Who Should Be Held Responsible for the $70m Bitfinex Bitcoin Hack?

This guest article was written by Marcie Terman, Communications Director, First Global Credit and XBT Corp Geneva.

Those of us involved in the cryptocurrency space right now are all certified early adopters and we wear that badge with great pride. We are individualists, a bit edgy and a bit libertarian. Because of this, companies like First Global Credit that take a hard line on the Know Your Customer rules withstand a lot of criticism.

Cryptocurrency aficionados do not like the fact that we are legally compelled by international convention to understand who we do business with. But I will tell you from a life-long responsible relationship with my money (crypto or otherwise), it makes sense knowing who is on the other side of monetary transactions.

Join the industry leaders at the Finance Magnates London Summit, 14-15 November, 2016. Register here!

Know-Your-Customer

That is why when First Global Credit was founded in 2014 we published the identity of everyone on our management team. It seemed only fair if we demanded transparency from our customers that we in turn would be equally transparent with them. It would seem that in the aftermath of the Bitfinex hack the sentiment of the rest of the Bitcoin market is suddenly in step with our own as the numbers of customers signing up and immediately KYC’ing their live trading accounts on our bitcoin backed, stock, futures and FX Trading Platform have increased four times the usual level over the past 7 days.

At a cursory inspection it may seem eminently fair that Bitfinex’s founders have taken the view to spread losses over their entire pool of customers. But if you think about this critically, it wasn’t the customer’s fault that permitted an automated, unchecked process at BitGo to release funds to points unknown. And given that the identity of Bitfinex’s management is not generally known, it makes it much easier for the culpable to hide until the heat dies down. Perhaps giving the go ahead on ill-conceived policies like this would have been deliberated on with greater care if the decision makers knew they would be identified as responsible?

What about know your broker?

My thinking is that these issues with Bitfinex have raised the question of what kind of accountability you can expect from vendors that use their customers’ penchant for anonymity as a cloak that they themselves can hide behind? (Doubly bizarre since Bitfinex follows the KYC conventions for their customers to reveal their identities.) This kind of thinking is logically followed by the realization that platforms offering anonymity or exchanges that automate withdrawals (a thing you NEVER see in conventional online brokerages) are perhaps not the most trustworthy place to store capital. With anonymity not only is it very easy for a financial service business, its website and its founders to disappear if things suddenly go wrong, it also makes it much harder to make a bid to reclaim capital yourself after a hack if you have no way of proving that it was your money stolen in the first place!

We cryptocurrency advocates consider the sanctity of personal information inviolable but the standard for company founders is and should be different. If you choose to do business with companies that hide the identities of their founders creating an opportunity to avoid responsibility, you, yourself are equally as culpable. I believe strongly, as many in crypto do, in the principle of personal responsibility, which is why I know that people who do not stand behind what they are selling are looking to avoid the consequences of poor decisions.

Having recognized that anonymity is not desirable in a business where client assets are involved I would suggest substituting the goal of anonymity with the selection of business partners that show a high regard for the personal privacy of clients as we do at First Global Credit. Choose business partners domiciled in jurisdictions that share your values. Make sure that the jurisdiction follows rule of law and the concept of search and seizure as it existed before the panics of the last decade. A blanket request for all customer data is simply not acceptable. If a government feels that there is criminal activity associated with an account, the proper course of action is to obtain a warrant through an objective legal system only after due process has been exercised.

Use common sense

Customers have a responsibility as well where the security of their assets are involved. Do not complain if your financial service company uses manual processes for withdrawal. Consider multiple layers of validation for transactions over a certain level simply a cost of doing business that is there to protect you as well as your service partner. Restrict your financial dealings to companies that you have vetted to make sure that they have a serious approach to not only maintaining security but validating processes regularly to make sure your service partner stays as far ahead of thieves as humanly possible. But at the core of all these measures lies transparency which should do much to facilitate trust between customer and service provider.

Those of us involved in the world altering cryptocurrency markets are absolutely ahead of the curve. We are doing exciting things, making the fiscal world more equitable, creating opportunities that will remove money from the hands of bankers and put it back in the hands of people who worked for the assets in the first place. Bringing opportunity to populations that have been abused by their governments for far too long. That’s pretty exciting stuff! But these paradigm changes do not mean that the sensible precautions that are part of the conventional financial markets should be ignored.