ethical standards that are aligned with social ethics.Specifically, the Simplex Group implements a variety of compliance training programs, including insider trading prevention training, and has also established an internal whistleblower hotline that connects them with an outside third-party lawyer.
Integrity is the foundation of corporate activities. In addition to establishing and strictly adhering to a Basic Policy on Anti-Corruption to prevent bribery of public officials and other corrupt practices, we comply with all laws and regulations related to fair competition and transactions, including the Antimonopoly Act and Subcontractor Act (Act against Delay in Payment of Subcontract Proceeds, Etc. to Subcontractors). To maintain fairness in our business activities, we familiarize all relevant persons on corporate ethics to ensure appropriate behavior.
Click below button for more information on the Simplex Group Basic Policy on Anti-Corruption.
Systemic Risk Management
Given the fact that financial institutions are our major clients, we believe that having measures against systemic risks is extremely important. Not only have we built a solid infrastructure that includes robust servers, we also follow guidelines of the Financial Services Agency in order to manage and prepare for financial systemic risks.
Since our inception, we have consistently engaged in business with an advanced awareness of information security and accumulated extensive expertise and experience in this area. For our internal systems, we have adopted Microsoft 365 E5 security to provide comprehensive protection against the leakage of confidential information. Some solutions are validated under an Information Security Management System (ISMS) ＊1, and we also regularly improve the awareness on and knowledge of security through measures such as monthly trainings for all employees as well as annual exams.We have also received SOC1 Type 2 and SOC2 (Security) Type 2 reports ＊2 on internal controls, and the integrity of our system has been confirmed by experts as an objective third-party assessment.
For more information, please visit our “Basic Policy on Information Security”.
An (ISMS) (ISO 27001) information security management system is a system in which an organization is assessed and certified by a third party on the confidentiality, integrity, and availability of its information security, and on the organization’s ability to implement a management system that routinely applies the PDCA cycle.
SOC (System and Organization Controls) is a framework defined by the American Institute of Certified Public Accountants (AICPA) for evaluating and reporting on a service organization’s internal control over engaged activities (services provided to customers, etc.). The report is a statement of assurance based on an objective third-party assessment.