How to monitor a crypto exchange

The writer is a former financial regulator

Regulate crypto or let it burn? While the debate has raged in the US (and across the Financial Times pixels), it’s already over in the EU, and soon to be in the UK.

The Financial Services and Markets Bill it goes through the parliament. It now includes a broad definition of cryptoassets that will be subject to regulation. A UK Treasury inquiry will fill in the details shortly. And in the EU, it was the Crypto Assets Regulation (Mica) Markets agree this summer and will go into effect by 2024.

With the repercussions of the collapse of the FTX crypto exchange, a new question arises: how to supervise a crypto exchange?

Mica sets very tough standards for service providers of cryptoassets, including exchanges. Exchanges will now need a country license to get a passport to do business across the EU. Two big changes are coming.

First, the corporate structure. Service providers should have strong corporate governance and controls, an EU legal entity and, above all, a corporate structure with jurisdictions that do not prevent effective supervision. The failure of FTX highlights the importance of these standards. But it is difficult to give good marks to the other exchanges. The biggest, Binance, still won’t say where it’s headquartered, for example.

Like Jon Cunliffe of the Bank of England explainspart of the problem is that these aren’t really “exchanges” but offer multiple, bundled services that would be separate in traditional finance for conflict of interest, prudential and consumer protection reasons.

Mica does not claim that it allows multiple services to be bundled into a single legal entity. Some railings will be necessary in the specific rules established for the establishment.

Second, Mica will impose customer asset protection rules on service providers. FTX’s use of client assets to fund its trading arm means creditors are waiting to hear how much money they’ve lost. These creditors will be at least 100,000 and may exceed 1 million.

This has left other exchanges scrambling to prove the validity of proof of reserves, the assets backing clients’ positions, with Binance requesting a report from accounting firm Mazars. But the report is limited in the scope of cryptoassets it covers, lacking commentary on how client liabilities are calculated and the effectiveness of internal controls. Mazars announced at the end of last week that it had stopped providing proof of reserve reports and had sharply qualified the past as not an assurance exercise.

Segregation of client assets from non-crypto was a major issue in the bankruptcy of Lehman Brothers and broker dealer MF Global. This led to a crackdown in the UK and elsewhere, with hefty fines, detailed new regulatory requirements and increased personal liability for CEOs. Hard rules, tailored to cryptography, will need to be developed and adopted quickly.

Regulators will face difficult decisions on licensing exchanges if they are not ready in time for the new EU and UK rules.

Exchanges will clearly need to make major changes to their business models before they can submit license applications. Mica has other difficult conditions that also need to be sorted out quickly.

Exchanges will have to verify the suitability of each crypto-asset for trading by clients based on the “reliability of the solutions used” and potential links to financial crime. They will also have to disclose the adverse environmental and climate impact of the mining required for each crypto-asset. Liability for losses resulting from hacking of customer wallets will be included. And tougher risk warnings for crypto investments will come into force in the EU and the UK.

Supervisors themselves have tight deadlines to make licensing decisions under Mica. The risk is that the race to be Europe’s crypto hub will change decisions – as well as the UK’s mandatory news for observers to consider competitiveness.

Binance, the largest exchange by far, is a key test case. The French regulator, Autorité des Marchés Financiers, raised eyebrows when it registered Binance Mica under the previous rules, although Binance was fined by Dutch supervisors and the UK’s Financial Conduct Authority. unsupervised. What will happen in the (re)licensing process?

Supervisors need resources and political cover to deny licenses until corporate structure and client asset issues are resolved. The best way to monitor crypto exchanges? To begin with, not giving them a license until they get their act together.