TechFlow News: On April 4, according to CoinPost, Japan’s Financial Services Agency (FSA) officially released the “Guidelines for Strengthening Cybersecurity of Cryptocurrency Exchange Operators and Other Related Entities” on April 3. These guidelines were formulated based on 18 public comments collected between February and March 2026, with investor asset protection as the top priority. They propose a three-tiered cybersecurity enhancement framework: “self-help” (individual operators), “mutual-help” (self-regulatory organizations), and “public-help” (regulatory authorities).
The FSA noted that cyberattacks have evolved from simple private key theft to highly organized tactics—including social engineering attacks and supply-chain compromises—rendering traditional cold wallet management insufficient for ensuring security. Moving forward, the FSA will conduct threat-led penetration testing (TLPT) on select major operators and plans to revise its operational guidelines to enhance staffing requirements for cybersecurity personnel and raise external audit standards.
