Case Study · Cryptocurrency & Digital Assets
How a Japan Licensed Cryptocurrency Exchange Used KYCsphere for Customer KYC Onboarding and Ongoing AML Monitoring
A Japan FSA licensed global cryptocurrency exchange deployed KYCsphere to onboard customers, screen for sanctions and PEP risks, monitor adverse media, and manage ongoing compliance alerts — meeting the strict KYC and AML requirements of Japan’s Payment Services Act.
10+
Fiat currency pairs supported — customers onboarded across multiple international markets
100%
Customers screened for sanctions, PEP and adverse media at onboarding and on an ongoing basis
1
Unified KYC and AML compliance platform covering the full customer lifecycle
| Client | Confidential — Japan FSA Licensed Global Cryptocurrency Exchange |
| Headquarters | Japan |
| Industry | Cryptocurrency & Digital Assets |
| Regulatory Framework | Japan FSA · Japan Payment Services Act · FATF Recommendations · JAFIU AML Guidelines |
| Tools Deployed | KYC Onboarding · Sanctions Screening · PEP & Adverse Media · Alert Management |
The Compliance Obligation for Licensed Cryptocurrency Exchanges in Japan
Japan was one of the first jurisdictions in the world to create a formal regulatory framework for cryptocurrency exchanges. Under the amended Payment Services Act that came into effect on 1 April 2017, all cryptocurrency exchange businesses operating in Japan are required to register with and obtain a licence from the Japan Financial Services Agency (FSA). As part of this licensing framework, exchanges are subject to strict KYC and AML obligations — including customer identification and verification at onboarding, ongoing monitoring of customer activity, sanctions screening, and PEP identification — equivalent to the obligations applied to traditional financial institutions under Japan’s Act on Prevention of Transfer of Criminal Proceeds.
Why Japan’s Crypto AML Requirements are among the Strictest in the World
Japan’s FSA requires licensed cryptocurrency exchanges to implement a comprehensive AML/CFT programme covering the full customer lifecycle — from identity verification at account opening through to ongoing transaction monitoring and suspicious transaction reporting. As a FATF member country, Japan applies the FATF Recommendations to virtual asset service providers (VASPs) — including customer due diligence, enhanced due diligence for higher-risk customers, PEP screening, sanctions screening, and record keeping. For a global exchange serving customers across multiple jurisdictions and fiat currency pairs, meeting these obligations consistently across a large and diverse customer base requires a structured, centralised compliance platform.
The Yakuza Risk — Organised Crime in Japanese Financial Services
A specific and particularly significant compliance requirement for Japan-licensed financial institutions — including cryptocurrency exchanges — is screening for connections to Japan’s organised crime networks, most notably the Yakuza. Under Japan’s Act on Prevention of Transfer of Criminal Proceeds and the FSA’s Anti-Organised Crime guidelines, financial institutions are required to take active steps to prevent Yakuza-connected individuals and entities from accessing financial services. This obligation extends to cryptocurrency exchanges — where the speed and pseudonymous nature of crypto transactions make them an attractive target for organised crime groups seeking to move and launder funds. Identifying Yakuza connections at customer onboarding and through ongoing monitoring — across Japanese-language news sources, law enforcement announcements, and open-source intelligence — is therefore a core compliance requirement that static commercial databases alone cannot adequately address.
The Travel Rule and PEP Risk in Cryptocurrency
Cryptocurrency exchanges face a particular compliance challenge with Politically Exposed Persons. Unlike traditional financial institutions where PEP status is identified at account opening through standard onboarding processes, crypto exchanges must screen at onboarding and continuously — because a customer’s PEP status can change at any point during the relationship, and because the pseudonymous nature of cryptocurrency transactions means PEP-connected customers may attempt to obscure their identity. Real-time PEP screening across live global sources — rather than periodic checks against static databases — is therefore a critical requirement for a licensed crypto exchange seeking to meet FATF and FSA standards.
Client Background
This Japan FSA licensed global cryptocurrency exchange was among the earliest crypto exchanges in Asia to receive an official licence from the Japan Financial Services Agency — establishing it as one of the most rigorously regulated crypto platforms in the region. It operated a high-performance cryptocurrency trading platform supporting bitcoin and fiat currency pairs in Japanese yen, US dollar, Euro, and multiple other fiat currencies — serving individual and corporate customers across Japan and internationally through offices in Asia.
As one of the largest cryptocurrency exchanges in Asia by transaction volume, the exchange was subject to the full scope of Japan’s FSA KYC and AML requirements — including structured customer onboarding and identity verification, sanctions screening, PEP identification, organised crime screening, adverse media monitoring, and ongoing compliance alert management across its entire customer base. A particular compliance focus for the exchange was ensuring that no customer with connections to Japan’s organised crime networks — most notably the Yakuza — was able to open or maintain an account on the platform. Meeting these obligations consistently at scale required a dedicated compliance platform that could handle the volume and complexity of a globally operating crypto exchange.
The Challenge
As a Japan FSA licensed crypto exchange, the firm faced strict FSA KYC and AML expectations that required a structured, auditable compliance programme across its full customer base — at a scale and speed that manual processes could not sustain.
Structured customer onboarding required at FSA licence standard — Japan’s FSA licensing process required the exchange to demonstrate a comprehensive, documented customer identification and due diligence programme — including structured KYC capture, document verification, and risk profiling at account opening — to a standard comparable to traditional financial institutions.
Sanctions screening was a mandatory FSA requirement — all customers and their transactions were required to be screened against OFAC, UN, and Japanese sanctions lists — with documented evidence that screening had been performed and any matches had been properly assessed and resolved.
PEP identification required real-time screening — with no officially published PEP lists and commercial databases frequently missing regional politicians and government officials in Asian markets, the exchange needed a real-time screening approach across live global sources — not periodic checks against static databases — to meet FATF PEP identification standards.
Yakuza and organised crime screening was a specific FSA requirement — Japan’s FSA places significant emphasis on preventing organised crime groups — particularly the Yakuza — from accessing financial services. The Act on Prevention of Transfer of Criminal Proceeds and Japan’s Anti-Organised Crime guidelines require financial institutions, including licensed crypto exchanges, to screen customers for connections to designated organised crime groups. Identifying Yakuza-connected customers through adverse media and open-source intelligence required real-time screening across Japanese-language news sources and law enforcement announcements — a capability that static commercial databases consistently fail to deliver at the required depth for the Japanese market.
Adverse media monitoring was not systematic — negative news about existing customers — including involvement in financial crime, fraud, Yakuza connections, or regulatory investigations — was not being monitored systematically across Japanese and international sources, creating ongoing AML risk across the customer base throughout the account lifecycle.
No centralised alert management workflow — when compliance issues were identified, there was no structured, documented workflow for reviewing, escalating, and resolving alerts — making it difficult to demonstrate to the FSA that every compliance finding had been properly assessed and actioned.
The Solution
KYCsphere was deployed as the exchange’s centralised KYC and AML compliance platform — covering the full customer compliance lifecycle from initial onboarding through to ongoing monitoring and alert resolution. Every customer opening an account on the exchange is onboarded into KYCsphere as a structured compliance record, with sanctions screening, PEP identification, and adverse media checks running immediately at account opening and continuously throughout the customer relationship.
KYC Onboarding & Due Diligence
Every new customer — individual or corporate — is onboarded into KYCsphere with a structured compliance profile capturing identity details, documentation, and risk classification. The onboarding workflow meets Japan FSA and FATF customer due diligence standards — creating a centralised, auditable KYC record from the point of account opening for every customer on the exchange.
Sanctions Screening
Every customer is screened at onboarding and through ongoing periodic scans against OFAC SDN, UN Consolidated, and other applicable global and Japanese sanctions lists — ensuring no sanctioned individual or entity opens or maintains an account on the exchange, with sanctions lists updated as soon as new designations are published.
PEP & Adverse Media Search — Including Organised Crime
Rather than relying on static commercial databases — which frequently miss regional politicians, local officials, and government-connected individuals in Asian markets — KYCsphere screens every customer in real time across thousands of authentic global news sources, government portals, regulatory announcements, and open-source intelligence feeds. This includes screening for connections to Japan’s organised crime groups — most notably the Yakuza — through adverse media and intelligence sources covering Japanese-language content, law enforcement announcements, and financial crime reporting. PEP connections, organised crime affiliations, and adverse media findings are identified as they emerge throughout the customer relationship.
Alert Management
When ongoing monitoring identifies a sanctions hit, PEP designation, or adverse media finding on any customer, KYCsphere automatically generates a risk-rated alert and routes it to the compliance team for structured review. Every alert is assessed, documented, and resolved inside KYCsphere — giving the compliance team a consistent, evidenced workflow for every compliance finding, with a complete audit trail maintained against each customer record.
The Results
With KYCsphere deployed as its centralised KYC and AML compliance platform, the exchange operated a structured, documented, and fully auditable compliance programme across its customer base — meeting Japan FSA and FATF standards for customer due diligence, sanctions screening, PEP identification, and ongoing monitoring.
- FSA-standard customer onboarding across all accounts— every customer was onboarded through a consistent, structured KYC process with a centralised auditable record — meeting Japan FSA customer identification and due diligence requirements at scale.
- Sanctions screening at account opening and throughout the relationship— every customer screened against current global and Japanese sanctions lists at onboarding and through ongoing monitoring — with no sanctioned individual or entity able to open or maintain an account undetected.
- Yakuza and organised crime connections identified through real-time screening— because KYCsphere screens across thousands of live global sources including Japanese-language content and open-source intelligence, the exchange identified customers with Yakuza connections and organised crime affiliations that static commercial databases would not have surfaced — meeting the FSA’s Anti-Organised Crime guidelines at the customer level.
- Real-time PEP identification including regional officials— because KYCsphere screens across thousands of live global sources rather than static databases, the exchange identified PEP-connected customers — including local politicians and regional officials in Asian markets frequently missed by commercial databases — as connections emerged.
- Continuous adverse media monitoring across the customer base— every customer monitored for negative news related to financial crime, fraud, and regulatory investigations throughout the account lifecycle — not just at onboarding.
- Structured alert management for every compliance finding— every sanctions hit, PEP designation, and adverse media finding was reviewed and documented inside KYCsphere’s Alert Management module — giving the compliance team a consistent, evidenced workflow ready for FSA examination.
- Complete audit trail per customer— every KYC record, screening result, alert, and compliance decision logged in KYCsphere — giving the exchange a fully documented compliance history across its entire customer base.
Operating a Licensed Cryptocurrency Exchange?
KYCsphere provides KYC onboarding, sanctions screening, PEP and adverse media monitoring, and alert management for cryptocurrency exchanges and virtual asset service providers — meeting FATF, FSA, and global regulatory KYC and AML standards.
