Following the hack of Japanese digital currency exchange Coincheck, the country’s financial watchdog has sent the exchange a business improvement order to ensure the industry’s security.

Last Friday, it was reported that Coincheck had halted client withdrawals without any explanation, giving rise to speculation that the exchange had been hacked. It was later revealed that over $500 million worth of XEM – the token for the NEM network – had been stolen by hackers, resulting in the biggest crypto theft in history.

Now, according to an update from Coincheck, Japan’s Financial Services Agency (FSA), has ordered improvements. The exchange is to submit a report to the watchdog by the 13th February on the hack and measures to prevent a recurrence. The watchdog is also considering an on-site inspection and is expected to inspect all cryptocurrency exchanges.

Since the news of the hack came to light Coincheck has vowed to reimburse customers their lost money; however, Japanese authorities have raised questions as to whether the exchange has enough funds to cover the theft. According to a report from the Financial Times, Coincheck said it would reimburse 260,000 customers, however, it has yet to demonstrate how and when it plans to do this. The FSA claim that the exchange only has balance sheet details for September and that it is seeking more up-to-date information.

“I hear from the FSA they will put maximum effort into helping Coincheck’s customers, including the return of their money,” said Yoshihide Suga, Japan’s chief cabinet secretary. “I think the FSA will be making sure Coincheck handles this in line with the law and its contractual obligations.”

According to a report from the Nikkei, it was due to sloppy management at Coincheck, which left customers’ money at risk. As a result, the theft of the cryptocurrency made its loss far greater than that of Mt. Gox.

Japan is one of the few countries that has authorised and regulated crypto trading. Since April 2017, it has required digital currency operators to register with the government. However, pre-existing exchanges such as Coincheck have been permitted to continue offering services ahead of being officially registered. To date, the financial watchdog has registered 16 crypto exchanges, with another 16 waiting for clearance.

Singapore-based NEM Foundation said in a recent blog that it had a ‘full account of all Coincheck’s lost XEM on the blockchain.’ It added that the hacker had not moved any of the funds to any exchange or personal accounts, but that it had no way of returning the lost funds to customers.