The company is headed by CEO Nejc Kodrič, a widely known member of the bitcoin community, who co-founded the company in August 2011 with Damijan Merlak in his native Slovenia, but later moved its registration to the UK in April 2013, then to Luxembourg in 2016. Bitstamp outsourced certain operations to the UK due to the lack of adequate financial and legal services in Slovenia. When incorporating in the United Kingdom, the company approached the UK's Financial Conduct Authority for guidance, but was told that bitcoin was not classed as a currency, so the exchange was not subject to regulation. Bitstamp says that it instead regulates itself, following a set of best practices to authenticate customers and deter money laundering. In September 2013, the company began requiring account holders to verify their identity with copies of their passports and official records of their home address. In April 2016, the Luxembourgish government granted a license to Bitstamp to be fully regulated in the EU as a payment institution, allowing it to do business in all 28 EU member states. In April, 2018, Nexon was rumored to be in talks to purchase Bitstamp. In October, 2018, Bitstamp has been acquired by NXMH, a Belgium-based investment company.
Service disruptions
In February 2014, the company suspended withdrawals for several days in the face of a distributed denial-of-service. Bitcoin Magazine reported that people behind the attack sent a ransom demand of 75 bitcoins to Kodrič, who refused due to a company policy against negotiating with “terrorists”. In January 2015, Bitstamp suspended its service after a hack during which less than 19,000 bitcoins were stolen, reopening nearly a week later.
Compliance
In a September 2018 report by from the New York Attorney General office conducted a survey of fourteen virtual currency exchanges to gather information aimed at creating greater transparency regarding security, anti-hacking measures and business practices. Bitstamp was among ten platforms that responded. In the 42-page "Virtual Markets Integrity Initiative Report", it is noted that of the ten that responded, Bitstamp was among the seven that confirmed that they had sought approval, directly or through a subsidiary, from the New York State Department of Financial Services to operate a virtual currency business in New York State. The report goes on to say that such approval implies an agreement to actively protect deposited funds, prevent money laundering and illegal activity, and respond to other risks. Bitstamp was one of two exchanges that claimed to block access to their exchange by VPNs. In addition to providing fee policies, Bitstamp also claimed to conduct audits of their virtual currency holdings.
