Security is one of Kraken's founding principles. It hasn't been hacked since it launched in 2013 and is widely recognized as one of the most secure cryptocurrency exchanges. One aspect of Kraken's security that I appreciate is that you can set up different two-factor authentication (2FA) codes for specific activities -- such as sign in, funding, or resetting your password. However, I would like it to have New York's hard-to-get BitLicense, which offers an extra stamp of security reassurance.
All cryptocurrency investing carries risks. In addition to the volatility, it is a relatively new asset class and there's a lot we don't know about how it will unfold. Crypto prices could collapse completely. Plus, cryptocurrency security is a hotly debated topic and any exchange can be susceptible to hacks. Here's more on Kraken's approach to security.
- Coin storage: Kraken uses a mix of hot wallets and cold storage (essentially offline and protected against hacks).
- Platform and information security: Its physical servers are kept under 24/7 surveillance. Sensitive information is encrypted at both a system and data level.
- Security testing: Ongoing penetration tests protect Kraken's systems, both via its internal team and bug bounty program. The bug bounty programs incentivize ethical hackers to find and report bugs.
- User security features and education: With two-factor authentication, secure emails, real-time monitoring, and security locks, Kraken does a lot to help users keep their accounts secure. On top of which, it supplements its security by teaching users how to protect their accounts.
Proof of reserves
The collapse of high profile crypto exchanges showed us that crypto security goes further than the way a platform stores your assets. Unlike money in a bank, cryptocurrency is not protected against platform failure by FDIC insurance. If you plan to leave your funds on the exchange where you bought them, it is important you trust the exchange. One way to do that is to check its proof of reserves.
Kraken says all client deposits are backed by real assets. It uses an independent auditor to verify that it has enough funds to cover all potential client withdrawals. Users can check the proof of reserves for their own accounts by logging on to Kraken Pro. In the absence of increased crypto regulation, proof of reserves can give crypto investors more confidence that their money is safe. Even so, critics have pointed out it isn't perfect.
Kraken and the SEC
Kraken is one of several crypto exchanges that has found itself in hot water with the SEC. In February 2023, Kraken paid $30 million to settle a separate SEC case. At the time, the SEC argued that its staking services did not provide the necessary disclosures and safeguards to investors. Kraken shut down its staking services in the U.S. as a result.
In November 2023, the SEC accused Kraken of operating as an unregistered securities exchange. The crux of its argument is that many cryptocurrencies are unregistered securities -- what it calls crypto asset securities. There are strict rules about how securities can be traded, and the SEC believes that crypto platforms who are not registered with the SEC should not be facilitating this trading. It also accuses Kraken of commingling crypto assets with its own. As an investor, it is important to be aware of the charges because they could have an impact on your assets and your ability to buy and sell crypto.
Kraken has filed a motion to dismiss the charges. It argues that:
- The SEC is wrong to say cryptocurrencies are unregistered securities. It says the SEC hasn't done enough to show that the cryptos in question should be treated as securities.
- The SEC is attempting to claim jurisdiction over crypto by filing court cases instead of petitioning Congress. It accuses the SEC of overreach and says that granting its motion would give it authority over all kinds of other assets, such as sports memorabilia and classic watches.