When exchanges lack strong identity governance, the platform can host transactions without reliable accountability for who controls the account, wallet, or beneficiary. That weakens attribution, slows investigations, and allows illicit actors to blend into ordinary traffic. Strong onboarding, ongoing review, and offboarding controls are what keep hosted finance from becoming a durable laundering surface.
Why This Matters for Security Teams
Cryptocurrency exchanges are not just transaction engines; they are identity decision points for customers, administrators, API clients, wallets, and beneficiary controls. When those identities are weakly governed, the exchange loses the ability to distinguish legitimate trading from account takeover, mule activity, insider misuse, or automated abuse. That creates gaps in attribution, slows freeze and recovery actions, and complicates regulatory response. The NIST Cybersecurity Framework 2.0 treats governance as a core security function for a reason.
NHIMG’s research on the 2024 ESG Report: Managing Non-Human Identities found that 72% of organisations have experienced or suspect a breach of non-human identities, which is a useful proxy for how often weak identity control becomes a real incident rather than a theoretical concern. In exchange environments, the same pattern appears when service accounts, withdrawal automations, and privileged operators are not separately governed. In practice, many teams discover identity gaps only after suspicious flows have already moved through accounts that looked normal on paper.
How It Works in Practice
Strong identity governance in an exchange means every meaningful actor is known, scoped, reviewed, and revocable. That includes retail users, support staff, brokers, bots, wallet infrastructure, API keys, signing services, and back-office operations. The control goal is not only authentication, but traceable authority: who can trade, who can approve withdrawals, who can change wallet destinations, and which identities can move funds without human review.
At a practical level, teams usually need three layers of control:
- Onboarding: verify customer and privileged operator identities, bind sessions to risk signals, and require step-up checks for sensitive actions.
- Ongoing governance: review dormant accounts, unusual API use, privilege creep, and wallet or beneficiary changes against business justification.
- Offboarding and recovery: remove access fast, invalidate secrets, preserve logs, and make account closure or suspension operationally real.
For digital identity assurance patterns, NIST SP 800-53 Rev. 5 Security and Privacy Controls is a useful control baseline for account management, auditability, and least privilege. For NHI-specific operating detail, NHIMG’s Ultimate Guide to NHIs — Lifecycle Processes for Managing NHIs is particularly relevant because exchanges often fail at machine identity lifecycle management before they fail at human access management.
The operational issue is that exchanges often move quickly on product and liquidity changes while identity review stays manual, fragmented, or tied to customer support workflows. These controls tend to break down when high-volume onboarding, API-driven trading, and wallet operations share weakly separated privileges because attackers can blend into normal platform traffic.
Common Variations and Edge Cases
Tighter identity governance often increases friction, so exchanges have to balance user experience, market speed, and fraud resistance. That tradeoff is especially visible during rapid onboarding, cross-border transfers, and high-frequency API trading, where overly rigid controls can create delays and customer complaints. Current guidance suggests the better approach is risk-based governance rather than uniform restriction.
One edge case is the treatment of automated trading and treasury workflows. These are not “just users”; they are non-human identities with secrets, scopes, and failure modes that should be reviewed like privileged operators. Another is regulated or institutional custody, where approval chains, cold storage, and key management often need stronger separation than standard retail exchange accounts. NHIMG’s Top 10 NHI Issues is helpful here because it shows how credential sprawl, orphaned access, and weak lifecycle ownership undermine accountability across both people and machines.
Exchanges also need to distinguish between compliance checks and security governance. Know-your-customer workflows may satisfy onboarding obligations, but they do not by themselves stop privilege creep, stolen API keys, or unauthorized wallet changes. In practice, teams that stop at identity proofing often leave the exchange exposed to account reuse and insider-assisted abuse long after the customer file is approved.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Non-Human Identity Top 10 address the attack and risk surface, while NIST CSF 2.0 and NIST SP 800-63 set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| NIST CSF 2.0 | GV.OC-01 | Exchange identity governance depends on clear organizational ownership and risk accountability. |
| NIST SP 800-63 | IAL2 | Customer onboarding and privileged access review depend on reliable identity proofing. |
| OWASP Non-Human Identity Top 10 | Exchange bots, signing services, and API keys are NHIs that need lifecycle governance. |
Use assurance-based identity proofing for users and operators before granting sensitive capabilities.