Cryptocurrency exchanges are under immense pressure to prevent cases of fraud. Everything from potential exchange hacks/stolen funds to money laundering presents major obstacles for establishing and maintaining regulatory compliance. In this article, let’s try to grasp why crypto exchanges are at risk and outline a few strategies that can significantly optimise fraud prevention.
Report Finds Crypto Exchanges at Risk of Manipulation
Despite the fact that more established financial institutions (i.e. banks) have fraud prevention strategies in place, they still face numerous issues in meeting compliance standards. As you can imagine, newer institutions (i.e. cryptocurrency exchanges) are generally less prepared to follow ever-changing regulations and prevent fraud. This isn’t just a perception. It’s also been supported through a few real-world scenarios.
In April 2018, the New York Attorney General's office launched the Virtual Markets Integrity Initiative. The office asked thirteen crypto exchanges to voluntarily share information about their compliance policies and procedures. As a result of the findings, the attorney general asked New York's Department of Financial Services (NYDFS) to review whether three exchanges- Binance, Kraken and Gate.io - might be operating unlawfully in the state.
Four platforms did not participate in the initiative, claiming they did not allow trades from within New York State. Some of the listed risks of using these exchanges included a lack of independent auditing or transparency about how the cryptocurrency exchange managed user funds as well as the conflict of interest created by exchanges that charged for token listings.
Gaining Regulatory Approval
One way to reduce the risk of fraud is to gain a stamp of approval from regulators. However, the problem with trying to achieve this is the fact that various jurisdictions have different legal requirements. What might be acceptable in one place might not be in another.
Looking at the above example of cryptocurrency exchanges in New York, it might appear to be difficult to gain official approval. However, even in places that do have strict regulations, it is possible to gain approval. For example, in July 2018, BitPay gained authorisation “to offer clearing and settlement services to merchants willing to accept payment in bitcoin or issue payments in bitcoin” in New York State. NYDFS has also granted licenses to Square, Inc., Xapo, Inc., Genesis Global Trading Inc., bitFlyer USA, Coinbase Inc., XRP II and Circle Internet Financial.
Follow Existing Policies and Frameworks
Gaining regulatory approval isn’t the final step cryptocurrency exchanges have to implement to fight fraud. Before and after receiving authorisation, exchanges must adhere to existing policies and frameworks. Again, using the NYDPS initiative as an example, a comprehensive review will likely include factors like considering how an exchange handles anti-money laundering, anti-fraud, capitalisation, consumer protection, and cybersecurity policies. Just because an exchange passes the initial review doesn’t mean that it will keep its license.
There is a lot of work that goes into keeping up with new types of fraud, managing digital identities, and meeting regulatory requirements. While frameworks do vary, standardisation is now becoming a reality. The CCSS (Cryptocurrency Security Standard), which was introduced in 2014, provides some guidance for developing compliance strategies. This standard includes information that can help cryptocurrency exchanges reduce the risk of fraud via strong security. For example, exchanges that achieve Level III (most secure level) have “proven by way of audit that they exceed enhanced levels of security with formalised policies and procedures that are enforced at every step within their business processes”.
Customer Onboarding: Mistakes to Avoid
To achieve initial compliance and maintain compliance over time could possibly require two different mindsets. For instance, some crypto exchanges still rely upon manual AML and KYC checks. While this could possibly be enough to meet compliance standards in some locations, it’s not considered to be a wise choice from a long-term, business perspective. Here’s why.
Manual AML and KYC reviews can slow down the potential for a cryptocurrency exchange’s user growth. Think about having to make a trader wait a week or more after initial registration before being able to use the exchange. Even though the exchange might be able to complete a thorough identity check and meet compliance standards, the trader is more likely to seek a competing exchange that has a more streamlined AML/KYC process that takes less time to complete.
Another potential scenario could be that the compliance review process isn’t thorough or is even non-existent. In this case, the exchange is unlikely to meet AML standards. As a result, the exchange might not be able to reach as many potential traders and might be unavailable in locations that have stricter regulations. It will also be more difficult to reduce fraud. As we continue to see with banks, major AML breaches can go unnoticed for long periods of time. What’s even worse is the possibility of fines being levied several years after the breach even occurred.
SingleSource Crypto-AML: Automating Regulatory Compliance for Crypto Exchanges
The two scenarios listed above demonstrate why it’s becoming increasingly popular to automate regulatory compliance processes. By using a solution like SingleSource Crypto-AML, cryptocurrency exchanges are able to conduct advanced fraud screens on a variety of cryptocurrency wallets. Most importantly, the process is quick and efficient. This enables exchanges to maintain compliance without sacrificing the quality of due diligence.
Exchanges have the ability to not only conduct detailed checks on cryptocurrency wallets via SingleSource Crypto-AML but also uncover any risks associated with a wallet’s owner via eKYC and the MySingleSource dApp for digital identity management.
eKYC checks consider a variety of important factors like document verification and authentication, crime/blacklist checks, PEP list screening, and much more. The MySingleSource dApp empowers individuals to protect data privacy and create self-sovereign identities. It also allows organisations (including crypto exchanges) to reduce cases of fraud and meet compliance standards.
Together, these products create a complete onboarding solution for exchanges aiming to improve digital identity management. In addition, SingleSource's commitment to keeping up with regulatory changes means that our customer onboarding solutions will remain relevant over time. Through our automated solutions, legitimate traders can gain quicker approval to use exchanges. Simultaneously, exchanges can prevent fraudulent traders from beginning the onboarding process. SingleSource’s solutions, along with an exchange’s strong technical security and adherence to regulatory policies, have the potential to help eliminate fraud and create better onboarding processes for crypto traders.
Want to find out more about how the SingleSource AML: wallet screening product works? Discover more in the product sheet here.