According to Japan’s Financial Services Agency, its crypto exchange cybersecurity policy uses a three-layer defense framework to protect investor assets as risks from social engineering and outsourced service providers increase.
Japan’s Financial Services Agency published a policy on April 3 to strengthen cybersecurity for crypto asset exchange operators, with investor asset protection as the central objective. The framework is built around a three-layer defense system spanning firms, self-regulatory bodies, and regulators, and it warns of rising threats from social engineering and compromised outsourcing providers. The policy also includes self-help, mutual support, and public support measures, calls for threat-led penetration testing, revises administrative guidelines, and was released after 18 public comments.