Income Tax Returns | CA in Mumbai | Chartered Accountant | ITR Filing

Crypto Exchanges - Legal, Banking, Technology, Security, and Volume 2021

Since Bitcoin’s legal status in not fully clear (even to U.S. regulators), it is very difficult for Crypto Exchanges to stay compliant with local laws.

It is unclear whether governments consider Bitcoin to be a “currency” or a “commodity”. Depending on how Bitcoin is classified, a business may or may need to seek a money transmitter license.

First, you need to decide the operational scope of your exchange, whether you want to operate globally or confine yourself to a specific region or country.

A few tiers to start thinking about: legal, banking, tech+security, and volume.


  • The first question is whether you want to operate globally (e.g. Bitfinex or BitStamp) or focus on a national market (e.g. FlowBTC, meXBT). The next step is to seek legal counsel to help decide where you want to locate and how to incorporate/structure your business.
  • You want to think about how you can limit your liability and exposure to litigation, as well as what regulatory/compliance requirements are in your jurisdiction, and what they are likely to be in ther near term.
  • Merkle Tree offers a useful high-level global map of the regulatory landscape.


  • What sorts of banking relationships do I need and how can I secure them?
  • Note that banks can be heistant to provide services to digital currency exchanges.

Tech + Security

You or a partner need to build and maintain complex architecture that pairs orders, executes transactions, and manages deposits and withdrawals. Major componets are:

  • Matching engine
  • Risk management system
  • Accounting/audit system
  • Wallet management
  • Payment gateways

Security is understandably paramount. Some things to consider:

  • Sound internal security procedures among your team - see, e.g. CryptoCurrency Security Standard (CCSS) (incredibly important, and often overlooked)
  • Network and hardware security (secure data center, etc.)
  • KYC (Know Your Customer) + AML (Anti-Money Laundering) solutions
  • Two-Factor Authentication for users


Without lots of live volume, all the above is for naught. It is well worth your time to actively consider all of the below:

  • Channeling liquidity from large exchanges like Bitfinex to your exchange
  • Messaging, media presence, brand creation and maintenance, ads and retargeting
  • User definition (is this a retail exchange, for advanced users?, etc.), and using this to inform UI design and to prioritise features for product differentiation

You should never use an online article (like this one), so best bet is to consult a specialised legal firm !