Business Daily Media

What the Coincheck hack tells us about how Australian regulators will handle a cryptocurrency hack

  • Written by Philippa Ryan, Lecturer in Commercial Equity and Disruptive Technologies and the Law, University of Technology Sydney
What the Coincheck hack tells us about how Australian regulators will handle a cryptocurrency hack

New risk rules for cryptocurrency exchanges will be put to the test with the latest hack on Japanese exchange Coincheck. Hackers stole US$660 million worth of NEM (its native cryptocurrency).

In the past eight years, more than a third of all cryptocurrency exchanges have been hacked[1]. The total losses exceed US$1 billion. Because cryptocurrencies are almost untraceable, the rate of recovery after a hack is very low.

A number of countries (including Australia) have enacted legislative provisions to regulate the conduct of cryptocurrency exchanges. Regulators hope these will reduce the risk of attack and make operators more accountable for losses suffered by customers when an attack does occur.

Read more: Why Bitcoin is taken more seriously than Dogecoin[2]

These hacks don’t just expose gullible investors to risk. They mean funds could be flowing undetected into the hands of money launderers and terrorists.

While cryptocurrency exchanges may operate like banks, they are not regulated in the same way as banks. There is no depositor’s insurance and most exchanges remain unregulated.

Due to the almost anonymity afforded to users of Bitcoin and other cryptocurrencies, it is very difficult to trace missing funds. When a hack occurs, the attacker gains access to the virtual wallet operated by the exchange and then transfers the cryptocurrency to their own virtual wallet.

The Coincheck Hack

The Japanese exchange Coincheck hack dwarfs an earlier hack on Bitcoin exchange platform Mt Gox in 2014, which saw the theft of US$480 million worth of Bitcoin.

The operator of Mt Gox, Mark Karpeles was arrested and jailed for his role in the collapse. At the time Mt Gox was the world’s biggest Bitcoin exchange.

He was charged with falsifying records and embezzlement, but there were no laws in place at the time to regulate the Mt Gox exchange and its trade in Bitcoin.

So as to bring virtual currency exchanges in line with international anti-money laundering and counter-terrorism financing measures, Japanese lawmakers enacted the Amended Settlement Act. Under these new laws, all exchanges operating in Japan must register and comply with rules. These rules include knowing their customers, employing sufficient staff, keeping balance sheets, and (critically) must keep all customers’ deposits in “cold storage” (that is, on a computer hard drive that is not accessible via the internet).

These new laws mean that when an exchange is hacked or collapses, operators can be made liable for the way that they managed their customers’ funds. Japanese authorities are threatening to prosecute the operators of Coincheck for their failure to comply with the new laws.

In their online apology, the operators of Coincheck have admitted that the hacked deposits were in a “hot wallet[3]” (connected to the internet instead of being offline) and that this was due to “staff shortages”. Both of these failures to comply will give the Japanese authorities good reason to prosecute.

Close scrutiny of the accounts will be likely to reveal other irregularities. But this is little comfort for Coincheck’s investors. Coincheck has promised to return 90% of the lost NEM to its customers, but has yet to say how or when this will happen.

How would Australia’s regulator react?

Japan is not alone in its scramble to regulate cryptocurrency exchanges. Just this month, the Australian government announced the Australian Transaction Reports and Analysis Centre (AUSTRAC) will have new powers to monitor Bitcoin and other cryptocurrencies[4]. New legislation[5] also forces cryptocurrency exchanges to disclose details of investors and transactions.

The new laws are part of the government’s efforts to combat money laundering and terrorism financing. Exchanges will be required to identify customers more stringently and report suspicious transactions. Moreover, this is expected to be welcome news for cryptocurrency users that buy bitcoin with bank account platforms and apps such as OWNR. Making transactions as safe as possible is crucial in order to overcome security concerns.

All transactions of A$10,000 or more must reported to AUSTRAC. The report must include the names of the customers conducting the transaction, the names of the the recipient of the proceeds of the transaction, and how the transaction was effected.

Any failure by an operator to comply with these laws would result in heavy fines and possibly imprisonment. However, as breaches are almost impossible to detect, enforcement of these laws depends on honesty of the exchange.

One way to detect reportable transactions is to monitor the size of the deposits made into the exchange’s bank account. However, individuals can create fake trading accounts and money-laundering syndicates breakup deposits into smaller amounts, so as to avoid raising suspicion.

Read more: Bitcoin, the property market and Trump: the fact and fiction behind doomsaying in 2018[6]

Complying with AUSTRAC’s new regulations will be expensive for exchanges. With Australia’s new data breach notification laws[7] coming into effect next month, gathering and securing sensitive information about customers and their deposits will be more onerous than ever.

The problem that faces regulators and investors is that the cost of compliance acts as a deterrent to registration. And because registration requires compliance, exchanges need to outlay significant capital before they start to trade. The sheer size of Coincheck’s losses indicates it was a high-volume exchange and yet, at the time of the hack, its registration was still pending[8].

Traditionally, when a foreign exchange collapses and is unable to return customers’ deposits, the regulator might prosecute the directors for operating without a licence, failure to comply with financial services regulations, or for insolvent trading. Insolvent trading, for example, attracts both civil and criminal sanctions[9].

When a cryptocurrency exchange is hacked, the operators and their customers are all victims, but the operators will be made liable for those losses. Under Australia’s current laws, a major hack of a cryptocurrency exchange will be met with similar challenges as those facing the Japanese authorities in the wake of the Coincheck theft.

Any investigation of an exchange could involve the Australian Securities and Investments Commission (ASIC), the Australian Taxation Office (ATO) and AUSTRAC. The level of scrutiny that would follow, could reveal a multitude of sins, including some that are unrelated to the hack.

For example, ASIC has the power to prosecute for insolvent trading, operating a Ponzi Scheme and breaches of financial services legislation. The ATO could investigate whether GST was being paid on trades.

Frustratingly for the customers and investors, seeing the operators punished does not reimburse them for their financial losses. Repaying deposits after a hack depends on whether the operators remain in the jurisdiction and have any funds of their own.

Authors: Philippa Ryan, Lecturer in Commercial Equity and Disruptive Technologies and the Law, University of Technology Sydney

Read more http://theconversation.com/what-the-coincheck-hack-tells-us-about-how-australian-regulators-will-handle-a-cryptocurrency-hack-90842

Business Today

Hunt and Brew launches Australia-first cold brew coffee

Australian boutique coffee maker Hunt and Brew has announced it will be sourcing the beans for its new “Australia” cold brew coffee from far north Queensland in a move that will make the company one of the largest buyers of ...

What you need to know about the Defense Production Act – the 1950s law Biden invoked to try to end the baby formula shortage

Biden invoked the Defense Production Act to help end the shortage of baby formula. AP Photo/David J. PhillipU.S. President Joe Biden on May 18, 2022, announced he is invoking the Defense Production Act to help end the shortage of ...

Baby formula industry was primed for disaster long before key factory closed down

Cities are trying to address the baby formula shortage with community drives.AP Photo/David J. PhillipThe conditions that led to a shortage of baby formula were set in motion long before the February 2022 closure of the Similac fa...

Utilising communication tech to alleviate employee burn out

Hybrid work solidified into the business model in 2021 – plain and simple. Jabra research revealed 42 per cent of employees last year requested leadership to help make their virtual workspace more comfortable. Employees are ...

Space Machines readies for liftoff securing launch services deal with SpaceX

SpaceX to carry Space Machines' Optimus Orbital Transfer Vehicle as part of its April 2023 mission. Optimus is one of the largest spacecraft built in Australia and furthers Australia’s sovereign capabilities toward in-space...

Deliver business benefits through operational excellence

As Australian businesses emerge from the pandemic lockdowns and draw up plans for growth, increasing numbers are adopting a strategy of operational excellence. Operational excellence involves everyone in an organisation and f...

Business Daily Media Business Development

Hunt and Brew launches Australia-first cold brew coffee

Australian boutique coffee maker Hunt and Brew has announced it will be sourcing the beans for its new “Australia” cold brew coffee from far north Queensland in a move that will make t...

NewsServices.com - avatar NewsServices.com

Utilising communication tech to alleviate employee burn out

Hybrid work solidified into the business model in 2021 – plain and simple. Jabra research revealed 42 per cent of employees last year requested leadership to help make their virtual wo...

David Piggott, Managing Director ANZ at Jabra - avatar David Piggott, Managing Director ANZ at Jabra

Space Machines readies for liftoff securing launch services deal with SpaceX

SpaceX to carry Space Machines' Optimus Orbital Transfer Vehicle as part of its April 2023 mission. Optimus is one of the largest spacecraft built in Australia and furthers Australia’...

Business Daily Media - avatar Business Daily Media

India's employee hostels are often like prisons – but young women garment workers don't always see it that way

Kavitha, 18, earns a living at a clothing factory in the southern Indian state of Tamil Nadu. Like many of her colleagues, she lives in accommodation provided by the factory, where she share...

Andrew Crane, Professor of Business and Society, University of Bath - avatar Andrew Crane, Professor of Business and Society, University of Bath

Shortage of workers threatens UK recovery – here’s why and what to do about it

For the first time since records began, there are more job vacancies in the UK than unemployed people, according to the latest monthly labour market figures. This has been driven mainly by a...

Donald Houston, Professor of Economic Geography, University of Portsmouth - avatar Donald Houston, Professor of Economic Geography, University of Portsmouth

A central bank digital euro could save the eurozone – here's how

Blockchain bailout?4K_HeavenThe European Central Bank and its counterparts in the UK, US, China and India are exploring a new form of state-backed money built on similar online ledger techno...

Guido Cozzi, Professor of Macroeconomics, University of St.Gallen - avatar Guido Cozzi, Professor of Macroeconomics, University of St.Gallen



NewsServices.com

Content & Technology Connecting Global Audiences

More Information - Less Opinion