The Japanese government has embarked on a string of legislative amendments and other measures aimed at enabling fintech to contribute to the development of Japan’s economic and financial environment, with the expectation that promoting innovation will lead to improved convenience for users and strong growth for companies.

Fintech companies, including start-ups, are also actively engaged in initiatives such as making policy recommendations and setting up self-regulation by forming industry associations and pursuing dialogue with existing financial institutions and the government. In fact, recent legislation in response to fintech (such as amendments to the Banking Act) shows government policy aims to promote the development of fintech, with minimal regulations for consumer protection, while the allocation of responsibilities between start-ups and financial institutions is left as a matter to be governed by private contracts or industry standards.

On the other hand, early 2018 revealed the fragility of virtual currency businesses where operators’ management systems have not adequately caught up with rapid business growth, so the government has been forced to resort to stronger regulations. Specific examples include the Financial Services Agency’s (FSA) re-inspection of the operations of virtual currency exchange operators, and progression towards revising the regulatory framework to meet the upsurge of initial coin offerings (ICOs).

As a general reference resources about fintech in Japan, the Fintech Association of Japan (an industry association composed of fintech companies, financial institutions and other related parties) provides a broad introduction to Japanese fintech companies on its English website.2


i Licensing and marketing
Regulatory overview

Like other jurisdictions, the legal framework of financial regulations in Japan is fragmented. Specifically, there are (1) for the products and services layer, licences for designing and providing the products and services, such as banking, insurance, settlement, and remittance, and (2) for the sales and marketing layer, licences for selling and marketing the corresponding products and services, and (3) for the infrastructure layer, regulations such as on money laundering regulations and personal information protection.








Products/ services layer

Banking services

Prepaid payment instruments; credit; credit- purchasing


Fund transfer services

Virtual currency exchanges

Moneylending businesses

Type I/II financial instruments businesses; investment management services;

Insurance businesses

Sales/ marketing layer

Bank agency services; electronic settlement agency services

Virtual currency exchanges

Moneylending businesses

Financial instruments brokerages

Insurance agents or brokers

Infrastructure layer

Money laundering regulations and personal information protection regulations

In principle, the FSA grants and supervises licences for fintech enterprises (e.g., crowdfunding operators, virtual currency exchange operators, and electronic settlement agents) in addition to traditional financial institutions (e.g., banks, insurance companies and financial instruments business operators).

However, for credit card issuers (instalment sales), acquirers and payment service providers (PSPs), licensing and supervision is performed by the Ministry of Economy, Trade and Industry.

ii Banking
Banking services

It is necessary to obtain a banking services licence in order to engage in accepting deposits together with lending funds or discounting bills as a business, or to engage in fund transfer transactions as a business.

Bank agency services

For operators to engage in agency or intermediary services for banking transactions as a business as entrusted by a bank, they must obtain permission to engage in bank agency services.

Electronic settlement agency services

Until 2017, when the Banking Act was amended, Japan did not have any regulations in place for services where operators, as entrusted by customers, (1) instruct banks to perform fund transfer transactions or (2) conduct services to obtain account information and provide it for clients (known as ‘account aggregation’). As of 1 June 2018, the Banking Act will require registration as electronic settlement agents for them to conduct these services as entrusted by customers.

This is a regulatory framework established to cover operators as equivalent to the (1) payment initiation service providers and (2) account information service providers under the EU Payment Services Directive 2 (PSD2).

Payments (settlement and remittance)

Registration or notification is necessary for non-banks to engage in certain types of payment services, including: (1) fund transfer transactions, (2) issuances of prepaid payment instruments (e.g., electronic money and gift vouchers), (3) credit purchase intermediation (e.g., issuance of credit cards), and (4) acquirer or PSP operations. See Section IV below.

Virtual currency exchanges

In 2016, the Payment Services Act (PSA) was amended to include new regulations on virtual currency exchange businesses. Buying and selling virtual currencies or exchanging them with other virtual currencies is regarded as virtual currency exchange business, for which virtual currency exchange operators must obtain registration from the local finance bureau. See Section V below.


In order to provide moneylending and intermediary services as a business, such businesses must obtain registration as moneylending businesses. As described in Section IV below, registration as a moneylending business is also required to operate loan-type crowdfunding (crowd-lending or peer-to-peer lending).


The Financial Instruments and Exchange Act (FIEA) applies to investments in securities and derivative transactions.

Type I/II financial instruments businesses

Under the FIEA, securities are classified as (1) highly liquid ‘Paragraph 1 securities,’ such as stocks and share options, or (2) ‘Paragraph 2 securities,’ such as fund equities. Broadly speaking, registration as (1) a type I financial instruments business is necessary to purchase and sell Paragraph 1 securities or to act as an intermediary, broker or agent for the sale and purchase of such securities, and to register as (2) a type II financial instruments business is necessary to trade Paragraph 2 securities or to act as an intermediary, broker, or agent for the sale and purchase of such securities.

The amendment of the FIEA in 2014 resulted in some deregulation, and it became sufficient to obtain a more relaxed licence if the operator is only engaged as a business in crowdfunding in which a certain small amount of funds are gathered via the internet (see Section IV below).

Investment management services

Under the FIEA, operators must obtain registration as investment management services operators in order to manage assets by executing discretionary investment contracts with investors who entrust them with the discretion to make investment decisions. Investment management business operators assume a fiduciary duty and duty of loyalty toward investors, and are subject to regulations regarding conduct, such as an in-principle prohibition on engaging in conflict-of-interests transactions, and prohibition on compensating investors for losses.

Investment advisory and agency services

In order to provide advice on investment decisions as a business without being entrusted by clients with the discretion to make the actual investment decisions, operators must obtain registration to provide investment advisory and agency services.

Financial instruments brokerages

In addition, business operators entrusted by type I financial instruments business operators or investment management services operators to act as intermediaries or the like to trade in securities or market derivatives transactions are required to obtain registration as financial instruments brokerages.


Insurance businesses

Operators must obtain a licence as an insurance business operator to engage in underwriting insurance as a business.

Insurance agents or brokers

In order to solicit and sell insurance as a business as entrusted by insurance companies, registration as an insurance agent must be obtained. Conversely, in order to negotiate with insurance companies and act as intermediaries for the conclusion of insurance contracts as entrusted by clients, registration as an insurance broker must be obtained.

iii Cross-border issues
Applicability of Japanese regulations to foreign business operators

Since the purpose of Japan’s financial rules is to protect Japanese consumers, operators are in principle subject to the application of Japanese laws and must obtain a Japanese licence when seeking to provide financial services.

In addition, under Japanese financial rules, in principle, a licence cannot be obtained unless the company is governed by the laws of Japan (for licences permitting individuals to perform services, the individual must be a resident of Japan) when providing various types of financial services to Japanese consumers.

However, examples of foreign corporations with business establishments in Japan that are permitted to obtain Japanese licences include type I and II financial instruments business operators, investment management service operators, investment advisers and agents, third-party prepaid payment instrument issuers, acquirers and PSPs.

In addition, examples of foreign corporations that have a foreign licence corresponding to a Japanese licence for financial services, by obtaining a licence in Japan under certain conditions, and are allowed to provide financial services in Japan include banks, insurance companies, fund transfer service providers and virtual currency exchange operators. However, in order to obtain a licence in Japan, they must satisfy certain requirements, such as having a business office in Japan and a representative in Japan (who is a Japanese resident).

Regulations on foreign ownership

Foreign companies are not prohibited from owning shares or equity in financial-related businesses, including fintech companies. If a foreign company acquires shares or equity in a financial-related business operator, including fintech companies, it is required to submit a report to the authorities through the Bank of Japan in accordance with the Foreign Exchange and Foreign Trade Act.

In addition, other individual laws regulate shareholders (major shareholders) who own more than a certain percentage of their equities. Shareholders holding at least 20 per cent of the equity of a bank or insurance company (in certain cases, 15 per cent) are required to obtain authorisation under the Banking Act or Insurance Business Act. In addition, shareholders holding 20 per cent or more of the shares of financial instruments business operators (in certain cases, 15 per cent or more) are required to file a notification in accordance with the FIEA, and the eligibility of major shareholders is also examined in the registration of financial instruments business operators. In the event that a foreign company is a shareholder, the authorisationof major shareholders and registration examination of financial instruments business operators will include examinations into whether the influence of the foreign company will harm the soundness of Japan’s financial services business operators and its financial system.


i Digital identity

In Japan, the Public Identity Verification Act provides a structure for personal authentication using e-certificates. In order to use the public identity verification service, individuals must apply at a local government office to receive an individual number card (a ‘My Number’ card). My Number is a 12-digit number assigned to all people (including non-Japanese) who are registered with their local governments as residing in Japan. It is an individual number introduced to improve the efficiency of administration and convenience for the public by managing personal information in different administrative areas, such as social security and tax, using a common number.

The use of this service was formerly limited to administrative procedures such as tax returns and registry applications, but recent amendments to the Public Identity Verification Act have made it possible for private businesses certified by the Minister of Internal Affairs and Communications to use the service. This may expand the use of the public identity verification service to online account services such as online shopping and banking.

However, at present, the service is not widely used in the private sector due to the lack of widespread use of My Number cards and the need for users to prepare IC card readers or similar devices for reading e-certificates.

ii Digitised onboarding of clients

In order for financial service business operators to confirm their clients’ identity through non-face-to-face transactions, such as those conducted online, they must adopt one of the following methods. Among these, the use of electronic signatures and public individual identification services is attracting attention. However, at present, the identity confirmation methods of financial service providers have not yet become widely available, so mailing procedures are necessary in most cases and therefore know-your-customer procedures are not completed by the digital method alone.

Mailing a copy of identity confirmation documents

A copy of the identity confirmation documents is sent by the client (not limited to post) and the transaction-related documents are mailed by registered post to the client’s residence.

Use of personal receipt post

Transaction-related documents are mailed to the client’s residence by personal receipt post. In this case, the postal service provider confirms the client’s residence and receives a document to confirm the client’s identity.

Use of electronic signatures

Although confirmation of a person’s identity by authentication using an electronic signature is permitted, it has not been widely adopted since the user must obtain a digital certificate in advance and prepare an IC card reader or other similar device.

Use of public identity verification service

Formerly limited to use by administrative agencies, the public identity verification service is now available to private businesses and accepted as a method of identification by financial institutions. However, it is not generally popular since the user must obtain a My Number Card in advance and prepare an IC card reader or other similar device.

In light of the present situation, the FSA, together with industry associations, established a working group to examine online transactions in June 2017. The working group discussed ways to realise a more efficient digitised onboarding of clients. Based on the results of such discussions, there are plans to make customer identity verification methods more flexible through electronic methods for non-face-to-face transactions in the very near future. For example, presentation and verification of (1) the identity confirmation documents (attached with a face photo) using an online video monitor, and (2) the picture of them and IC information through online system are expected to be proposed as new KYC procedures by modifying current Japanese anti-money laundering laws and regulations.


i Payment services

Registration or notification is necessary for non-banks to engage in certain types of payment services, including: (1) remittances (fund transfer transactions), (2) issuances of prepaid payment instruments (e.g., electronic money and gift vouchers), (3) credit purchase intermediation (e.g., issuance of credit cards), and (4) acquirer or PSP operations.

ii Funds transfer services

To mitigate the significant burden of obtaining a banking services licence, the PSA, established in 2010, made it possible to make small-amount fund transfers of ¥1 million or less through a single remittance instruction by obtaining registration as a fund transfer service provider without obtaining a banking services licence. As of 28 February 2018, there are 56 businesses registered as fund transfer service providers in Japan.

On a separate note, in relation to the payment of compensation for goods and services, ‘billing agency services’ (whereby a business operator receives payment of such consideration on behalf of a goods or service provider (a payee) and delivers the received funds to such payee) are not considered to fall under the definition of ‘funds transfers’ in Japan and thus do not require registration as fund transfer service providers. Many businesses, such as convenience stores, provide these services.

Issuances of prepaid payment instruments

The PSA regulates issuers of prepaid payment instruments to protect consumers and help establish safe and sound payment and settlement systems. Issuers distributing prepaid payment instruments used to pay for goods or services offered by the issuers and third-party merchants (‘third-party type’ prepaid payment instruments) must register with the local finance bureau having jurisdiction over the issuer.

If the prepaid payment instruments are used only to pay the issuer (‘own business type’ prepaid payment instruments), the issuer must file a notice with the local finance bureau when the unused balance of the prepaid payment instruments exceeds ¥10 million on a reference date (each of 31 March and 30 September).

Furthermore, all issuers of prepaid payment instruments must reserve at least 50 per cent of the total amount of the issuance once the unused balance exceeds ¥10 million as of either reference date. Except for certain cases, the issuer may not redeem or buy back the instruments.

Under the PSA, prepaid payment instruments must have all of the following three elements: (1) record of value; (2) issuance in exchange for consideration; and (3) use as payment or demand. If the instrument satisfies certain exception criteria, such as having a usage period limited to six months or less, it will not constitute a prepaid payment instrument and will be exempt from application of the PSA.

Acquirers and PSPs

Japan requires credit card issuers to be registered as ‘comprehensive credit purchase intermediaries’. There were no legal restrictions on acquirers, which acquire and manage the merchants who use credit cards, or payment service providers (PSPs) until the Installment Sales Act was amended in 2016 to require registration of acquirers and PSPs that enter into contracts with merchants to permit the handling of credit cards (the amendment is scheduled to come into force in June 2018). PSPs are not required to be registered if the acquirers have the final decision to conclude merchant agreements and the PSPs’ operations are limited to only the first stage examination of whether to conclude the agreements.

iii Collective investment schemes

The FIEA lists specific forms of instruments as securities. If a product or service (including tokens) falls within any of these securities, then the FIEA regulations apply. In addition to this list, the FIEA also comprehensively defines what is called a ‘collective investment scheme’ (CIS) in order to regulate various types of funds (including foreign funds), regardless of their legal form. CIS arrangements must have all of the following elements: (1) monetary contribution (or monetary equivalent) from investors; (2) business using the contributions; and (3) investors’ entitlement to the distribution of profits arising from the business or of assets relating to the business.

As described below, investment equity interests in investment-type crowdfunding (crowdlending or peer-to-peer lending) and tokens may be considered CIS equity interests.

For CIS equity interests, subject to some exceptions, registration under the FIEA is required for (1) solicitation for acquisition of the equity interests and (2) management of the assets invested.

Issuers of CIS equity interests are, in principle, required to be registered as type II financial instruments businesses in order to solicit the acquisition of such equity interests.

In order to manage the assets invested in the fund by the CIS equity interest holders, the issuer must obtain registration as an investment management business in principle.

iv Crowdfunding

In Japan, crowdfunding is classified into ‘donation-type’, ‘purchase-type’, ‘loan-type’, and ‘investment-type’ crowdfunding. A licence is not required in order to engage in crowdfunding as a business in cases such as ‘donation-type’ crowdfunding (where users donate funds without receiving any consideration in exchange) or ‘purchase-type’ crowdfunding (where users receive products or services in exchange for their funds).

Loan-type crowdfunding (crowdlending and peer-to-peer lending)

Loan-type crowdfunding (crowdlending or peer-to-peer lending) involves crowdfunding business operators who intermediate between users and parties seeking funds, and such operators must obtain registration as moneylending businesses. The business operators typically solicit funds for loans from the public in the form of investments in fund vehicles and lend such funds to fund users. In order to engage in loan-type crowdfunding, as a general rule, the operators must register as type II financial instruments businesses to solicit investments in the fund, and they must also register as moneylending businesses to provide loans.

Investment-type crowdfunding

Investment-type crowdfunding is divided into investments in (1) more highly liquid ‘Paragraph 1 securities’, such as stocks and share options, and (2) ‘Paragraph 2 securities’, such as equity interests in funds.

Prior to the FIEA amendment in 2014, operators had to obtain registration as type I financial instruments businesses in order to trade in or perform brokerage, intermediary, and agency services to trade paragraph 1 securities, and registration as type II financial instruments businesses in order to conduct brokerage and agency services for the sale and purchase of paragraph 2 securities, irrespective of whether a crowdfunding transaction, in which only a small amount of funds is collected, was conducted.

Following the FIEA amendment in 2014, the regulations were relaxed so that operators who only engage in crowdfunding where a certain small amount of funds are collected through the internet can obtain a more relaxed registration as a ‘small-amount electronic public offering business’. However, at present, there are few advantages to being registered as such a business, so many businesses registered as type I or type II financial instruments businesses engage in crowdfunding businesses in conjunction with other businesses.


i Types of virtual currencies (cryptocurrencies) and ICOs

Under Japanese law, businesses that issue, sell and exchange tokens, including token issuances through ICOs, may fall under the regulations of the PSA or FIEA depending on how they are structured. Businesses involved in ICOs should adequately fulfil their duties required by related laws and regulations, such as registration when their services are regulated by those Acts.

Under Japanese law, tokens are likely to fall under the regulatory categories of virtual currencies under the PSA, prepaid payment instruments and securities (especially CIS):

a Persons who issue tokens corresponding to virtual currencies under the PSA must obtain registration as virtual currency exchange operators (see below).

b Persons who issue tokens corresponding to third-party-type prepaid payment instruments under the PSA must obtain registration. Persons who issue tokens corresponding to own-business-type prepaid payment instruments under the PSA must file a notice with the local finance bureau once the unused balance of the prepaid payment instruments issued to Japanese residents exceeds ¥10 million as of either reference date (see IV above).

c Persons who issue tokens corresponding to a CIS must obtain registration as type II financial instruments business operators (see Section IV above).

ii Virtual currency exchange businesses

Amendments to the PSA to define virtual currency and regulate virtual currency exchange businesses came into effect on 1 April 2017.

Definition of virtual currency under the PSA

The PSA defines ‘virtual currency’ as an electronically recorded proprietary value other than legal currency and assets denominated in any legal currency that either:

a can be used to pay unspecified persons for goods and services, can be mutually exchanged into fiat currencies with unspecified persons, and is transferrable through an electronic network (‘type I virtual currency’); or

b is mutually exchangeable with a type I virtual currency between unspecified persons and is transferrable through an electronic network (‘type II virtual currency’).

Virtual currency exchanges

A ‘virtual currency exchange business operator’ means one that engages in the business of: (1) selling and purchasing virtual currency or exchanging virtual currency with another virtual currency; (2) acting as intermediary, broker, or agent for the services in item (1); or (3) managing the monies or virtual currencies of users in connection with items (1) or (2).

Virtual currency exchange operators must manage the funds and virtual currencies deposited by users separately from the operators’ own funds and virtual currencies. As of 7 March 2018, there are 16 companies registered as virtual currency exchange operators in Japan, and there are estimated to be around 100 companies in the process of preparing for registration. However, operators, which were actually running virtual currency exchanges at the time the amendments came into force, were enabled, by submitting registration applications by the end of September 2017, to continue operating as ‘deemed virtual currency exchange operators’ until their registrations were actually approved or rejected, and this resulted in the 16 operators continuing their businesses as deemed operators as of 31 January 2018. Meanwhile, following the hacking of one of the deemed operators, the FSA is considering setting a deadline on how long they should be able to continue operating, and already issued business improvement and cease-and-desist orders in early March 2018 to registered operators and deemed operators whose level of operational preparedness was inadequate. The FSA plans to continue further strengthening its role in supervising and inspecting virtual currency exchange operators.


See Sections VIII and IX for the recent developments and forthcoming outlook of fintech business models in Japan.


i Intellectual property

In principle, the ideas themselves that pertain to business models are not protected by intellectual property rights such as patent or copyright. However, inventions in which such ideas are realised using information and communication technology may enjoy patent protection in certain cases. In regard to software, the Patent Act defines ‘products’ as a concept that includes ‘programs, etc.’, which means that software is subject to patent protection and can be copyrighted. In addition, information that companies manage as trade secrets will be protected under the Unfair Competition Prevention Act.

There have also been patent-related disputes that have attracted attention such as a patent infringement suit in which two leading venture companies in the fintech industry battled over an accounting software algorithm that automatically determines the category of accounting items (Tokyo District Court case of 27 July 2017).

For inventions created by employees, the right to obtain a patent may be assigned to or originally acquired by the employer in accordance with its internal rules. Such employers shall compensate their employees in accordance with such rules; provided, however, that if the rules are found to be unreasonable, the court may decide the compensation in light of the profits arising from the exclusive rights and employer’s contribution to an invention.

The right to file patent applications on inventions made by independent contractors is held by the contractor, unless otherwise agreed between the parties.

ii Data protection

As in other industries, compliance relating to data protection and security is an important issue for fintech businesses. In regard to data protection, the Act on the Protection of Personal Information (APPI) imposes certain obligations on private businesses that use personal information to, for instance: undertake necessary and appropriate measures to safeguard personal information; not use personal information except to the extent necessary for the purposes disclosed to the subject individuals; not disclose personal information data to any third party (subject to certain exemptions); and conduct necessary and appropriate supervision over employees and contractors.

The first significant amendment to the APPI came into force on 30 May 2017 to eliminate ambiguity in the scope of personal information and facilitate the proper use of anonymised data. The fintech industry is also subject to the application of the ‘Guidelines for Personal Information Protection in the Financial Field’.

In regard to security, the FSA supervisory guidelines governing financial institutions emphasise the importance of matters such as being aware of system risks and enhancing cybersecurity, and operators are required to appropriately follow the PDCA cycle of ‘Plan, Do, Check and Act’.


The following events that occurred from 2017 to present in relation to the development of regulations and legal approaches regarding fintech in Japan are of particular importance.

April 2017

The amended Banking Act came into force in April 2017, by which banking groups became able to hold certain fintech companies as subsidiaries.

The amended PSA came into force in April 2017, by which a registration system for virtual currency exchange operators was introduced (see Section V above).

June 2017

The Banking Act was amended to introduce a registration system for electronic settlement agents (see Section II above; scheduled to come into force on 1 June 2018).

November 2017

A financial system study group was established by the FSA, which began studies into changing the legal framework relating to the financial system into one that is functional and cross-sectional (see Section IX below).

March 2018

Policies are being announced by various banks relating to coordination and collaboration with electronic settlement agents aimed at open APIs (application programming interfaces).

June 2018

The amended Banking Act is scheduled to come into force, with provisions concerning a registration system for electronic settlement agents and how such system relates to banks.

The amended Installment Sales Act is also scheduled to come into force, with provisions concerning a registration system for acquirers and certain PSPs.


The following are some of the major legal and regulatory initiatives and developments that are expected in Japan based on the latest financial administrative policy announced by the FSA.

i Studies into revising the legal framework to make it functional and cross- sectional

From November 2017, sessions of a financial system study group have been convened at the FSA to examine revising the legal framework relating to the financial system (which, as described in Section II above, is currently differentiated by ‘business’ type) to one that is cross-sector and differentiated by ‘function’. Future legislative amendments may be expected if a consensus is reached through such examinations.

ii Policy to enable fintech to lead development of Japan’s innovation environment

With the view that pursuing open innovation (collaboration and coordination) between financial institutions and fintech companies is important to promoting innovation, the Japanese government is reviewing various systems, such as (1) developing environments aimed at the adoption of open APIs, (2) strengthening support for starting new financial businesses and services through initiatives such as a fintech support desk and fintech proof-of- concept hub, and (3) revising methods of customer identity verification for non-face-to-face transactions and examining bank agency service issues.

On 9 March 2018, a cabinet office ordinance was released prescribing detailed rules concerning the amended Banking Act in relation to electronic settlement agents and open APIs, and a guideline was also released indicating the government’s interpretation as to whether such activities constitute bank agency services. Around 130 banks are going to promote open APIs at the time of writing and this is anticipated to help promote open innovation between financial institutions and fintech companies in Japan.

A project examining KYC procedures using blockchain technology was selected as the first project to receive assistance through the FSA’s fintech proof-of-concept hub. The government also plans to actively work on providing sandbox infrastructure in the future.

iii IT governance and cybersecurity at financial institutions

The Japanese government is working to accumulate insight on IT governance in the financial and non-financial industries and further examine better methods of IT governance. In order to further enhance the stability of the financial system as a whole, the government is also seeking to strengthen the cybersecurity measures of financial institutions and working with authorities in various countries to contribute to the formulation of detailed cybersecurity policies.

iv Virtual currencies and ICOs

The Japanese government is also monitoring whether virtual currency exchange operators have appropriate operational control systems in place (for example, whether appropriate explanations and information are provided to users, whether system risk management mechanisms are in place, and whether effective countermeasures are being examined and implemented to prevent illegal activities such as money laundering).

In addition, the government is seeking to properly ascertain the current state of ICOs and act against the problem of fraudulent ICOs such as by having related government agencies cooperate on issuing warnings to consumers and other similar measures.

1 Atsushi Okada and Takane Hori are partners and Takahiro Iijima is an associate at Mori Hamada & Matsumoto.