On November 21, 2025, the AI Strategic Headquarters published the “Draft Basic Plan on Artificial Intelligence” and the “Draft Guidelines for Ensuring the Properness of Research, Development and Use of AI-related Technologies.” These drafts are open for public comment from November 21 to November 27, 2025, and correspond to the following requirements: under Article 18 of the AI Act, which came into full force in September 2025, the government is required to formulate a basic plan for artificial intelligence, and under Article 13 of the same Act, it must establish guidelines to ensure appropriate AI research, development and use.

The draft AI Basic Plan reiterates the government’s goal of making Japan “the easiest country in the world in which to develop and use AI.” Noting that Japan has fallen behind other countries in AI adoption and investment, the draft states that a national strategy to actively promote AI development and use is essential for addressing social challenges such as population decline and for strengthening industrial competitiveness.

Accordingly, the Basic Plan draft sets four basic strategic pillars: (1) accelerate AI utilization (“use AI”); (2) strategically strengthen AI development capabilities (“create AI”); (3) lead in AI governance (“increase AI trustworthiness”); and (4) pursue continuous transformation toward an AI society (“collaborate with AI”). Specific measures include comprehensive AI adoption by national and local governments, introduction of AI across sectors such as healthcare, finance and education, support for AI startups and support for the development of foundation models and physical AI in Japan. Regarding AI governance, the draft proposes strengthening the functions of an “AI Safety Institute” so it can technically evaluate AI models, assess risks and take necessary actions.

The published ⁠“Draft Guidelines for Ensuring the Properness of Research, Development and Use of AI related Technologies” sets out four guiding principles for safeguarding properness in AI R&D and use: (1) a risk based approach, (2) active stakeholder engagement, (3) establishment of end to end AI governance, and (4) agile responsiveness. Building on those principles, the guidelines identify five specific areas that organizations using AI should particularly address:

①　Ensuring properness through AI governance: Establishing AI governance, including organizational measures to identify, assess and address risks.
②　Ensuring transparency to build trust with stakeholders: Providing reasonable explanations about the origins of training data and generated outputs, including appropriate protection of intellectual property, privacy and other rights.
③　Ensuring adequate safety: Addressing risks such as cyberattacks and other unlawful acts.
④　Maintaining a safe operating environment through business continuity: Minimizing damage and maintaining operations in the event of incidents.
⑤　Considering stakeholders given the importance of data as a foundation for AI innovation: Seeking to examine and implement measures to build ecosystems that return benefits to data holders (for example, intellectual property owners).

At present, both the Basic Plan on Artificial Intelligence and the guidelines on ensuring properness are still at the draft outline stage. Detailed content will be developed after consideration of public comments. Specifically, the final version of the AI Basic Plan is expected to be approved by Cabinet by the end of 2025, and the guidelines on ensuring properness are also scheduled to be reported to the AI Strategic Headquarters within 2025. The government is also advancing consideration of legal and regulatory work—such as the framework for civil liability and the appropriate protection of intellectual property—and future policy developments are expected to have significant practical effects. It will therefore be important to continue monitoring these developments closely.

First, the Financial Services Agency (FSA) solicited public comments from July 15, 2025 to August 18, 2025, and, based on the feedback received, announced partial amendments to the “Comprehensive Supervisory Guidelines for Financial Instruments Business Operators, etc.” (hereinafter referred to as the “Guidelines”) on October 15, 2025.

These amendments were introduced in response to a surge in cases where customer information (such as login IDs and passwords) was stolen via phishing websites impersonating securities firms, resulting in unauthorized access and fraudulent transactions (i.e., third-party transactions) through online trading services. The revisions aim to strengthen authentication methods and anti-fraud measures in online trading. Key aspects of the amendments include:

①　Prohibiting the inclusion of URLs or similar links in emails or SMS messages that prompt users to enter their passwords; and
②　Implementing and mandating the use of “phishing-resistant multi-factor authentication” for critical operations such as logins, withdrawals, and changes to registered bank accounts. It should be noted that multi-factor authentication systems that transmit one-time passwords via email are regarded as not resistant to so-called “real-time phishing” and therefore may not satisfy the new requirements.

The amended Guidelines have been in effect since October 15, 2025.

Next, the Japan Securities Dealers Association (JSDA) also amended its “Guidelines on the Prevention of Unauthorized Access in Internet Trading” (hereinafter referred to as the “JSDA Guidelines”) on October 15, 2025. This amendment, consistent with the purpose of the amendments to the Guidelines, aims to respond to the recent rise in cases involving the misuse of securities accounts.

The main points of the amendments to the JSDA Guidelines are as follows:
①　Implementation and mandatory adoption of phishing-resistant multi-factor authentication for critical operations such as logins, withdrawals and changes to registered bank accounts (JSDA Guidelines IV.1.(2)①).
②　Monitoring and reviewing the usage status of system settings designed to prevent and detect unauthorized trading and withdrawals (JSDA Guidelines IV.1.(3)).
③　Preventive measures against phishing and related fraud to mitigate risks before incidents occur (JSDA Guidelines IV.4.(1)–(5)).
④　Internal training and awareness initiatives to prevent the escalation of harm to customers or secondary victimization (JSDA Guideline IV.7.(1)–(2)).
⑤　Other necessary amendments.

In light of the above amendments to the Guidelines and the JSDA Guidelines, it is expected that cases involving the misuse of securities accounts in Japan will decrease going forward. In addition, although these amendments are currently limited to the securities industry, it is possible that similar revisions may be expanded to the broader financial sector in the future.

A notarized document is a certificate prepared by a notary public concerning legal acts or other facts related to private rights (such as loans, sales, leases, and wills). Historically, the entire process for creating, storing and utilizing notarized documents required paper documents and in-person interactions. However, with the enforcement of the amended Notary Act under the “Act on the Revision of Related Laws for the Promotion of Information and Communication Technology in Civil Procedures,” the entire process was fully digitized effective October 1, 2025. The specific changes are as follows:
 

Excerpted and edited from the Ministry of Justice’s “Outline of the Digitalization of Procedures Related to the Creation of Notarized Documents”

To rely on remote methods for creating notarized documents, it is required that the notary public deems such means appropriate. For notarized documents used for business purposes where entrustment by an agent is available, the remote method is broadly permitted (“Summary of Discussions from the Council with Practitioners on the Digitalization of Notarial Practice”). Therefore, the use of remote methods is particularly anticipated in business contexts.

The fees for preparing notarized document have also been changed: (1) a reduction of fees for legal acts with a value of JPY 500,000 or less; (2) a reduction in fees for preparing notarized documents concerning child support agreements and post-mortem affairs; and (3) a revision of fees for preparing notarized documents for legal acts with a value exceeding JPY 2 million, reflecting recent inflation and related factors.

On September 17, 2025, Japan’s Ministry of Internal Affairs and Communications (MIC) released an interim report summarizing the results of the “Study Group on Measures for Addressing Various Issues in the Distribution of Information in Digital Space.” This report consists of the compiled outcomes and policy directions of the Study Group’s two subordinate working groups: (1) the Digital Advertising Working Group (Digital Advertising WG) and (2) the System Working Group on Information Distribution in Digital Spaces (System WG).

With the growing prevalence of online communication and information distribution through social media and other digital platforms, problems such as defamation, disinformation, and the spread of illegal or harmful advertisements have become increasingly serious. In addition, the rapid advancement of technologies such as generative AI has created new, unforeseen risks. Against this backdrop, the Digital Advertising WG has examined challenges related to information distribution in the digital space.

Since 2023, the number of fraudulent investment advertisements impersonating celebrities or companies (so-called impersonation-type “fake ads”) has sharply increased. In response, the MIC requested major platform operators to strengthen their advertising screening and removal procedures. The interim report, based on subsequent hearings with these operators, confirms that the damage caused by such fake ads continues and emphasizes the need for ongoing monitoring.

MIC has also established the “Monitoring Guidelines for Addressing Issues Surrounding the Distribution of Digital Advertisements.” The guidelines apply to large-scale social networking service (SNS) providers with over 10 million active monthly users and evaluate their systems for pre-screening advertisements, post-removal procedures, and transparency measures.

Furthermore, the report identifies risks that may arise when advertisements are unintentionally displayed on misinformation sites or illegal platforms—specifically: (1) brand damage, (2) loss of advertising expenditures due to ad fraud, and (3) the unintentional amplification of misinformation. In June 2025, the MIC published the “Guidelines for Advertisers on Appropriate and Effective Digital Advertising Distribution” (for details, see the July 2025, Vol.16 issue of this Newsletter), encouraging advertisers to strengthen governance through internal systems, media selection and staff training.

The System WG focused on the legal and regulatory aspects of dealing with illegal and harmful information online. Through hearings with relevant platform operators and experts, it examined how to enhance the framework for addressing these challenges.

This report classifies distributed information into three categories: (1) “infringing information,” which violates the rights of others; (2) “illegal information,” the distribution of which is prohibited by law; and (3) “harmful information,” which includes content that may negatively affect young people or cause health risks. It also outlines corresponding policy directions for each category. For infringing information, the report calls for the establishment of systems enabling not only victims themselves but also third parties to promptly request content removal. For illegal information, it proposes mechanisms allowing administrative authorities to issue removal requests based on expert judgment. For harmful information, responses other than removal—such as warnings or demonetization—are being considered while ensuring respect for freedom of expression.

In addition, the report focuses on the “service design layer”—the structure of digital platforms themselves, including mechanisms for user interaction, display interfaces and algorithmic information presentation—and calls for service providers to identify, analyze, assess and mitigate the spread of illegal and harmful information and the risks posed by their services. The report also introduces a phased approach combining voluntary industry codes of conduct with government monitoring and, where necessary, legal regulation.