NYDFS Fines BitFlyer $1.2 Million for Violating Cybersecurity Rules

The NYDFS ordered BitFlyer USA to pay a $1.2 million penalty after finding “multiple deficiencies” in its cybersecurity program.

The New York State Department of Financial Services (NYDFS) fined cryptocurrency exchange BitFlyer $1.2 million for failing to comply with the state’s cybersecurity rules. However, the watchdog backed the company’s attempts to improve in that area by the end of 2023.

The penalty was imposed by New York’s regulator after the authority discovered multiple deficiencies in BitFlyer USA’s cybersecurity procedures. It reminded the corporation that the NYDFS is the state’s primary watchdog, and as such, its Superintendent has the right to conduct investigations and, if necessary, levy fines.

According to local regulations, BitFlyer and all other cryptocurrency exchanges regulated by the government must have a cybersecurity policy to ensure the availability and functionality of the licensee’s electronic systems and to protect those systems. This method should alert clients to potential internal and external cyber hazards, providing optimal protection.

“Through its examinations and investigation, the Department found that BitFlyer USA failed to meet its regulatory obligations both by failing to fully comply with the Department’s Cybersecurity Regulation and by failing to establish and maintain an effective cybersecurity program via the implementation of written policies, as required by the Virtual Currency Regulation.”

the NYDFS stated.

According to the NYDFS, BitFlyer shall pay the fine within ten days of the consent order’s effective date. The company should not claim, assert, or apply for a tax deduction or tax credit with regard to any US federal, state, or local tax, directly or indirectly, for any portion of the civil monetary penalty. 

NYDFS’ Latest Requirements

The government recently announced that it will begin charging crypto firms registered in the region for yearly monitoring and assessment. The new law will apply to businesses that have obtained the Bitlicense. Payments will be collected five times per year (four anticipated quarterly settlements and one on the basis of actual costs). 

Because banks and insurance companies are also subject to such billing, the legislation seeks to bring crypto organizations closer. Superintendent Adrienne Harris feels that crypto businesses could benefit from the collaboration with the regulator.