The following is a supplement to the MS & AD Insurance Group's sustainability approach.

Subject period:

FY2019 (April 1, 2019 - March 31, 2020)

Corporate Governance

Supplement to the performance-based remuneration for directors

See "Corporate Governance" for an overview of the system.

1.Share of the CEO's short-term incentive

  • Performance-linked remuneration shall be linked with the business performance of the company and determined based on financial(*1) and non-financial(*2) indicators.The standard ratio between financial and non-financial indicators used in the calculation of performance-linked remuneration shall be50:50.
  • The stock-based remuneration components of performance-linked remuneration shall be calculated as follows, based on standard amounts for each position

     Standard amount per position × business performance coefficient

     (financial indicators × 20% + non-financial indicators × 80%)

  • The standard ratios of the components of compensation for the President and Director are as follows:

    <Breakdown of 25% of Stock-based remuneration>

    The ratio of financial indicators (indicators reflecting single fiscal year performance) is

    25% × 20% = 5%.

    The ratio of non-financial indicators (indicators to reflect medium- to long-term performance

    contributions) is 25% × 80% = 20%.

(*1)Financial indicators are indicators that are used to reflect business performance in a single fiscal year in officer remuneration.

(*2)Non-financial indicators are indicators that are used to reflect initiatives contributing to medium- to long-term business performance in officer remuneration.

2.Performance Period for Variable CEO Compensation

  • Performance-linked remuneration shall be linked with the business performance of the company and determined based on financial and non-financial indicators.
  • Financial and non-financial indicators have been selected after taking into consideration the Group’s Medium-Term Management Plan, “Vision 2021” which began in fiscal 2018 and will end in fiscal 2021 for a period of 4 years.

 

3.Claw back Clause

  • We have a claw back clause in place. (click here)

Management Ownership

Ratio of the amount converted into the fair value of shares to the amount of consolidated fixed remuneration of a person whose total amount of consolidated remuneration in fiscal 2020 is 100 million yen or more.

Name(s) Position Fixed remuneration
(million yen)
Shares of the Company owned(*) Multiple of
base salary
Number of shares of
the Company owned
Fair value(*)
(million yen)
Yasuyoshi Karasawa Director 67 35,940 117 1.97
Yasuzo Kanasugi Director 64 43,504 141
Noriyuki Hara Director,
President&CEO
67 33,740 110 1.64

(*) March 31,2021 end-of-day basis

Risk Management

Impact of Significant Risks and Mitigation Measures

Massive Cyberattack

One of the important risks for the Group is the system risk in which information system shut-downs, malfunctions, unauthorized use, or information leakage occur due to unauthorized access or information system defects caused by cyberattacks. While cyberattacks themselves are risks that can occur at present, we recognize that they are also risks that require more sophisticated responses in the medium to long term due to technological development. The Group routinely strives to develop a control environment for managing information technology risk, but in the event of a cyber attack, there is the possibility of a large-scale information system shutdown, malfunction or unauthorized use, or information leakage. In recent years, there has been an increase in the number of cases in which government involvement is suspected, and we recognize that the risk is increasing rapidly. The Group also underwrites insurance to compensate for cyber risk, and in the event of a cyber- attack, the Group makes claims payments. Therefore, we recognize that this risk is equally important for MS&AD as (1) a listed company and (2) an insurer.

Impact

The impact of this risk on our Group can be summarized in accordance with the above two aspects.

(1)As a listed company:

  • Should this risk materialize, it will not only have the economic impact of an enormous cost input, such as investigation of the cause and impact by a specialized company, customer response, and provision of additional security measures, but it will also have a major impact of a decline in reputation/trust. In addition, the restoration of reputation is expected to take a long time over the medium to long term, and the Group's business performance is expected to be negatively affected by a decline in insurance premiums.

(2) As an insurer:

  • In order to respond to the progress of IT utilization and diffusion in enterprises, the Group sells insurance to compensate for cyber risk as one of its main products. However, in the event of frequent cyber attacks, there is a possibility that many insurance claims will be paid, which could have a large economic impact on the Group. The Group conducts stress tests on the assumption that a large amount of insurance claims will be paid in the event of a cyberattack, in order to confirm the amount of insurance claims paid and the amount of impact on the capital buffer(*1) in the event of stress.

(*1) Market value net assets minus the integrated risk amount.

Mitigation

measure

(1)As a listed company:

  • In order to respond to cyberattacks, multiple layers of defense are implemented, including "entry measures" to prevent unauthorized intrusion, "exit measures" to prevent information leakage, and "internal measures" such as detecting unauthorized viruses and behavior within the Group. Information on cyberattacks (mass suspicious emails, DDoS attacks, unauthorized access, etc.) on Group companies and other companies is grasped in a timely manner, and the impact on Group companies and the status of responses are confirmed. Technical measures are implemented, such as the introduction of various latest services and products for countermeasures as needed. Personnel and organizational measures are also being implemented, including employee education and training, and drills to prepare for possible attacks. In addition, an organization specializing in security (MS&AD-CSIRT(*2)) has been established to collect information on vulnerabilities in information systems and to coordinate information among Group companies.

(2)As an insurer:

  • The Group aims to provide one-stop support for the establishment of a system to prevent cyber risks in multifaceted ways and evaluation of the risks held by companies from the viewpoints of preventing damage, minimizing damage, and quickly recovering from damage, etc., while informing customers on cyber risks. The Group provides menus corresponding to the phases of "development of a management system" such as training on cyber security and establishment of the CSIRT system, "defense and detection" such as system diagnosis and log monitoring, and "response and recovery" in cooperation with cybersecurity specialized companies.

(*2) Computer Security Incident Response Team: a team specialized in information security in our Group

Contribute to Climate Change Mitigation and Adaptation

TCFD Scenario Analysis

Scenario Analysis will be updated in September 2021 in our TCFD disclosure (link below).

■Scenario Analysis excerpt

  Business area Contents Result Examples Scenario used
Physical Risk Insurance Underwriting Fluctuation in  loss paid by typhoon and storm surge in Japan

Typhoon  2050
Effects of changi                            +5 to +50%
Effects of changing frequency

of occurrence                               -30 to +28%

RCP4.5
RCP8.5
Transition Risk Investment Impact on investee companies by carbon costs EBIT at Risk   
Equity    2030
Low Carbon Price Scenario
             4.66%
Medium Carbon Price Scenario:
       9.23%
High Carbon Price Scenario
            20.29%
Developed by Trucost referring to Nationally determined contributions (NDCs), OECD and IEA.