Introduction

Counterparty risk is the chance that the entity on the other side of a transaction or custodial relationship fails to deliver what it owes you. In crypto, that failure can come from insolvency, fraud, hacks, frozen withdrawals, faulty code, or regulatory seizure. The asset itself can be performing fine but your claim on it disappears.

This risk matters more in crypto than in most asset classes for a few reasons. Markets trade 24/7 without circuit breakers. Disclosure standards are uneven across jurisdictions. Custodial power tends to concentrate at a small number of platforms. And the historical collapses: Mt. Gox in 2014, Celsius and Voyager in 2022, FTX and BlockFi later that year, Genesis in 2023, and the October 10, 2025 liquidation cascade that wiped out roughly $19 billion in leveraged positions across 1.6 million accounts in a single day.

Counterparty risk is identifiable and, in most cases, manageable. This article walks through what it is, where it shows up, the mechanics that amplify it, the lessons from major failures, and the practical steps holders, traders, and borrowers can take to reduce exposure.

What Is Counterparty Risk in Crypto?

Counterparty risk is the probability that a participant in a financial agreement defaults before settlement. In crypto, that participant is rarely the protocol itself. It is usually an exchange, a lender, a stablecoin issuer, a custodian, a wrapped-token issuer, or, in the case of decentralized finance, the smart contract code.

How it differs from market risk and liquidity risk

These three risks often get conflated. Market risk is the chance that prices move against you. Liquidity risk is the chance that you cannot exit a position at a reasonable price. Counterparty risk is the chance that your asset or claim disappears regardless of what prices do. After the FTX collapse, surveys of crypto derivatives participants showed nearly half ranking counterparty risk as their top concern, well ahead of market risk.

The Bitcoin paradox

Bitcoin and other public blockchains were designed to remove trusted intermediaries. A self-custodied wallet transacting peer-to-peer with another self-custodied wallet has no counterparty risk in the traditional sense. The risk reappears the moment users hand assets to an exchange to trade, a lender to borrow against, a bridge to move across chains, or an issuer to wrap. Most crypto activity sits in that second category, which is why the topic refuses to go away.

Where Counterparty Risk Shows Up in Crypto

Centralized exchanges

Centralized exchanges have produced the largest single losses in crypto history. Mt. Gox, FTX, and QuadrigaCX each combined some mix of poor security, mismanaged customer funds, and outright fraud. Even on well-run venues, leaving assets on an exchange exposes users to hacks, withdrawal freezes during stress events, and the legal reality that customer balances are usually unsecured creditor claims if the exchange enters bankruptcy.

Crypto lenders and yield platforms

The 2022 collapses of Celsius, Voyager, BlockFi, and later Genesis followed a recognizable pattern. Each took customer deposits, promised yield, and lent those funds (often unsecured) to hedge funds, market makers, and trading desks. When prices fell and borrowers defaulted, the lenders could not honor withdrawals. According to Galaxy Research, centralized crypto lending has rebounded to roughly $17.78 billion in active loans by late 2025.

Stablecoins and wrapped assets

Holding USDT, USDC, or any fiat-backed stablecoin is a claim on the issuer's reserves. Issuer solvency, reserve quality, and banking partner exposure all matter. USDC briefly depegged in March 2023 when Circle disclosed exposure to Silicon Valley Bank. Wrapped assets like wBTC, wETH, BNSOL, and WBETH carry custodian risk on the underlying collateral, plus venue-specific pricing risk. Several wrapped tokens dislocated sharply on a single exchange during the October 10, 2025 cascade while trading normally elsewhere.

DeFi protocols

In decentralized finance, the code is the counterparty. Smart contract bugs, governance attacks, admin key compromises, and economic exploits have produced billions in cumulative losses. Two adjacent risks deserve mention: oracle risk, where a bad or manipulated price feed triggers wrongful liquidations, and bridge risk, where cross-chain infrastructure has been among the largest single loss vectors in the industry.

Derivatives venues and OTC desks

Perpetuals exchanges introduce auto-deleveraging (ADL), where solvent positions are forcibly closed to cover insurance fund shortfalls. OTC trading introduces settlement risk, particularly when deposit addresses are stale or wires take longer to clear than the trade itself.

Custodians

Qualified custodians are much more secure than exchanges, but they are not immune. Operational failures, mergers, and policy changes can affect access. The structure of the account matters too: assets held in a segregated account are easier to claim in bankruptcy than those in an omnibus structure pooled across clients.

The Mechanics That Amplify Counterparty Risk

Rehypothecation

Rehypothecation is the reuse of customer-deposited assets by the platform for its own borrowing, lending, or trading. It is a standard, capped, and disclosed practice in traditional finance. In crypto, it has historically been uncapped and poorly disclosed, which is the most direct line you can draw to the 2022 lending collapses.

Commingling of funds

When a platform pools customer assets with its own balance sheet, individual users lose any practical claim to specific coins in bankruptcy. They become unsecured creditors waiting in line.

Cross-margin and unified account structures

Unified margin accounts let traders use a shared pool of collateral across positions. This is efficient in calm markets and dangerous in stressed ones. During the October 10 cascade, Binance's unified margin system tied diverse positions to the prices of a few collateral assets. When BNSOL, WBETH, and USDe dislocated on that venue (USDe briefly fell to roughly $0.65 on Binance only), unrelated BTC and ETH positions were force-liquidated across user accounts.

Thin order books and liquidity evaporation

Counterparty risk and liquidity risk reinforce each other under stress. Top-of-book depth on major venues fell more than 90 percent during the October event, and bid-ask spreads on Bitcoin perpetuals widened over a thousand-fold at the peak. Forced liquidations had to execute precisely when there was no liquidity to absorb them.

Hidden leverage and contagion

The most uncomfortable form of counterparty risk is the kind users cannot see. DeFi loans funding basis trades, prime broker exposure spread across multiple lenders, and shared market makers create dependency chains that only become visible when one link breaks.

Lessons from the Major Counterparty Failures

Mt. Gox (2014)

The original lesson in custodial concentration. A single exchange handled the majority of global Bitcoin trading volume, and when it failed, hundreds of thousands of users lost access to funds for years.

Celsius, Voyager, BlockFi, Genesis (2022 to 2023)

High-yield retail products funded by undisclosed institutional lending and poor liquidity management. Customer deposits were treated as the platform's working capital, and customers were treated as unsecured creditors when the music stopped.

FTX and Alameda (2022)

Commingling, related-party lending, and a roughly $8 billion shortfall. The fallout cascaded through interconnected exposures, contributing directly to the failure of Genesis and squeezing every counterparty that had open positions or unsecured claims.

October 10, 2025

This event was structurally different from the others. There was no single bad actor and no major insolvency. Open interest had climbed to roughly $217 billion, funding rates were near 30 percent annualized, and a tariff announcement late on a Friday triggered selling into thin weekend liquidity. Oracle pricing failures, exchange interface outages, and venue-specific collateral depegs combined to produce the largest single-day liquidation in crypto history. The lesson was about market structure rather than fraud: even when no platform fails, concentrated counterparty exposure can still produce massive user losses through mechanical processes.

How to Evaluate and Reduce Counterparty Risk

The only way to fully eliminate counterparty risk on a given asset is to hold the keys. However, it comes with many tradeoffs: operational burden, inheritance and recovery planning, and loss of access to yield, leverage, and liquidity.

A better way to manage counterparty risk is through regulated qualified custodians. They eliminate the operational burden and stress required in order to self-custody while minimizing counterparty risk.

Due diligence on platforms

For anything that requires a third party, due diligence is the work. The questions worth asking:

• Are they regulated? Do they have the right licenses?

• Is custody handled by the platform itself or by a third-party qualified custodian?

• What is the disclosed rehypothecation policy, if any?

• Are customer assets segregated, and is there proof of reserves alongside proof of liabilities?

• What does insurance actually cover (cold storage theft, employee fraud, broader insolvency)?

• How has the platform behaved during past stress events?

Structural protections to look for

Bankruptcy-remote custody arrangements, conservative loan-to-value ratios on collateralized lending, explicit no-rehypothecation language in customer agreements, real-time margin monitoring, and transparent liquidation thresholds. None of these alone is sufficient, but their absence is a meaningful signal.

How crypto-collateralized lending fits in

For holders who want liquidity without selling, Bitcoin and crypto-backed loans are one option worth understanding. The structure of the lender matters as much as the loan terms. The questions to ask any crypto lender are the same ones the 2022 collapses surfaced: Is collateral held with a qualified third-party custodian or on the lender's own balance sheet? Is rehypothecation prohibited? What is the loan-to-value ratio, and how are liquidations handled? Are customer assets segregated from the platform's operating funds?

Arch builds Bitcoin and crypto-backed loans around third-party qualified custody and segregated collateral, an approach designed to address several of the failure modes that defined the previous lending cycle.

The Regulatory Picture in 2026

United States

The GENIUS Act established a federal framework for payment stablecoins, including reserve, redemption, and disclosure requirements aimed squarely at the kind of issuer counterparty risk that USDC's SVB exposure made vivid. The CLARITY Act addresses market structure and the long-running jurisdictional split between the SEC and CFTC. Existing Bank Secrecy Act and OFAC obligations require U.S. financial institutions to screen counterparty wallets, with strict liability for transactions involving sanctioned entities.

European Union

MiCA's phased implementation through 2024 and 2025 raised counterparty due diligence and reserve requirements for EU-registered crypto asset service providers, bringing the bloc closer to FATF standards.

Global standards

The FATF Travel Rule requires virtual asset service providers to identify their counterparty VASPs, assess their AML practices, and verify regulatory status before transmitting customer information.

What regulation does and does not solve

Tighter rules can reduce fraud, force segregation, and improve disclosure. They have not, and probably cannot, eliminate market structure risks like cascading liquidations, oracle failures, and ADL events.

Frequently Asked Questions

What is the difference between counterparty risk and custodial risk?

Custodial risk is one form of counterparty risk, specifically tied to whoever holds your assets. Counterparty risk is broader and includes lenders, stablecoin issuers, derivatives venues, OTC desks, and smart contracts.

Did the FTX collapse change how counterparty risk is managed?

Yes. It pushed institutional users toward third-party qualified custodians, segregated accounts, and stricter due diligence.

How do I check if a crypto exchange is safe?

Look for licensing in credible jurisdictions, third-party qualified custody, proof of reserves alongside disclosed liabilities, audited financials, segregation language in the customer agreement, and a track record of honoring withdrawals during stress.

Do stablecoins have counterparty risk?

Yes. Holding any fiat-backed stablecoin is a claim on the issuer's reserves and, indirectly, on the banks holding those reserves.

What is rehypothecation in crypto?

The reuse of customer-deposited assets by the platform for its own borrowing, lending, or trading. It can amplify yield in good markets and amplify losses in bad ones.

Conclusion

Counterparty risk is the price of convenience in crypto. It cannot be fully eliminated outside of self-custody, but it can be substantially reduced through platform selection, structural protections, and diversification across venues. The 2022 failures and the October 2025 liquidation cascade are different lessons, the first about opacity and rehypothecation, the second about market structure and concentration. Both should be understood by anyone who holds or invests in crypto.

About Arch

Arch is building a next-gen wealth management platform for individuals holding alternative assets. Our flagship product is the crypto-backed loan, which allows you to securely and affordably borrow against your crypto. We also offer access to bank-grade custody, trading and staking services.

Disclaimer: This article is for informational purposes only and does not constitute investment, legal, or tax advice. Cryptocurrency investments are volatile and risky. Always conduct your own research before making investment decisions.