UK startups move to expand into Asia

Cryptocurrency exchanges operating in the Dubai International Financial Centre (DIFC), a financial hub in the United Arab Emirates (UAE), entered a new compliance environment on Jan. 12 as updated Crypto Token rules issued by the Dubai Financial Services Authority (DFSA) came into force. The revised framework bars exchanges from offering certain digital assets.Photo by Christoph Schulz on UnsplashPrivacy tokens restricted to private walletsThe affected assets are privacy tokens like Zcash (ZEC) and Monero (XMR), although the restriction does not prevent Dubai residents from holding those coins in private wallets. The move is aimed at addressing anti-money laundering (AML) and sanctions compliance risks. The exclusion of privacy tokens reflects alignment with global compliance standards, according to Elisabeth Wallace, Associate Director of Policy & Legal at the DFSA. She told CoinDesk that bans of this kind are effectively inevitable if crypto businesses want to align with standards set by the Financial Action Task Force (FATF), given that privacy tokens are designed to obscure transaction histories and the identities of holders. The revised rules extend beyond token classifications, preventing regulated firms from deploying or providing tools designed to mask blockchain activity. These include mixers, tumblers, and other technologies that obscure transaction information. At the same time, the DFSA refined its classification of what it terms “Fiat Crypto Tokens,” limiting the category to tokens pegged to fiat currencies and backed by high-quality, liquid assets capable of meeting redemption requests under market stress. Under this definition, algorithmic stablecoins such as Ethena (ENA) would not qualify as stablecoins, though they would still be treated as cryptocurrencies. The update also alters how token eligibility is determined. Rather than maintaining a centralized list of approved assets, the DFSA now requires licensed firms to carry out their own assessments of the crypto assets they offer, document those judgments, and keep them under ongoing review. Thailand enforces crypto travel ruleComparable regulatory tightening is unfolding elsewhere in Asia. In Thailand, during a high-level meeting on Jan. 9, Prime Minister Anutin Charnvirakul said the Securities and Exchange Commission had been instructed to strictly enforce the travel rule, according to The Nation Thailand. The international standard requires crypto service providers to verify both senders and recipients in wallet-to-wallet transfers. The directive forms part of a broader government initiative to establish a national data bureau, envisioned as a centralized platform for real-time monitoring of suspicious transactions and the development of detailed financial risk profiles. In South Korea, enforcement actions have similarly intensified. According to Dailian, Korbit, the country’s fourth-largest crypto exchange, paid a 2.73 billion won ($1.9 million) fine imposed by the Financial Information Unit (FIU) under the Financial Services Commission (FSC) for violations of anti-money laundering (AML) rules. The payment followed a board decision and was made within a reduced-penalty period, allowing Korbit to receive a 20% discount. Crypto firms comprise 77% of Korean finesA broader review of penalties issued by the FIU since the disclosure of its sanctions guidelines shows that 77% of total fines were levied against virtual asset service providers (VASPs). While an analysis by Digital Asset found that only four of 95 fine cases issued since August 2023 involved VASPs, those cases accounted for a disproportionately large total of 41.8 billion won ($28.4 million). Exchanges fined to date include Delio, Hanbitco Korea, Dunamu—the operator of Upbit—and Korbit, with Dunamu receiving the largest penalty imposed by the FIU to date. The sanctions were linked to alleged know-your-customer (KYC) failures, unreported transactions involving individuals subject to warrants, and shortcomings in systems designed to detect suspicious activity. Separately, the FIU had issued disciplinary measures against Dunamu, including a warning to its chief executive and a three-month partial suspension of operations, which the company is contesting in court. The next hearing is scheduled for February. In overall fine totals, casinos ranked behind crypto firms, underscoring how enforcement against crypto intermediaries has been particularly robust, as oversight patterns continue to evolve. 

NuriFlex Holdings partners with Catalyx Exchange to explore security tokens and RWAsNuriFlex Holdings Inc., the Canadian parent company of South Korean IoT solutions provider NuriFlex Co., Ltd., has recently signed a memorandum of understanding (MOU) with the Canadian cryptocurrency exchange, Catalyx. According to a report by the Korea Economic Daily, this collaboration is designed to facilitate both entities’ entry into the markets of security token offerings (STOs) and real-world assets (RWAs).Photo by Chris Liverani on UnsplashNuriFlex Group’s diverse portfolio and industry experienceWith a 30-year track record, NuriFlex Group has supplied global utility companies with robust software platforms designed for handling vast amounts of data. Beyond this, the group manages an array of services, including blockchain-based digital payments, a social dating metaverse known as NuriTopia and Web3 wallet services. Furthermore, NuriFlex Group has established a business network to support central bank digital currency (CBDC) initiatives in Central and South America as well as Africa. Leveraging its longstanding industry presence and extensive connections, NuriFlex Group strives to venture into the sectors of STOs and RWAs.Canadian crypto exchange since 2019Meanwhile, Catalyx Exchange, established in 2019 and headquartered in Calgary, Alberta, is known to have the management and technological expertise necessary to operate trading platforms for security tokens and RWAs.An official from NuriFlex Group conveyed their enthusiasm for the partnership, emphasizing their collective goal to lead the way in innovation. They intend to jointly launch a platform that is not only secure and efficient but also fully compliant with the laws and regulations of the country in which they operate.A representative from Catalyx also shared a positive outlook, noting that the exchange has been gearing up to branch out into the STO and RWA sectors for several years. They expressed their pleasure at having the opportunity to collaborate with NuriFlex Holdings on this venture.

Jeff “Jihoz” Zirlin, one of the co-founders of Sky Mavis, the Singapore-headquartered development firm behind both Axie Infinity and the Ronin Network, has faced a significant setback as some of his personal crypto wallets have fallen victim to a hack.Photo by GuerrillaBuzz on UnsplashFunds drained through Tornado CashThe hack has resulted in the loss of approximately $9.7 million worth of ether (ETH). The breach, which occurred on Feb. 23, saw two crypto wallet addresses associated with Zirlin compromised. The perpetrator managed to abscond with 3,248 ETH, funneling the stolen funds through Tornado Cash, a privacy-focused Ethereum mixer. The alarm was raised by PeckShield, a blockchain investigation firm, which identified the compromise of a "whale wallet" through the Ronin Bridge. PeckShield attributed the breach to a "wallet compromise," which facilitated unauthorized outbound transfers of funds. PeckShield's investigation revealed that the pilfered 3,248 ETH was initially dispersed across three different wallets before being funneled into Tornado Cash. This service, notorious for its use by hackers seeking to obfuscate the origin and traceability of illicit funds, served as a conduit for the stolen assets. Confirming the attack and remarking on having had a “tough morning,” Zirkin outlined on social media that “the attack is limited to my personal accounts, and has nothing to do with validation or operations of the Ronin chain.” He emphasized the implementation of stringent security protocols across all chain-related activities, seeking to reassure stakeholders of the company’s commitment to safeguarding user assets. Although specific details regarding the breach remain undisclosed, Zirlin's statement suggests a leakage of the private keys associated with his personal wallets, granting unauthorized access to the hacker. Ronin Network securePeckShield’s revelation prompted Aleksander Larsen, co-founder of Ronin Network, to swiftly respond, affirming the robust security measures of the Ronin Bridge. The social media post that Larsen had responded to, which he claimed to have an “extremely misleading title,” was later deleted. Larsen suspected that the breach stemmed from a wallet hack rather than a flaw within the bridge itself. Notably, Ronin had been targeted in a high-profile attack in March 2022, orchestrated by the North Korea-backed Lazarus Group, resulting in a $625 million loss.In response to this previous breach Sky Mavis initiated a comprehensive overhaul of Ronin's core systems to bolster decentralization and mitigate future vulnerabilities. $112M Ripple co-founder hackIn a separate incident, Binance intercepted $4.2 million worth of stolen XRP, part of the $112 million hack targeting Ripple co-founder Chris Larsen's personal wallet on Jan. 31. Unlike the Axie Infinity breach, the perpetrator behind Larsen's hack refrained from leveraging crypto mixer services or decentralized exchanges, enabling Binance to track and immobilize a portion of the illicitly obtained funds. Axie Infinity, heralded as a pioneering "play-to-earn" Web3 game, has emerged as a lucrative platform, enabling players to earn cryptocurrency and trade in-game assets via blockchain technology. Since its inception in 2018, the game has amassed $1.3 billion in revenue, underscoring its prominence within the burgeoning blockchain gaming ecosystem.