Hong Kong’s monetary regulator tightened necessities for the custody of consumer property on licensed digital asset buying and selling platforms (VATP), establishing minimal safety requirements for custodians.
The Hong Kong Securities and Futures Fee (SFC) printed a doc for operators of licensed digital asset buying and selling platforms, instantly introducing obligatory minimal necessities for consumer asset custody and examples of finest practices.
The doc covers management-level duties, infrastructure, operations involving chilly wallets, interplay with exterior service suppliers, 24/7 menace monitoring, and employees coaching. It should type the premise for the annual exterior audit of VATPs.
Key provisions require service suppliers to:
- Appoint a certified government liable for consumer asset custody and guarantee efficient procedures and oversight are carried out.
- Generate and retailer personal keys solely in remoted environments, use licensed safety gadgets, and often audit suppliers of such options.
- Prohibit the usage of good contracts on public blockchain networks for chilly storage techniques.
- Apply multi-level transaction verification, retailer keys on remoted gadgets, permit withdrawals solely to pre-approved addresses, and prohibit blind signatures.
- Use separate gadgets for signing and verifying transactions, remoted from work computer systems and networks, and verify information integrity earlier than submission to the blockchain.
- Conduct thorough vetting of third-party custody answer suppliers, together with code audits, replace course of evaluation, and common safety checks.
- Restrict administrator privileges, log all actions, often take a look at catastrophe restoration plans, and conduct drills with contractors.
- Keep 24/7 infrastructure monitoring, reconcile blockchain balances with accounting information in actual time, and reply instantly to discrepancies or unauthorized entry makes an attempt.
- Guarantee round the clock incident response functionality, together with throughout holidays and nighttime hours.
- Develop procedures for dealing with incidents of various severity and guarantee administration oversight.
Furthermore, crypto custodians should present correct coaching for employees in line with their roles, particularly these liable for signing transactions, and conduct common drills and assault simulations to forestall errors and blind signatures.
The implementation of those new digital asset custody requirements comes amid broader regulatory developments in Hong Kong. A month earlier, the Hong Kong monetary regulator printed pointers clarifying the licensing and supervision of stablecoin issuers forward of the introduction of a brand new regulatory framework for stablecoins.
Сообщение Hong Kong Approves Requirements for Safe Digital Asset Custody появились сначала на CoinsPaid Media.