Only seven out of 23 cryptocurrency exchanges operating in Japan are fully licensed, based on the on-site inspections by the Financial Services Agency (FSA).
The remaining 16 crypto bourses are “deemed dealers,” the FSA said. These are entities which have been given a go signal to operate while their applications are being reviewed by the agency. It also unveiled an interim report outlining the problems discovered after inspecting and monitoring these exchanges.
“The inspection reveals a sloppy reality that the maintenance of the internal control system has not kept up with the rapid expansion of transactions. The risk was not evaluated for each virtual currency…and it was judged that securing necessary personnel for countermeasures such as money laundering was insufficient at multiple vendors,” a report by Nikkei said.
Furthermore, “the total assets of the exchanges rapidly expanded to more than 6 times in one year,” the report said, adding the agency is also concerned that less than 20 executives and employees hold assets worth 3.3 billion Japanese yen ($30 million) per person on an average.
Moving forward, the FSA, which inspected these exchanges following the Coincheck hacking incident in January, said it will utilize the findings to review new applicants. It has not given a green light to any crypto exchanges since the beginning of the year but three companies are being reviewed.
More than 100 companies are seeking to be registered in Japan. A Business Insider Japan report said these firms include megabanks, major IT companies, and major securities companies. Although some have already filed their applications, many have only gone through one consultation with the FSA.
“It is expected that exchange registration that had virtually stopped after the Coincheck incident will be resumed. In the future the examination will be tightened, such as evaluating the effectiveness of the business plan…and the internal control system on-site,” Nikkei said.
Those wanting to be licensed should study the inspection report and “first compare [the findings] with the situation of their company,” an FSA official told Nikkei.
It can be recalled that Coincheck admitted that about 523 million tokens had been stolen. This amounted to 58 billion yen or $542 million). Based on its compensation plan, users will expect a combined payout of $420 million.
“The finding suggests someone hacked into the Coincheck system via employee email and stole a ‘private key’ necessary to transfer NEM,” Nikkei reported. It said many Coincheck employees received emails appearing to be an internal message from a colleague. Once the sender’s address was clicked, the user’s computer was penetrated by a virus capable of operating that computer outside the company’s premises. Afterwards, it started contacting external services in Europe and the United States. This lasted until the midnight of January 25.
“We know where the funds were sent. We are tracing them and if we’re able to continue tracking, it may be possible to recover them. But it is something we are investigating at the moment,” Yusuke Otsuka, Coincheck co-founder, had said during a late-night press conference at the Tokyo Stock Exchange, as reported by Bloomberg.
In March, Coincheck stated refunding users at the rate of 88.549 yen ($0.83) per NEM token stolen. Also, it resumed withdrawals and trading of various digital currencies.