PROOF Act Mandates Monthly Audits for Digital Exchanges to Safeguard Customer Assets

When you hand over your money or digital assets to an exchange, you expect them to keep it safe and separate from their own corporate funds. The Proving Reserves Of Others Funds Act (PROOF Act) aims to make that expectation a hard-and-fast rule, focusing squarely on making digital exchanges and custodians prove they actually have the assets they claim to hold.

The Golden Rule: Your Money Isn't Theirs

At its core, the PROOF Act is about establishing strict asset separation for "covered assets"—which is basically anything you deposit with a digital exchange. Section 3 mandates that when an exchange receives your asset, they must treat it as still belonging entirely to you. This means they generally can’t mix (or "co-mingle") your funds with their proprietary funds, nor can they use your assets as collateral for someone else’s trade. Think of it like this: your 401k custodian can’t legally use your retirement savings to bail out their business. This bill tries to apply that same principle to the digital asset world.

However, there are a few practical exceptions that require a closer look. For convenience, exchanges can mix your assets with their own in a bank account or digital wallet, provided it’s with a qualified custodian. They can also withdraw assets from that joint account if it’s necessary for "normal business operations," such as paying fees, commissions, or settling a trade. This exception for "normal business operations" is a bit vague and could be a loophole if not strictly defined in practice, potentially allowing exchanges some latitude in how they handle your assets.

The Monthly Pop Quiz: Proof of Reserves

If the asset segregation rules are the foundation, the monthly audit requirement in Section 4 is the heavy-duty inspection system. Every digital exchange and custodian will be required to get a monthly "attestation" from an independent auditing firm. This isn't just a simple checkmark; the report must include cryptographic proof that the entity controls the keys for customer assets, verify their own reserves, and verify their liabilities. The goal is to provide transparency and prevent a scenario where an exchange leverages customer funds without their knowledge.

For the average user, this means less reliance on trust and more reliance on verifiable math. The results of these audits—including the name of the exchange and the auditor—must be made public by the Treasury Department's Office of Domestic Finance. This process, however, won't start until the Public Company Accounting Oversight Board (PCAOB) and the American Institute of Certified Public Accountants (AICPA) finalize the industry standard for these attestations, which could take up to 18 months or longer.

Who Pays the Piper, and Who’s Left Out?

This mandatory monthly audit imposes a significant, recurring cost burden on exchanges and custodians, which will inevitably be passed down to customers through fees. If an exchange fails to get the required attestation, the Treasury Department hits them with civil penalties that escalate quickly—from 0.025% of total assets under management for a first offense up to 0.09% for three or more failures within 24 months. This penalty structure is designed to make non-compliance far more expensive than compliance.

Crucially, the bill explicitly excludes assets held in margin accounts from the definition of a "covered asset" (Section 2). This means if you are trading with borrowed funds (leverage), the assets in that specific margin account are not protected by the strict segregation rules. For traders who use leverage, this is a major carve-out, leaving those assets exposed if an exchange faces financial trouble. While the bill brings much-needed clarity and protection for standard spot trading accounts, it leaves the door open for risk in leveraged trading environments.