I used to work at Vanguard, which has significantly more assets under management than Coinbase. Vanguard had special categories for people with a lot of assets, high net worth, ultra-high net worth, etc for people that had over $10M and $100M (iirc) in assets under management at Vanguard. Because its a traditional finance company all of the client information was stored (name, phone, address, email, etc). Now it was basically impossible for any employee to get access to this information without needing it. Even working in the tech side I could not just log into the DB and run a query for people's information, make trades, etc. Everything was logged, everything was tracked, and access was very specifically restricted to limit issues.
My point here is that Coinbase (blaming this on a "overseas" employee) and the TechCrunch founder are missing that traditional finance companies have already solved these issues. They are just immature and not serious companies.
rchaud · 2h ago
> They are just immature and not serious companies.
Every company running on "Founder Mode" where the founder is banking on weak regulations and low competition instead of a solid product with customer safety guardrails will end up this way.
throwaway290 · 1h ago
basically the entire space of so called AI:)
hoppp · 6h ago
Yes because crypto exchanges born out of the wild west like conditions don't want to actually do any KYC. So they do some whacky solutions.
tabbott · 7h ago
Some of the quotes in the article try to blame some of the harm from Coinbase's data breach on "know your customer" regulations. It's such self-serving nonsense.
Society is within its rights to demand that financial institutions both (1) protect their customers' sensitive personal information and (2) fight money laundering, which AFAIK is impractical without KYC rules at institutions like Coinbase that connect crypto to the traditional monetary system.
m463 · 2h ago
It could also be that KYC is an immature rule that says "the data must be collected".
Maybe a more nuanced future KYC rule might need to both collect and protect customer data.
rlnvlc · 6m ago
That's already the case, but greedy execs love cutting corners.
gamblor956 · 4h ago
Of course the tech industry's solution to the problem is to spend tens of millions in lobbying to get rid of the KYC regulation, rather than a few bucks upgrading their security systems to what banks of had for several decades.
My point here is that Coinbase (blaming this on a "overseas" employee) and the TechCrunch founder are missing that traditional finance companies have already solved these issues. They are just immature and not serious companies.
Every company running on "Founder Mode" where the founder is banking on weak regulations and low competition instead of a solid product with customer safety guardrails will end up this way.
Society is within its rights to demand that financial institutions both (1) protect their customers' sensitive personal information and (2) fight money laundering, which AFAIK is impractical without KYC rules at institutions like Coinbase that connect crypto to the traditional monetary system.
Maybe a more nuanced future KYC rule might need to both collect and protect customer data.