Centralised crypto exchanges have expanded their operations and global reach over the years to accommodate the changing trends in the crypto market.
There’s one factor that I believe will boost both the number of users on centralised exchanges and the quantity of money held on (thus, transacted through) these platforms.
100% crypto insurance…albeit with some caveats.
I believe it will eventually happen, but conservatively speaking, it’s still several years away.
There are two major reasons for this. The insurer/underwriter needs to:
1) Have enough confidence in the exchange to ensure it is in a sound-to-strong financial position, has the customers’ funds backed 1:1 (proof of reserves) and has implemented the best security measures available.
2) Be 110% sure that the blockchains underpinning various coins and tokens can withstand the test of time, not to mention advanced network threats, system downtime, etc.
I am quietly confident that Bitcoin and Ethereum* will almost certainly maintain robust network security and at least 99.98% uptime. See the Bitcoin Uptime Tracker for live stats.
*I couldn’t find a similar uptime tracker for Ethereum. Yet, I came across Ethernodes, which provides Ethereum mainnet stats. Let us know in the comments section if you’ve found a website with this live information.
As per other blockchains, it is still too early to say, although several will remain secure and reliable for many years.
How would exchanges go about this?
Fortunately, we can get some understanding of this based on what a handful of exchanges have done to date.
Australian crypto exchange Independent Reserve offers insurance to its institutional investors (reportedly with a cost price of 0.9% + GST [VAT], underwritten by Lloyd’s of London), but it once provided a similar service to its retail clients.
Binance opts for its Secure Asset Fund for Users (SAFU), an emergency fund established in July 2018. It sits at $1 billion as of January 29, 2022, consisting of BNB, BTC, USDT and TUSD reserves.
I tried finding updated SAFU balances (i.e., less than three months old), but I could only obtain information from official announcements made in November 2022 and March 2023. Here’s info from the more recent one:
The SAFU fund will be observed closely to ensure that it is sufficiently capitalized and topped up periodically, as necessary, using Binance’s own funds.
Binance, 18 March 2023
Moreover, crypto assets managed under the American arm of Binance, Binance.US, are no longer eligible for Federal Deposit Insurance Corporation (FDIC) Coverage – whereby the US Government will cover up to $250,000 per account for each FDIC-insured bank if it goes under – according to this article published last month.
As per Coinbase, this is what it states on its website, under its Insurance section:
“Coinbase carries crime insurance that protects a portion of digital currencies held across our storage systems against losses from theft, including cybersecurity breaches. However, our policy does not cover any losses resulting from unauthorized access to your personal Coinbase or Coinbase Pro account(s) due to a breach or loss of your credentials. Our policy also does not cover non-fungible tokens.”
What “portion” is covered by the exchange? They don’t specify. I imagine the insured amount would vary depending on the digital assets held, retail vs institutional investor, the jurisdictions involved, the nature of any losses, etc., although I am speculating here.
What about USD and other fiat currencies held on Coinbase? Coverage for these balances depends on whether the user is based in the US and whether it is a retail or institutional client.
For anyone subscribed to Coinbase One – not yet available in all countries, including Australia – eligible users could be entitled to up to US$1,000,000 if their login details were compromised due to a system vulnerability under the Coinbase Account Protection.
For Kraken users, this is what you need to know.
All exchanges should adopt something resembling this: the insurance fund is represented by BTC, ETH, another altcoin, and at least two stablecoins.
How much would be insured? What conditions need to be met?
In reality, this would start with a small amount – let’s say up to $50,000 per user if I had to pick an arbitrary figure – and apply to more advanced economies and will only involve BTC, ETH and possibly XRP.
To clarify, I am talking about exchanges that do not currently offer insurance for retail clients, as opposed to the options listed above.
So, don’t bank on a beloved s&!tcoin to be covered by Uncle Sam if it plummets faster than SBF’s net worth and reputation. As these tokens are even more volatile than BTC and ETH, be prepared to lose all of them.
Governments, insurers, or other third parties that provide such coverage in the event of a loss would need strong evidence over many more years to demonstrate that a blockchain network is robust and reliable. This is why I referred to the coins for Bitcoin, Ethereum and XRP Ledger, respectively.
It is important to note the distinction between insurance coverage for an exchange getting hacked or going bankrupt and a blockchain network getting compromised, e.g., a 51% attack, whereby a nefarious actor gains majority control over a blockchain’s computational or staking power.
For context, the former directly* affects those who have crypto on exchanges. In contrast, the latter will impact everyone holding the chain’s native asset (and, where applicable, the tokens affiliated with that, e.g., Ethereum and ERC-20 tokens), including those with digital assets off centralised exchanges.
Based on this, it is most likely that any coverage would be limited to an exchange’s security negligence in the event of a hack, as opposed to lost funds attributed to network attacks.
*If a major exchange were to lose funds due to theft and the hacker were to sell off the funds quickly, this would most likely impact the asset’s price. Having said this, if it were BTC and ETH, it is unlikely that this would cause a major price movement nowadays due to their market caps and 24-hour trading volumes.
As another requirement, in the event of an attack, exchanges would most likely require users to ensure that they had activated two- or multi-factor authentication (2FA/MFA) before their account got depleted.
Why is this relevant? We know what insurance companies are like. They will (try to) find any excuse not to cover you when something goes wrong.
So, suppose you take every reasonable measure – MFA (especially using a security key), regularly changing passphrases (or turning on passphrase-change prompts), whitelisting withdrawal addresses, email or text notifications for suspicious activity, etc. In that case, they have far less leverage over you.
What about non-custodial wallets?
I can hear the hardcore Bitcoin/crypto enthusiasts already saying, “Not your keys, not your crypto.”
I get it. These will always be the most secure way for you to maintain full control of the private keys linked to your crypto assets.
However, I am bringing up this topic of insurance on centralised exchanges as I know there will be a cohort of society that doesn’t want to deal with the process of purchasing and setting up a hardware wallet (or even a desktop and mobile wallet), make multiple copies of the recovery seed, carry out regular firmware updates, etc.
To put it bluntly, these people do not (and probably never will) care about the private keys and crypto mantra.
Some people demand convenience, even if it goes against self-custody, and would prefer someone akin to a conventional bank to manage their crypto, i.e., a crypto exchange, fund manager or similar third party.
As a bare minimum, all exchanges should follow Binance’s lead and establish an insurance fund to cover their clients in the event of any losses.
Having said this, someone has to pay for this, which would most likely come from trading fees or other forms of revenue derived from customers.
Some users – particularly those that prioritise self-custody – would not be pleased with having to partially fund such a scheme via trading fees or other costs in the event of exchange hacks or a catastrophic collapse.
On the contrary, Binance has managed to maintain $1B in its SAFU whilst keeping its fees competitive.
I envisage a two-tier system whereby exchanges could insure their BTC or ETH holdings up to X amount in fiat – as a complimentary feature – and anyone requesting further coverage would have to pay extra per year for insurance, e.g., 0.7% per dollar-equivalent in BTC or ETH.
Alternatively, additional (voluntary) insurance could be offered as a subscription service feature through a platform.
These are tentative ideas; perhaps they’re all pie in the sky. However, as crypto is here to stay and will (gradually) become more integrated into our daily lives, this discussion will become increasingly relevant.
It all boils down to how we can encourage more people – both retail and institutional investors, particularly the former – to participate confidently in this nascent asset class despite its high volatility and its fair share of cowboys.
I have not even touched on the overlap between crypto exchanges and financial institutions (as part of TradFi) and people treating the former as a type of “crypto bank” despite being ineligible for consumer protections provided to banks and other established financial institutions; let’s not forget about some TradFi banks wanting to offer crypto services too. I will expand on all of this in a future piece.
I admit I left out the idea of governments offering insurance. I did this intentionally, as the onus should be on crypto exchanges, not the government (i.e., taxpayers).
In conclusion, despite the abundance of affordable, convenient, and reliable non-custodial wallets, users will always opt to have some funds on exchanges, even for long-term storage. In the event of a crypto exchange’s collapse, its users will most likely get back some of the lost funds, albeit with lengthy wait times and uncertainty, if Mt Gox and FTX collapses are anything to go by.
What are your opinions about crypto insurance? How should it be funded? I look forward to your feedback.
- N.B. None of this is financial advice; I am not a financial advisor. You are ultimately responsible for crypto investments, let alone in any asset class.
- The opinions expressed within this piece are my own and might not reflect those behind any news outlet, person, organisation, or otherwise listed here.
- Please do your research before investing in any crypto assets, staking, NFTs, or other products affiliated with this space.
- For transparency, Bitcoin (BTC) and Ethereum (ETH) each account for roughly 25% of my crypto portfolio.
- I received no incentive to discuss any of the exchanges listed throughout this article.
© Crypto with Lorenzo 2023. All rights reserved unless specified otherwise.