Fintech 2025

JAPAN Law and Practice Contributed by: Ken Kawai, Shunsuke Aoki, Takeshi Nagase and Keisuke Hatano, Anderson Mori & Tomotsune

2.12 Review of Industry Participants by Parties Other than Regulators In Japan, accounting/audit firms are the only entities that review the activities of industry par - ticipants. For some industries, however, self- regulatory organisations also conduct reviews separately from regulators or accounting/audit firms under the applicable laws or regulations. By way of example, the Japan Virtual and Cryp - to-Assets Exchange Association (the JVCEA) is a self-regulatory organisation authorised under the PSA to review its CAESP members. 2.13 Conjunction of Unregulated and Regulated Products and Services An NFT is not defined under Japanese regula - tion. However, it is generally understood to refer to an irreplaceable token minted on a block - chain. Since NFTs are digital items minted on a blockchain, the question is whether NFTs also constitute crypto-assets under the PSA. NFTs are increasingly being used in various fields because, although they are digital data generated on a blockchain, they are character - ized as irreplaceable owing to the unique values assigned to them. NFTs are unlikely to constitute crypto-assets if: • the specifications or functions of NFTs are limited in the same manner as trading cards and in-game items; and • NFTs do not serve economic functions (such as being a means of payment) in the way that crypto-assets do. See 10.12 Non-fungible Tokens (NFTs) for fur- ther details.

and FTX Japan KK, the FSA issued a business suspension order and a business improvement order to FTX Japan KK, citing the need to: • immediately halt new transactions by users; and • take all possible measures in order to prevent the flow of FTX Japan KK’s assets to affiliated companies outside Japan and subsequent harm to users’ interests. Further, on 31 May 2024, an incident occurred at DMM Bitcoin, a CAESP, in which 4,502.9 BTC entrusted to it by its customers was ille - gally leaked. As a result, a business improve - ment order was issued to DMM Bitcoin on 26 September 2024, under which DMM Bitcoin was required to investigate and analyse the specific facts and root causes of the leakage, respond to customers and ensure proper and reliable busi - ness operations going forward. 2.11 Implications of Additional, Non- Financial Services Regulations The Act on the Protection of Personal Informa - tion (APPI) is a principle-based regime for the processing and protection of personal data in Japan, which generally follows the eight basic principles of the OECD Guidelines on the Protec - tion of Privacy and Transborder Flow of Personal Data. The Act is applicable to all private busi - nesses, including fintech business operators. Based on the requirements of the APPI, every governmental ministry in Japan issued admin - istrative guidelines applicable to the specific industry sectors under its supervision. Fintech businesses are required to comply with the “Guidelines on Personal Information Protection” that concern the financial services industry.

407 CHAMBERS.COM

Powered by