Regulators looking to make their jurisdiction a regulated home for crypto need to revisit the rules of custody for digital assets. They should ban exchanges from holding client assets.
Two scandals in the past month have rocked the region. JPEX, a crypto exchange that has lied about its domicile, was the subject of over 2,000 complaints to Hong Kong police and is accused of losing $183 million of client assets. And a DeFi operator that claims to be based in Japan, Mixin, was hacked for $200 million.
These come at a time when Asian jurisdictions including Hong Kong, Singapore, Japan and, further west, the United Arab Emirates, are establishing regulatory regimes for the industry.
In Hong Kong’s case, the regime even extends to licensing for retail investors. Singapore and Hong Kong are also focused on tokenization and central-bank digital currencies, for both retail and wholesale markets. The industry wishes to see banks and brokers develop financial products on the back of Bitcoin, Ethereum, and perhaps other tokens. Traditional ETFs tracking digital assets are one way, but another is to attract institutional money directly to regulated exchanges.
Centralized exchanges will continue to occupy the center of digital assets. This is where dollars and yen are turned into crypto; where KYC and compliance is supposed to occur; where tokens list, liquidity aggregates and prices are made. Over time, more of this activity may move to decentralized protocols, but the industry will still rely on centralized exchanges as complaint chokepoints.
The JPEX and Mixin debacles show that it’s difficult to enforce a licensing regime against shadowy exchanges operating from overseas. While no law is perfectly enforceable, regulators can start by stripping away the means for centralized exchanges to commit fraud or put customer assets in jeopardy. This should establish a clear industry standard that can be copied worldwide.
Custody in TradFi
There are two red flags in the business model of centralized crypto exchanges: custody and market-making. Of these, custody is the biggest challenge, because the ethos of ‘my keys, my coins’ and ‘be your own bank’ are at the heart of crypto’s challenge to traditional finance (TradFi).
It’s useful to review how custody works in TradFi to understand the problems it creates in crypto.
In TradFi, brokers trade on an exchange on behalf of customers. Custodians serve as intermediaries maintaining records of who owns what while safekeeping the assets on behalf of the investors.
But the assets themselves are not actually sitting in the custodian bank’s vault (virtual or otherwise). They reside in a central securities depository.
In markets with multiple stock exchanges, this depository is independent, such as the Depository Trust and Clearing Corporation in the US.
In smaller markets dominated by one stock exchange, the infrastructure is tucked within their wings. Hong Kong, the Hong Kong Exchanges and Clearing (HKEX) operates four clearing systems for various categories of instrument; another system, CCASS, is the electronic book-entry system for clearing and settling transactions. The Singapore Exchange’s Central Depository does the same.
But in such cases, the depositories are separate legal entities that safekeep customer assets, separate from the exchange’s assets.
These institutions do more than just clear and settle trades. They also serve as central counterparties, becoming the seller to every buyer and the buyer to every seller. They assume the credit risk of every market participant. They do this to assure everyone that a trade in the system will settle, no matter what, and mitigate the risk to everyone should someone default.
Be your own bank
There is no central securities depository in blockchain. This is why investors must ‘be their own bank’ and take responsibility for their own wallet.
In the earliest days of crypto, this meant writing down a 12-word seed phrase on a piece of paper, or engraving it on a piece of metal, or putting it on a specialized bit of hardware storage. This was a step backward, rather than a technological improvement, and totally unacceptable to licensed investors.
Lately more sophisticated, cryptographically protected means of storing keys have emerged. A popular method is called multi-party computation (MPC), in which an investor’s key is divided among, say, three parties: the investor, a custodian or the exchange, and a specific device (ie someone’s mobile phone, their wallet).
With MPC tools there’s no need for seed phrases, and the assets don’t move without the approval of at least two parties.
The technical requirements of custody of digital assets are therefore in place. The risks arise from the business models and the lack of a central counterparty.
Custody in crypto
The fact of the crypto industry is that, despite rhetoric about decentralization and the rise of DeFi protocols, it relies on centralized parties for accessing crypto and transferring bitcoin and other digital assets, be it in spot or derivatives markets.
Because there’s no central counterparty or clearing house in crypto, the exchanges that first emerged took on roles as custodians and as market makers.
Blockchain is in some respects a good technology for safeguarding assets. Operators can segregate assets on-chain and maintain a trail of transactions. But exchanges don’t do this. They use omnibus accounts, commingling client assets (which is acceptable, if sloppy) and sometimes commingling them with the exchange’s own assets (which should be illegal).
This commingling is allowed because crypto users are not ‘investors’, and an exchange holding a client’s assets is not practicing ‘custody’. Such assets are unsecured loans to that exchange.
So long as crypto exchanges can commingle client funds with their own – even if they call it custody or treasury operations – the system will enable abuse. It’s human nature that people will exploit such situations. Whether the underlying structure is blockchain or TradFi bureaucracy, the best guardrail against abuse is the regulated separation of activities.
Deal with the Devil
Today the centralized exchanges that wish to be licensed and seen as legitimate are taking steps to make their custody and trading activities appear acceptable. Unfortunately, regulators seem to be going along with this, trying to improve upon a fundamentally flawed operating model. This approach is guaranteed to result in more JPEX and Minix scandals, with authorities playing whack-a-mole against shadowy offshore entities.
Hong Kong has gone the furthest in trying to create a safe, regulated environment for investors large and small. The Securities and Futures Commission can’t regulate banking activities, so it has no say over custody, but it is responsible for investor protection. It turned to an ordinance for anti-money laundering to set out a licensing regime for crypto exchanges, termed ‘virtual asset service providers’, or VASPs.
VASPs are digital-asset matching engines and trade facilitators that handle client money or coins. It’s important to note that this licensing only extends to these centralized exchanges: the rules don’t cover brokers, OTC desks, market makers, DeFi protocols, or investors.
The VASP regime is a workaround that enabled the SFC to channel supervision over a handful of licensed exchanges. It could never supervise the other hundreds or thousands of participants.
The SFC decided, however, that to obtain a VASP license required providing custody.
In finance, convenience is a Faustian bargain, as the ease of placing assets with crypto exchanges has proven. The SFC made a similar deal. Its VASP rules have reinforced, not mitigated, the biggest risk in crypto: the full-stack centralized exchange.
Force a new model
The SFC and the Hong Kong Monetary Authority need to develop a bank-like framework for the custody of digital assets, and shift that responsibility out of the VASP regime. Any territory that is serious about a healthy crypto industry must take a sledgehammer to the full-stack exchange model, and mandate third-party or self-custody.
There are viable alternatives to holding assets with an exchange. One is self-custody, which appeals to savvier individual investors. There exist tech companies that offer digital-asset wallets that let users access an exchange’s central limit book via layer-2 applications. This keeps wallets segregated from the exchange while letting users participate in staking, lending, and DeFi.
Self-custody is not going to work for institutions, however. The alternative that really counts is independent, third-party custody. In crypto’s earliest days, no such actors existed, but today players such as BitGo, Copper and Hex Trust offer credible services. TradFi players such as State Street and Zodia, a joint venture between Northern Trust, SBI and Standard Chartered, are also eager to provide digital-asset custody.
The technology and services exist for non-exchange custody, but it requires customers, exchanges, or regulators to make these the new standard.
Customers won’t do a thing. Even accredited investors that have gone through the rigor of getting audits and a custodian will still send their assets to an unregulated exchange. Convenience and short-term trading gains win out every time.
What about self-regulation by the exchanges?
The centralized exchange response
Centralized exchanges tell DigFin they would love to get rid of their custody business, but regulations prevent them, or customers keep asking for it. Some of these exchanges may be sincere about wanting to shed their custody arms. But there is no sign they are doing so.
Similarly, the centralized exchanges vow they do not have proprietary trading arms, such as Alameda Research, the hedge fund run by Sam Bankman-Fried alongside his crypto exchange, FTX.
Instead, they are operating ‘treasury desks’ to provide liquidity to the exchange. A regulator could try to impose supervision over these ‘treasury desks’ or impose reporting requirements. Better, though, to simply ban exchanges from having these. In return these exchanges can become huge aggregators of liquidity, and where trading is thin, they can rely on independent market makers such as Jump Trading.
Exchanges say their customers prefer they safekeep coins because it’s easy for users to then deploy their assets into DeFi networks or other uses. But third-party custodians have made this feasible. It may involve an extra click or two, but third parties are acting as fiduciaries.
(It’s also worth noting that under the VASP license, only 2 percent of assets are allowed to sit in hot wallets, which makes staking virtually impossible. This is a warranted protection. But better to just move the assets into a fiduciary relationship?)
Centralized crypto exchanges are still arguing for self-regulation. Their main tactic is to present ‘proof of reserves’, or PoR, as their way to show they are trustworthy.
Proof of what?
PoR uses computational methodologies (tl;dr, Merkle tress) to provide snapshots of what’s in all the addresses they administrate, so users can see what’s in each one and the flows in and out.
Exchanges defend PoR as better than a TradFi audit. Blockchain technology and the use of Merkle trees does provide an assurance. Cryptographic tools such as zero-knowledge proofs can ensure privacy. Some players even claim that a robust PoR check shows the exchange’s liabilities as well, although this has not been tested. The pièce de résistance: crypto executives like to point out that FTX was audited!
However, FTX relied on two small, obscure audit firms, not a Big Four accountancy. In such instances, small auditors may sign off on the client’s interpretation of what the numbers mean, blockchain-based or not.
Proof of reserves is akin to an open interest on a TradFi exchange or a trading desk’s blotter, but it ignores liabilities, internal controls, and other risks that a quality auditor looks for. Regulators have not accepted PoR as a proper segregation of client assets from the exchange’s. Mazars, the auditor serving Binance and other big exchanges, has disavowed its own reports for these clients.
PoR does not allow an investor (or their auditor) to take a look under the hood the exchange’s operations. It doesn’t provide insights into the exchange shareholders’ own debts. It can’t tell if the funds in the wallet have been borrowed, or if they’re wash trades. And it allows the information to be delivered on the exchange’s terms.
The irony of blockchain is that the technology is very transparent. It’s the business model that is opaque, and proof of reserves is at best a partial solution, assuming it’s done in good faith – and that customers know to check it regularly, and have a means of complaining if something appears out of order.
The future of finance
The easiest way to deal with this question is not to ask whether proof of reserves can offer the comfort of a TradFi audit: it’s to mandate third-party custody, so there’s no question of funds being mixed with exchange assets. There’s no need for PoR if funds are segregated with a fiduciary.
In other words, this calls for regulators to take one clear decision: crypto exchanges must shed custody and market-making activities. The industry won’t achieve this on its own, and customers aren’t capable of leading such an initiative. Any jurisdiction that wants to take the lead on digital assets must make this happen, and set the standard that others can follow.
This doesn’t solve the issue of centralized counterparties, but market dynamics can address this. Perhaps third-party custodians will evolve into such a role, or maybe it will turn out to be unnecessary, given the nature of blockchain.
Centralized crypto exchanges, meanwhile, can still flourish. They can become large, liquid venues facilitating the basics of stablecoins, and spot and derivative Bitcoin and Ethereum. They become gateways to specialist wallet self-custody players and DeFi protocols. They still make money by listing coins, but their function is to be platforms, not players.
In short, they become chokepoints, which is a privilege and a path to riches. But in return they must become reliable, regulated, and rather dull. Yes, owners of exchanges can become far richer if they control a full-stack exchange. But then we’re back to crypto’s main use cases being fraud and tax evasion. And yes, being a billionaire is tempting, but being a crypto billionaire can have its drawbacks. Just ask Sam Bankman-Fried.
