On June 2, the U.S. Commodity Futures Trading Commission (CFTC) fined Bitfinex US$75,000 for handling illegal off-exchange financial retail commodity transactions without registering as a futures commission merchant.
The CFTC – alongside other regulators – required the exchange to deliver the digital currency directly to their users, instead of holding the private keys controlling the traded coins.
The official order stated that Bitfinex “did not actually deliver bitcoins purchased on a leveraged, margined, or financial basis to the traders who purchased them,” violating the regulations of CFTC established for commission merchants and commodity transactions.
Some notable experts claim that the aforementioned regulatory framework presented by the CFTC may have prevented Bitfinex – and other bitcoin exchanges – from storing users’ bitcoin in offline wallets. Such inaccuracy could be the only factor that might have led to the security breach and loss of nearly $65 million worth of Bitcoins.
Is KYC/AML Responsible?
The Know-Your-Customer (KYC) and Anti-money-laundering (AML) regulations in the U.S. are known to be particularly strict for companies and organizations dealing with the transfer of money. Large exchanges like Bitfinex are required by law to record user data, and store sensitive personal and financial information on their private server.
On the Bitfinex exchange, users are requested to verify, present and authenticate a series of documents and identification such as passports and bank details, which are kept by the Bitfinex exchange and provided to law enforcement or the CFTC at their will.
Bitcoin experts including Andreas Antonopoulos speculate the possibility of KYC and AML driving Bitcoin exchanges away from using cold storage.
Did CFTC push Bitfinex away from using cold storage and to hot wallets for every customer?
Was this driven by KYC/AML, increasing risks?
— Andreas (@aantonop) August 3, 2016
Whether it was the regulations of CTFC to conduct direct trades with users or the strict KYC and AML framework, the Bitfinex hack emphasized the advantage of using cold storage rather than hot wallet-based technologies.