Written by Fintax
1. The whole story of the OKX incident
Recently, the compliance controversy of OKX has been a hot topic on social media. On July 4, OKX user Wade @weideyyds published a long article on X, "About the exposure of OKX Exchange maliciously freezing user account funds and collecting user privacy information beyond regulations". The article stated that since mid-June, OKX has asked him to submit additional information on the source of funds and submit salary flow. After the source of funds information authentication failed, OKX froze the user's account and asked him to provide work experience in the past 10 years, employment records in the past 5 years, including employer name, job title and nature of work, as well as countries and regions where he lived in the past 5 years. The user submitted relevant certificates over and over again as required, but the relevant application was rejected. After consulting customer service, it was still fruitless. The user believed that the platform maliciously froze the account.
The article was widely circulated on X, resonating with many users. Many users said they had experienced similar things on OKX. The number of views of the original post exploded, exceeding 1 million within 24 hours. Due to the huge response, OKX immediately intervened, and the official account comments would be expedited to follow up and verify, and quickly resolved the user's account problem, but it did not appease the emotions of other users. On July 5, after a night of fermentation, OKX CEO Star (Xu Mingxing) personally went out to do public relations, quoted this tweet and explained, turning the topic from "OKX malicious account blocking" to "compliance risk control", using the concept of "false positives" (the system misjudged normal users as risky users) to explain why the platform collects additional information from many users, and introduced OKX's compliance team and related work.
As of now, the discussion on OKX’s compliance crisis is still ongoing.
2. CEX has a long road to compliance
OKX is not the first centralized exchange to be caught up in a compliance dispute. For example, in September 2024, a Binance user complained on a social media platform that Binance restricted his account because he used cryptocurrency assets as his only source of income, and asked the user to provide proof of annual income and tax payment, which also sparked heated discussions.
Binance was founded in 2017 and rose rapidly in the early days of the crypto market, which was not strictly regulated. Between 2017 and 2020, Binance did not have a headquarters or a clearly defined registered jurisdiction. Its strategy was to achieve rapid growth through "decentralized offices" and "keeping distance from regulation." In a sense, Binance is actually a super-large trading network formed in a regulatory vacuum, with a user base and trading volume far exceeding that of traditional compliant financial institutions. However, starting in 2021, as global attention to the regulation of crypto assets has intensified, Binance has gradually become the focus of regulators in various countries. In mid-2021, the Financial Conduct Authority (FCA) of the United Kingdom explicitly prohibited Binance Markets Limited from conducting any regulated activities in the United Kingdom. Subsequently, regulators in many countries, including the Financial Services Agency (FSA) of Japan, the Federal Financial Supervisory Authority (BaFin) of Germany, and the Italian Securities Supervisory Commission (CONSOB), have also issued warnings or imposed restrictions. Such regulatory actions not only restrict Binance's fiat currency channels, but also seriously affect its payment and clearing capabilities in the traditional financial system. Faced with high regulatory pressure, Binance has gradually transformed into a compliance-oriented international organization since 2022, and has successively obtained virtual asset service providers (VASP) or equivalent licenses in France, Spain, Italy, the United Arab Emirates, Kazakhstan and other places, trying to establish a global legal business structure through the "regional spin-off + local compliance" model. At the end of 2023, as the U.S. Department of Justice filed a criminal lawsuit against Binance and reached a $4.3 billion fine settlement agreement, its founder Zhao Changpeng announced his resignation as CEO and was replaced by Richard Teng, the former director of the U.S. Treasury Department's Criminal Enforcement Network (FinCEN). This personnel change is generally regarded as a key step for Binance to show goodwill to regulators and accelerate compliance.
In contrast, OKX's internationalization and compliance transformation started significantly later. OKX was spun off from OKCoin in 2017. In the early days, it mainly cultivated the Chinese mainland and East Asian markets. Later, it moved its headquarters to Malta and tried to access the local compliance framework. For a long time, OKX has not obtained licenses in mainstream European and American countries, and its user base is still mainly in Asia and emerging markets. In recent years, OKX has launched an internationalization strategy, and has applied for and obtained some compliance qualifications in Dubai, Singapore, the Bahamas and other places. In 2023, it became one of the applicants for the Hong Kong virtual asset trading platform license, but the overall compliance promotion speed and scope are slightly conservative compared with Binance. In terms of user management and risk control, OKX has begun to strengthen the KYC and AML processes in the past two years. Its official documents show that its KYC is divided into three levels: binding identity proof, address verification and face recognition as basic compliance elements. At the same time, OKX has connected with on-chain monitoring agencies such as Chainalysis in terms of anti-money laundering policies, and has a transaction behavior risk control system.
However, OKX still has a gray area of "operating without registration" in some markets. Take South Korea as an example. In 2024, the South Korean Financial Intelligence Agency accused OKX of providing services to South Korean residents without permission, in violation of the (Specific Financial Transaction Information Act). Similar situations are also reflected in Japan, the United States and other regions. In early 2025, OKX's Seychelles subsidiary reached a settlement with the US Department of Justice, admitting that it provided remittance services to US users without permission, and paid a fine of US$84 million, giving up about US$421 million in related income. Although no specific employee or customer responsibilities were involved and no criminal charges were triggered, the incident also promoted the adjustment of OKX's compliance work. In response to regulatory concerns, OKX announced that it would significantly strengthen its KYC, customer risk rating (CRR) and anti-money laundering system (AML), claiming that it had formed an on-chain investigation and compliance team of more than 150 people. At this point, OKX's compliance journey has also entered a new stage.
3. Is compliance a dead end for CEX?
As crypto assets continue to develop, compliance is an inevitable trend. On July 7, Xu Mingxing reiterated that OKX is improving its technology to reduce the interference of false positives on users, pointing out that only about 1% of users will receive inquiries about the source of funds or work and residence information in the past years. 99% of users will not be disturbed, and listed the main reasons for false positives. He also emphasized that specific inquiries are only to clarify the facts, ensure that the platform is not abused, and that the security of users' assets and accounts will not be affected in any way, let alone prevent users from withdrawing coins. Although Xu Mingxing sent 7 tweets in just three days, he still failed to calm the public anger.
In terms of compliance, any CEX needs to cooperate with supervision. This is a general provision of the laws of various countries and is not wrong in itself. What really made OKX the target of public criticism was the crisis of trust in CEX caused by compliance. From the first exposure, OKX was suspected of maliciously freezing accounts. Then many people exposed OKX's forced liquidation, insufficient contract depth, malicious plug-in and other issues. These "commonplace" scandals of the exchange suddenly erupted. In addition, some Kols began to "turn over old accounts" and re-examine OKX's old news, including the event that all user assets were restricted from withdrawing coins for one month in 2020. OKX has more or less fallen into a crisis of trust. Many users are even worried about the security of their assets and are ready to withdraw from OKX and switch to other CEX or even DEX, but they find that OKX cannot cancel their accounts. This "no way out" situation further ignited the emotions of users.
As for why OKX is so urgent and aggressive in its compliance measures, some Kols speculated that the main reason may be that OKX is planning to go public on the US stock market. Previously, OKX has repeatedly sent out signals that it wants to publicly capitalize, and has also made arrangements for this for many years, from buying Shell Cloud Chain in Hong Kong stocks many years ago to reducing the empowerment of $OKB, and pushing for business compliance at the critical moment of the wallet war. Is OKX really becoming conservative for the sake of going public? Of course, as a world-renowned exchange, OKX has very bright fundamentals and can obtain a very high valuation. If it uses the SEC review to clarify past disputes and successfully go public to obtain an entry ticket to the mainstream financial circle, it can be said that there are only benefits and no harm. But the corresponding direct cost is to pay a high cost and make compliance rectifications based on a strict regulatory framework.
From another perspective, an important part of CEX compliance work is to build an information communication bridge between CEX and regulatory authorities, and coordinate the relationship between its own business model and regulatory requirements. Unilaterally transferring compliance responsibilities to users is not the right way to complete this work. Perhaps, if OKX hopes to truly establish a credible compliance system in the future, it should find a balance between user experience and regulatory cooperation, especially clarifying the boundaries of its compliance measures and giving users full information and protection in terms of data storage and fund custody.
4. What can ordinary investors do?
For ordinary investors, cooperating with KYC, asset source review and other systems has become a routine requirement of centralized exchanges. After completing basic identity authentication, ordinary investors should pay special attention to the preparation of evidence of asset sources. For example, tax receipts, bank statements, transaction records, recharge records, work income certificates, etc. are all commonly used proof methods in compliance verification. Among them, "tax receipts" are an effective proof that combines official recognition and information completeness. If an investor has declared and paid taxes due to profit from cryptocurrency speculation, the tax bill itself can directly constitute a strong support for the legal source of income.
This also brings up an important but often overlooked issue: Do you need to pay taxes on the gains from cryptocurrency trading? The answer is yes. According to the standards generally adopted by tax authorities in various countries, the profits from the sale of crypto assets are usually regarded as "capital gains" or "property income" and should be declared and taxed according to law. In the United States, the tax issue of cryptocurrencies has attracted the attention of the IRS as early as 2014. In recent years, with the prosperity of the US crypto market, the tax regulations of the IRS have been continuously improved. "Bitcoin Jesus" Roger Ver, MicroStrategy CEO Michael Saylor and other celebrities in the cryptocurrency circle have been accused by the IRS for tax issues and face huge fines or even imprisonment. Even in mainland China, which has a prohibitive attitude towards cryptocurrencies, the tax authorities are keeping a close eye on the income from cryptocurrency trading. In particular, recently, the USDT income of a resident in Zhejiang was required by the tax authorities to pay back taxes, which once again caused a certain degree of concern in the cryptocurrency circle. According to verification, the relevant income of this mainland resident was discovered by the tax department through CRS (Automatic Information Exchange Mechanism for Financial Accounts). At that time, there was a sum of money in his account, and this money was exactly the profit from the resident's cryptocurrency trading. Although the tax authorities' inspections are not specifically aimed at "cryptocurrency speculation", when the trading income flows back to the bank account, it is naturally included in the financial supervision field. In addition, it should be noted that since trading institutions such as CEX are illegal in mainland China, the tax authorities in mainland China cannot obtain large-scale user transaction information from them. Compared with currency exchange, it is more about tracking legal currency funds.
Tax evasion by cryptocurrency speculation is not an act in the "grey area", nor is it a small problem that can be ignored for a long time. Major countries around the world have long begun to pay attention to the tax issues brought about by crypto assets. Although the time, method and intensity of action taken by different countries are different, it is a reality that the income from the cryptocurrency circle needs to be taxed. For ordinary investors, the best solution to facing taxation or other supervision is not to evade, but to prepare and cooperate. Investors can consider actively keeping transaction records, legal currency in and out bills, capital flows and various vouchers in the profit accounting process, so that they can have a basis and clear defense in future tax inquiries. Otherwise, once they are required to pay taxes without being able to trace the source of assets, they may not only bear additional tax burdens, but also suffer more property losses due to difficulties in providing evidence.
