Fintech 2025

JAPAN Law and Practice Contributed by: Ken Kawai, Shunsuke Aoki, Takeshi Nagase and Keisuke Hatano, Anderson Mori & Tomotsune

In principle, the director of the relevant sec - tion of the administrative agency that receives the inquiry will issue a response to the inquiry within 30 days of receipt of a written inquiry from the inquirer at the contact point. However, there are circumstances in which the timeframe exceeds 30 days, as discussed below. The FSA is required to ensure that its response time, including the period for submitting additional or corrected documents, is as short as possible. • In cases where the inquiry involves advanced finance techniques or technology, and for which a response requires careful judgment, the FSA will issue a response within 60 days (in principle) of its initial receipt of the inquiry. • In cases where the quantity of inquiries exceeds the specific section’s capacity to issue timely responses, a response will be issued within a reasonable time period exceeding 30 days. • In cases where the regulations/laws in ques - tion are jointly administered by the FSA and another government agency, a response will be issued within 60 days (in principle) of initial receipt of the inquiry. If the FSA is unable to issue a response to an inquiry within 30 days, the FSA will notify the inquirer of the reason for the delay and the expected timeframe for its response. 2.8 Outsourcing of Regulated Functions Under Japanese law, when a business opera - tor engaging in a regulated business outsourc - es part of its business, it is obliged to conduct proper supervision of the outsourcee in accord - ance with applicable laws and regulations. By way of example, when outsourcing part of its CAES to a third party (including outsourcing in two or more stages), a CAESP regulated under the PSA is required to supervise such third par -

ty and take such other necessary measures to ensure proper and reliable execution of the out - sourced functions. 2.9 Gatekeeper Liability Under Japanese law, providers of fintech-related services are responsible as gatekeepers within the scope of the applicable regulations – for example, as a gatekeeper providing a platform for the exchange of fiat currency and crypto- assets, CAESPs are subject to various obliga - tions concerning user protection and AML/CFT. Specifically, from the viewpoint of user protec - tion, CAES providers are obligated to provide certain information to users. In addition, from an AML/CFT perspective, CAESPs are required – as specified business operators under the Act on Prevention of Trans - fer of Criminal Proceeds (APTCP) – to take steps to ascertain certain information when commenc - ing transactions with users. 2.10 Significant Enforcement Actions The upsurge of the Japanese crypto-asset mar - ket was stalled in January 2018 when one of the largest CAES providers in Japan announced losses of approximately USD530 million due to a cyber-attack on its network. This hacking incident prompted inspections of CAESPs by the FSA, which found internal weaknesses in most of the inspected entities – particularly in the areas of AML/CFT and cybersecurity. As a result, business improvement orders or business suspension orders were issued to these entities. In addition, it was reported in November 2022 that FTX Trading Limited (FTX Trading) – the parent company of FTX Japan KK, which is a CAESP and a Type 1 FIBO – had been experi - encing financial problems. In light of the capital and business relationship between FTX Trading

406 CHAMBERS.COM

Powered by