Prevent cybersecurity vulnerabilities! The Hong Kong SFC clarifies standards and encourages operators to strengthen virtual asset custody measures

Today (15th), the Hong Kong SFC issued a circular to all licensed virtual asset trading platforms, systematically clarifying the standards for "robust custody of customer virtual assets" for the first time, listing the minimum requirements and operational examples that platform operators must meet, urging operators to comprehensively review and strengthen asset custody measures.

The SFC pointed out that this move is due to recent overseas incidents involving vulnerabilities in virtual asset custody, which have resulted in significant losses for clients' assets. Additionally, during cybersecurity reviews of local platforms earlier this year, it was found that some operators still had deficiencies in monitoring and protective measures.

The SFC specifically highlighted common cybersecurity vulnerabilities in international cases, including: breaches of third-party wallet services, lax transaction verification processes, and insufficient access monitoring of authorized devices.

To this end, the SFC listed multiple good operation examples and minimum standards that operators should achieve in the circular, covering the responsibilities of senior management, the infrastructure and operation of customer cold wallets, the application of third-party wallets, and real-time threat monitoring systems, among others.

The Securities and Futures Commission (SFC) stated that these standards will become the core regulatory requirements for virtual asset custodians in the future, and will promote the entire market to establish a more comprehensive virtual asset custody framework.

Dr. Yip Chi-hang, Executive Director of the Intermediaries Division of the SFC, said: "To promote Hong Kong in establishing a competitive, sustainable, and trustworthy digital asset ecosystem, all licensed virtual asset trading platforms must prioritize the protection of customer assets."

In the context of rising global risks, these platforms can leverage the SFC's practical guidelines to further enhance their custody service levels.

"Prevent cybersecurity vulnerabilities! The Hong Kong SFC clarifies standards and encourages operators to strengthen virtual asset custody measures" was first published in (Blockchain).