DIGITAL ASSETS AND MARKET INFRASTRUCTURES IN JAPAN (PART IV)
Crypto Custodians
Crypto assets, tokenized securities, and electronically recorded transfer rights all rely on some form of public-key cryptography. The person holding the private key corresponding to the public-key controls the assets. In most cases, the user does not hold the private key himself. Instead, he transfers the control to an exchange or a wallet service provider which introduces new risks. With the amendment of the PSA, the legislator responded to these risks. It is likely that the regulator will introduce similar obligations for security tokens in the future.
Crypto Assets
The term crypto asset management is understood broadly and covers any activity where a service provider controls the crypto assets of another party. In cases in which the service provider holds the private key(s) of a user, and is able to initiate a transfer of the crypto assets, the services constitute crypto asset management services within the meaning of the PSA and are subject to registration. Given the broad definition of crypto asset management services, the term does not only cover traditional custody solutions, but also certain types of wallets that manage their users’ private keys.
Crypto asset custodians as defined above must not only manage the crypto assets of their users separately from their own, but also separately from the other users’ assets to allow easy identification. The private keys controlling the users’ crypto assets must generally be managed via devices which are permanently disconnected from the internet or by other methods that provide a similar level of security. It is well possible that other solutions, such as multi-party computation (MPC), satisfy these requirements. Crypto assets which are held in hot wallets, i.e. where the private keys are stored on devices that are permanently connected to the internet, must be backed by the custodian’s own funds. Under the PSA, custodians are required to hold the same amount of the same crypto asset as their own assets in a cold wallet or in a wallet secured by a method providing a similar level of security, as the funds stored in a hot wallet. By way of example, if a custodian holds 1 BTC of the users’ funds in a hot wallet, it must hold the same amount of BTC as its own assets in a cold wallet. The maximum amount of users’ crypto assets which can be stored in a hot wallet is limited to 5 percent of the total assets under management.
The same applies to crypto asset exchanges, which manage their users’ crypto assets. Additionally, exchanges may entrust their users’ crypto assets to a trust company. Since all of the registered exchanges are centralized exchanges, this applies to all of them. Decentralized exchanges may not have to fulfill these requirements depending on the degree of decentralization. For more information on the regulatory treatment of decentralized exchanges click here.
With respect to exchanges managing their users’ fiat money, they must store these funds separately from their own funds with a trust. In case of insolvency, the funds, both crypto and fiat, are protected, and users of the crypto asset exchange are given priority over the other creditors.
Security tokens
For security tokens, no similar framework exists so far. It is likely that future subsidiary legislation will provide for similar regulations as for crypto assets — at least, in cases where a public blockchain is used. The risk of losing funds is unlikely smaller, however, since the token will be issued in a more controlled environment. Exchanges being hacked, may simply issue new tokens or ask the issuer to issue new tokens and put the stolen tokens/addresses on a blacklist.
2. CONCLUSION
Irrespective of whether a token is a crypto asset under the PSA, a tokenized security or an electronically recorded transfer right under the FIEA, the market is highly regulated in Japan. What seems to be a regulatory overkill, at first sight, is likely to help the market to mature in the mid to long term. This will allow more institutional players to enter the market and to increase their stake in the digital asset space. Companies that intend to operate on the Japanese market are well advised to analyze carefully whether their activities are regulated under Japanese laws. It should be noted that despite the tight regulations, there is still plenty of room for companies to operate on the Japanese market without a license. This is particularly true for companies that are licensed under the laws and regulations of other jurisdictions or who are willing to enter into strategic partnerships with licensed Japanese entities. For some companies, these entities might even become attractive takeover targets.
If you want to learn more or should you need legal or regulatory advice, please feel free to contact us directly under https://innovationlaw.jp/en/.
If you found value in this article, please “clap” (up to 50 times).
This article is part of our Tokyo FinTech Publication, please follow us to read more from our writers, like hundreds of readers do every day.
Please also give our Tokyo FinTech Podcast a listen, with a series of insightful conversations with global FinTech experts and startup founders.
Should you live in Tokyo, or just pass through, please also join our Tokyo FinTech Meetup. In any case, our LinkedIn page, Facebook page and our Instagram account are there for you as well.
