Welcome back to Continuum Risk Update. Every Friday we pull the top Asia headlines on digital-asset regulation, cyber risk, industry moves and insurance signals, with concise takeaways and practical actions for insurers and corporate risk teams.
1) Regulatory
MAS proposes flexible crypto capital rules for Singapore banks
The Monetary Authority of Singapore published a landmark consultation paper on April 29–30 proposing a new, principle-based capital framework for banks dealing in cryptoassets. The proposal replaces the punishing 1,250% risk weight under Basel Group 2, allowing qualifying assets such as tokenised securities, regulated stablecoins, and certain permissioned-chain tokens to be treated as Group 1 — subject to much lower capital charges. As a temporary guardrail, local banks are capped at 2% of Tier 1 capital in crypto exposure, rising to 5% for crypto-issuance activities.
2) Hacking & Physical Risks
North Korea now responsible for 76% of all 2026 crypto hack losses as April breaks records
TRM Labs’ April 30 analysis confirmed that DPRK-linked groups have stolen $577 million of a total $759 million taken from crypto platforms in 2026 to date — 76% of all losses. The finding coincides with April closing as the single worst month for crypto theft ever recorded, with more than 30 incidents and over $635 million drained. The week itself saw Wasabi Protocol lose $4.55 million on April 30 after attackers compromised its deployer admin key, highlighting that even mid-tier platforms remain exposed to privileged-access attacks.
3) Industry & Markets
Japan and Korea insurers set to accelerate global M&A push
A viewpoint published by Insurance Journal on April 29 outlined how Japanese and Korean insurers are expected to intensify cross-border acquisition activity through 2026 and beyond. Japanese groups, flush with capital following domestic portfolio adjustments, are targeting mid-sized specialty carriers in the US and APAC — preferring underwriting expertise in cyber, energy-transition, and professional lines over cat-exposed commodity books. Korea’s DB Insurance made history in 2025 with the first full acquisition of a US insurer by a Korean firm ($1.65B for Fortegra Group), and peers are watching closely.
4) Insurance Spotlight
Single ransomware crew drives nearly half of all cyber insurance claims — At-Bay 2026 InsurSec Report
At-Bay’s 2026 InsurSec Report, based on more than 100,000 policy years of claims data, found that 73% of ransomware attacks originated through a compromised VPN — a share that nearly doubled in two years. More striking: the Akira group alone accounted for over 40% of ransomware claims in At-Bay’s book, with SonicWall appliances present in 86% of its attacks. Average ransomware severity climbed 16% to $508K, and overall claim frequency rose 7% year-on-year to an average severity of $221K across all cyber claims.
