The New York State Department of Financial Services (NYDFS) has mandated cryptocurrency exchange BitFlyer USA to pay a substantial $1.2 million fine for non-compliance with the state’s cybersecurity regulations. However, despite the penalty, the regulatory body acknowledged the company’s efforts to rectify its shortcomings by the end of 2023.
BitFlyer USA’s Cybersecurity Failures Draw Regulatory Attention
New York’s financial watchdog imposed the penalty after identifying numerous inadequacies in BitFlyer USA’s cybersecurity program. The NYDFS serves as the primary regulatory authority in the state, and its Superintendent holds the power to conduct investigations and levy fines when deemed necessary.
Cryptocurrency exchanges like BitFlyer, licensed by the regulator, must establish and maintain a robust cybersecurity program. This program should ensure the continuous availability and functionality of their electronic systems and safeguard them. Additionally, the scheme must provide alerts regarding potential internal and external cyber threats to maximize client protection.
NYDFS: BitFlyer USA Neglected Regulatory Obligations
The Department’s examination and investigation revealed that BitFlyer USA fell short of meeting its regulatory obligations. The exchange failed to adhere to the Department’s Cybersecurity Regulation and neglected to establish an effective cybersecurity program by implementing written policies, as demanded by the Virtual Currency Regulation.
BitFlyer must pay the imposed penalty within ten days of the consent order’s effective date. The exchange is also barred from claiming or applying for any tax deductions or tax credits, directly or indirectly, for any portion of the civil monetary penalty.
Despite the fine, the NYDFS acknowledged BitFlyer’s determination to address its regulatory shortcomings. The exchange presented a remediation plan to achieve compliance with the necessary regulations by the end of 2023.
BitFlyer USA is not the only cryptocurrency exchange that has faced issues with the regulator this year. In January, the NYDFS launched an investigation against Gemini, a Winklevoss-led firm, accusing it of misleading its 340,000 Earn users about FDIC protection.
New Billing Rule for Crypto Entities in New York
The regulatory body recently announced its plans to begin billing crypto companies registered in the region in exchange for annual supervision and examination. This new rule will apply to companies that have secured the so-called Bitlicense.
Payments will be collected five times yearly, including four estimated quarterly settlements and one based on actual expenses. In addition, the legislation seeks to align cryptocurrency organizations more closely with banks and insurance companies, which are also subject to such billing.
Superintendent Adrienne Harris believes that crypto businesses can benefit from collaborating with the regulator:
“When you can work hand-in-hand with your regulator and your examiners, we can help identify issues early before they metastasize, and it is a service that we can provide to the industry, and it helps us as regulators better oversee the markets and protect consumers.”
BitFlyer USA’s experience highlights the importance of regulatory compliance for cryptocurrency exchanges and the need for a proactive approach to ensure the security and protection of clients’ digital assets.