Coincheck Inc. users withdrew ¥40.1 billion ($373 million) from the cryptocurrency exchange on Tuesday, the first day customers were allowed to pull out in the wake of the cybertheft of ¥58 billion ($533 million) worth of digital currency last month.
The target of the biggest theft of digital coins in history on Tuesday began allowing yen withdrawals for the first time, triggering the exodus of money. Chief Operating Officer Yusuke Otsuka is sticking to a promise to compensate users, though he wouldn’t go into the root causes of the heist during a hastily arranged briefing in Tokyo.
The exchange is considering capital alliances and has engaged an external firm to verify its security before resuming full operations, he told reporters. Coincheck earlier submitted a report to the Financial Services Agency explaining how the hack occurred, what kind of support will be provided to customers and how systems will be bolstered to prevent future hacks, the company said in a separate statement.
Coincheck had been trying to confirm the safety of its platform following the heist in late January that forced it to suspend trading. The Financial Services Agency has conducted on-site inspections to see if the Tokyo-based exchange operator has a proper risk management system in place.
The theft came to light Jan. 26. Since then, the FSA issued a business improvement order and had told Coincheck to report back by Tuesday on the steps it was taking to prevent a similar theft.
FSA inspectors are determining whether Coincheck has the financial strength to reimburse some 260,000 holders of NEM coins to the tune of ¥46 billion.
Financial services minister Taro Aso said the watchdog agency will urge Coincheck to prioritize customer protection. “Through our on-site inspections, we will make sure that customers are protected,” Aso told reporters after a Cabinet meeting.
Coincheck is one of 16 operators of virtual currency exchanges awaiting regulatory approval. Another 16 have already won approval under Japan’s law requiring exchange operators to register.
The company submitted its business improvement plan Tuesday afternoon to the FSA.
The revised funds settlement law took effect last April after another Tokyo-based cryptocurrency exchange, Mt. Gox, shut down in 2014 after ¥48 billion worth of bitcoins were stolen.
Also Tuesday, the FSA issued a warning, the first of its kind under the law, to Macau-based cryptocurrency exchange operator Blockchain Laboratory Ltd. for not having registered with the government.
The growing popularity of digital currencies has boosted hopes for their greater use, but it also sparked debate about how to regulate them globally.
The latest heist has raised calls for stricter oversight of the industry, which is expected to grow rapidly.
Bank of Japan Gov. Haruhiko Kuroda said before a Diet committee Tuesday that virtual currency “does not have assets to back it up and has become a target for speculation.”
The FSA has already urged all exchange operators in Japan to report how they manage risks to protect customer assets and expanded its on-site inspections beyond Coincheck. It plans to cover all of them over the next few months.