South Korea’s DPK to propose crypto bill with $3.58M stablecoin reserve minimum

While the crypto markets have not been immune to geopolitical developments, the sector in Iran experienced a more direct effect last week with a politically motivated $90 million exchange hack, prompting the authorities to introduce an exchange curfew. Blockchain analytics firm Chainalysis outlined on X on June 18 that Nobitex, Iran’s largest cryptocurrency exchange, had been hacked, with crypto assets to the value of $90 million having been drained from exchange-controlled wallets.Photo by Engin Akyurt on PexelsWeaponizing blockchain technologyThe hack had the hallmark of a politically-motivated attack given that rather than the digital assets being stolen, they were sent to vanity addresses, customized blockchain addresses involving user-defined sequences of characters. The vanity addresses contained “politically charged messages” and in sending the funds to them, the funds were effectively burned as they’re now permanently inaccessible.  The firm stated:”This incident highlights how crypto exploits aren’t always financially motivated. Bad actors can weaponize blockchain technology for geopolitical messaging, turning hacks into ideological statements rather than profit-driven crimes.” Pro-Israel hacker group Gonjeshke Darande, also known as “Predatory Sparrow,” appears to have carried out the hack, given that on June 18, it outlined on X that it would release Nobitex’s source code together with other internal information related to the firm’s internal network, while confirming that it had conducted cyberattacks against the company. The group made the following assertion:”The Nobitex exchange is at the heart of the [Iranian] regime’s efforts to finance terror worldwide, as well as being the regime’s favorite sanctions violation tool.” Rafe Pilling, director of threat intelligence at Sophos, a British cybersecurity company, told The Guardian that Predatory Sparrow “bears all the hallmarks of a false persona used by a government-sponsored threat group to conduct disruptive operations against targets” linked to the Iranian government. While Nobitex is estimated to have seven million users, an Open Source Intelligence (OSINT)-based investigation carried out in 2024 linked relatives of Ali Khamenei, Iran’s supreme leader, and other Iranian establishment figures to the crypto exchange. Minimizing systemic riskThe cyber attack has prompted a response from the Iranian government. In a blog post, Chainalysis outlined that the Central Bank of Iran has instructed all domestic crypto exchange platforms to curtail their service hours to between 10 a.m. and 8 p.m. The company speculated that this measure could be motivated by a desire to impose a higher level of oversight and control over the local crypto sector. However, it also suggested that it may be part of an attempt by the Iranian authorities to manage and minimize systemic risk. In recent years, Iran has been subject to extensive international sanctions applied by various entities including the United States, the European Union and the United Nations. Those sanctions have had a significant impact upon the country’s economy, triggering high inflation and currency devaluation.  With that, crypto has been increasingly viewed by the authorities as a means to circumvent sanctions. Last December, the Iranian authorities appeared to be working towards regulating crypto, embracing the asset class in acknowledgement of its growing importance to the Iranian economy. In February, Chainalysis reported that sanctioned entities worldwide had received $15.8 billion in crypto transactions in 2024.

Cryptocurrency exchanges operating in the Dubai International Financial Centre (DIFC), a financial hub in the United Arab Emirates (UAE), entered a new compliance environment on Jan. 12 as updated Crypto Token rules issued by the Dubai Financial Services Authority (DFSA) came into force. The revised framework bars exchanges from offering certain digital assets.Photo by Christoph Schulz on UnsplashPrivacy tokens restricted to private walletsThe affected assets are privacy tokens like Zcash (ZEC) and Monero (XMR), although the restriction does not prevent Dubai residents from holding those coins in private wallets. The move is aimed at addressing anti-money laundering (AML) and sanctions compliance risks. The exclusion of privacy tokens reflects alignment with global compliance standards, according to Elisabeth Wallace, Associate Director of Policy & Legal at the DFSA. She told CoinDesk that bans of this kind are effectively inevitable if crypto businesses want to align with standards set by the Financial Action Task Force (FATF), given that privacy tokens are designed to obscure transaction histories and the identities of holders. The revised rules extend beyond token classifications, preventing regulated firms from deploying or providing tools designed to mask blockchain activity. These include mixers, tumblers, and other technologies that obscure transaction information. At the same time, the DFSA refined its classification of what it terms “Fiat Crypto Tokens,” limiting the category to tokens pegged to fiat currencies and backed by high-quality, liquid assets capable of meeting redemption requests under market stress. Under this definition, algorithmic stablecoins such as Ethena (ENA) would not qualify as stablecoins, though they would still be treated as cryptocurrencies. The update also alters how token eligibility is determined. Rather than maintaining a centralized list of approved assets, the DFSA now requires licensed firms to carry out their own assessments of the crypto assets they offer, document those judgments, and keep them under ongoing review. Thailand enforces crypto travel ruleComparable regulatory tightening is unfolding elsewhere in Asia. In Thailand, during a high-level meeting on Jan. 9, Prime Minister Anutin Charnvirakul said the Securities and Exchange Commission had been instructed to strictly enforce the travel rule, according to The Nation Thailand. The international standard requires crypto service providers to verify both senders and recipients in wallet-to-wallet transfers. The directive forms part of a broader government initiative to establish a national data bureau, envisioned as a centralized platform for real-time monitoring of suspicious transactions and the development of detailed financial risk profiles. In South Korea, enforcement actions have similarly intensified. According to Dailian, Korbit, the country’s fourth-largest crypto exchange, paid a 2.73 billion won ($1.9 million) fine imposed by the Financial Information Unit (FIU) under the Financial Services Commission (FSC) for violations of anti-money laundering (AML) rules. The payment followed a board decision and was made within a reduced-penalty period, allowing Korbit to receive a 20% discount. Crypto firms comprise 77% of Korean finesA broader review of penalties issued by the FIU since the disclosure of its sanctions guidelines shows that 77% of total fines were levied against virtual asset service providers (VASPs). While an analysis by Digital Asset found that only four of 95 fine cases issued since August 2023 involved VASPs, those cases accounted for a disproportionately large total of 41.8 billion won ($28.4 million). Exchanges fined to date include Delio, Hanbitco Korea, Dunamu—the operator of Upbit—and Korbit, with Dunamu receiving the largest penalty imposed by the FIU to date. The sanctions were linked to alleged know-your-customer (KYC) failures, unreported transactions involving individuals subject to warrants, and shortcomings in systems designed to detect suspicious activity. Separately, the FIU had issued disciplinary measures against Dunamu, including a warning to its chief executive and a three-month partial suspension of operations, which the company is contesting in court. The next hearing is scheduled for February. In overall fine totals, casinos ranked behind crypto firms, underscoring how enforcement against crypto intermediaries has been particularly robust, as oversight patterns continue to evolve. 

Oman’s Regulator Invites Feedback on Virtual Asset FrameworkProgressing toward the establishment of its own virtual asset regulations, the Sultanate of Oman is embarking on a significant step by soliciting public feedback on its comprehensive framework.The framework, which governs digital assets, is being developed by the Capital Market Authority (CMA) of Oman. The move reflects the country’s commitment to creating a robust regulatory environment for the virtual asset sector.The CMA’s consultation paper, released last week, outlines the agency’s objectives in crafting this regulatory framework. It aims to provide a viable financing and investment avenue for issuers and investors while also addressing the inherent risks associated with the virtual asset class. Central to this initiative is the integration of business requirements and measures to prevent market abuse.Photo by Niklas Weiss on Unsplash26 key questionsAt the heart of this regulatory endeavor are 26 crucial questions presented to industry stakeholders. Their valuable input will help shape the framework’s core components. These include provisions related to regulatory standards and licensing prerequisites for virtual asset service providers (VASPs), corporate governance, risk management, and the issuance of virtual assets.The proposed framework, as disclosed in the consultation paper, encompasses a spectrum of digital assets. This spans utility tokens, security tokens, fiat-backed and asset-backed stablecoins, and other currencies adhering to the Financial Action Task Force’s (FATF) definition of virtual assets. However, a noteworthy proposal that has garnered attention is the potential prohibition of privacy coins issuance, a decision pending public feedback.Aiming to reinforce accountability and stability, the CMA may mandate that VASPs establish a local presence in Oman through legally recognized entities and physical offices. Additionally, minimum capital requirements could be imposed on these entities. The envisaged framework may also stipulate that virtual asset firms maintain a low percentage of assets in hot wallets, conduct audits of safeguarded assets, and provide evidence of reserves.Shaping regulation through feedbackWith the consultation phase set to conclude on August 17, the public’s valuable feedback will shape the direction of Oman’s virtual asset regulations. The most salient viewpoints may find their place on the CMA’s official website. Following this consultation period, the CMA will proceed to finalize the regulatory framework.Although the public announcement regarding the launch of a regulatory framework was made on February 14, Oman’s journey toward regulating the virtual asset industry began well before. In November 2020, the National Committee for Combating Money Laundering and Terrorist Financing initiated discussions on forming a task force.Comprising officials from the CMA and the Central Bank of Oman, the task force explored whether to permit or prohibit virtual asset activities. Subsequently, in December 2022, consultants were engaged to facilitate the establishment of this new regulatory landscape.The United Arab Emirates, and in particular, the individual emirates of Dubai and Abu Dhabi, have led the way in the Middle East in progressing a workable framework for the digital asset industry. Oman’s proactive approach is following the example set by its regional peer.Shaping its virtual asset framework underlines its desire to foster innovation while ensuring the integrity of its financial landscape. Its latest effort in seeking public feedback is a positive development that should assist it in arriving at a progressive framework.