en

Fintech Market Overview

This article does not constitute legal advice.

Data protection in Japan

Main Page

Compliance with data protection and security is essential for fintech businesses. The Act on the Protection of Personal Information (APPI) enforces certain duties to private companies handling personal information, such as: implementing necessary measures to protect it; using the data only for what was declared to those affected; refraining from disclosing private details to a third party, save for exceptions; and keeping control over employees and contractors.1

The initial version of the APPI was amended in May 2017 to remove any confusion regarding what constitutes personal information and encourage responsible treatment of anonymised data. The financial sector also adheres to the 'Guidelines for Personal Information Protection in the Financial Field'. A second major revision of the APPI was finalized three years after its first amendment, with implementation scheduled for April 2022. This iteration expands data subjects' rights, requires mandatory reports of security breaches, widens extraterritorial enforcement opportunities and makes stricter constraints on international data transfers, all while simplifying the use of pseudonymised data.1

In regard to security, FSA supervisory guidelines governing financial institutions emphasize the importance of matters such as being aware of system risks and enhancing cybersecurity, and operators are required to follow the appropriate PDCA cycle of 'Plan, Do, Check and Act'.1

Cross-border payments in Japan

Fintech in Japan

Fintech in other countries

Notes
  1. https://thelawreviews.co.uk/title/the-financial-technology-law-review/japan
Offer for Fintech Startups

Fast Start for $399

Our No-Code solution allows you to launch your crowdfunding platform for $399 per month, with the first two weeks free to try the platform.