The Japanese Financial Services Agency announced guidelines for strengthening cybersecurity in the cryptocurrency exchange industry

According to market news, the Financial Services Agency of Japan has officially announced the "Guidelines for Strengthening Cybersecurity in the Cryptocurrency Exchange Industry." These guidelines are based on 18 opinions collected from February to March 2026, with the primary goal of protecting investor assets. They propose a three-tiered security enhancement framework: "self-help (individual businesses), mutual assistance (self-regulatory organizations), and public assistance (regulatory authorities)."

The authorities pointed out that current cyberattacks have evolved from simple signature key theft to highly organized methods such as social engineering attacks and supply chain intrusions, making traditional cold wallet management insufficient for ensuring security. Subsequently, the Financial Services Agency will implement threat-driven penetration testing (TLPT) on some major businesses and plans to revise operational guidelines to enhance the allocation of cybersecurity personnel and external audit standards.