Taishin FHC Corporate Social Responsibility Report 2019

40 Sustainable Governance Business Continuity Plan 1-6 Business Continuity and Technology Risk Management Management System Impact Assessment Responses and Recovery Plans Assessment Plan Rehearsals Business Impact Analysis, BIA Minimize Resource Requirement, MRR Call Tree Business Continuity Plan, BCP IT Disaster Recov- ery Plan, IT DRP Contingency Funding Plan Regular rehearsals, tests, reviews and improvements BCM Governance Disaster Type Natural disasters Such as fires, earthquakes, typhoons Man-made incidents Such as political incidents, strikes, wars Others Mass infectious diseases Disaster Information System Such as cyber security attacks, digital viruses, data corrup- tion, systemcrashes, computer room inoperability Impact Analysis Taishin has implemented business continuity measures as part of its banking service to ensure proper response to situations such as natural disaster, liquidity, IT system fault or man-made incidents, and thereby maintain key operations and ensure fast recovery. By minimizing impact and service down - time, we strive to protect customers' and shareholders' interests and strength - en our competitiveness. Our Business Continuity Plan (BCP) is a pre-planned response and recovery process in response to a disaster to ensure that a company can continue to reliably provide key services to important customers at an acceptable minimum operating level. This plann - ning also provides for operational impact analysis, minimum resource requirements, and test drills. By their very nature, natural disasters are unpredictable, and in recent years the deteriorating greenhouse effects have heightened the probability of natural disasters. Not only will such disasters damage our operating premises, buildings, equipment and the like, but loan collateral and investment objects may also be affected, which may lead to defaulting on repayments or loss of collateral. Events due to human factors such as politics and strikes may lead to traffic blocks that make it impossible for our employees to commute between home and work and for our business to run normally. Under such circumstances, our business premises may be unable to provide regular services and operations. Intensifying conflicts, if they cannot be resolved in the short term, may cause business losses or other impacts for our business premises. Cyber attacks may lead to the suspension or remote operation of our systems, damage to the database, network interruption, tampering with or theft of customer data, exposure of customers and employees’ private information, violation of service contracts with partner stores, etc., and result in significant losses to our bank. When a major infectious epidemic occurs, it may affect the health of our employees, cause a lack of human resources, or even render it impossible for certain locations to continue operations or provide customer services. In addition, improper epidemic prevention measures may lead to increased operating costs or even disruption of operations and services.