Transparency is essential to the cryptocurrency community. Therefore, in light of recent situations transpiring elsewhere in the industry, we wanted to provide some additional insight into how seriously we take our user security, security over users’ funds, and security over the platform’s infrastructure itself.
Our traders are already comfortable and familiar with user-facing protections, such as compulsory address whitelisting, two-factor authentication, and more. Cryptographic hashing protects account passwords, and the website uses SSL encryption and Cloudflare DDoS protection to prevent any unwanted downtime. The result is a safe, reliable, advanced trading platform that has never experienced a hack and offers 99.9% uptime.
Here’s a look at how PrimeXBT gets the job done consistently, and keeps users’ funds safe and secure from any intrusion attempts, hacks, or worse, and ensures full AML compliance at the same time.
Restricted Jurisdictions And The Steps We Take To Serve Clients Globally
Since PrimeXBT’s inception, services have been restricted to residents of a number of countries globally. PrimeXBT agrees to provide services subject to the client not being a resident of a restricted country, which includes:
- United States of America
- North Korea
- United States Minor Outlying Islands
- American Samoa
- Russian Federation
- Saint Vincent and The Grenadines
Access to PrimeXBT services does not necessarily mean that our client activities through the service are legal under local laws, regulations, or directives associated with a client’s country of residence; therefore, it is crucial for every client to consult with legal and tax advisors in your region regarding eligibility to utilize such services.
Research has concluded that strict IP-blocking country-by-country is not an efficient way to prevent unauthorized access by users from restricted jurisdictions. For example, VPN software can be used to hide an IP address, and by blocking IPs to some countries, unrestricted users may end up unfairly blocked while traveling, potentially leading to losses due to an inability to trade.
To alleviate these challenges and ensure compliance, we have implemented a procedure where every customer must confirm their country of residence at the time of user registration and before further use of PrimeXBT services.
(Residency confirmation procedure)
IP checking was also implemented, so anytime an IP address doesn’t match the country originally selected, the user will receive an additional warning requesting confirmation of residency. Once the user confirms, an email confirmation with a timestamp of the user’s selection will be sent to the user’s supplied email address.
(Residency IP-logged email confirmation)
Additionally, the PrimeXBT compliance department reserves the right to ask for additional documentation at any time while using PrimeXBT services, such as proof of address, ID forms, and more, depending on a variety of factors such as client activity or the total amount transacted.
In the result of our compliance team or any PrimeXBT team member discovering a user has provided misleading information about his or her residency, the user will immediately have their trading account restricted.
We strongly urge and recommend all existing users and potential clients take the time to carefully read through PrimeXBT’s terms and conditions before agreeing to them.
AML Compliance Through Crystal Clear Real-Time Data Analysis
The rapid proliferation of new technologies, products, and related services has spurred incredible innovation and inclusion in the world of finance, but it has also created new avenues for criminals and terrorists to launder their proceeds or fund illicit financial activities.
We have developed an internal risk-based system for AML compliance, as per the guidelines and recommendations set forth by FATF to all Virtual Asset Service Providers. PrimeXBT has established and strictly maintains appropriate and risk-sensitive policies, internal controls, and procedures proportionate to its nature and size, related to record-keeping, risk assessment of each customer, reporting incidents to appropriate authorities, ongoing monitoring, and AML/TF measures.
The compliance team regularly conducts in-depth AML/TF compliance training so that all PrimeXBT personnel is well-versed in all aspects of compliance, including how the internal system works, what risk assessment information is provided, what does or doesn’t need to be reported to the proper authorities, and what other actions may need to be taken depending on the situation.
To ensure the exclusion of bad actors who have obtained cryptocurrency through illegal or illicit means, or originates from a known wallet associated with an exchange hack, the dark web, etc., we utilize Bitfury’s Crystal AML compliance software and blockchain monitoring toolset on all incoming transactions.
(Bitfury’s Crystal software and blockchain analysis tools in action)
Crystal analytics tools ensure PrimeXBT’s AML procedures comply with global regulations and improve safety and security for PrimeXBT clients. Any assets deposited to PrimeXBT are assigned a risk score based on Crystal’s proprietary algorithm, providing detailed insight about the history of that asset and the wallets it originated from. This strengthens PrimeXBT’s overall security and helps to promote a safer global financial community.
(Crystal’s risk-scoring example)
By utilizing Bitfury’s Crystal, PrimeXBT can effectively spot and quarantine any cryptocurrencies tied to bad actors such as hackers or terrorists, or that were involved in a crime such as money laundering. Furthermore, PrimeXBT doesn’t allow transactions in anonymous cryptocurrencies that obfuscate blockchain data.
You can read more about how PrimeXBT and Bitfury have partnered for AML compliance using Crystal software on our company blog.
PrimeXBT implements industry-standard financial monitoring procedures as a part of our AML to call attention to any assets or activities that may require additional CDD (Customer Due-Diligence) review. PrimeXBT again reserves the right to request additional documentation to ensure PrimeXBT services are not abused, and the user does not violate AML requirements.
As a reputable business, PrimeXBT takes its role as a member of the global financial market seriously and cooperates with all respective authorities in order to prevent ML/TF (Money Laundering and Terrorist Financing). In case of a request from authorities involving transactions suspected of illicit activities, PrimeXBT must work closely with law enforcement representatives to supply the necessary documentation and information in line with data protection laws. Only proper legal or regulatory authorities will receive customer transaction data. Otherwise, all details are kept private at all times.
How PrimeXBT Keeps User Funds Safe
Compared to previous years, the cryptocurrency market has seen a considerable reduction in exchange intrusions and hacks thanks to companies adopting similar practices to what PrimeXBT utilizes. However, recently, a prominent hack of a competitor cryptocurrency platform resulted in a large sum of user funds stolen.
The hack raises questions about what went wrong and how the cybercriminals could bypass security and access what should have been safeguarded funds. We wanted to take the time to explain how PrimeXBT relies on entirely different security solutions to keep users’ funds safe and secure.
There are two main types of cryptocurrency wallets that exchanges and trading platforms rely on: cold and hot wallets. A cold storage wallet is a solution for storing crypto assets that isn’t connected to the internet. Therefore there is no way to access the funds held there. Hot wallets, however, have a direct connection to the internet and the exchange’s server. If a client makes a request to withdraw funds from a hot wallet, it means that a request is made to an automated system that signs the transaction and gets processed in a queue. Any such system, however, is susceptible to an attack from a determined or skilled enough hacker. Because so many exchanges keep private keys connected to a server in this way, hacks have long been prominent in the cryptocurrency industry and is why platforms that utilize such methods are especially vulnerable.
At PrimeXBT, all customer assets are stored in a cold storage wallet. PrimeXBT processes all pending withdrawals once a day, between 12:00 and 14:00 UTC. A withdrawal requested before 12:00 UTC will be processed on the same day. Any withdrawal requested after 12:00 UTC will be processed on the next day. All transfers are executed manually, once our team checks all transactions for risk scoring, money laundering, suspicious trading activity, and other patterns.
By involving experts in financial security and strict manual procedures versus autonomous queues and systems with loopholes to be exposed, PrimeXBT offers the highest level of asset security. The only drawback to this security solution is the fact that withdrawals can only take place once per day. But speed or simplicity is never worth sacrificing security or safety – especially not when it comes to users’ funds.
Summary: The Ins And Outs Of PrimeXBT Security, Safety, and AML Compliance
These are still very early days in the cryptocurrency industry, and while there still remains no clear regulations, laws, or rules from global governments concerning how companies like PrimeXBT should approach AML for individual customers, we have and will continue to rely on guidance’s, best industry practices, and recommendations to take a reasonable risk-approach to all internal operations related to cryptocurrencies.
PrimeXBT does not provide exchange services, doesn’t support anonymous privacy cryptocurrencies, nor directly supplies a fiat-to-crypto gateway; therefore, our services are less likely to be used for money laundering or terrorist funding purposes. However, our constant ongoing monitoring of incoming transactions and manual approval over outgoing transactions utilizing the industry’s best blockchain-based AML compliance software ensures that we can actively and effectively address all suspicious transactions. Added CDD spot checks to follow up on AML requirements also allows us to eliminate bad actors and assist in making the greater financial industry a safer and more inclusive place for all.
We take your trust in PrimeXBT seriously. In terms of security, the safety of our client’s assets always comes first. Other platforms rely on faster withdrawals or more financially sound methods for cryptocurrency storage, leaving users’ funds exposed to hackers as we’ve repeatedly seen. And while we understand the desire to access funds fast due to the speed that cryptocurrency technology provides, we are committed to maintaining strict, manual security protocols to ensure the long-term safety of our customers and their funds.
Investing in or trading gold or other metals can be risky and lead to a complete loss of capital. This guide should not be considered investment advice, and investing in gold CFDs is done at your own risk.
The information provided does not constitute, in any way, a solicitation or inducement to buy or sell cryptocurrencies, derivatives, foreign exchange products, CFDs, securities, and similar products. Comments and analysis reflect the views of different external and internal analysts at any given time and are subject to change at any time. Moreover, they can not constitute a commitment or guarantee on the part of PrimeXBT. The recipient acknowledges and agrees that by their very nature any investment in a financial instrument is of a random nature and therefore any such investment constitutes a risky investment for which the recipient is solely responsible. It is specified that the past performance of a financial product does not prejudge in any way their future performance. The foreign exchange market and derivatives such as CFDs (Contracts for Difference), Non-Deliverable Bitcoin Settled Products and Short-Term Bitcoin Settled Contracts involve a high degree of risk. They require a good level of financial knowledge and experience. PrimeXBT recommends the consultation of a financial professional who would have a perfect knowledge of the financial and patrimonial situation of the recipient of this message and would be able to verify that the financial products mentioned are adapted to the said situation and the financial objectives pursued.