CryptoFIX Institutional Readiness Auditor — Methodology
How exchanges are evaluated against TradFi institutional standards
1Two-level scoring model
The CryptoFIX rubric uses a two-level model:
- Message type presence — is the FIX message documented?
- Essential tag coverage — are the required tags present within that message?
This mirrors how institutional OMS teams and connectivity engineers actually evaluate an exchange's FIX spec: first confirm the message exists, then verify the specific fields needed for their workflow.
2Main readiness score (0–100)
Four tiers contribute to the institutional readiness score. Tier 1 carries the most weight because order lifecycle capability is the primary determinant of whether an exchange can support direct institutional connectivity.
Message types: 35=D (NewOrderSingle), 35=8 (ExecutionReport), 35=F (CancelRequest), 35=G (Amend/CancelReplace), 35=9 (CancelReject), 35=Q (DontKnowTrade), unsolicited cancel (35=8 with 150=4)
Tags within 35=8 ExecutionReport: LastCapacity (29), LastMkt (30), OrderCapacity (528), LastPx/LastQty (31/32), TransactTime precision (60), LastLiquidityInd (851), ContraTrader (375)
Required for MiFID II best-execution, TCA, and fee reconciliation.
Message types: 35=AE (TradeCaptureReport), 35=AR (TradeCaptureReportAck), 35=J (AllocationInstruction), 35=P (AllocationInstructionAck)
Essential for institutional block trade confirmation and post-trade allocation workflows.
Standard header, 35=A (Logon + auth), 35=0 (Heartbeat), 35=2 (ResendRequest / message recovery), 35=5 (Logout), 35=3/35=j (Rejects), 35=4 (SequenceReset), Cancel-on-Disconnect (COD)
Session reliability is a prerequisite for all other tiers.
3Audience-specific sub-scores
Two supplementary scored panels provide audience-specific assessments that do not affect the main 100-point score.
Tier 4 — AML & Travel Rule (10 pts)
Tags in 35=8, 35=AE, or 35=AR context: Parties (453/448/452) for VASP ID, wallet attribution, ExecID audit trail (17), ExecInst flags (18).
Tier 6 — Drop Copy (5 pts)
Dedicated FIX session, CopyMsgIndicator (797), dedicated endpoint, cross-session order coverage.
Tier 7 — Market Data & RFQ
35=V/W/X/Y (subscribe/snapshot/incremental), 35=x (security list), 35=h/f (session status). L2 vs L3 (tag 278) noted.
RFQ Workflow:
35=AH (RFQ Request), 35=R (RequestForQuote), 35=S (Quote), 35=AJ (QuoteResponse), 35=AI (QuoteStatusReport)
4Tier 5: DAWG extensions
Tier 5 evaluates support for FIX Trading Community Digital Assets Working Group (DAWG) extensions. These checks are informational only and do not affect any score.
Ratified (EP273)
- SecurityIDSource=Y (tag 22/456, ISO 24165 DTI)
- CurrencyCodeSource (tag 2897)
- SettlCurrencyCodeSource (tag 2899)
- SecurityType=DIGITAL (tag 167)
Draft
- Wallet identifier via PartySubIDType (tag 803)
- Symbol + SecAltIDGrp DTI pairs (tags 55 + 454/455/456)
Note: EP273 tags were published for FIX 5.0 SP2. FIX 4.4 exchanges (e.g. Coinbase Derivatives) cannot implement these extensions directly.
5Provenance
Built from 12+ years of FIX protocol implementation:
Wellington Management Company (9 years, 30+ certifications)
ATDL algo strategy construction, dark pool ATS connectivity (Liquidnet, Luminex, Instinet), EMS (Bloomberg EMSX, Tradeweb,MarketAxess, etc), MiFID II trade reporting, TWAP/VWAP/IS/POV execution algorithms, CME Self-Match Prevention, TBA/MBS netting via DTCC/FICC, FIX Onboarding, FIX Post-trade STP.
Solidus Labs (Lead TPM, 25+ onboardings)
Digital Asset FIX standard design, AML/surveillance platform delivery, first FIX-native implementation of digital asset trade compliance for institutional crypto exchanges.
Official FIX References:
- • FIX Trading Community FIXimate: fiximate.fixtrading.org
- • FIX DAWG Gap Analysis v0.2 and EP273
- • CME iLink3 FIX 5.0 specification
- • ASX 24 Drop Copy Specification v2.05
- • FINRA TRACE FIX Specification v1.5
- • Coinbase Exchange FIX API (FIX 5.0 SP2)
- • Kraken FIX API (FIX 4.4)
Disclaimer
Scores are indicative assessments based on publicly available FIX API documentation. Exchanges may support undocumented functionality. Independent verification against exchange RoE documentation and UAT testing is recommended before production connectivity decisions.