By assuming the role of the industry "pioneer," the Korea Blockchain Association (KBA) introduced a standard of assessment for the cryptocurrency industry, namely the ICO and crypto-exchange assessment guidelines.
However, there has been widespread criticism that the guideline, instead of being objective, is skewed to KBA’s benefits. The standard itself is viewed unfair as KBA, the examiner, evaluates its own members, or in other words, carries out "self" assessment.
◆ The inauguration of the ICO Club and the announcement of the Scam Risk Assessment Guideline
On October 1st, KBA inaugurated the ICO Club centered around its members and announced the Scam (fraudulent coin) Risk Assessment Guideline. The main purpose is to promote sound development of the cryptocurrency ecosystem and to identify potential scam projects.
KBA claimed that "whitepapers (business plans) are the only materials disclosed by startups for an ICO. An institution should be assigned to evaluate the feasibility or the business case of the whitepaper," adding "let’s designate an association or a private institution to play the role."
"Private organizations such as the Korea Blockchain Association can be leveraged as a screening entity," said Chairman Chin Dae-je of KBA during the "Blockchain, A New Opportunity for Korea – ABC Korea" conference held on October 2nd at the Small Conference Room of the National Assembly Library.
The newly inaugurated ICO Club will carry out the role of the aforesaid screening entity. The Club will distinguish "scam projects" from legitimate ones and provide reliable information to investors through regular meetings.
The main point of the assessment guideline is to "enable token issuance through ICOs for startups that satisfy the required conditions and resume the opening of new accounts by qualified crypto-exchanges."
Moreover, a Know-Your-Customer process will be used to authenticate investor’s identity and to identify investment purposes. ICO companies (issuers) that have undergone the process are exonerated from any future penalties that may be imposed on acts such as conducting fundraising without permission. Also, annual public announcements and audits on project status, details of fund use, and financial statements, among others, became mandatory.
"Anyone carrying out an ICO Project, and not just KBA members, are eligible for membership in the ICO Club," stated ICO Club through its inauguration mission statement.
◆ ICO Club members’ qualification sparks controversy…"a pioneer pretend play?"
The problem is that the members of the ICO Club, which is meant to identify the potential ICO scam risks, are met with skepticism about "whether the members are qualified to carry out the assessment" in the first place.
The founding members of the ICO Club are Hdac Technology (Hdac), MediBloc, BlockchainOS (BOSCoin), Glosfer (Hycon), and ICONLOOP (Icon).
All of these companies successfully raised their project operation funds through ICOs, but became embroiled in acrid debates during the process. They are also struggling to deliver substantial results, while experiencing a post-fundraising price crash of their coins (tokens).
Hdac is a cryptocurrency led by CEO Chung Dae-sun of Hyundai B&S, who founded HDAC Technology in Switzerland. With a successful launch of an ICO with a target of 6,000 BTC, Hdac earned itself the nickname "Hyundai Coin" in the market.
According to the whitepaper, 12 billion tokens were issued. However, in May, which was prior to the launch of the Mainnet, investors who tracked the node said "more tokens were mined and about KRW 330 billion worth of black money disappeared." The fact that the source code had been not disclosed in GitHub was also controversial.
As for MediBloc, it was criticized for operating only in Korea, where telemedicine technology is "illegal" under the Korean Medicine Law. The situation escalated to a point where the token issuer had to directly clear up the matter in May.
BosCoin, which also carried out an ICO for the first time in Korea around the same time, emphasized itself as the “First Local Coin,” when it has not even yet come up with a Mainnet.
On the other hand, Glosfer and ICONLOOP both launched Mainnets for Hycon and Icon, respectively. However, in the case of Hycon’s Mainnet, developed by Glosfer and announced in June, inexperienced operation and multiple trial-and-error during the launch stage caused inconvenience for investors, which in turn sparked a price crash.
ICON is being called an "empty block" for having only one block transaction. Also, its Mainnet, which was launched in January, was operated for more than six months without a source code disclosure. The Mainnet address and block have not been disclosed via blockchain explorer either.
Plus, a critical error was found where everyone was able to suspend and resume a transaction, which should only be authorized by the system manager. However, the company dismissed the problem as a "minor bug," disappointing the crypto-market.
◆ ICO assessment "carried out by their own league"…Scouted Professor Park Youngsook, the token entrepreneur
Chairman Lee Kyung-joon of Icon Foundation was selected as the President of the ICO Club, while Chairman Chin Dae-je, Industry Development Commissioner Woo Tae-hee, and Vice-Chairman Kim Hwa-joon, all from KBA, attended the Club’s inauguration ceremony, which is another point that makes it hard to argue against the claim that the ICO guideline project is KBA’s own private event.
There are other questionable business practices in place. For instance, Park Youngsook, who currently serves as the Chair of Korea Office of UN Future Forum, was appointed advisor of the Club.
Park is a Professor of Futures Studies at School for Design, Ewha Womans University, and also is the Vice-President of TokenWorld, which originally started out as the Asian Branch of Token Commons Foundation headquartered in the U.S.
Under her lead, Swytch Token’s ICO is secretly underway in communities since its launch in March. With widespread promotion that the token would get listed in late-May, fundraising took place in various communities. However, Swytch is still not listed, while the ICO token sale is still ongoing.
◆ A Self-Regulatory Assessment that does not disclose scores and ratings – "Collusion between the KBA and its members"
Just a few months ago, there was an incident in which KBA made biased assessments by applying favorable terms for their members. On July 11th, KBA announced its self-regulatory assessment results of 12 crypto-exchanges: an "All Pass."
The 12 screened exchanges were Bithumb, UPbit, GoPax, OKCOIN Korea, Huobi Korea, Hanbitco, Neoframe, Coinzest, Coinplug, DexKo, Korbit, and Coinone.
After a lengthy six-month assessment, all 12 exchanges earned a pass ticket. Assessment scores or ratings were not disclosed. The Association explained that all of these crypto-exchanges fulfilled the basic security requirements.
"Rigorous evaluation took place based on a minimum set of standards that have been shared beforehand," said, Commissioner Jeon Ha-jin of Self-Regulatory Committee. "Passing the assessment does not imply perfect security or service, but it shows that the company fulfilled basic elements necessary for user protection."
To this end, the crypto-market is responding, "the Association and members are putting on a show to cover up hacking incidents and allow the issuance of new accounts."
In fact, the KRW 19 billion worth hacking incident of Bithum, a VIP client of KBA, had great repercussion for the market on September 20th, and UPbit was also involved in a hacking scandal on October 9th. Moreover, UPbit’s transaction was suspended temporarily on the very day KBA announced the self-regulatory assessment results.
Security incidents in crypto-exchanges have continued in recent years. In June, Coinrail suffered a hack attack, which lead to the loss of KRW 40 billion. Prior to Coinrail, Yapizon (now Ubit) was hacked for KRW 5.5 billion worth of bitcoins in April last year, and was hacked again in December after changing its name to Ubit, witnessing a loss worth KRW 17.2 billion. In about a year, KRW 100 billion worth of stolen wealth evaporated due to hacks.
Against this backdrop, KBA spent six months carrying out the so-called "self-regulatory assessment," but the results in and of itself cannot be used to determine which crypto-exchanges are safe. The assessment simply appears to be a granting of free pass by the Association to its member crypto-exchanges.
◆ Assessment comprised only of document review and exchange desk employee interview?
It is said that even "experts don’t know" how to do a security evaluation for crypto-exchanges. The fact that the assessment only comprised of a document review and a crypto-exchange employee interview shows how poor the overall screening process was.
The Self-Regulatory Committee of KBA carried out a month-long assessment beginning in May based on the Self-Regulatory Framework, which consists of general and security categories.
The process initially underwent a document review, following the document submission by the 12 member crypto-exchanges on May 1st. It was a two-track evaluation of general assessment and security assessment.
On May 30th, the Self-Regulatory Committee members interviewed the working level managers and executives per company based on the resubmitted materials, following a request to provide supplement documents.
The general assessment categories were financial information, provision of basic and investment information of users, complaints management system, asset protection for users, exchange desk ethics, and anti-money laundering.
There were in total 28 detailed categories including, equity capital of KRW 2 billion and over, management method and announcement of owned assets, coin listing process, complaints management system, owning 70% and over cold wallets, and anti-manipulation of market prices.
"It took only one month to intensively review the 28 assessment categories for 12 exchanges," said one industry expert, questioning "How can one find security loopholes when screenings are done in a way where instructions are given to supplement parts that came up short during the document review, which is then followed by interviewing a crypto-exchange employee?"
Translated by Cha Soo-jin