Exchanges Don't Take Enough Action to Prevent Abusive Trading, New York Prosecutor Says

An analysis published by the New York attorney general hones in on a number of exchanges, pointing out what it perceives as a lack of accountability and customer protection.

The office of the New York State attorney general submitted a report on Tuesday that highlighted what it perceived as problems that were pervasive in the cryptocurrency exchange ecosystem as a whole. The office’s analysis included ten different exchanges, nine of which explicitly agreed to be probed by the authority as part of its study.

The exchanges that participated with the OAG’s investigation were as follows:

  • Bitfinex
  • bitFlyer
  • Bitstamp
  • Bittrex
  • Coinbase
  • Gemini
  • itBit
  • Poloniex
  • Tidex

The strongest conclusion that the study could draw was that there was a “lack of protection from abusive trading practices.”

“The OAG asked trading platforms to describe what, if any, policies were in place to define, detect, prevent, or penalize suspicious trading activity or market manipulation, and to provide a description of trading behavior that the platform believes constitutes manipulative or abusive activity. While participating platforms expressed their commitment to combating market manipulation, only a few reported having a formal policy it takes, defining the types of conduct the platform believes to be manipulative or abusive, and outlining how such trading behavior is to be detected and penalized,” the attorney general’s office said on this matter.

Digging further in, we notice that the OAG was particularly concerned with the use of trading bots on exchanges, which it considers is not sufficiently restricted to protect customers from wild price swings.

The office looked at what types of orders available on exchanges (such as immediate-or-cancel, maker-or-cancel, good till cancel, or fill-or-kill) then drew the conclusion that they may even cater to automatic trading in some instances. The reasoning behind this is that some of these platforms allow for the automatic canceling of orders, allowing algorithmic trading bots to do their owners’ bidding without needing a whole lot of interference.

We’ve also spotted signs of trading bot usage when one particular bot was hacked and started automatically buying Viacoin earlier this year.

Digging beneath the cloak

It’s no surprise that many exchanges around the world commonly allow their employees to trade on their platforms, sometimes even offering them advantages. As the OAG says in its report, this isn’t necessarily a conflict of interest, but it could easily devolve into such a situation.

According to the office, an exchange could mitigate this by not revealing any insider information to employees who choose to trade within their ecosystems.

“Overall, the OAG’s initiative found a range of different policies at the participating platforms as to whether and how platform owners or employees are permitted to trade on their platform or on other platforms,” the study explained.

For what it’s worth, HBUS—a strategic US partner of Huobi—was the only exchange that simply didn’t allow its employees to trade inside its platform. Other exchanges were more than happy to allow it but did not provide them with an advantage over regular traders.

The problem arrived when it came to employees that had access to sensitive data like private order books, exchanges differed in their policies. Some of them had them be “pre-cleared” before engaging in trading while others also didn’t allow these employees to trade elsewhere.

“Two trading platforms—Gemini and Bittrex—require regular disclosures from each employee concerning their trading history and current virtual asset holdings. Bittrex goes further, by restricting employee trading to a two-day window each quarter. Bitfinex, itBit, and Tidex did not provide any restrictions on employee trading,” the OAG added.

Vaults with smoke and mirrors

Perhaps a more prescient cause for concern than conflicts of interest is whether or not an exchange can actually keep its customers’ funds safe. Unfortunately, the OAG does not feel confident from what it saw.

“Generally accepted methods for auditing virtual assets do not exist, and trading platforms lack a consistent and transparent approach to independently auditing the virtual currency purportedly in their possession; several do not claim to do any independent auditing of their virtual currency holdings at all. That makes it difficult to confirm whether platforms are responsibly holding their customers’ virtual assets as claimed. Customers are highly exposed in the event of a hack or unauthorized withdrawal,” the office wrote in its conclusion.

Though these words may be alarming, it’s still not clear how the OAG came to its conclusion. After all, a lack of transparency about funds doesn’t necessarily lead to the conclusion that an exchange doesn’t have enough capital to cover for its customers.

We know, at least as far as they tell us, that Gemini, Bitfinex, and Coinbase have cold storage wallets that store the majority of user funds. There may also be cold wallets in other exchanges that the OAG analyzed in its report.

The conclusions of this study simply show us many open secrets that savvier individuals have suspected for some time as well as an unintended explanation for why so much FUD surrounds exchanges on a daily basis.