In a strategic move to strengthen its cybersecurity infrastructure, GMO Coin, a leading Japanese cryptocurrency exchange, has announced the establishment of a dedicated Group Information Security Audit Office. This initiative follows increased regulatory scrutiny from Japan’s Financial Services Agency (FSA) and aims to reinforce customer trust through enhanced data protection and system resilience.
The announcement, made on March 30, underscores GMO Internet—the parent company of GMO Coin’s commitment to addressing security vulnerabilities and meeting Japan’s tightening regulatory standards in the digital asset sector.
Responding to Regulatory Pressure with Structural Change
Earlier in January, the high-profile Coincheck hack sent shockwaves across Japan's crypto industry, prompting the FSA to intensify audits and compliance checks on all licensed exchanges. In response, GMO Coin received an official business improvement order from the FSA, mandating specific reforms to its information security framework.
To comply effectively, GMO Internet has launched a specialized internal unit: the Group Information Security Audit Office. Led by Takeshi Miyazaki, a seasoned cybersecurity expert, the team also includes an external security advisor to ensure objective evaluation and global best practices are integrated into their protocols.
👉 Discover how top exchanges are reinforcing security to protect your digital assets.
This office will focus on three core objectives:
- Developing robust measures to counter increasingly sophisticated cyber threats
- Optimizing existing information security systems
- Cultivating in-house expertise through ongoing training and threat simulation
By institutionalizing cybersecurity oversight, GMO Coin aims to shift from reactive compliance to proactive risk management—setting a precedent for other exchanges navigating Japan’s evolving regulatory landscape.
Submitting a Comprehensive Business Improvement Plan
On March 22, GMO Coin confirmed it had submitted its formal business improvement plan to the Kanto Local Finance Bureau, as required by the FSA. The plan details concrete steps the exchange will take over the coming months to upgrade its technical infrastructure, governance models, and incident response capabilities.
In a public statement, the company expressed deep regret for the concerns and inconvenience caused to customers and stakeholders:
“We have reflected seriously on this administrative action. By implementing our business improvement plan, we will steadily enhance our risk management systems and provide a safer environment for cryptocurrency trading.”
This level of transparency is becoming essential in rebuilding user confidence, especially after a series of high-profile breaches have shaken investor sentiment across Asia.
Expanding Security Beyond Compliance
While regulatory compliance is a key driver, GMO Coin’s new security office signals a broader strategic shift toward long-term digital safety. The team will conduct regular audits, penetration testing, and employee training programs focused on phishing prevention, secure coding practices, and real-time threat monitoring.
Additionally, the inclusion of an external advisor ensures that the exchange benefits from independent insights—free from internal biases—and stays aligned with international standards such as ISO/IEC 27001 and NIST cybersecurity frameworks.
This multi-layered approach reflects a growing trend among regulated exchanges: treating information security not just as a compliance checkbox, but as a competitive advantage.
Japan’s Crypto Landscape Under Scrutiny
GMO Coin’s reform efforts occur against a backdrop of increasing regulatory pressure across Japan. Just last week, five smaller cryptocurrency exchanges voluntarily suspended operations after failing to meet FSA-imposed security and operational benchmarks.
These closures highlight the challenges faced by platforms that lack the resources or technical maturity to implement advanced cybersecurity measures. In contrast, GMO Coin’s ability to mobilize executive-level support and invest in expert-led teams positions it as a resilient player in this tightening environment.
Japan continues to be one of the most progressive yet cautious markets for cryptocurrency innovation. With strong consumer protection laws and active supervision by the FSA, only exchanges capable of balancing innovation with security are likely to thrive long-term.
👉 Learn what makes a secure crypto exchange stand out in today’s market.
Commitment to Broader Blockchain Innovation
Beyond trading services, GMO Internet remains deeply involved in blockchain infrastructure development. In September last year, the company announced its entry into Bitcoin mining, aiming to capture approximately 6% of the global Bitcoin mining market share.
This ambition requires not only massive hardware investment but also advanced cybersecurity safeguards—since mining operations are prime targets for distributed denial-of-service (DDoS) attacks and firmware exploits.
By aligning its mining ventures with the same rigorous security standards now being implemented at GMO Coin, the company demonstrates a unified approach to digital asset safety across all business lines.
Frequently Asked Questions (FAQ)
Q: Why did GMO Coin receive a business improvement order?
A: Following the Coincheck hack in January, Japan’s Financial Services Agency (FSA) intensified inspections of all crypto exchanges. GMO Coin was found to have gaps in its information security protocols, leading to a formal directive requiring specific improvements.
Q: What is the role of the Group Information Security Audit Office?
A: This newly formed team is responsible for strengthening cybersecurity measures, conducting audits, training staff, and ensuring compliance with national and international security standards.
Q: Who leads GMO Coin’s new security team?
A: The office is managed by Takeshi Miyazaki, a recognized cybersecurity expert, and includes an external advisor for independent oversight.
Q: Has GMO Coin experienced a data breach?
A: There is no public record of a successful breach at GMO Coin. The reforms are largely preventive, driven by regulatory expectations and industry-wide risks.
Q: How does Japan regulate cryptocurrency exchanges?
A: The FSA requires licensed exchanges to maintain strict Know Your Customer (KYC), anti-money laundering (AML), cold wallet storage, and regular third-party audits. Non-compliant platforms face penalties or shutdowns.
Q: Is it safe to trade on GMO Coin now?
A: With the implementation of its new security office and ongoing improvements, GMO Coin is taking significant steps toward becoming one of Japan’s most secure exchanges. However, users should always practice personal security measures like two-factor authentication.
👉 See how leading platforms use cutting-edge tech to keep your funds safe.
Final Thoughts: Security as the Foundation of Trust
As cyber threats grow more complex and regulations more stringent, exchanges like GMO Coin are recognizing that security is no longer optional—it's foundational. By creating a dedicated audit office and investing in expert leadership, GMO Internet is not only complying with regulators but also building long-term trust with users.
For investors and traders, choosing an exchange that prioritizes information integrity, transparency, and proactive defense mechanisms is more important than ever. In Japan’s highly regulated yet innovative crypto ecosystem, GMO Coin’s latest moves may serve as a model for others aiming to balance growth with responsibility.
Core Keywords:
- GMO Coin
- information security
- FSA regulation
- cybersecurity audit
- cryptocurrency exchange
- customer data protection
- business improvement plan
- Group Information Security Audit Office