EddieJayonCrypto

 15 Aug 25

tl;dr

Hong Kong’s Securities and Futures Commission (SFC) has implemented stricter custody requirements for licensed virtual asset trading platforms (VATPs) to protect client assets and support a trusted digital asset ecosystem. The new rules address cybersecurity risks by mandating robust cold-wallet inf...

Hong Kong’s Securities and Futures Commission (SFC) has introduced stricter custody requirements for licensed virtual asset trading platforms (VATPs), establishing these standards as the foundation for an upcoming licensing regime targeting standalone virtual asset custodians. The new rules aim to protect client assets and promote a competitive, sustainable, and trusted digital asset ecosystem, according to Dr. Eric Yip, the SFC’s executive director of intermediaries.

The SFC’s move responds to a surge in cybersecurity incidents involving overseas centralized platforms, which have led to substantial client losses due to wallet-system vulnerabilities and weak controls. To prevent similar breaches, the SFC’s updated standards mandate the use of robust cold-wallet infrastructure, oversight of third-party wallet providers, enhanced private key controls, air-gapped hardware, systematic transaction verification, strict address whitelisting, independent third-party assessments, and comprehensive staff training to avoid blind signing.

These enhanced custody standards take immediate effect for licensed VATPs and their associated entities. The regulation also requires operators to maintain 24/7 security monitoring, setting a high security benchmark anticipated to underpin the forthcoming custodian licensing framework. The SFC plans to introduce a bill incorporating transitional provisions, expedited application processes for pre-assessed firms, and increased fees based on a user-pays model, with public consultation closing on 29 August 2025.

This latest guidance aligns with the SFC’s broader regulatory roadmap announced earlier in the year, aiming to fortify Hong Kong’s virtual asset ecosystem. It also follows closely on the heels of the stablecoin licensing regime launched in early August, reflecting ongoing efforts to enhance regulatory oversight and investor protection in the rapidly evolving digital asset landscape.

Disclaimer

The opinions expressed by the writers at Grow My Bag are their own and do not reflect the official stance of Grow My Bag. The content provided on our site is not intended as investment advice, and Grow My Bag is not an investment advisor. We do not endorse buying or selling any cryptocurrencies or digital assets mentioned in our articles. High-risk investments in Bitcoin, cryptocurrencies, and digital assets require thorough due diligence, and all transfers and trades made are at your own risk. Grow My Bag is not responsible for any potential losses and participates in affiliate marketing.
 15 Aug 25
 15 Aug 25
 15 Aug 25