I'm here to share my experience with Poloniex with the rest of the altcoin community. May this be a warning for future traders who are thinking about using this exchange.
I've had a small BTC withdraw frozen by Poloniex staff for upwards 24 hours and might persist for possibly longer. As of the time of this writing there is no warning on their website about withdraws being frozen for 24-48 hours. In the years of trading I've never ran into this situation.
When I opened a trading account with Poloniex, I did so despite my reservations relating to their previous hacks[1] resulting in coin theft. To my surprise, I noticed a red flag upon signup that Poloniex requires first name, last name, country and so forth just to trade coins. I could understand if I was signing up for a fiat trading or lending account, but this is just for trading coins. Poloniex has stated this is because they are federally compliant yet, Seattle-based Bittrex.com is also a US federally compliant exchange and it allows users to signup with just an e-mail address like most exchanges that deal with crypto trades.
Any time an exchange user wants to trade in fiat currency he is required to verify ID and that is understandable given the AML/KYC laws relating to electronic money transfer. I've looked around to find any information relating to ID requirements in regards to cryptocurrency and I can't find a single US law or statue which requires businesses to demand this of users unless they are dealing with fiat currency i.e. USD or GBP. This is because the IRS defines cryptocurrency as property[2], not currency. So why are FINCEN laws relating to currency being applied by Poloniex staff?
Futhermore, Poloniex has implemented currency controls for withdraws of cryptocurrency greater than $2000. If a Poloniex user would like to withdraw more than this, they are required to verify their ID, address and more revealing information. Again, what concerns me here is that there is no law requiring them to do this that I can find yet they are doing this regardless. This goes against everything that cryptocurrency stands for - the protection of privacy and avoidance of global currency controls tied to fiat currency. Bittrex requires no ID for any amount of coin withdraw.
What is surprising about all of this is that XMR, which is supposed to be a privacy oriented coin has had its own pairing on Poloniex for a few years. One would assume that the operators of Poloniex would respect user privacy like Bittrex or other exchanges that deal in crypto to crypto exchanges. But, unfortunately that is just not the case here.
I do have a gut feeling that Poloniex might be acting as a honeypot to establish a database of crypto traders for some government entity thereby deanonymizing any technology built into respective privacy coins. I also wouldn't be surprised if the two darknet markets that added XMR as a currency are operated by the same team as part of an operation to funnel users into their database. Poloniex had no logical business related reason for giving XMR it's own pairing years ago unless they were planning something big in the distant future. It's quite obvious that they aren't privacy advocates.
A word of advice from a trader who has had their coins frozen for no reason. Move your coins off Poloniex and into a secure wallet environment. If you're going to trade coin-to-coin do so on a reputable exchange like Bittrex or the decentralized exchange Bitsquare [3]. I do not work for Bittrex, I'm only using them as an example due to both exchanges being based in the US. Richie Lai, the owner is Bittrex is also in charge of Amazon's Security Operations Center [4] and probably the reason why they've never been hacked.
Don't be lured into trading on Poloniex because of the large volume. The only reason why it has a large volume is because they have currency controls that limit users withdrawing funds. To reiterate, I have suspicions that Poloniex might be gearing up to stage a false flag hack which will result in a compromise of user's identities, locations, phone numbers and most importantly funds to bad actors. This could result in identity theft if large trader info were leaked. Personal security would also be a risk as whales would become the target of criminals.
The ramifications would be numerous and only time will tell if I am correct. Be smart, take a precaution and minimize risk by switching exchanges.
TL:DR Poloniex froze my coin withdraw for no reason and without any disclaimer on their deposit or withdraw. It might be gearing up for a false flag hack resulting in the theft of user identities and funds.
[1]
http://www.bitcoinx.com/poloniex-hacked-12-3-bitcoin-supply-withdraws-difference-user-accounts/[2]
https://www.irs.gov/uac/newsroom/irs-virtual-currency-guidance[3]
https://bitsquare.io/[4]
https://www.bittrex.com/Home/About