Japan is revamping its registration process for cryptocurrency exchanges. According to the country’s Financial Services Agency (FSA), the “state watchdog has increased the number of questions asked when screening applications to about 400 items – up fourfold.”
A Mixed Relationship with Crypto
Japan has certainly had a love-hate relationship with cryptocurrency. At present, the country is one of the biggest players in the digital market after the U.S. and South Korea. Yen-to-bitcoin trading is just behind USD-to-bitcoin and won-to-bitcoin conversions, and the virtual money and blockchain sectors are growing daily.
But there’s a dark chapter in Japan’s history book – a chapter that comes in the form of not one, but two of the world’s biggest data breaches. The first is Mt. Gox, which occurred in February 2014. Nearly half-a-billion dollars in BTC funds were lost, and while the company has since begun issuing refunds, many are still stuck in what surely feels like an eternal waiting game. It will be a long clean-up process that’s likely to take time to see it through.
Four years later, right as Japan was putting the Mt. Gox mess in the past, a second blow occurred. In January of 2018, Coincheck – one of Japan’s biggest and most popular digital currency exchanges – experienced a major hack that saw even more money disappear. This time, the funds lost exceeded the half-a-billion mark, and Mt. Gox was no longer the largest digital currency exchange hack to occur. Japan has played host to the same problem twice, leaving many concerned about the country’s fiscal security measures.
What to Do?
Japan’s financial sector is looking to make these problems disappear for good. Following the Coincheck hack, the FSA announced that it would be conducting investigations of Japan’s remaining digital currency exchanges to ensure customer security was the number one goal. Those that exhibited sloppy protocols were issued warnings to either clean up their acts or face the consequences.
One of the biggest issues hitting digital currency exchanges in Japan is the fact that many continue to store funds in hot wallets, rather than reverting to cold storage to protect users’ money. The process involves storing only a small fraction of funds online. The FSA is working with registered exchanges to ensure cold storage methods are available and functional to prevent hackers from gaining access to customer money should a data breach ever occur again.
Some Further Steps
In addition, the agency is also requiring new digital currency applicants to submit records of board meetings amongst executives, so officials can check and verify whether enough inquiries were made regarding measures to sustain the exchanges’ financial strengths and ensure the security of computer systems. Agency representatives would also conduct on-site investigations to verify whether answers submitted during the registration process hold true to an exchange’s daily operations.
According to the FSA, executives have not always had a firm hand in the decision-making processes of most trading platforms, which may have contributed to the data breaches of both Coincheck and Mt. Gox. Officials will also regularly check on an applicant company’s shareholders and see if systems are in place that can recognize hostile or malicious links that might endanger funds or customer privacy. This stems directly from Coincheck, as it was discovered someone had been sending emails to staff members containing malware, allowing them to get their hands on the funds in the first place.
Relax – No One’s Saying “No”
FSA commissioner Toshihide Endo explains that the new regulations are not meant to deter individuals from crypto-based trading or activities, nor are they designed to limit financial innovation in Japan. The agency simply wants to see data breaches become a thing of the past, which is bound to require a strict regulatory environment.
“We have no intention of curbing [the crypto industry] excessively. We would like to see it grow under appropriate regulation.”