Skip to main content
Custody: self vs exchange

Exchange Custody Risks

Pomegra Learn

Exchange Custody Risks

When you deposit cryptocurrency on an exchange, you are exposing it to a unique set of risks that differ fundamentally from both traditional banking and self-custody. An exchange holding your cryptocurrency becomes a single point of failure. If the exchange experiences a security breach, operational failure, or management fraud, your funds are at risk. Unlike traditional banks, most cryptocurrency exchanges are not federally insured, and regulatory frameworks are still developing. Understanding these risks is essential for any cryptocurrency user who chooses to hold funds on an exchange.

The Nature of Exchange Custody Risk

Exchanges hold customer cryptocurrency in centralized wallets that they control. Because the exchange holds the private keys to these wallets, they have full custody of customer funds. This arrangement creates several categories of risk:

Cybersecurity risk: Attackers constantly target cryptocurrency exchanges because they hold large concentrations of valuable digital assets. A successful hack can result in the theft of millions or billions of dollars in cryptocurrency.

Operational risk: Exchanges can experience technical failures, power outages, or network issues. If systems fail at critical moments, customers might be unable to access or withdraw their funds.

Counterparty risk: The exchange itself might fail due to poor management, undercapitalization, or fraud. If the exchange goes bankrupt or disappears, customers become unsecured creditors with no guarantee of recovery.

Regulatory risk: Governments might seize exchange funds for regulatory violations, money laundering investigations, or sanctions enforcement. Customers' funds could be locked up indefinitely.

Management risk: Corrupt or incompetent managers might misappropriate customer funds, make poor investments, or fail to maintain adequate security.

Commingling risk: When an exchange holds customer funds in a commingled wallet, it becomes impossible to segregate individual customer balances at the protocol level. All customer funds sit in wallets controlled by the exchange, and the exchange's ledger tracks who owns what. If the exchange becomes insolvent, customers are unsecured creditors competing with other creditors for whatever assets remain.

Cybersecurity Vulnerabilities

Cryptocurrency exchanges are high-value targets for hackers. Unlike traditional banking, which has spent decades building security infrastructure, many exchanges are relatively young companies that have only recently implemented enterprise-grade security.

Common attack vectors include:

Direct attacks on exchange infrastructure: Hackers target exchanges' network infrastructure, attempting to compromise servers that hold private keys or access to wallets. Sophisticated attacks might involve compromising the exchange's code repository, their build systems, or their deployment infrastructure.

Insider threats: Employees with access to private keys might steal cryptocurrency directly. Rogue developers might insert code that slowly drains customer funds. An insider might help external attackers breach security measures.

Supply chain attacks: Hackers might compromise software or hardware that the exchange uses, potentially giving them access to systems or keys.

Phishing and social engineering: Attackers might trick employees into revealing passwords or credentials, or trick users into visiting fake exchange sites and entering their credentials.

Transaction manipulation: Attackers might intercept transactions and redirect funds to attacker-controlled addresses.

The history of cryptocurrency exchange hacks is extensive. Billions of dollars in cryptocurrency have been stolen from exchanges despite their security efforts. High-profile examples include:

  • Binance suffered a $40 million hack in 2019, though funds were partially recovered
  • Coinbase experienced security breaches that affected a small percentage of accounts
  • Kraken has had security incidents despite generally being considered security-conscious

The frequency and sophistication of attacks on exchanges continue to increase as attackers develop new techniques.

Operational and Technical Risks

Beyond security breaches, exchanges face operational risks that can affect customer funds:

A major exchange outage during volatile market conditions can leave customers unable to access their funds at critical moments. If an exchange's database is corrupted and backups don't exist or are corrupted themselves, customer balances could be permanently lost.

Several exchanges have experienced catastrophic failures:

  • Mt. Gox suffered both security breaches and operational failures that resulted in permanent loss of customer funds
  • QuadrigaCX became inaccessible when its founder died, leaving customers with no way to withdraw funds
  • Various smaller exchanges have simply disappeared, taking customer funds with them

Insolvency and Counterparty Risk

When a cryptocurrency exchange becomes insolvent, customers holding cryptocurrency on the exchange face substantial risk. Unlike deposit insurance for banks, there is no standard protection for cryptocurrency exchange deposits in most jurisdictions.

If an exchange becomes bankrupt:

Customers are unsecured creditors: When an exchange goes into bankruptcy, customer claims are treated as unsecured debt. The exchange's lawyers prioritize securing creditors (who have pledged collateral), tax claims, employee wages, and finally unsecured creditors like customers.

Recovery is uncertain and slow: Even if an exchange is solvent overall, customers might recover only a fraction of their balance, and only after years of legal proceedings. Mt. Gox customers waited years and recovered less than their full balance.

Asset recovery is difficult: If the exchange's private keys were held by a single person (like the founder of QuadrigaCX), and that person dies or disappears, customers might never recover their funds.

Frozen funds: Even if an exchange doesn't go bankrupt, regulators might freeze exchange funds as part of an investigation, leaving customers unable to access their money.

Run on the exchange: If customers lose confidence in an exchange's solvency, they rush to withdraw funds simultaneously. If the exchange doesn't have adequate reserves, the exchange runs out of cryptocurrency to return to customers, and later withdrawers lose everything. This is similar to a traditional bank run.

The regulatory status of cryptocurrency exchanges is still evolving. This uncertainty creates additional risks:

Regulatory seizure: If an exchange is found to be violating laws (money laundering, sanctions evasion, operating without required licenses), government agencies might seize the exchange's assets. Customers' cryptocurrency could be locked up indefinitely.

Regulatory scrutiny: Increased regulatory oversight might require exchanges to change how they operate, potentially making it harder for customers to access or withdraw their funds.

Jurisdiction risk: If an exchange operates in a foreign jurisdiction, you might have limited legal recourse if something goes wrong. Regulations differ dramatically between countries.

KYC and AML requirements: Exchanges increasingly require customers to verify their identity (Know Your Customer requirements) and prove the source of their funds (Anti-Money Laundering). If an exchange determines your funds are suspicious, they might freeze your account indefinitely.

Fraud and Mismanagement

Some of the largest cryptocurrency exchange failures have involved fraud or severe mismanagement:

FTX: One of the world's largest exchanges, FTX collapsed in 2022 after revelations that management had secretly loaned customer deposits to Alameda Research, an affiliated trading firm that lost the funds on speculative bets. Customers believed their funds were held safely; instead, they were being used to fund risky trades. The exchange lost $8 billion in customer funds.

Celsius: A cryptocurrency lending platform that offered high yields to depositors secretly loaned customer funds to market makers and other risky counterparties. When the market turned down, Celsius became insolvent and customers lost substantial portions of their deposits.

Genesis: A cryptocurrency lending platform lent customer deposits to Three Arrows Capital, a hedge fund that collapsed in 2022, leaving Genesis unable to repay customers.

These examples show that an exchange might appear solvent and safe while secretly engaging in risky practices or outright fraud. Customers had no way to know they were at risk until it was too late.

The Illusion of FDIC Protection

Many cryptocurrency users mistakenly believe their funds on cryptocurrency exchanges are FDIC-insured. This is false. The FDIC insures deposits at banks, but:

  • The FDIC insures dollars, not cryptocurrency
  • Most cryptocurrency exchanges are not banks and are not FDIC-insured
  • Even if a bank holds cryptocurrency on behalf of a customer, the FDIC would insure the dollar equivalent, not the actual cryptocurrency

Some custodians have announced insurance coverage from Lloyd's of London or other underwriters, but this coverage is often limited and might not cover all types of losses.

Due Diligence on Exchanges

If you choose to hold cryptocurrency on an exchange, you can reduce (but not eliminate) risk through due diligence:

Proof of reserves: Ask whether the exchange maintains proof of reserves—public, auditable evidence that the exchange actually holds all customer cryptocurrency. Not all exchanges provide this. See Proof of Reserves Explained.

Insurance: Determine what insurance the exchange carries. What types of losses does it cover? Is it backed by legitimate underwriters?

Regulation: Is the exchange regulated? Does it hold a BitLicense? Is it regulated as a custodian? What are the regulatory requirements it must meet?

Track record: How long has the exchange been operating? Has it experienced security breaches? How did it respond?

Segregation of funds: Does the exchange segregate customer assets from its own? Are customer funds held in separate wallets or accounts?

Transparency: Does the exchange publish regular financial statements? Can you audit its reserve claims independently?

Cybersecurity: What are the exchange's security practices? Does it use multi-signature wallets? Does it keep most customer funds in cold storage?

Diversification Across Custodians

If you must hold cryptocurrency on exchanges, diversification can reduce risk. Rather than putting all your exchange-traded cryptocurrency on one exchange, spread it across multiple exchanges. This way, if one exchange is hacked or fails, you don't lose everything.

However, this strategy comes with its own complexities:

  • You must manage accounts on multiple exchanges
  • You incur transaction fees to move funds between exchanges
  • You diversify counterparty risk but increase the number of counterparties you depend on

Diversification is a reasonable strategy for holdings you're actively trading, but for long-term holdings, self-custody with a hardware wallet is significantly more secure.

The Fundamental Problem

The fundamental problem with exchange custody is concentration of risk. An exchange holds billions of dollars in customer cryptocurrency in a relatively small number of private keys. If those keys are compromised or if the exchange becomes insolvent, vast numbers of customers lose funds simultaneously.

This is structurally different from traditional banking, where:

  • Deposits are insured by the government up to a limit
  • Banks are heavily regulated and subject to regular audits
  • Banking regulations have been refined over a century
  • The financial system is designed to prevent runs through regulatory oversight

Cryptocurrency exchanges, by contrast, have limited insurance, variable regulation, and no century of proven safeguards.

Mitigating Exchange Custody Risk

To minimize exposure to exchange custody risk:

  1. Hold on exchanges only what you're actively trading: Keep your active trading balance on an exchange for convenience, but withdraw the rest to self-custody.

  2. Prefer established, regulated exchanges: Use exchanges with a long track record, regulatory licenses, and proof of reserves.

  3. Diversify across multiple exchanges: If you must hold significant amounts on exchanges, spread them across multiple platforms.

  4. Maintain self-custody as your default: For any cryptocurrency you're not actively trading, self-custody in a hardware wallet is more secure.

  5. Research before depositing: Before moving significant amounts to an exchange, research its security practices, regulation, and track record.

  6. Monitor exchange news: Stay informed about security breaches, regulatory actions, or financial difficulties at exchanges where you hold funds.

Key Takeaways

  • Exchanges holding cryptocurrency for customers create concentrated counterparty risk
  • Exchange custody is vulnerable to cybersecurity breaches, operational failures, and fraud
  • Most cryptocurrency exchanges are not FDIC-insured; customer protections are limited
  • Insolvency of an exchange can result in permanent loss of customer funds
  • Proof of reserves and regulation provide some protection but no guarantees
  • Self-custody is more secure for long-term holdings; exchange custody is reasonable only for amounts you're actively trading
  • Due diligence on exchange security and solvency is essential before depositing significant amounts

Further Reading

To understand how to protect yourself through self-custody, see Self-Custody in Crypto Explained and Not Your Keys, Not Your Coins. To understand how exchanges prove they hold customer reserves, see Proof of Reserves Explained. For historical examples of exchange failures, see Mt. Gox Lesson and FTX Bankruptcy.