---
title: "What Is a Crypto Exchange, and How Do You Use One Safely?"
description: "A crypto exchange is the front door to digital-asset markets for most people. Understanding how it works — and where it can fail, as FTX showed — is the first step to using one with open eyes."
category: "Crypto"
category_url: https://boursel.com/category/crypto
author: "Marcus Feldman"
published: 2026-06-26T20:30:00.000Z
updated: 2026-06-26T20:30:00.000Z
canonical: https://boursel.com/article/what-is-a-crypto-exchange-and-how-do-you-use-one-safely
tags: ["crypto-exchange", "cex", "dex", "ftx", "custody"]
---
# What Is a Crypto Exchange, and How Do You Use One Safely?

A crypto exchange is the front door to digital-asset markets for most people. Understanding how it works — and where it can fail, as FTX showed — is the first step to using one with open eyes.

*This is general information, not investment advice. Crypto is volatile and high-risk.*

For most people, buying crypto means opening an account on an exchange. What that account actually is — and isn't — matters more than the price chart.

## What a crypto exchange is

A **crypto exchange** is an online platform to buy, sell and trade cryptocurrencies — swapping dollars (fiat) for bitcoin or ether, or one coin for another. It plays a role like a stock brokerage: bringing buyers and sellers together and executing orders. But it operates in a very different legal and technical world, with far fewer of the protections bank and brokerage customers take for granted, [as the SEC's Investor.gov cautions](https://www.investor.gov/introduction-investing/general-resources/news-alerts/alerts-bulletins/investor-bulletins/crypto-asset-custody-basics-retail-investors-investor-bulletin-0).

## Two types: CEX and DEX

**Centralized exchanges (CEXs)** — Coinbase, Binance, Kraken — are run by companies that match orders, hold customer funds, and handle security and compliance. They're easy to use, offer support, and require identity verification (KYC). **Decentralized exchanges (DEXs)** — like Uniswap — have no company in the middle: trades happen peer-to-peer via smart contracts on a blockchain, you keep custody in your own wallet, and no ID is required (tie to our Ethereum/DeFi/wallet explainers). The trade-off: no support, more complexity, and total personal responsibility for security.

## How a centralized exchange works

Most CEXs run an **order book** matching buy and sell orders. A **market order** fills now at the best price; a **limit order** waits for your price. Exchanges earn from **trading fees** (a fraction of a percent) and the **spread** (the gap between buy and sell prices — narrow for bitcoin, wide for obscure tokens), plus **withdrawal fees**. To open an account you complete **KYC** ("Know Your Customer") — uploading ID — a legal anti-money-laundering requirement.

## The custody issue: 'not your keys, not your coins'

This is the single most important point. When you hold crypto on a centralized exchange, the **exchange holds the private keys** — you have a balance on its books, not direct control of coins on the blockchain. The industry adage **"not your keys, not your coins"** captures the risk: if the exchange is hacked, defrauded, or goes bankrupt, you can lose everything, with **no FDIC-style insurance** to make you whole (see our crypto-wallet explainer).

## The cautionary tales: FTX and Mt. Gox

The risk isn't hypothetical. **FTX**, then the second-largest exchange, halted withdrawals on November 8, 2022 and filed for bankruptcy on November 11, trapping over a million users; investigators found **customer funds had been improperly funneled to an affiliated trading firm**, leaving roughly an $8 billion shortfall, and founder Sam Bankman-Fried was convicted of fraud in 2023. Earlier, **Mt. Gox** — which once handled most of the world's bitcoin trades — [collapsed in 2014](https://www.npr.org/sections/thetwo-way/2014/02/28/283863219/mtgox-files-for-bankruptcy-nearly-500m-of-bitcoins-lost) after roughly **850,000 bitcoin** went missing. The common lesson: trusting an exchange with custody means accepting that the exchange itself can fail.

## How to use one more safely

- **Pick established, regulated platforms.** In the US, exchanges register with FinCEN and face SEC/CFTC oversight; in the EU, the **MiCA** regime (in force from late 2024) sets capital, custody and anti-money-laundering standards.
- **Turn on two-factor authentication (2FA)** — ideally via an authenticator app, not SMS (phone-number "SIM-swap" attacks are real).
- **Move long-term holdings to self-custody** (a hardware wallet) so the exchange isn't a single point of failure — accepting that key-security is then on you.
- **Beware phishing:** type the exchange's address yourself; never log in via email links; verify apps carefully.
- **Know what you're not getting:** an exchange account isn't a bank account, usually carries no deposit insurance, and customers can become unsecured creditors if it fails — as FTX users learned.
- **Read the fees:** trading fees, spreads, and withdrawal/network fees add up, especially on small coins.

## What it means

A crypto exchange is a useful, often necessary tool — but it is not a bank, and the protections bank customers assume don't apply. Understanding custodial vs. self-custody, choosing regulated platforms, locking down your account, and moving long-term holdings off-exchange are the basics. The platform is an *additional* layer of risk on top of crypto's underlying volatility — worth remembering before you deposit.

## Sources

- [Crypto asset custody basics for retail investors](https://www.investor.gov/introduction-investing/general-resources/news-alerts/alerts-bulletins/investor-bulletins/crypto-asset-custody-basics-retail-investors-investor-bulletin-0)
- [Mt. Gox files for bankruptcy; nearly $500M of bitcoins lost](https://www.npr.org/sections/thetwo-way/2014/02/28/283863219/mtgox-files-for-bankruptcy-nearly-500m-of-bitcoins-lost)