Japan’s financial watchdog, the Financial Services Agency (FSA), will introduce rules for cryptocurrency exchanges that will require stronger internal oversight of cold wallets, Reuters has reported, citing an unnamed source familiar with the matter.
Unlike the so called ‘hot’ wallets, their cold counterparts are not connected to the Internet, which eliminates the risk of a cyber-attack. The FSA required digital currency exchanges operating in the country to switch to cold storage following some high-profile hacking incidents that occurred last year.
However, the source told Reuters on Tuesday that the FSA had since determined that cold wallets still presented security vulnerability, as they do not eliminate the risk of internal theft. According to the source, some exchanges has failed to ensure that the person in charge of the storage would be regularly rotated out.
A recent incident in South Korea highlighted the risk of internal theft that crypto exchanges are facing. Last month, one of the largest digital exchanges in the country, Bithumb, lost $13 million worth of EOS tokens and claimed that the theft was an insider job. Bithumb claimed at the time that the stolen cryptocurrency was owned by the company and not its customers and has since published the results of an external audit that appears to confirm these claims.
“We are pleased to inform you that our members’ valuable assets are managed and maintained in a systematic / safe manner through the attached due diligence report,” Bithumb said last week.
Japan has its own history of high-profile hacking incidents. In early 2018, hackers stole over $500 million worth of cryptocurrency from the Tokyo-based Coincheck exchange. But perhaps the most infamous cyber theft happened in early 2014, when around 850,000 Bitcoins were stolen by Mt. Gox. The Tokyo-based company, which was the biggest crypto exchange in the world, at the time, went under following the incident.