The New York Office of the Attorney General (the “OAG“) released a report yesterday on the integrity of digital currency exchanges. It sought the voluntary participation of exchanges including Bitstamp, Coinbase, Binance, Huobi, Bitfinex, Kraken, Bittrex, Gemini and Poloniex, among others. The OAG noted that Binance and Kraken declined to participate, citing the fact that they said that they do not allow trading from New York. The OAG suggested otherwise and referred them to the Department of Financial Services for potential violations of the law.
The key findings of the OAG are not positive. It found that:
- Protection of customer funds are often non-existent or limited at digital currency exchanges. The AG noted that digital currency exchanges lack audit standards and transparency and there is no independent auditing available to confirm statements made by digital currencies exchanges that they possess customer funds. The AG noted that customers are at risk of the unauthorized withdrawal of their funds and misappropriation.
- No safeguards exist at exchanges for integrity and surveillance of trading patterns.
- Owners and insiders of exchanges often trade on their own insider information and exchanges have no conflict of interests policy to protect customers.
- Some exchanges, which include Bitfinex according to the OAG, are not authorized to operate in the US and when it comes to anti-money laundering law, they do not comply with AML law when onboarding and seek, for example, only an email address to open an account and complete a financial transaction.
- With respect to sanctions and terrorist financing, exchanges usually use IP addresses to block certain countries but the OAG found that only Bitstamp and Poloniex used technology to combat VPNs to be able to confirm that they are not accepting financial transactions from sanctioned countries.
- Most exchanges do not have so-called formal bank accounts to allow fiat to digital currency trading. (A formal bank account is a corporate bank account in the name of the exchange. Some exchanges open bank accounts using names of other entities, or accounts in the name of a natural person to hide that they are an exchange. That practice constitutes bank fraud in some countries).
- Some exchanges do not address manipulative or abusive trading activity.
- No exchanges have objective criteria with respect to listing ICOs for transparency and do not disclose fees charged to list an ICO.
- Data security is not tested at a few exchanges, including Bitfinex and Tidex.