Japanese regulators have announced stricter regulations for cryptocurrency exchanges in an effort to prevent another heist like the one that befell Coincheck in January, according to Nikkei Asian Review.
The country’s Financial Services Agency expects to begin using a new, stricter framework for registered cryptocurrency exchanges this summer, and will advise those that fail to meet its new rules to discontinue operations. Both new and existing operators will be required to meet the new standards.
A New Focus
The government has shifted its focus to strengthening consumer protection measures after initially recognizing virtual currencies as a valid form of payment in the interest of supporting the evolving technology.
The agency stated in April that new processes are needed for cryptocurrency exchange registrations that extend beyond simple documentation to include onsite investigations of how the operations are managed.
New Requirements Established
Cryptocurrency exchanges will now face harsher standards on system management, including not storing currency in internet-connected computers and having numerous passwords for currency standards.
Exchanges will also have to do more to prevent money laundering by verifying customer identification for major transfers. To keep customer assets separate from exchange assets, the exchanges will have to monitor customer account balances numerous times per day for signs of diversions. Exchanges will also be required to have rules in place to prevent their officers from using client funds.
There will also be new rules regarding the types of cryptocurrencies used at registered exchanges. Exchanges will generally not be allowed to grant a high degree of anonymity that would enable money laundering.
Stricter internal rules will also be required, including measures to separate management from shareholders. System development roles will have to be separate from those of asset management in order to prevent employees from manipulating the system for personal gain.
A Two-Step Process
Operators will submit documents to register exchanges with the FSA. Following a review of these documents, the agency will have inspectors visit the exchanges that pass the initial screening to examine their operations and verify the number of employees.
By not having sufficient expertise with exchanges, the agency has been “feeling our way through the dark on how thoroughly we should check these different aspects,” an unnamed agency source said. The new system will enable the agency to conduct a detailed assessment and identify risks ahead of time.
In January, Coincheck succumbed to a record-setting hack that saw the attackers make off with $530 million worth of NEM tokens (XEM), raked in 62.6 billion yen ($573 million) in revenue, against just 8.8 billion ($8.1 million) in ordinary operating expenses.
The Japanese brokerage firm Monex Group acquired Coincheck in the wake of the hack, paying about $34 million for the disgraced exchange. One reason for the low sum is that it appeared unlikely that the country’s the FSA would grant the company a license under its previous management structure.