Detailed Analysis and Legal Explanations

of the Digital Contract Text

Introduction

This document analyzes each clause of the User Agreement & Terms of Service text

presented by Source Digital Asset Systems LLC in detail and explains it in light of relevant

United Kingdom law and regulatory frameworks (FCA, MiCA, etc.). The aim is to reveal

the legal meaning, potential consequences, and importance for users of each provision

of the agreement. Explanations include references to relevant laws and standards.

Conclusion and General Assessment

This analysis highlights the important points of the presented User Agreement & Terms

of Service text in terms of United Kingdom law and relevant regulatory frameworks. The

agreement addresses complex issues such as digital asset custody, arbitrage trading,

and insurance. Some prominent general assessments include:

• Security and Custody: The use of FCA-regulated custodians, SOC 2/ISO 27001

compliant infrastructure, and Lloyd's insurance are positive elements for asset

security. However, the limits of insurance coverage (especially the exclusion of

market risks) and reliance on third-party providers are important.

• Regulatory Uncertainty: The Company's "No-KYC" model and its strategy of

relying heavily on third parties for regulatory compliance pose significant risks

regarding UK AML/CTF regulations (MLRs 2017) and potential FSMA authorization

requirements. The Company's own regulatory status is unclear.

• User Risks: The agreement largely places the responsibility for market risks,

unsupported asset transfers, and lock-up periods on the user. Terms such as waiver

of cancellation rights and automatic renewal should be carefully evaluated for

fairness under the Consumer Rights Act 2015.

• Transparency: There is a lack of transparency regarding third-party providers (due

to the NDA), the arbitrage algorithm, and the full details of the insurance policy.

Users are advised to carefully review this agreement, especially the risk disclosures,

liability limitations, lock-up periods, and regulatory position, and clarify any points they

do not understand before accepting. This analysis is for informational purposes only,

does not constitute legal advice, and users are recommended to seek independent legal

counsel for their specific situation.References (Sources Cited Within the Text)

• United Kingdom Legislation:

◦ Electronic Communications Act 2000

◦ Companies Act 2006

◦ Electronic Identification and Trust Services for Electronic Transactions

Regulations 2016

◦ Money Laundering, Terrorist Financing and Transfer of Funds (Information on

the Payer) Regulations 2017

◦ Financial Services and Markets Act 2000 (FSMA)

◦ FSMA 2000 (Regulated Activities) Order 2001

◦ Financial Markets and Insolvency (Settlement Finality) Regulations 1999

◦ Consumer Rights Act 2015

◦ Trade Secrets (Enforcement, etc.) Regulations 2018

◦ Insurance Act 2015

◦ Fraud Act 2006

◦ Computer Misuse Act 1990

◦ Data Protection Act 2018

◦ Proceeds of Crime Act 2002 (POCA)

◦ Insolvency Act 1986

◦ Arbitration Act 1996

◦ The Law Applicable to Contractual Obligations (England and Wales and

Northern Ireland) Regulations 2009

◦ The Consumer Contracts (Information, Cancellation and Additional Charges)

Regulations 2013 (CCRs)

◦ Unfair Contract Terms Act 1977

• FCA (Financial Conduct Authority) Resources:

◦ FCA Handbook (MAR, CASS, COBS, SYSC)

◦ Policy Statement PS19/22: Guidance on Cryptoassets

◦ Policy Statement PS21/3: Building operational resilience

◦ Cryptoasset Consumer Warnings

◦ Treating Customers Fairly (TCF) Principles

• Other Standards and Reports:

◦ Law Commission Report on Electronic Signatures, No. 386, 2019

◦ NIST FIPS 140-2 Overview

◦ AICPA SOC 2

◦ IAASB ISAE 3402

◦ ISO/IEC 27001

◦ CMA Guidance on Unfair Contract Terms

• EU Regulations:

◦ eIDAS Regulation (EU) No 910/2014◦ MiCA Regulation (EU) 2023/1114

◦ Rome I Regulation

◦ Brussels I Regulation (Recast)

• Institutional Websites (Linked within the text): Gov.uk, Legislation.gov.uk, FCA,

NIST, AICPA, IAASB, ISO, Lloyd's, Courts and Tribunals Judiciary, LCIA, NCA, HM

Treasury, Eur-lex.europa.eu.

Section 1: Parties and Identification - Detailed

Explanation and Legal References

This section defines the parties forming the basis of the agreement and how these

parties are identified. It establishes the legal relationship between the "User" and the

"Company" (Source Digital Asset Systems LLC). The validity of this agreement made in a

digital environment and how the parties' identities are determined should be addressed

within the framework of UK Commercial Law (for general principles, see: UK Commercial

Law Overview).

Identification of Parties:

• User: The agreement identifies the user not by a specific name, but based on data

obtained at the time of digital registration. This data includes:

◦ Username: The unique identifier chosen by the user when registering on the

platform.

◦ IP Address: The numerical address of the network the user connects to the

internet from. This generally provides approximate information about the

user's geographical location and helps identify the connection source.

◦ MAC Address: The physical address belonging to the user's device's network

interface. This is used to identify a specific device, but due to privacy concerns

(e.g., MAC address randomization) and technical limitations, it may not

always be reliably collected or usable.

◦ Geolocation: More precise location information obtained via IP address or

other device sensors like GPS.

The use of these digital identifiers is the primary way of determining the user's

identity, especially when "Know Your Customer" (KYC) procedures are not applied

(as stated in Section 12). However, the accuracy and legal sufficiency of these

methods can be debatable, particularly considering that IP and MAC addresses can

be dynamic, masked, or easily spoofed. While UK law accepts digital identity

verification methods (e.g., under the Electronic Communications Act 2000), thereliability and resistance to fraud of these methods are important, especially in

terms of the law of evidence.

• Company: Identified as Source Digital Asset Systems LLC. It is stated that the

Company is under UK jurisdiction and subject to UK Commercial Law. This means

any dispute arising from the agreement will be resolved in UK courts or through

relevant arbitration mechanisms (as detailed in Section 11).

◦ Note: The term "LLC" (Limited Liability Company) generally belongs to the US

legal system. In the UK, the similar structure is called a "Private Limited

Company" (Ltd) and is regulated by the Companies Act 2006

(Legislation.gov.uk Link). Although "LLC" is used in the agreement, the

specification of UK jurisdiction may require clarification of the company's

legal status. However, adhering to the contract text, it is accepted that the

company has a limited liability structure. This structure limits the personal

liability of the owners but does not eliminate the company's legal obligations.

Digital Acceptance and Legal Binding:

The digital acceptance of the agreement is generally considered valid under the UK's

Electronic Communications Act 2000 (Legislation.gov.uk Link) and relevant case law.

This act establishes the legal validity of electronic signatures and contracts (specifically

Section 7). Furthermore, despite leaving the EU, the UK has incorporated the core

principles of the eIDAS Regulation (Regulation (EU) No 910/2014) for electronic

identification and trust services into its legal system (e.g., via the Electronic

Identification and Trust Services for Electronic Transactions Regulations 2016).

Giving consent through an action like clicking an "I Agree" button (a clickwrap

agreement) can generally be considered a valid acceptance and a simple electronic

signature under these legal frameworks. However, for this acceptance to be valid, the

user must have had a reasonable opportunity to review the contract terms, and their

intention to accept must be clear (see Law Commission Report on Electronic Signatures,

No. 386, 2019). The agreement's matching of user identity with technical data like IP and

MAC addresses forms the basis for creating the digital signature (as detailed in Section

14). This situation might create difficulties in proving identity in a potential dispute

(especially regarding the evidentiary weight of a simple electronic signature), but the

legal recognition of electronic contracts and signatures is a general principle.

Important Legal Points (with References):

• Jurisdiction: The agreement being subject to UK law (governing law) and the

jurisdiction being set as London (Section 11) is valid by the parties' agreement (seeRome I Regulation on applicable law and Brussels I Regulation (Recast) - as

incorporated into relevant UK legislation).

• Identification: The absence of KYC and reliance on digital data for identification,

while providing anonymity, carries risks regarding anti-money laundering

regulations (e.g., Money Laundering, Terrorist Financing and Transfer of Funds

(Information on the Payer) Regulations 2017) and can complicate proving

account ownership.

• Electronic Acceptance: While the legal binding nature of digital acceptance is

recognized under the Electronic Communications Act 2000 and eIDAS principles,

evidence that the user understood the terms and gave informed consent (e.g., the

presentation and readability of the agreement) is important.

Section 2: Description of Services - Detailed Explanation

and Legal References

This section defines the nature and scope of the service offered by the Company to the

User. It states that the service provided is a proprietary arbitrage trading system

operating via specific technical infrastructures.

Service Features:

• Proprietary Arbitrage Trading System: It is stated that the Company offers its

own, specially developed system. The operating principle of this system is

arbitrage. Arbitrage is a generally accepted strategy in financial markets and may

fall under the definition of regulated activities under the Financial Services and

Markets Act 2000 (FSMA) (Legislation.gov.uk Link), especially if the Company's

activities are considered investment advice or portfolio management (see FSMA

2000 (Regulated Activities) Order 2001). The agreement specifies that arbitrage is

conducted only on the BTC/USDT pair.

• High-Frequency Trading (HFT): The system is described as "high-frequency." HFT

is not directly regulated by a specific law in the UK but is addressed within the

framework of existing market regulations such as the Market Abuse Regulation

(MAR) (FCA Handbook Link). MAR regulates issues like market manipulation and

insider trading, and HFT strategies must comply with these rules. The FCA has

published guidance on algorithmic trading and HFT.

• Off-Exchange Settlement Infrastructure: It is stated that the system uses an off

exchange infrastructure for the settlement of transactions. Such settlement

mechanisms are used, especially for large volume transactions, and counterparty

risk management is important. The regulatory status of this infrastructure (e.g.,

whether it is or falls within the scope of a Multilateral Trading Facility (MTF) orOrganised Trading Facility (OTF)) is unclear. The security and finality of settlement

may relate to regulations such as the Financial Markets and Insolvency

(Settlement Finality) Regulations 1999.

• Third-Party Custodian and Infrastructure Provider ("Service Provider"): It is

stated that the off-exchange settlement infrastructure and possibly asset custody

services (Section 3) are provided by a third party. It is mentioned that there is a

Non-Disclosure Agreement (NDA) between this Service Provider and the Company.

NDAs are subject to general contract law principles and are used to protect trade

secrets. However, the existence of an NDA prevents the user from obtaining

information about the party providing a critical part of the service and conducting

a risk assessment. The user relies on the Company's obligation to exercise

reasonable care and skill (a general law principle and an implied term under the

Consumer Rights Act 2015, Section 49) in selecting and supervising this third

party.

• User Participation: Users participate in the service by transferring digital assets to

unique wallet addresses provided by the Company. This means users entrust their

capital to the system under the Company's control. Users do not make direct

trading decisions on the assets they transfer; these transactions are carried out

entirely automatically by the system (Section 7).

Important Legal and Operational Points (with References):

• Proprietary System and Trade Secrets: Protecting algorithms as trade secrets is

legal (Trade Secrets (Enforcement, etc.) Regulations 2018). However, this can

make it difficult for users to fully understand the risks of the service.

• Third-Party Dependency and Duty of Care: The Company has a duty to exercise

reasonable care in selecting and managing third parties for critical services. Breach

of this duty could lead to a negligence claim. The NDA does not eliminate the

Company's obligation but may complicate proof.

• HFT and Market Regulations: HFT operations must comply with market rules like

MAR. Algorithmic errors or manipulative strategies can have legal consequences.

• Nature of the Service: Whether the service offered constitutes a regulated activity

under FSMA (e.g., 'managing investments' or 'dealing in investments as principal/

agent') is important and may require the Company to be authorized by the FCA.

The statements in Section 12 create uncertainty on this matter.Section 4: Supported and Insured Assets - Detailed

Explanation and Legal References

This section clearly defines the digital assets covered by the Company's custody and

insurance services. The most critical statement in this section is that no digital assets

other than those listed above are covered by insurance. If users send any

cryptocurrency other than these 7 listed assets (e.g., Cardano (ADA), Dogecoin (DOGE),

Shiba Inu (SHIB), or lesser-known altcoins) to the wallet addresses provided by the

Company, these assets:

1. Will Not Be Insured: If any system failure, security breach, custodian error, or other

events covered by the insurance defined in Section 5 occur, no insurance

compensation will be paid for these out-of-scope assets. The scope of insurance

policies is limited by the terms of the insurance contract (Insurance Act 2015 and

general contract law principles).

2. May Not Be Recoverable: The Company does not guarantee that these assets will

be recovered in the event of a system crash or breach. If the custody infrastructure

or recovery procedures (Section 10) do not support these assets, they may be

permanently lost. This is a contractual term defining the technical limits of the

service and the scope of the Company's liability.

This situation clearly states that users should only transfer the specified 7 assets. In case

of accidentally or intentionally sending an unsupported asset, the entire risk lies with

the user. Such a disclaimer of liability may be valid provided the term is clear,

unambiguous, and brought to the user's attention. However, under the Consumer

Rights Act 2015, specifically Part 2 (Unfair Terms), the fairness of such a term is assessed

(Section 62). If the term creates a significant imbalance in the parties' rights and

obligations to the detriment of the consumer, contrary to the requirement of good faith,

it may be deemed unfair.

Important Legal and Financial Points (with References):

• Risk Management and Service Scope: Limiting supported assets may be a

legitimate business decision for the Company to manage operational complexity,

custody costs, and insurance premiums.

• Clarity of Insurance Coverage: Limiting insurance coverage to specific assets is a

fundamental element of the insurance contract. Insurance policies must clearly

state which risks and which assets are covered and to what extent (Insurance Act

2015 - duty of fair presentation).

• User Responsibility and Information: Users have the responsibility to know

which assets are supported and to transfer only those assets. It is important for theCompany to provide this information clearly and understandably to the user

(Consumer Rights Act 2015, Part 1 - information requirements).

• Transparency and Unfair Terms: Clearly stating the list of supported assets and

the risks associated with out-of-scope assets provides transparency. However, the

presentation and content of this disclaimer are important regarding whether it

constitutes an unfair term under the Consumer Rights Act 2015.

Section 5: Custody and Insurance Framework - Detailed

Explanation and Legal References

This section details the nature of the entities responsible for the custody of user assets,

the standards they adhere to, and the scope of the existing insurance policy. This is one

of the most crucial sections regarding the security of user funds and is closely related to

UK financial regulations, particularly the FCA Client Assets Sourcebook (CASS).

Custody Service Providers and Standards:

• FCA Regulated Custodians: It is stated that asset custody is provided through

custodians regulated by the UK Financial Conduct Authority (FCA) (FCA Website).

The use of an entity authorized and supervised by the FCA implies that this entity

must comply with the Financial Services and Markets Act 2000 (FSMA) and

relevant FCA Handbook rules, especially the CASS rules concerning the protection

of client assets (FCA Handbook - CASS). CASS imposes strict requirements for the

segregation, recording, and safeguarding of client assets from the firm's own

assets. This is a significant safeguard for the reliability and accountability of the

custody service, especially in the event of the firm's insolvency (linked to Section

11).

• Compliance Standards: These custodians are stated to comply with the following

internationally recognized standards and best practices:

◦ SOC 2 Type II (System and Organization Controls 2 Type II): An audit report

developed by the American Institute of Certified Public Accountants (AICPA)

that evaluates the effectiveness of a service organization's controls related to

security, availability, processing integrity, confidentiality, and privacy over a

period of time (AICPA SOC Overview).

◦ ISAE 3402 (International Standard on Assurance Engagements 3402): An

international auditing standard issued by the International Auditing and

Assurance Standards Board (IAASB) used to provide assurance on the internal

controls at service organizations (IAASB ISAE 3402).◦ ISO/IEC 27001: A standard for Information Security Management Systems

(ISMS) published by the International Organization for Standardization (ISO)

and the International Electrotechnical Commission (IEC) (ISO 27001

Overview).

Compliance with these standards indicates that the organizations providing the

custody service adhere to high operational and information security management

standards, although it still does not eliminate all risks.

Insurance Policy:

• Insurer: The insurance is stated to be provided by a UK-based Lloyd's of London

(Lloyd's Website) consortium. Lloyd's is not a single insurance company but a

marketplace where members (syndicates) underwrite insurance and reinsurance

risks. Lloyd's typically specializes in insuring complex, unique, and high-value risks.

• Insurance Coverage: The insurance policy is explicitly stated to cover the following

specific operational and security risks:

Section 3: Digital Wallet Infrastructure and Custody -

Detailed Explanation and Legal References

This section focuses on how users' digital assets are stored, the technical details of the

wallet infrastructure, and key management security. The security and custody of crypto

assets are among the most critical issues for users and are closely related to regulations

in the UK such as the FCA's Client Assets Sourcebook (CASS), although the direct

applicability of CASS to crypto assets is still evolving (see FCA Policy Statement PS19/22

and ongoing work).

Infrastructure and Custody Details:

• Unique Crypto Wallet: Each user is assigned a unique cryptocurrency wallet

address. This aligns with the principle of segregation of funds, which is a

fundamental principle of CASS rules and supports the claim of beneficial

ownership in Section 11.

• Supported Blockchain Networks and Liability: The requirement that

transactions must only be executed through supported networks, and that liability

for transfers on unsupported networks rests with the user, defines the technical

limits of the service. Such limitations of liability may be valid under general

contract law, provided the contract terms are clear and unambiguous. However,

the fairness of this term can be assessed under the Consumer Rights Act 2015.

• Wallet Custody Technology (Ledger Enterprise): The use of a well-known

technology provider like Ledger aims to provide assurance regarding security.However, the regulatory status of the custody service using this technology (being

regulated by the FCA as stated in Section 5) is more important than the technology

provider itself.

• Key Management (MPC and Key Sharding): Technologies like Multi-Party

Computation (MPC) and Key Sharding are modern cryptographic approaches

aimed at enhancing private key security. They aim to eliminate single points of

failure. The use of these technologies can be considered part of the duty of the

custody service provider to exercise reasonable care and skill.

• Hardware Security Modules (HSMs): It is stated that key shards are stored in

regulated custodians using HSMs compliant with the FIPS 140-2 Level 3 standard.

FIPS 140-2 is a standard developed by the US National Institute of Standards and

Technology (NIST) but is globally recognized for cryptographic security (NIST FIPS

140-2 Overview). Level 3 provides a high level of physical security and identity

based authentication. The use of this standard indicates the security of the custody

infrastructure.

• Fourth Key Shard: The delivery of a fourth key shard to the user if their balance

exceeds 5,000,000 USD offers an additional control mechanism for high-value

clients. This creates a type of co-signing mechanism. However, the responsibility

for securely storing and managing this shard transfers to the user. Loss or

compromise of this shard by the user could prevent access to or risk the assets.

Important Legal and Security Points (with References):

• Technological Security and Duty of Care: The use of MPC, Key Sharding, and

HSMs are factors supporting that the Company and/or the custodian exercises the

necessary care to protect client assets (Consumer Rights Act 2015, s.49 -

requirement for services to be provided with reasonable care and skill).

• Third-Party Custodians and CASS: Holding key shards with FCA-regulated

custodians potentially brings the applicability of CASS rules (especially CASS 6 -

Custody Rules) into play. These rules contain strict requirements for the

segregation, recording, and safeguarding of client assets (FCA Handbook - CASS).

• Unsupported Network Risk and Liability: While the user bearing the risk of

incorrect network transfers falls within the principle of freedom of contract, the

adequacy of information provided and the fairness of the term can be examined

under the Consumer Rights Act 2015, Part 2 - Unfair Terms.

• High Balance Control and User Responsibility: Giving a key shard to the user

increases control but also transfers responsibility. The consequences of this

transfer must be clearly explained to the user.Section 7: Arbitrage Operations - Detailed Explanation

and Legal References

This section explains how the arbitrage trading system, which is the core of the service,

operates. It details the specific trading pair, the automated nature of the execution, and

the lack of user control over the trades.

Operational Details:

• Specific Pair (BTC/USDT): The focus of the strategy is defined by the arbitrage

operations being conducted solely on the BTC/USDT pair.

• Algorithmic Execution: The fully automated execution of trades by algorithms

involves elements of HFT (High-Frequency Trading). Algorithmic trading in the UK

is addressed in various parts of the FCA Handbook (e.g., the requirement for non

manipulative strategies under MAR - Market Abuse Regulation; potentially

organizational requirements derived from MiFID II - SYSC section). The design,

testing, and supervision of the algorithm are critical for operational risk

management.

• Multiple Centralized Exchanges (CEXs): Conducting arbitrage across multiple

CEXs forms the basis of the strategy. However, the regulatory status, jurisdictions,

and operational reliability of these exchanges may vary. The Company is expected

to exercise reasonable care and skill in selecting and using these exchanges.

Furthermore, transactions on different exchanges are subject to the respective

exchanges' own rules and conditions.

• Non-user-directed and Full Automation: The fact that trades are not directed by

the user and are fully automated could potentially lead to the service being

classified as a regulated activity under the FSMA 2000 (Regulated Activities)

Order 2001, such as "managing investments" (Article 37) or "dealing in

investments as agent" (Article 21), if the assets being traded (BTC/USDT) are

considered "investments" under FSMA. Whether cryptoassets fall under this

definition is still a complex and evolving area (see FCA Guidance on Cryptoassets

PS19/22). If it is a regulated activity, the Company would need to be authorized by

the FCA (which may contradict statements in Section 12).

• Lack of Control and Risks: The user having no control over timing, execution, or

counterparty selection means that all operational risks (algorithm risk, execution

risk, counterparty/exchange risk) are managed by the Company or its infrastructure

providers. The user relies on the Company's ability to manage these risks. This

raises the question of whether the Company owes fiduciary duties to the user, or at

least a duty to exercise reasonable care and skill.Important Legal and Operational Points (with References):

• Lack of Transparency and Trade Secrets: A balance must be struck between

protecting the algorithm and exchange selection as trade secrets (Trade Secrets

(Enforcement, etc.) Regulations 2018) and the user's need to understand the

risks. The FCA's Treating Customers Fairly (TCF) principles may require sufficient

transparency.

• Algorithm Risk and Market Rules: Algorithmic trading must comply with MAR

rules and not be manipulative. The Company's liability for losses arising from

algorithmic errors would be determined under the contract terms and principles of

negligence.

• Exchange Risk: Using different CEXs introduces the respective legal and

operational risks of each exchange (hacking, bankruptcy, regulatory actions). How

the Company manages these risks is important.

• Service Classification and Regulatory Status: Whether the service is a regulated

activity under FSMA is one of the most critical questions regarding the Company's

legal obligations. If it is, and the Company is not authorized, this would constitute a

breach of FSMA Section 19 (General Prohibition) and could affect the

enforceability of the contract (FSMA Section 26).

Section 8: Risk Disclosure and User Affirmation -

Detailed Explanation and Legal References

This section contains one of the most critical legal warnings in the agreement. It

explicitly states the high risks inherent in cryptocurrency investments and confirms that

the responsibility for these risks lies entirely with the user. The user is asked to declare

that they understand and accept these risks. Such risk warnings are important under

various parts of the FCA Handbook (e.g., COBS - Conduct of Business Sourcebook,

particularly sections related to financial promotions and appropriateness assessments)

and general consumer law (Consumer Rights Act 2015).

Risk Disclosures:

• Significant Risk Warning: It is stated that cryptocurrency investments carry

"significant risk" and could potentially lead to the total loss of the invested money.

This warning is consistent with consumer warnings issued by the FCA regarding

cryptoassets (FCA Cryptoasset Consumer Warnings). The FCA frequently

emphasizes that retail investors should understand the high-risk and speculative

nature of cryptoassets. Making this warning clear, fair, and prominent is importantunder COBS 4 (Communicating with clients) and TCF (Treating Customers Fairly)

principles.

• User Responsibility: It is stated that the full responsibility for investment decisions

and outcomes lies with the user. The Company does not assess the user's financial

situation, risk tolerance, or investment objectives (especially given the lack of KYC).

This may indicate the Company is attempting to avoid potential FCA

appropriateness or suitability assessment obligations (COBS 9 and COBS 10, if

the service is a regulated activity). However, depending on the nature of the

service, these obligations might still apply.

• Company's Limitation of Liability: The Company states it will not be liable for

market-related losses or poor system performance. Such exclusion clauses are

assessed under Section 62 of the Consumer Rights Act 2015 (Unfair Terms) and

the Unfair Contract Terms Act 1977 (which can also apply to business-to-business

contracts). While such a limitation might be considered reasonable for inherent

market risk, it should not cover losses resulting from the Company's negligence or

breach of contract (liability for negligence causing death or personal injury cannot

be excluded - UCTA 1977, s.2(1)).

• User Affirmation: The user's confirmation, by accepting the agreement, that they

understand the risks and have the financial capacity to withstand total loss creates

a defense mechanism for the Company. However, this declaration alone does not

absolve the Company of all responsibilities. If the Company provided misleading

information or breached its duty of care, this affirmation might not suffice. Whether

the user truly gave informed consent is crucial.

Important Legal and Financial Points (with References):

• Informed Consent and TCF: Presenting risks clearly, fairly, and not misleadingly is

a core requirement of the FCA's TCF principles. The goal should be genuine user

understanding of the risks.

• Limitation of Liability and Unfair Terms: Exclusion clauses are subject to fairness

and reasonableness tests under the Consumer Rights Act 2015 and UCTA 1977.

Limiting liability for the Company's own negligence is generally difficult.

• Appropriateness/Suitability Assessment: The lack of KYC and reliance on the

user's declaration of financial capacity is risky regarding potential FCA COBS 9/10

obligations if the service is regulated.

• Acceptance of Risks: While the user's affirmation creates a presumption of

knowledge, it does not negate the Company's other legal and regulatory

obligations (e.g., fair treatment, not providing misleading information).Section 6: Investment Conditions and Returns -

Detailed Explanation and Legal References

This section outlines the fundamental conditions for user investment, particularly the

lock-up period for the principal amount, the process for profit withdrawal, and clarifies

that there is no guarantee of returns.

Investment Terms:

• Principal Lock-up Period (12 Months): The initial principal investment made by

the user remains locked for 12 months from the date of deposit. During this period,

the user cannot withdraw their principal investment from the system. Such lock-up

periods are common, especially in investment funds or strategies where liquidity

management is necessary. The binding nature of this term is subject to general

contract law principles. However, the length of the period and the presentation of

the term could be assessed for fairness under the Consumer Rights Act 2015 (CRA

2015), particularly if the term is not sufficiently prominent or creates a significant

imbalance against the consumer (CRA 2015, Section 62).

• Automatic Extension: If the user does not submit a request to withdraw their

principal after the 12-month lock-up period ends, the lock-up period automatically

extends for another 12 months. Automatic renewal clauses are scrutinized

carefully, especially in consumer contracts. The Consumer Rights Act 2015 may

find automatic renewal terms unfair if they lack the consumer's explicit consent or

sufficient transparency (CRA 2015, Schedule 2, Part 1, para 6 - terms setting an

unreasonably early deadline for the consumer to declare their intention not to

conclude or renew are potentially unfair). The Company might have an obligation

to inform the user reasonably in advance of the lock-up period ending and provide

clear instructions on withdrawal procedures.

• Profit Withdrawal (Monthly): Monthly profits generated from arbitrage trading (if

any) being withdrawable at the end of each calendar month is a separate

arrangement from the principal lock-up. This is a right granted to the user within

the terms.

• No Guarantee of Returns: The Company explicitly states it does not guarantee

that the arbitrage system will generate any returns, emphasizing the speculative

nature of the investment. Such statements are important to prevent misleading

marketing and should comply with the FCA's financial promotion rules (FSMA

2000, Section 21 and relevant FCA Handbook sections, e.g., COBS 4). Promising or

implying guaranteed returns can lead to regulatory sanctions.

• Past Performance: The warning that past performance is not indicative of future

results is a standard legal and regulatory requirement in the financial services

industry. The FCA's Conduct of Business Sourcebook (COBS), specifically COBS4.6, contains strict rules regarding the presentation of past performance data and

requires this warning to be made clearly (FCA Handbook - COBS 4).

Important Legal and Financial Points (with References):

• Binding Nature of Lock-up Period and Unfair Terms: The 12-month lock-up is

binding, but its fairness can be questioned under the Consumer Rights Act 2015.

The term must be clear, transparent, and reasonable within the overall balance of

the contract.

• Automatic Extension and Consumer Protection: The automatic extension clause

should be evaluated in light of the Consumer Rights Act 2015 and guidance issued

by the Competition and Markets Authority (CMA) (CMA Guidance on Unfair Contract

Terms). It may be deemed unfair if the user is not adequately informed or cannot

easily cancel.

• Return Statements and Financial Promotion: The disclaimer of guaranteed

returns and the past performance warning are crucial for compliance with FCA

financial promotion rules. Misleading or exaggerated statements must be

avoided.

• Investment Risk: This section confirms that the entire investment risk lies with the

user (consistent with Section 8).

Section 9: Fraud and Abuse Policy - Detailed

Explanation and Legal References

This section defines the rules established to prevent the misuse of the Company

platform and services, and the sanctions to be applied in case of violation of these rules.

It aims to protect the integrity and security of the platform and the rights of other users.

Such policies help service providers fulfill their legal obligations and manage

operational risks.

Prohibited Actions (Defined as Fraud and Abuse):

The agreement explicitly prohibits the following actions and classifies them as fraud or

abuse:

• Transfer of Fake or Tampered Tokens: This action may constitute a crime under

the Fraud Act 2006 (Legislation.gov.uk Link), particularly Section 2 (fraud by false

representation) or Section 3 (fraud by failing to disclose information).

• Attempting Unauthorized Access to Platform Infrastructure: This is explicitly a

crime under the Computer Misuse Act 1990 (Legislation.gov.uk Link). It relatesparticularly to Section 1 (unauthorized access) and Section 2 (unauthorized access

with intent to commit further offences).

• Using Automation Tools, Bots, or API Access Without Written Permission: While

not directly a crime, this constitutes a breach of contract and violates the

Company's terms of service. Such actions might also fall under Section 3 of the

Computer Misuse Act 1990 (unauthorized acts with intent to impair, or with

recklessness as to impairing, operation of computer, etc.) if they negatively impact

the system.

• DDoS or Other Cyber Attacks: These actions are serious crimes under Sections 3

and 3ZA (unauthorized acts causing, or creating risk of, serious damage) of the

Computer Misuse Act 1990.

• Social Engineering or Phishing: Such actions may constitute crimes under the

Fraud Act 2006 (especially Section 2) and the Computer Misuse Act 1990 (if

resulting in unauthorized access). Additionally, obtaining personal data constitutes

a breach of the Data Protection Act 2018 (Legislation.gov.uk Link) and UK GDPR.

Consequences of Violations:

If any of the prohibited actions mentioned above are carried out, the Company reserves

the right to apply the following sanctions:

• Immediate Account Termination: Under general principles of contract law, the

injured party has the right to terminate the contract in case of a material breach.

• Asset Freeze: The Company's authority to unilaterally freeze assets, especially in

cases of suspected illegal activity, may be limited by legal frameworks such as the

Money Laundering Regulations 2017 and the Proceeds of Crime Act 2002

(POCA) (Legislation.gov.uk Link). Generally, a court order is required for permanent

confiscation, although temporary freezing for investigation purposes (e.g., when a

Suspicious Activity Report (SAR) is filed) might be possible.

• Potential Legal Action: The Company may initiate civil proceedings (for

negligence, breach of contract, tort) to recover damages incurred or initiate a

private prosecution for relevant crimes, or alert public authorities.

• Reporting to Authorities: The Company may have an obligation to report

suspected fraud or cybercrime to the National Crime Agency (NCA) (NCA Website),

the FCA, or the police (e.g., SAR obligations under POCA or FCA rules).

Important Legal Points (with References):

• Legal Compliance: This policy demonstrates the Company's effort to comply with

the Computer Misuse Act 1990, Fraud Act 2006, POCA 2002, and potential AML/

CTF obligations.• Asset Freezing and Confiscation: Freezing and confiscation of assets are subject

to strict legal procedures (POCA 2002, Part 5). The Company's authority in this

regard depends on the law and potential court orders. Unjustified asset freezing

could lead to lawsuits against the Company.

• User Responsibility: Users are obligated to comply with these rules and relevant

laws when using the platform.

Section 10: Emergency Recovery Protocol - Detailed

Explanation and Legal References

This section outlines how user assets will be protected and recoverable in extraordinary

circumstances where the Company cannot continue its operations (e.g., insolvency,

system collapse, administrative block). Such business continuity and wind-down plans

are increasingly important for regulatory authorities, especially in financial services and

asset custody.

Recovery Triggers:

The situations that would activate the plan are:

• Company Insolvency: The Company being unable to meet its financial obligations

and legally entering insolvency proceedings. In the UK, insolvency processes are

primarily governed by the Insolvency Act 1986 (Legislation.gov.uk Link) and

related secondary legislation. The protection of client assets (the trust structure in

Section 11 and CASS rules) is critical in insolvency.

• System Failure: Large-scale technical collapses. This relates to the operational

resilience obligations of the Company or critical third-party providers. The FCA

expects authorized firms to ensure their operational resilience and stay within

specific tolerances in case of disruption to important business services (FCA Policy

Statement PS21/3 on Operational Resilience).

• Administrative Block: Cessation of activities ordered by regulatory bodies (like the

FCA) or courts. This might occur in cases of serious rule breaches or suspected

illegal activity.

Recovery Mechanism:

When one of these situations occurs, a recovery process involving the following steps is

envisaged:

• Multi-Party Access Protocol: A protocol requiring the cooperation of the

Custodian, Insurance Provider, and the User. This aims to ensure access to assets,especially when the Company itself cannot be involved (e.g., insolvency). Such

arrangements are typically detailed in custody agreements and potentially in

insurance policies.

• Providing User Access to Key Shards: Based on the MPC/Key Sharding system in

Section 3, users will be provided access to their key shards via an "encrypted

recovery interface." The security and functionality of this mechanism must comply

with information security standards like ISO/IEC 27001. The interface design and

access protocols must ensure users can securely recover their assets.

• Legal and Standard Compliance: The claim that the recovery process complies

with the following regulations and standards:

◦ FCA Guidance: Particularly insolvency and asset return procedures related to

CASS 7 (Client Money Rules) and CASS 6 (Custody Rules). The FCA expects

firms to have arrangements ensuring the prompt and orderly return of client

assets in insolvency.

◦ ISO/IEC 27001: The information security management system standard is

relevant for ensuring the security of the recovery process and the

technologies used (e.g., the recovery interface).

◦ MiCA Regulation: The EU's Markets in Crypto-Assets Regulation (EU Official

Journal Link). MiCA introduces specific requirements for crypto-asset service

providers (CASPs) regarding operational resilience (Article 60), business

continuity policies (Article 60(6)), and orderly wind-down plans (Article 60(7)).

It also includes specific rules for CASPs providing custody (Article 67). The

Company's claim of MiCA compliance implies it meets or aims to meet these

requirements (linked to Section 12).

Important Legal and Operational Points (with References):

Section 11: Legal Jurisdiction & Dispute Resolution -

Detailed Explanation and Legal References

This section determines which country's law governs the agreement (governing law) and

where and how disputes between the parties will be resolved (jurisdiction / dispute

resolution). It also contains an important legal guarantee regarding the ownership of

user assets.

Legal Framework and Jurisdiction:

• Governing Law: It is stated that UK Commercial Law (broadly English contract

law, tort law, and relevant commercial legislation) will exclusively apply to the

interpretation and enforcement of the agreement. The parties' freedom to choose

the law applicable to the contract is a generally accepted principle in internationalagreements (in the UK, see the relevant provisions of the Rome I Regulation - The

Law Applicable to Contractual Obligations (England and Wales and Northern

Ireland) Regulations 2009).

• Jurisdiction / Dispute Resolution: Two options are presented as the competent

authority for resolving any disputes:

◦ London Commercial Court: Part of the Business and Property Courts of

England and Wales (High Court), specializing in complex commercial cases

(Courts and Tribunals Judiciary Info). Proceedings are conducted according

to the Civil Procedure Rules (CPR), particularly Part 58 and relevant Practice

Directions.

◦ Arbitration under the London Arbitration Framework: Arbitration is an

alternative dispute resolution method regulated by the Arbitration Act 1996

(Legislation.gov.uk Link). London is a major center for international

arbitration, with leading institutions like the London Court of International

Arbitration (LCIA) (LCIA Website). The agreement's failure to specify which

arbitration rules (e.g., LCIA Rules) or procedures apply is an ambiguity.

Generally, a valid arbitration agreement prevents parties from litigating the

same issue in court (Arbitration Act 1996, s.9). It is unclear how the agreement

envisages the choice mechanism between court and arbitration (e.g., choice

of one party, or different routes for specific types of disputes).

Asset Ownership:

• Beneficial Ownership and Trust Law: It is stated that the beneficial ownership of

user assets remains with the User at all times, secured under UK Trust Law. This

means user assets are held by the Company (or custodian) not on its own account,

but in trust for the users. The Company or custodian acts as the legal owner and

trustee, while the user is the beneficiary.

◦ Consequences of Trust: The most significant consequence of this structure is

that in the event of the Company's insolvency (Insolvency Act 1986), the user

assets held in trust are segregated from the Company's general assets and are

not included in the insolvency estate. Users (beneficiaries) have a proprietary

claim over their assets, ranking ahead of other creditors. This aligns with the

principles underlying the FCA's CASS rules (especially CASS 6 - Custody

Rules) and is a critical mechanism for protecting client assets. The valid

establishment of the trust (certainty of intention, subject matter, objects) and

the segregation of assets are crucial.

Important Legal Points (with References):

• Choice of Law and Jurisdiction Applicability: The choice of governing law and

jurisdiction is generally valid, but the applicability of mandatory consumerprotection rules in the consumer's home country (e.g., Rome I Article 6) or

difficulties in accessing the chosen jurisdiction should be considered for

consumers in different countries.

• Ambiguity of Arbitration Agreement: The lack of detail in the arbitration clause

(rules, number of arbitrators, seat, etc.) could make it difficult to enforce or lead to

further disputes.

• Beneficial Ownership Guarantee and CASS: The trust structure and protection of

beneficial ownership, alongside CASS rules, provide a fundamental safeguard for

user assets against insolvency risk. However, the effectiveness of this protection

depends on the proper establishment of the trust and the actual segregation of

assets.

Section 12: Regulatory Position - Detailed Explanation

and Legal References

This section explains the Company's position regarding current and future legal

regulations and its compliance strategy. It particularly focuses on the non-application of

"Know Your Customer" (KYC) procedures and how regulatory compliance is supposedly

achieved. These statements are critical for understanding the Company's legal risk

profile and operational model.

Regulatory Statements:

• No-KYC Model: The Company states it does not collect KYC information, justifying

this by not handling fiat currency transactions.

◦ Legal Assessment: In the UK, the Money Laundering, Terrorist Financing

and Transfer of Funds (Information on the Payer) Regulations 2017 (MLRs

2017) (Legislation.gov.uk Link) require firms conducting certain cryptoasset

activities (cryptoasset exchange providers and custodian wallet providers) to

register with the FCA and comply with AML/CTF obligations (including

customer due diligence - CDD/KYC) (MLRs 2017, Regulation 8 & 14A). Whether

the services offered by the Company (especially asset custody and potentially

trading via arbitrage) fall under these definitions is crucial. Conducting only

crypto-to-crypto transactions does not automatically grant exemption from

obligations under MLRs 2017. It is not stated whether the Company is

registered with the FCA or why it believes it is exempt. The "No-KYC" model

carries significant legal and regulatory risk under MLRs 2017 and the

Proceeds of Crime Act 2002 (POCA).

• Reliance on FCA-Compliant Custody and Insurance Infrastructure: The

Company states that instead of holding its own direct regulatory license, thetechnical structure of its service operations relies on FCA-compliant custodians

(Section 5) and insurers.

◦ Legal Assessment: While using an FCA-authorized custodian is a positive step

(for CASS compliance), this does not change the regulatory scope of the

Company's own activities. If the Company's arbitrage service is considered a

regulated activity under FSMA 2000 (e.g., investment management), the

Company itself would need to be authorized by the FCA (FSMA s.19 - General

Prohibition). The fact that the third-party infrastructure is regulated does not

remove the authorization requirement for the Company providing the service.

This strategy could be seen as an attempt to avoid regulatory obligations and

might be questioned by the FCA.

• Compliance with MiCA Regulation: The Company claims that compliance with

the EU Markets in Crypto-Assets (MiCA) Regulation (EU Official Journal Link) is

actively maintained via integration with licensed infrastructure.

◦ Legal Assessment: MiCA is an EU regulation directly applicable in member

states, establishing a comprehensive licensing and operational standards

regime for crypto-asset service providers (CASPs). As the UK is not an EU

member, MiCA is not directly binding. However, the UK is developing its own

similar regime (HM Treasury Consultation on Future Financial Services

Regulatory Regime for Cryptoassets), and MiCA is an important reference

point. The Company stating it achieves MiCA compliance through

"infrastructure integration" again suggests reliance on third parties rather

than its own direct compliance. The validity and practical meaning of this

claim are unclear.

Important Legal and Regulatory Points (with References):

• Regulatory Risk and AML/CTF: The "No-KYC" model risks non-compliance with

MLRs 2017 and could make the Company a potential vehicle for money laundering

activities. This is important regarding FCA registration requirements and sanctions.

• FSMA Authorization Risk: Whether the Company's activities fall under FSMA s.19

and whether it is engaging in unauthorized regulated activities is a fundamental

question. Unauthorized activities can lead to contracts being unenforceable (FSMA

s.26) and criminal penalties.

• Third-Party Dependency: Heavy reliance on third parties for regulatory

compliance makes the Company vulnerable to changes in those parties'

compliance status.

• Lack of Transparency: The lack of clear information about the Company's own

FCA registration status or its position under MLRs 2017 prevents users from fully

assessing the regulatory risks.Section 13: No Cancellation or Withdrawal Right -

Detailed Explanation and Legal References

This section states that the user waives their right to withdraw or cancel the agreement

after accepting it. This emphasizes that rights like the "cooling-off period" or "right to

cancel," common in consumer contracts, do not apply to this agreement.

Waiver of Cancellation Right:

• Waiver Upon Digital Acceptance: It is explicitly stated that from the moment the

agreement is digitally accepted (Section 14), the user waives any right of

withdrawal or cancellation.

• No Refund or Cancellation: It is emphasized that the Company will not honor any

request for a refund, principal withdrawal (before the lock-up period expires), or

contract cancellation, except under the specific circumstances outlined in the

agreement (profit withdrawal in Section 6, recovery in Section 10).

Legal Assessment (UK Consumer Law):

In the UK, The Consumer Contracts (Information, Cancellation and Additional

Charges) Regulations 2013 (CCRs) (Legislation.gov.uk Link) generally grant consumers

a 14-day cancellation right for distance and off-premises contracts (Regulation 30).

• Exceptions (Exceptions to the Right to Cancel - Regulation 28): However, the

CCRs list specific contract types where the cancellation right does not apply. The

most relevant exceptions in this context might be:

◦ Regulation 28(1)(b): Contracts for the supply of goods or services for which

the price is dependent on fluctuations in the financial market which cannot

be controlled by the trader and which may occur within the cancellation

period. Since the price of cryptoassets and services based on them (like

arbitrage) depends on financial market fluctuations, this service likely falls

under this exception, and the standard 14-day cancellation right would not

apply.

◦ Regulation 36 (Services): For service contracts, the right to cancel is lost if

the service has been fully performed, the performance began with the

consumer’s prior express consent, and the consumer acknowledged they

would lose their right to cancel once the contract had been fully performed.

The agreement implying that the service (account setup, etc.) begins upon

digital acceptance could be an argument in this direction, but the nature of

the service (ongoing arbitrage) complicates the question of when full

performance occurs.• Financial Services: The CCRs generally do not apply to financial services regulated

by the FCA (Regulation 6(1)(d)). If the Company's service were considered an FCA

regulated financial service (given the uncertainties in Sections 7 and 12), specific

cancellation rules in the FCA Handbook (e.g., COBS 15) might apply instead.

However, most current cryptoasset services do not yet fall under these specific

financial service cancellation rules.

• Unfair Terms (Consumer Rights Act 2015): Even if the waiver of the cancellation

right falls under a CCRs exception, the term is still subject to the fairness test under

Part 2 of the Consumer Rights Act 2015 (CRA 2015) (Legislation.gov.uk Link). A

term is unfair if, contrary to the requirement of good faith, it causes a significant

imbalance in the parties' rights and obligations arising under the contract, to the

detriment of the consumer (CRA 2015, s.62(4)).

◦ Assessment: The absence of a cancellation right for services based on rapidly

fluctuating assets is often considered reasonable, as otherwise, the consumer

could use the right to cancel to avoid speculative losses when the market

moves against them. However, it is important that this waiver term is

presented clearly, comprehensibly, and prominently in the contract. The

overall effect created by the way the term is presented or combined with

other contract conditions is considered in the fairness test.

Important Legal Points (with References):

• CCRs Exception: The service likely falls under the exception in CCRs Regulation

28(1)(b) due to its price dependency on financial market fluctuations.

• CRA 2015 Fairness Test: The waiver term is still subject to the fairness test under

CRA 2015, Part 2. The transparency of the term and whether it creates a significant

imbalance against the consumer are assessed.

• Clarity and Information: The Company should clearly inform the user before the

contract is made that there is no right to cancel and explain the reason (e.g., the

financial market fluctuation exception), which is important under CCRs

(information requirements - Schedule 1 & 2) and CRA 2015 (transparency

requirement - s.68).

Section 14: Digital Acceptance - Detailed Explanation

and Legal References

This final section defines how the agreement is accepted by the user and the legal

consequences of that acceptance. It states that by performing a specific action, the user

makes the agreement binding, and this action is considered a digital signature.Acceptance Mechanism and Consequences:

• Act of Acceptance (Clickwrap): Clicking the "I Agree" button signifies acceptance

of all terms of the agreement. This "clickwrap" mechanism is generally accepted as

a valid method of acceptance in UK contract law, provided the user had a

reasonable opportunity to review the terms and clearly indicated their intention to

accept (see Law Commission Report on Electronic Signatures, No. 386, 2019).

• Data Defined as Digital Signature: The agreement claims that the Username, IP

Address, MAC Address, and Geolocation data collected at the time of acceptance

constitute the user's legally binding digital signature.

◦ Legal Assessment (Electronic Signature): The Electronic Communications

Act 2000 (ECA 2000), Section 7, recognizes the legal validity and admissibility

of electronic signatures. The eIDAS Regulation (Regulation (EU) No 910/2014,

implemented in the UK via the Electronic Identification and Trust Services

for Electronic Transactions Regulations 2016) defines different types of

electronic signatures: simple, advanced, and qualified. The act of clicking a

button and associated metadata (IP, timestamp, etc.) is generally classified as

a simple electronic signature. ECA 2000 does not mandate a specific type of

electronic signature, and simple signatures can be legally valid. However,

their evidentiary weight depends on their ability to reliably identify the

signatory and ensure data integrity. The identifying power of data like IP/MAC

addresses alone can be limited (due to dynamic IPs, MAC randomization,

etc.). In a dispute, the burden may fall on the Company to prove that this data

belongs to a specific user and that the acceptance act was performed by that

user.

• Time of Binding (Timestamp): The agreement becoming binding from the

timestamp of the acceptance act determines the moment the contract is formed.

Timestamps are important evidence for verifying the time of electronic

transactions and can be regulated as a trust service under eIDAS (qualified

timestamps).

• Declaration of Reading, Understanding, and Acceptance: The presumption that

by clicking "I Agree," the user confirms they have read, understood, and accepted

the agreement reinforces the principle that the user is bound by the terms.

However, this declaration does not negate the fairness and transparency

requirements for contract terms under the Consumer Rights Act 2015 (CRA 2015).

Particularly if complex or unexpected terms are not presented sufficiently

prominently (CRA 2015, s.64 - prominence test) or if terms are unfair (CRA 2015, s.

62), they might be deemed invalid despite this declaration.Important Legal Points (with References):

• Clickwrap Validity: Generally valid as long as the user had the opportunity to

review the terms (Law Commission Report No. 386).

• Electronic Signature and Evidentiary Weight: The method used likely qualifies as

a simple electronic signature under ECA 2000 and eIDAS, but its evidentiary weight

is lower than more advanced signatures. Identification and integrity are key.

• Duty to Read vs. Unfair Terms: Users have a duty to read, but this does not

override the Company's obligations regarding fairness and transparency under

CRA 2015 (especially protection against unfair and surprising terms).

• Informed Consent: While this section creates a presumption of informed consent,

the presentation and content of the terms affect the validity of that consent.

Conclusion and General Assessment

This analysis highlights key points of the provided User Agreement & Terms of Service

under UK law and relevant regulatory frameworks. The agreement addresses complex

topics such as digital asset custody, arbitrage trading, and insurance. Some general

assessments stand out:

• Security and Custody: The use of FCA-regulated custodians, SOC 2/ISO 27001

compliant infrastructure, and Lloyd's insurance are positive elements for asset

security. However, the limitations of insurance coverage (especially the exclusion of

market risks) and the reliance on third-party providers are important

considerations.

• Regulatory Uncertainty: The Company's "No-KYC" model and its strategy of

relying heavily on third parties for regulatory compliance carry significant risks

regarding UK AML/CTF regulations (MLRs 2017) and potential FSMA authorization

requirements. The Company's own regulatory status is unclear.

• User Risks: The agreement largely places the responsibility for market risks,

unsupported asset transfers, and lock-up periods on the user. Terms like the waiver

of cancellation rights and automatic renewal should be carefully assessed for

fairness under the Consumer Rights Act 2015.

• Transparency: There is a lack of transparency regarding certain aspects, such as

the full details of third-party providers (due to NDAs), the arbitrage algorithm, and

the complete insurance policy.

Users are advised to carefully review this agreement before acceptance, paying close

attention to risk disclosures, limitations of liability, lock-up periods, and the regulatory

position. Clarification should be sought for any points not understood. This analysis is

not legal advice, and users should seek independent legal counsel for their specific

circumstances.References (Sources Mentioned in the Text)

• UK Legislation:

◦ Electronic Communications Act 2000

◦ Companies Act 2006

◦ Electronic Identification and Trust Services for Electronic Transactions

Regulations 2016

◦ Money Laundering, Terrorist Financing and Transfer of Funds (Information on

the Payer) Regulations 2017

◦ Financial Services and Markets Act 2000 (FSMA)

◦ FSMA 2000 (Regulated Activities) Order 2001

◦ Financial Markets and Insolvency (Settlement Finality) Regulations 1999

◦ Consumer Rights Act 2015

◦ Trade Secrets (Enforcement, etc.) Regulations 2018

◦ Insurance Act 2015

◦ Fraud Act 2006

◦ Computer Misuse Act 1990

◦ Data Protection Act 2018

◦ Proceeds of Crime Act 2002 (POCA)

◦ Insolvency Act 1986

◦ Arbitration Act 1996

◦ The Law Applicable to Contractual Obligations (England and Wales and

Northern Ireland) Regulations 2009

◦ The Consumer Contracts (Information, Cancellation and Additional Charges)

Regulations 2013 (CCRs)

◦ Unfair Contract Terms Act 1977

• EU Legislation:

◦ Regulation (EU) No 910/2014 (eIDAS Regulation)

◦ Regulation (EU) 2023/1114 (Markets in Crypto-Assets - MiCA)

• Regulatory Bodies & Guidance:

◦ Financial Conduct Authority (FCA) Website & Handbook (CASS, COBS, MAR,

SYSC)

◦ FCA Policy Statement PS19/22 (Guidance on Cryptoassets)

◦ FCA Policy Statement PS21/3 (Operational Resilience)

◦ FCA Cryptoasset Consumer Warnings

◦ Competition and Markets Authority (CMA) Guidance on Unfair Contract Terms

◦ National Crime Agency (NCA)

• Other Standards & Reports:

◦ AICPA SOC 2 (System and Organization Controls 2)

◦ IAASB ISAE 3402 (International Standard on Assurance Engagements 3402)◦ ISO/IEC 27001 (Information Security Management)

◦ NIST FIPS 140-2 (Security Requirements for Cryptographic Modules)

◦ Law Commission Report No. 386 (Electronic Signatures)

• Institutions:

◦ Lloyd's of London

◦ London Commercial Court (Courts and Tribunals Judiciary)

◦ London Court of International Arbitration (LCIA)

I ACCEPT ALL TERMS NEXT