In the digital asset world, users may come across the concept of a “nested service” when using certain features of an exchange. This concept is not uncommon in the traditional or digital banking worlds and is often used to extend the features of a platform to a set of end-users. An example of this is where users gain access to additional trading pairs from another exchange, or if a bank operating in one country wants to extend their services into another region, a feature known as correspondent banking.
Taking this concept one step further, entire nested cryptocurrency exchanges have emerged, operating in a very similar way as to the process described above. A user or investor may create their own account on an exchange and offer “trading services” to unknown parties through their personal account. For this reason, these exchanges are sometimes referred to as instant exchanges and may even leverage several accounts to fulfill these trades. Under their name, instant exchanges will have the opportunity to access all the features and functionality associated with the platform they are operating through. In this case, we can make a comparison to a third-party travel website that aggregates vacation packages under their platform, even though these offerings are not their own. While these platforms offer convenience and save time users would previously need to shop around, these offerings can be at the expense of a user’s security, a parallel that can be seen in the cryptocurrency world.
Unfortunately, due to the industry's growth, regulations are still being developed, leaving gaps in the Know Your Customer (KYC) and Anti-Money Laundering (AML) policies that keep exchanges secure. As a result, nested exchanges are often an easy target for cybercriminals. Therefore, it is not uncommon for a nested exchange to unknowingly support bad parties, including scammers, ransomware payments and money laundering practices. The media brought to light one example of this with SUEX, an unregulated exchange that converted illicit crypto ransoms into fiat currency, which Binance helped deplatform multiple accounts associated with it, with communication taking place over Telegram. SUEX was later sanctioned by OFAC, the Office of Foreign Assets Council for these practices.
For users, nested exchanges present a cautionary tale, suggesting that trust is given up over the custody of your assets through their use, thereby providing less security and fewer guarantees than a compliant centralized or decentralized exchange (DEX).
Trading with safety
The simplest way for investors to avoid supporting these harmful intermediaries is to purchase digital currencies through cryptocurrency exchanges that have proper KYC and AML procedures. It then becomes the onus of the user to do the necessary due diligence before using a new platform, ensuring proper guidelines are being followed, and they are now unknowingly engaging on a nested exchange.
Some of the necessary checks include the identification of KYC and AML protocols. This is often the first step before a user can start trading. A secondary consideration comes down to the user interface. Often trustworthy exchanges will show exactly where trades occur, offering users some additional security through transparency. In alignment with transparency, a trusted exchange will often make a direct statement that they are facilitating the trades occurring on their platform. The lack of this detail can be a clear tell for a nested exchange.
Digging deeper, users can look at the exchange rates. Any variation in rates may suggest that nested accounts are at play since account owners use different exchanges, each subject to their own rates.
If the exchange meets all of these requirements, a final test can be done by following your cryptocurrency’s trail on the blockchain using a public blockchain explorer. Upon careful analysis, users may locate when a wallet is associated with another exchange as they trace the activities accordingly.
How Binance combats nested exchanges
Binance has recognized its position as an industry leader, using its stance to combat bad actors and help protect the crypto ecosystem. To ensure high-security standards are met, Binance regularly conducts audits on all business and personal accounts that appear to be conducting “business transactions.” These audits consist of an analysis of transactions and risk scoring. More recently, the platform has implemented the TRM Labs Chain Analyzer, one of the top security tools in the industry, which is specifically targeted at identifying nested services located on an exchange.
Suppose a nested exchange appears to be in operation. In that case, the platform assures its community that they will take appropriate action, whether offboarding the user, contacting law enforcement or notifying regulators. For example, accounts associated with Suex.io, the illegally-operating Russian cryptocurrency exchange, were de-platformed, and their data was shared with the authorities. With nested exchanges increasing in popularity across Ukraine and Russia, Binance continues to do its best to identify nested exchanges using their platform. To further protect users, they encourage the use of KYC and AML policies as best practices.
Disclaimer. Cointelegraph does not endorse any content or product on this page. While we aim at providing you with all important information that we could obtain, readers should do their own research before taking any actions related to the company and carry full responsibility for their decisions, nor can this article be considered as investment advice.