To prevent the risk of Crypto Assets being hacked, the Japanese Financial Services Agency plans to introduce a "custodian must report in advance system."

In response to the frequent hacking incidents and asset outflow issues in the Crypto Assets field, the Japanese Financial Services Agency is finally taking action. In the future, not only will Crypto Assets exchange operators need to be regulated, but even external companies providing related management systems, such as custodians (, may also be included in the reporting mechanism. This move aims to enhance the overall security and transparency of the industry to prevent similar large-scale asset leak incidents from occurring again.

The Financial Bureau will launch a new system: Crypto Assets management system providers must declare in advance.

The Financial Services Agency of Japan recently stated that it is considering the development of a management system for Crypto Assets (virtual currencies) and the introduction of a “pre-reporting system” for providers. The relevant plan was discussed on November 7 during a working group meeting of the Financial Review Council. Most committee members expressed support for this new regulation, believing it would help address the shortcomings of the current system. If this system is officially implemented, it will require all operators providing virtual currency management systems to report in advance to the competent authorities, and only systems that have been reported and approved will be allowed for actual operations involving Crypto Assets.

Current regulations only apply to operators and have no substantial constraints on system suppliers.

Current regulations stipulate that Crypto Assets exchange operators must establish sound asset management systems, such as using offline “cold wallets” to store user assets. However, there are no direct legal regulations for third-party companies responsible for developing or providing these management systems. In other words, as long as the system provider is not listed as part of the trading platform, they can evade regulation, which is one of the core issues that makes it difficult to hold accountable for multiple cybersecurity incidents.

The DMM Bitcoin hacking incident served as a catalyst, shocking the market with the leakage of 48.2 billion yen worth of Bitcoin.

The direct trigger for this regulatory tightening was the asset leakage incident that occurred on the DMM Bitcoin platform in 2024. At that time, approximately 48.2 billion yen (equivalent to hundreds of millions of dollars) worth of Bitcoin was illegally transferred by hackers, shocking the entire Crypto Assets market.

Subsequent investigations revealed that DMM Bitcoin entrusted its trading and asset management business to the system company “Ginco” in Tokyo's Chuo Ward, but the system was hacked by a group of hackers, resulting in a significant breach. This incident highlights that even if the platform itself has security awareness, ineffective control of external systems can still lead to substantial losses.

) DMM exchange in Japan was hacked for 48.2 billion Bitcoin: North Korean hackers involved, internal operations and contractor Ginco both have issues (

The liability of the exchange operators is limited, and the committee suggests clarifying the attribution of responsibility.

At the meeting of the Financial Review Council, most committee members pointed out that when crypto asset swap operators outsource their management systems, they are actually unable to fully control the operation and risks of external systems, nor can they provide users with complete explanations and guarantees.

Therefore, a committee member bluntly stated: “It should be clearly stipulated what additional measures businesses need to take in response to the cybersecurity risks that may arise from outsourced systems.” This indicates that regulatory bodies intend to strengthen their overall control over the entire Crypto Assets ecosystem, rather than just focusing on the front-end exchanges.

It is expected that the revised law will be submitted to Congress in 2026, and the declaration system for the manufacturing method is just around the corner.

The Financial Bureau stated that it will further organize the report based on the discussions from the meeting and plans to submit an amendment to the Financial Instruments and Exchange Act during the regular Diet session in 2026. If successful legislation is achieved in the future, companies providing management systems for virtual currencies will need to register officially; otherwise, their systems cannot be used by legitimate exchanges. This bill will not only enhance the overall market transparency but also help Japan create a safer and more trusted virtual asset environment.

This article discusses measures to prevent the risk of Crypto Assets being hacked. The Japanese Financial Services Agency plans to propose a “pre-reporting system for custodians,” which first appeared in Chain News ABMedia.