Japan’s Cryptocurrency Exchanges Face Increased Inspections from Regulators
In the aftermath of the half-a-billion-dollar hack of cryptocurrency exchange Coincheck, Japan’s regulators are reportedly ramping up their scrutiny on the industry with on-site inspections in the coming days.
Japanese financial publication Nikkei reports regulators from the Financial Services Agency (FSA) will look to visit multiple domestic cryptocurrency exchange operators as early as this week. The on-site scrutiny, according to the report, is a measure toward forcing cryptocurrency exchanges to adopt a stronger cybersecurity posture and more-secure consumer protection measures.
As reported last month, Coincheck confirmed it was the victim of a theft of over $530 million in NEM’s XEM token (300,000 tokens were stolen), supplanting Tokyo-based Mt Gox as the biggest cryptocurrency hack in history.
Coincheck is one of 32 cryptocurrency exchanges operating in Japan and, notably, not among the 16 registered operators working under the oversight of the Financial Services Agency. After Japan passed legislation recognizing bitcoin as a legal method of payment, new laws also mandated new cryptocurrency operators to register with the FSA. However, Coincheck was exempt from complying with the rules since it was operating before the mandated law kicked in.
Following the hack, Coincheck announced a plan to compensate some 260,000 NEM holders victimized by the hack, a claim which was checked upon by the FSA during a subsequent on-site inspection of the Tokyo-based exchange.
The theft saw Japan’s finance minister demand the FSA to better supervise cryptocurrency exchanges in order to prevent customer losses. “We will appropriately weigh the balance between promotion of innovation and protection of users in (supervising) cryptocurrency exchanges,” finance minister Taro Aso said last week.
The FSA has been listening and is now set to begin spot checks of a number of exchanges. There are legitimate concerns of other exchanges using lax security standards. The Nikkei report points to multiple exchanges returning ‘vague details’ when asked to return information on systems used in customers’ asset management, corporate governance, and security. More than one of the presumably 16 exchanges operating without regulatory oversight was discovered managing assets ‘in an insufficiently secure manner.’
A lack of experts employed by cryptocurrency exchanges, specifically in internal auditing and cybersecurity, could see the FSA introduce disciplinary penalties for operators continuing to function without robust security measures.