Why Ndax Chooses Regulated Transparency Over Public Proof of Reserves

You’ve probably seen crypto platforms tout “Proof of Reserves (PoR)” as their gold standard for transparency. But that approach often gives a partial picture—one that can mislead rather than reassure. At Ndax, we take a different path. We don’t publish public PoR attestations. Instead, we rely on regulatory oversight, continuous reporting, independent audits, and control frameworks (including FINTRAC and SOC 2). That provides you, and our regulators, with greater transparency and confidence in our controls.

Here’s how it works, where PoR falls short, and why Ndax’s model is stronger. 

Proof of Reserves is a method some crypto platforms use to show that their on-chain holdings match or exceed user deposit balances. In practice, it often involves:

1. Publishing wallet addresses or cryptographic proofs (e.g. Merkle trees)
2. Having a third party or internal process attest that reserves ≥ liabilities

The idea is: “See, we’ve got the coins to back your deposits.” It’s a crypto-native form of transparency. 

PoR sounds good in theory—but in practice, it has important limitations. Here are the key weaknesses:

• Snapshot in Time Only: A PoR attestation captures holdings at a single moment. It doesn’t show how assets or liabilities may shift before or after that time.
• Ignores Liabilities or Off-Chain Obligations: Proof of Reserves shows what assets are held, but not what is owed. Liabilities and off-chain obligations are outside its scope, so it does not provide a full financial picture. That means assets alone don’t tell the full story.
• No Assurance of Controls or Governance: PoR attestations do not check internal controls, risk management, or governance. The PCAOB warns that such reports “provide no assurance regarding the effectiveness of internal controls or governance of the crypto entity.”
• Auditor Trust and Liability Risk: Some auditors have pulled back from offering PoR attestations because misuse or misunderstanding by the public poses reputational and liability risk.
• False Sense of Security: Because of these weaknesses, critics argue that PoR can be incomplete or potentially misleading if not fully understood. 

Given these risks, Ndax opts for a more robust, regulated model of transparency and accountability. Here’s how and why. 

We Operate Under CIRO / Securities Regulation

Ndax is a regulated investment dealer and marketplace, operating under the oversight of CIRO (Canadian Investment Regulatory Organization) and provincial securities regulators. As a result:

• We must file monthly reports to regulators that cover all client and corporate assets, where assets are held, how they’re segregated, capital adequacy, liquidity, and compliance.
• We are subject to continuous regulatory scrutiny on financials, operations, and risk.
• Our marketing and disclosures must follow CIRO rules: fair, balanced, not misleading.

Canada’s regulators, CIRO, have pushed crypto trading platforms to take the step of becoming registered investment dealers under securities laws. 

Independent, CIRO-Approved Audit Practice

We engage a CIRO-approved independent audit firm in Canada to perform regular audits. These audits validate:

• That client assets are fully backed
• That assets are properly segregated and under custody
• That liabilities align with obligations
• That our internal controls, governance, and accounting practices satisfy regulatory standards

Ndax believes that approach is a better alternative beyond what a PoR snapshot can deliver. 

Custody, Segregation & Risk Controls

We separate (ringfence) client assets from corporate funds and follow robust custody standards. Even under stress, client funds remain protected.

We also enforce risk, compliance, and operations controls internally. These controls are further strengthened by adherence to SOC 2 principles, which cover system security, availability, processing integrity, confidentiality, and privacy.

FINTRAC / AML / CTF Compliance

We comply with FINTRAC (Financial Transactions and Reports Analysis Centre of Canada) rules—monitoring, reporting, and record keeping to help detect and prevent illicit activity. This strengthens trust from a regulatory and security perspective. 

Because our transparency is built into regulated operations—not just a PoR snapshot—you gain a more reliable, holistic view of Ndax’s financial integrity. 

“Why not just do both PoR + audit?” 
You can—but only if you design it carefully. Any PoR disclosure must not violate CIRO marketing rules (no exaggerated claims, no solicitation). And it must be paired with audited financials to avoid misleading users.

“Users expect PoR today—will they trust Ndax without it?” 
Trust builds through consistent, verifiable practices—not flashy snapshots. Regulatory audits, on the other hand, are conducted regularly under strict standards. This ongoing, verifiable oversight gives users a stronger, more reliable basis for trust than a one-off attestation could.

“Is there a future for cryptographic PoR (zk-proofs, continuous attestation)?” 
There is potential. Some solutions aim to build real-time, zero-knowledge proofs of reserves and liabilities. But to be credible, they still must integrate with controls, audits, and regulatory frameworks—not stand alone.

• Under Canadian securities law, certain crypto trading platforms are required to register as investment dealers and become members of CIRO.
• The industry is moving away from informal or unregulated ‘snapshot transparency’ toward stronger oversight and audit integrity.
• Some auditing firms have even ceased providing PoR attestations due to liability and public misunderstanding.

In this environment, Ndax’s regulated, audit-backed approach is aligned with where the industry is heading. 

Q1: What exactly does “proof of reserves” show, and what doesn’t it show? 
A: It shows that the crypto platform holds certain on-chain assets at a point in time. It does not show all liabilities, internal obligations, off-chain loans, or how reserves fluctuate.

Q2: Why is proving liabilities (or “proof of liabilities”) important? 
A: Because even if assets exist, excessive liabilities or hidden obligations can make the firm insolvent. A proper audit accounts for both sides of the balance sheet.

Q3: Could Ndax adopt PoR in the future? 
A: Possibly—but only with careful design, full audit backing, and compliance with CIRO’s advertising rules to avoid misleading users.

Q4: What oversight does CIRO provide over crypto platform like Ndax? 
A: CIRO enforces rules for advertising, reporting, audits, operational risk, client asset segregation, and ongoing compliance. Ndax must file monthly and satisfy regulators continuously.

Q5: Why is SOC 2 relevant for a crypto platform? 
A: SOC 2 demonstrates that systems handling user data and operations meet high standards for security, availability, integrity, confidentiality, and privacy.

Q6: Does Ndax’s approach guarantee zero risk? 
A: No. Our approach mitigates structural risk via regulation and audits, but it doesn’t eliminate market or counterparty risk.