Japan's Financial Services Agency (FSA) has intensified its scrutiny of cryptocurrency exchange registration procedures to ensure proper risk management practices, according to a recent Japan Times report.
Key Changes in the Review Process
- Expanded Application Requirements: The FSA now requires applicants to address approximately 400 checklist items—four times the previous number—covering financial stability, cybersecurity, and governance.
- Board Meeting Documentation: Applicants must submit detailed board meeting minutes to verify executive involvement in risk management decisions.
- On-Site Inspections: The FSA conducts physical audits to validate submitted responses and assess operational compliance.
Enhanced Oversight Measures
Post-Coincheck Hack (January 2023):
- The FSA suspended registrations indefinitely after Tokyo-based Coincheck lost $520 million in customer assets to a cyberattack.
- Internal investigations revealed compromised employee emails enabled server access, leading to the theft.
- Monex Group acquired Coincheck shortly after the incident.
Regulatory Responses:
- The FSA performed emergency audits at 23 exchanges, identifying weak internal controls and missing documentation.
- Eternal Link and FSHO were among exchanges receiving corrective action plans.
Balancing Innovation and Consumer Protection
FSA Commissioner Toshihide Endo emphasized a measured approach:
"We aim to foster growth under appropriate oversight, not over-regulate the industry."
Upcoming Actions:
- Mandatory risk management reports from all exchange operators.
- Comprehensive on-site inspections planned for Japan's crypto sector.
Global Regulatory Landscape
- India: Awaiting Supreme Court's September ruling on the Reserve Bank's virtual currency ban.
- EU: Drafting new cryptocurrency regulations for discussion by finance ministers in Vienna.
👉 Explore global crypto regulations
FAQ
Why did Japan expand its exchange registration requirements?
To strengthen risk management after the 2023 Coincheck hack exposed systemic vulnerabilities.
What documents must applicants now provide?
Board meeting minutes demonstrating executive oversight of financial/cybersecurity audits.
How does Japan's approach differ from other markets?
It combines rigorous inspections with public-private dialogue to balance innovation and security.