The Japan Financial Services Agency has published its response to public comments and finalised partial revisions to its Comprehensive Supervisory Guidelines, updating supervisory expectations to strengthen firms’ responses to cyber risks. The revised guidelines apply from 27 February 2026. The public consultation on the draft revisions ran from 8 December 2025 to 13 January 2026 and generated 42 comments. The FSA released a summary of feedback and its views, and noted that comments not directly related to the revisions will be used as reference for future financial administration. The changes span guidance for major banks, small and medium-sized financial institutions, affiliated financial institutions and the fishermen’s cooperative system credit business, alongside related administrative guidance including provisions on relationships with electronic payment instruments.
Japan Financial Services Agency 2026-02-27
Japan Financial Services Agency applies revised supervisory guidelines to strengthen cyber risk response
The Japan Financial Services Agency finalized revisions to its Comprehensive Supervisory Guidelines to enhance firms' cyber risk responses, effective 27 February 2026. The revisions, following a public consultation, cover major banks, small and medium-sized financial institutions, affiliated institutions, and the fishermen’s cooperative system credit business, including guidance on electronic payment instruments. Feedback not directly related to the revisions will inform future financial administration.