Emerging risks | Growth Opportunities | APAC Insurance

Monday, July 13, 2026

Insight by…

Insight by type

Japan’s FSA orders major insurers to improve practices following seconded employee data breaches: Report

Order issued after two million customer records were inappropriately shared with primary employers.
Japans fsa orders major insurers to improve practices following seconded employee data breaches report  rein asia
March 25, 2025

 • 

2 min read
The Inaugural Recognising excellence in Asia's insurance industry Find out more Entries close
28 August

(Re)in Summary

• Japan’s Financial Services Agency (FSA) has issued business improvement orders to four major non-life insurers—Tokio Marine, Sompo Japan, Mitsui Sumitomo, and Aioi Nissay Dowa—following findings of improper data practices.
• The orders relate to the unauthorised sharing of customer information and pricing data through seconded employees, who had access to sensitive details while working at insurance agents.
• This enforcement action echoes a broader regulatory effort to rebuild trust in the industry and address longstanding governance and compliance issues within Japan’s insurance sector.

Japan’s Financial Services Agency (FSA) has ordered four of the country’s largest non-life insurers, Tokio Marine & Nichido Fire Insurance, Sompo Japan Insurance, Mitsui Sumitomo Insurance, and Aioi Nissay Dowa Insurance, to submit revised business improvement plans following revelations that seconded employees improperly accessed customer data from rival firms, according to a Jiji Press report.

The FSA found that seconded staff, dispatched to insurance agents, had shared sensitive policyholder information and competitor sales data—conduct that violates Japan’s personal information protection and unfair competition prevention laws.

The four insurers must submit revised plans by 30 May and overhaul governance measures introduced last year after a separate price-fixing scandal. It is reportedly rare for the FSA to demand revisions to previously submitted plans.

The orders follow months of regulatory scrutiny. In July 2024, the FSA instructed the same four insurers to investigate and report on breaches linked to seconded employees. By August, it was reported that more than two million customer records had been compromised. The leaked data included names, policy numbers, insurance types, maturity dates, and premium amounts.

The latest action comes amid broader efforts by the General Insurance Association of Japan (GIAJ) to restore confidence in the sector. Last week, the GIAJ unveiled a set of trust-building measures, including governance reviews, training programmes, and the creation of a third-party advisory panel.

The Inaugural Recognising excellence in Asia's insurance industry Find out more Entries close
28 August