A Japanese exchange Zaif was hacked earlier this month. The Financial Services Agency (FSA) which is the watchdog of the Japanese financial sector has expressed regrets that it did not suspend the operations of the exchange despite tell-tale signs that the company was not adhering to the highest specified industry standards.
An official of the agency made it known that Tech Bureau, the company behind the exchange had twice been issued warnings to improve their operational standards.
“It is extremely regrettable that such an incident happened when (Tech Bureau) was given two business improvement orders,” the official said.
Regulators are presently investigating the circumstances surrounding the hack which the company said occurred after an employee’s personal computer was hacked. The investigation which commenced on September 24 shows that the earlier FSA warning to the exchange was meant to have the company overhaul its internal management system as well as enhance the security of assets. It seems that none of the instructions were adhered to.
The hack caused the loss of digital currencies estimated to be worth at least $60 million. Since then, there have been questions on why the FSA did not come against the exchange despite its inability to improve its operational protocols and secure investors assets.
The Zaif hack came months after Coincheck, another Japanese exchange was hacked that set Coincheck back by $500 million. Although unlike Coincheck, Zaif do not seem to have the funds to repay its customers. The exchange is looking up to a listed tech company Fisco to bail it out.
Fisco is expected to pay $40 million in exchange for the acquisition of majority shares of Zaif.
FSA may well be considered the regulator that has consistently been under pressure to ensure that things are running well in an industry fraught with risks. The agency is presently studying more than 100 applications for new exchanges in the country. Experience would have shown it that security of investments is top priority. It is obvious that the agency will be tougher and less compromising towards future slips.
Meanwhile, despite the announcement of Tech Bureau that it is in talks with Fisco for funding, FSA has stated that it did not receive the concrete report on the matter and has issued a fresh Business Improvement Order on the company. In the latest order, the necessary issues that must be addressed were stated:
- “Determination of the facts and causes of the hacking incident (including clarification of the attribution of responsibility) and [the] formulation and execution of measures to prevent [its] recurrence”.
- “Prevention of [the] expansion of customer damage”.
- “Response to customer damage”.
- “Review and implement concrete and effective improvement plans based on the hacking incident, as well as the contents of two prior business improvement orders from 8 March and 22 June this year”.
- “Submit written reports pertaining to (1) and (4) above by Thursday, September 27.”