Japanese Financial Services Agency (FSA) pushes out new regulatory standards for exchanges in order to avoid being hacked.
Major hacks on exchanges, most notably the $530 million hack of the Japanese Exchange known as CoinCheck in January 2018, have led the Japanese Financial Services Agency (FSA) to push out new regulatory standards. CoinCheck was in the process of seeking a license from the FSA when they experienced the hack. The new changes include on-site inspections, investigations and other governmental assessments of safety standards. Many Japanese exchanges have closed their doors due to these recent announcements, however, those who are seeking licensing now must follow a new five-point plan.
1. Exchange staff may not store crypto assets on internet-connected devices and must set multiple passwords to gain access to any stored funds in order to transfer them.
2. Exchange staff must enhance customer identification efforts as well as implement 2-factor authentications.
3. Exchange staff must check customer balances multiple times every day to watch for any changes in asset holdings. The FSA will also require exchanges to define rules that keep staff from using the asset holdings of clients.
4. Certain types of currencies will be banned, including privacy coins. These include but are not limited to Dash (DASH), Zcash (ZEC) and Monero (XMR). Read more about this ban in Deanna’s article.
5. Exchange’s must find ways to separate staff from shareholders, as well as separate system developers from assets management roles. This is being required to avoid price manipulation and insider trading.
This five-point plan will help the FSA asses applicants for licensing as well as serve as a rubric for exchanges trying to get approved for FSA licensing. It will be interesting to see if any existing exchanges decide to close following these new guidelines, especially with the banning of privacy coins.