In a bid to improve the security level and general standards of cryptocurrency exchanges in South Korea, after a series of hacks and heists rattled the local cryptospace, the Korean Blockchain Association (KBA) formulated a set of stringent guidelines that would govern exchanges and crypto-related projects in the state.
Now, the regulatory think tank has approved 12 exchanges, but insiders say significant loopholes still exist.
According to a Korea Herald report, the KBA has stamped the cybersecurity standards of 12 local cryptocurrency exchanges after several months of launching the self-regulatory inspection for exchanges, in line with the statutes of the Financial Services Commission (FSC).
“We will establish the order of the domestically cryptographic [exchange] market through self-regulatory review. By providing a safeguard for the protection of users, we will contribute to ensuring asset safety,” said the chairman of the organization Jeon Jae-Jin.
Throughout the past seven months, major crypto exchanges in Japan and South Korea were hacked. The security breaches of Bithumb, Coincheck, and Coinrail led to the loss of $580 million, which were fortunately covered by company funds.
Back in May 2018, BTCManager informed that the KBA had proposed a regulatory framework to sanitize the virtual currency industry. At the time, the body made it clear to member exchanges that they must have a minimum of two billion South Korean won ($1.8 million) in equity capital, amongst other requirements, to be certified fit to function in the region. Chairman Jeon iterated the following:
“Stealing cryptocurrencies is similar to stealing cash, and exchanges will continue to be targeted by hacking attacks in the long-term. It is as important to establish systems to deal with the aftermath of hacking attacks as integrating various methods to prevent hacking attacks.”
Insurance For Crypto Exchanges
One method of dealing with large-scale security breaches the KBA has suggested is a variety of insurance. Due to the difference in the size of funds and capital held by major and minor digital asset trading platforms, the association said that different types of insurance would need to be examined to find the most applicable insurance system for crypto exchanges.
Since crypto exchanges are not 100 percent impenetrable, even with a strict licensing program in place to regulate crypto trading platforms, the association said that insurance is crucial to cover hacking attacks which exchanges could potentially fail to cover with company funds.
“The standard of security the association and the government of South Korea requested to crypto exchanges is not 100 percent impenetrable. In fact, it is a standard that could be vulnerable to certain types of hacking attack, as seen in the case of Bithumb,” Jeon added, emphasizing that Bithumb has qualified for the standard of security established by the institution.
The KBA information security chairperson Kim Yong-dae further explained that crypto exchanges have become the target of hackers worldwide, primarily because advanced persistent threat (APT) attacks have proven to be so effective against crypto exchanges.
Chairperson Kim noted that there will never exist a crypto trading platform that is completely protected from all types of hacking attacks and that it is crucial to ensure exchanges have precise ways to deal with large-security breaches upon their occurrence.
As of July 12, 2018 crypto exchanges have been approved by the South Korea Blockchain Association for having adequate security systems in place. The exchanges include DEXKO, UPbit, Bithumb, CPDAX, Huobi Korea, HanbitKo, OKCoin Korea, Korbit, Coinone, Coinzest, Gopax, and Neoframe.
More Work to Be Done
While the KBA claims the twelve exchanges have successfully met its general standards, there are however questions concerning the legitimacy of the operation, as the body revealed that the inspectors were not physically present at the offices of the exchanges but instead conducted the checks by interviewing the representatives of the businesses.
In a press conference, the head of the KBA’s self-regulatory committee Jhun Ha-Jin hinted that some security loopholes and a “huge gap in the level of handling cybersecurity risks” were discovered in the systems of exchanges, but he, however, failed to shed more light on the matter, citing the possibility of a heist.
“This inspection does not guarantee the absolute safety of the 12 exchanges. [The] result indicates the 12 exchanges satisfy the minimum requirement for their operations. It is like a driver’s license. It is hard to tell whether they are good drivers or not,” Jhun concluded.
As a result of these discussions, local financial authorities disclosed that in the upcoming months, crypto exchanges will be regulated as digital asset brokerage and exchanges, from being previously regulated as “communication vendors.”
By August 2018, crypto trading platforms in South Korea will receive tightened policies to comply with, explicitly pertaining to security and Anti-Money Laundering (AML) requirements.
While experts are divided on the short-term impact on exchanges, the majority of local analysts consider the move of South Korea to strictly regulate crypto exchanges as financial platforms as a favorable long-term decision.
The following article was co-authored by BTCManager writer Ogwu Osaemezu Emmanuel.