In its most sweeping crackdown yet, a Japanese regulator has penalized seven cryptocurrency exchanges, requiring two to halt operations for one month.
Japan’s Financial Services Agency (FSA) announced today, March 8, 2018, that it came down on the exchanges due to their failure to provide proper internal-control systems. All of the exchanges were ordered to step up efforts to improve security and prevent money laundering.
Business suspension orders were issued for FSHO and Bit Station, effective today. The FSA said FSHO was not properly monitoring trades and employees at the exchange had not undergone proper training. The FSA also alleged that a senior employee at Bit Station had used customers’ bitcoin for personal use.
The five other exchanges punished were GMO Coin, Tech Bureau, Mister Exchange, Increments and Coincheck. Coincheck was served with its second business improvement order since its security breach earlier this year, when $530 million worth of NEM (XEM) tokens were stolen.
Coincheck to Repay Victims
In a news conference today, Coincheck also announced that it will begin compensating users who had their cryptocurrency stolen, beginning as soon as next week. The exchange was hacked on January 26, 2018, after a hacker used malware to gain access to an employee’s computer.
All of the 260,000 users impacted by the theft will be paid back in Japanese yen, based on NEM rates at the time of the theft, the Tokyo-based company said.
At the root of the problem, the cryptocurrency exchange had been keeping all its NEM in a hot wallet connected to the internet. In contrast, at any one time, U.S.-based exchange Coinbase keeps 98 percent of its funds in a more secure cold wallet. The vice president of the NEM Foundation, Jeff McDonald, also toldBitcoin Magazine that if Coincheck had been using a multisignature wallet, the problem would not have occurred.
It is still not clear who was behind the Coincheck hack.
Tough Measures
The Coincheck hack was one of the largest thefts of cryptocurrency in the world since Mt. Gox, another Tokyo exchange, was brought to its knees by hackers in 2014. What happened at Coincheck highlighted the risks of storing funds in cryptocurrency exchanges, and since then, Japan’s FSA has taken strong measures to protect its citizens and ensure the security of cryptocurrency exchanges across the country.
Following the Coincheck breach, Japanese authorities announced on January 29, 2018, that they would investigate all cryptocurrency exchanges in the country for security gaps, and ordered Coincheck to, essentially, get its act together.
The FSA gave Coincheck until February 13, 2018, to submit a report summarizing the actions it would take to improve security and customer support.
Last year, Japan became one of the first countries to regulate cryptocurrency exchanges when it set up a licensing system. Some 16 exchanges in the country are currently registered, while another 16, including Coincheck, have been allowed to continue operating unregistered while they apply for licences. Five of the seven exchanges punished by the FSA are unregistered, including the two forced to suspend business. Subsequent to its business suspension, Bit Station withdrew its application for a license.
Japan’s crackdown on exchanges follows a series of efforts by U.S. regulators to tighten reins on the industry. Yesterday, the U.S. Financial Crimes Enforcement Network (FinCEN) proclaimed that anyone selling initial coin offering (ICO) tokens are unregistered money transmitters, while the U.S. Securities and Exchange Commission (SEC) warned that any exchange selling tokens deemed as securities must register with the agency.
Overall, Japan remains one of the more cryptocurrency-friendly countries, distinguishing itself from crackdowns in South Korea and China.