Fraud Risk Assessment: GDAX

GDAX
  • Editor Rating
  • Rated 4.5 stars
  • 90%

  • GDAX
  • Reviewed by:
  • Published on:
  • Last modified: July 1, 2017
  • Legitimacy
    Editor: 93%

Global Digital Asset Exchange (GDAX, gdax.com) was launched as a cryptocurrency exchange, part of Coinbase, in 2015. The company’s legitimacy has been evaluated based on the items listed below. Every individual item has been checked for the presence of obvious red flags or warning signals. If these are present, an explanation detailing what triggered them has been included. A detailed description of the reasons to evaluate each of the included items can be found below the table.

Business
Total Flags: 0 (3 Warnings = 1 Flag)
Headquarter locationthumb-up-iconSan Fransisco, United States
Experiencethumb-up-iconGDAX is owned by Coinbase which was founded in 2012
Verified Addressthumb-up-iconThe company is incorporated at:

548 MARKET STREET #23008
SAN FRANCISCO
CA 94104, United States
Verified Ownerthumb-up-iconCoinbase was founded by Brian Armstrong and Fred Ehrsam
Business Registrationthumb-up-iconCoinbase is registered in California Secretary of State's database under corporate number C3548456.
Financial Regulator Registrationthumb-up-iconCoinbase is registered with FinCEN as a "money services business" (specifically, a "money transmitter") but "the inclusion of a business on the MSB Registrant Search Web page is not a recommendation, certification of legitimacy, or endorsement of the business by any government agency." Therefore the exchange wasn't regulated until 2017, when it became a NYDFS-regulated entity (see Operating License).
Operating Licensethumb-up-iconGDAX obtained a BitLicense from the New York Department of Financial Services (NYDFS) in 2017.
Service Disruptions & Unbusinesslike Conductthumb-up-iconN/A
Audit
Financial Auditthumb-up-iconThe BitLicense requires every Licensee to "submit audited annual financial statements" along with an "opinion and an attestation by an independent certified public accountant regarding the effectiveness of the Licensee’s internal control structure".
Governance Auditthumb-up-iconThe BitLicense defines some very strict requirements regarding capitalization, compliance, anti-money laundering, consumer protection and cyber security. These requirements are subject to ongoing oversight by the NYDFS.
Website
Website Designthumb-up-iconGood
Grammar on Websitethumb-up-iconGood
Funding Optionsthumb-up-iconVarious
Contact Informationthumb-up-iconContact information is provided, albeit only on Coinbase's main website.
Risk Disclosureexclamation_warningCoinbase features a lot of documentation, but it seems to lack risk disclosure with regard to trading Bitcoin. The risks of Ethereum are documented somewhat better, although users still need to visit an external source to get proper disclosure.
Persuasion
Source Credibilitythumb-up-iconN/A
Social Proofthumb-up-iconN/A
Reciprocitythumb-up-iconN/A

Note that items with a warning instead of a flag indicate that these could occur at a legitimate company. For example, legitimate companies may hand out some kind of referral bonus. Multiple warnings will, however, still trigger a flag. A description for the listed items is provided below. This list is meant to assist with identifying the most obvious dangers, and therefore does not provide any guarantees.

Headquarter Location
Even though Bitcoin’s legal status is uncertain in most of the developed world, there are certain countries that take a more hostile stance towards the digital currency industry. For example, trading Bitcoin in Bangladesh could lead to a punishment of up to 12 years in prison, and also Russia has considered jail time for Bitcoin users. Another example is China. The country didn’t ban Bitcoin, but it did ban banking institutions and employees from engaging in Bitcoin business through banking, as well as servicing or doing business with the Bitcoin industry.

Experience
Exchanges that have been running for a long time are more likely to have a battle-tested trading platform, as well as proper policies/procedures to deal with regulatory requirements and uncertainties.

Business Verification
First, you should never hand your hard-earned money over without knowing where it is going. Second, you should do a background check to avoid handing it to a known scammer. Be weary of people without an online identity. Scammers will typically try to hide their identity or conceal their true identity to avoid being easily discovered.

Business Registration
Businesses are typically required to register at the local Company Register. However, not every registration is equal, for example, Companies House (United Kingdom) does not actively check addresses and names. Hence a registration here doesn’t hold any real value. In any case, a failure to register would indicate that the company is most likely operating illegally.

Financial Regulator Registration
Similar to a regular business registration, some countries require Bitcoin exchanges and payment processor to register with the financial regulator. In the United States the Financial Crimes Enforcement Network (FinCEN) ruled that these types of companies are money transmitters, and should therefore register as Money Services Businesses. As a result, these platforms must also comply with stricter regulation such as anti-money laundering laws.

Operating License
Being registered doesn’t equal having the proper operating license. To achieve a fully legal status the license needs to cover the activities of the company. In fact, even exchanges with a money transmitter license may still be operating in a regulatory grey area, because Bitcoin exchanges are special cases. This is why New York invented the BitLicense, and why some platforms are applying for an even stricter banking license.

Service Disruptions &  Unbusinesslike Conduct
A businesses can be expected to behave professionally. This means that at a minimum a professional must comply with relevant laws and regulations. Besides the rules, professionals should also respect their customers and act in their best interests. It is hard to specify these “unwritten rules” of ethical behavior, but we certainly do know when they are broken.

Audits
Audits certainly do not root out every instance of fraud, but independent (public) audits do provide some comfort in the sense that systems, numbers and policies/procedures have at least been reviewed by a third party (preferably a professional).

Website Design
Amateurish, cluttered and disorganized websites can point to a scam as many scam sites use text and images from legit websites and other sources which may not work together very well.

Grammar on Website
Similar to the website’s design, limited English proficiency can point to a scam.

Funding Options
Even though cryptocurrency funding options are logical for a cryptocurrency company, it is also very convenient for scammers as the recipient essentially remains anonymous. Hence a lack of alternative funding options should still be considered a warning signal.

Contact Information
Legitimate companies have very little reason not to list their contact information.

Risks Disclosure
Fraudsters will do anything to provide a false sense of security. Actions may include misrepresenting, or even non-disclosure of risks involved.

Source Credibility
Persuasion is more likely when the source presents itself as being credible, expert and trustworthy. Common tactics used by scammers to make themselves look legitimate is to pretend to be someone they are not. Alternatively, credibility can also be attained externally with claims such as “Warren Buffet is already using this service”.

Social Proof
Fraudsters take advantage of herd behavior by creating the illusion of consensus or social proof that the service is legitimate with claims that “everybody is already using it”, or by setting up extensive referral programs in which members encourage their friends and associates to invest as well. This automatically triggers something in the mind that says: “if everybody [or someone from the inner circle] wants it, it must be good”.

Reciprocity
A business is likely to receive far more of our trust when it provides a lot of free value. This happens because of the rule of reciprocity, which causes us to tend to feel obligated to return favors after people do favors for us.

Leave a Reply