Total: 50 Points
(Plus up to 15 bonus points for optional scenarios)

Component Breakdown

Component Points per Scenario Total (5 scenarios)
Regulatory Citations 3 15
Decision Quality 3 15
Information Requests 2 10
Risk Assessment 1 5
Presentation - 5
TOTAL 50

1. Regulatory Citations (3 points per scenario)

What to evaluate: Student's ability to identify and accurately cite applicable regulatory frameworks, specific provisions, thresholds, and jurisdictional rules.

Points Level Criteria
3 Excellent
  • Identifies all relevant regulatory frameworks (MiCA, FATF, OFAC, EU 5AMLD, etc.)
  • Cites specific articles or provisions accurately (e.g., "MiCA Article 68", "FATF Rec. 16")
  • Demonstrates understanding of thresholds (€1,000 Travel Rule, €10k+ EDD, etc.)
  • Recognizes jurisdictional nuances (US vs. EU differences, sanctions)
  • Applies regulations appropriately to the specific fact pattern
2 Good
  • Identifies most relevant regulations but may miss one or two
  • Cites general frameworks correctly but lacks specific article references
  • Shows basic understanding of thresholds
  • Minor inaccuracies in application
1 Fair
  • Identifies some relevant regulations but misses key ones
  • Vague references without specific citations
  • Confused about thresholds or jurisdictional rules
  • Misapplies regulations to fact pattern
0 Poor
  • Fails to cite relevant regulations
  • Cites incorrect or irrelevant regulations
  • No understanding of applicable compliance requirements

2. Decision Quality (3 points per scenario)

What to evaluate: Soundness of the compliance decision (Approve / Flag / Reject), quality of reasoning, risk-based thinking, and acknowledgment of gray areas.

Important: Students may reach different conclusions than the model answer. Award full credit if the reasoning is sound and well-justified, even if the decision differs.

Points Level Criteria
3 Excellent
  • Decision is clearly stated and well-defended with regulatory justification
  • Demonstrates risk-based compliance thinking (balancing legal requirements with business reality)
  • Shows nuanced understanding (acknowledges alternative perspectives, explains why chosen approach is best)
  • Reasoning connects facts → regulations → decision logically
  • Considers both letter and spirit of compliance obligations
2 Good
  • Decision is reasonable and generally well-supported
  • Shows basic risk-based thinking but less sophisticated
  • Reasoning is logical but may lack depth or miss some considerations
  • Does not fully explore alternative views
1 Fair
  • Decision is unclear or weakly justified
  • Reasoning is superficial or circular ("reject because risky" without explaining why risky)
  • Misses key considerations
  • Binary thinking (approve/reject) without considering middle ground
0 Poor
  • No clear decision or contradictory reasoning
  • Decision conflicts with cited regulations
  • Demonstrates fundamental misunderstanding of compliance obligations

3. Information Requests (2 points per scenario)

What to evaluate: Student's ability to identify specific, relevant documentation or information needed to conduct proper due diligence and make informed compliance decisions.

Points Level Criteria
2 Excellent
  • Identifies specific, actionable documentation (not vague requests like "more information")
  • Requests are relevant to the specific risk factors in the scenario
  • Shows understanding of what information would actually mitigate compliance risk
  • Demonstrates knowledge of standard due diligence practices (source of funds, beneficial ownership, etc.)
  • Prioritizes information requests appropriately
1.5 Good
  • Identifies relevant documentation but with less specificity
  • Covers most key areas but may miss one or two important requests
  • Shows basic understanding of due diligence requirements
1 Fair
  • Vague or generic requests ("need more info", "verify identity")
  • Misses key documentation for the specific scenario
  • Requests information that wouldn't actually address the compliance concerns
0 Poor
  • No information requests provided
  • Requests are irrelevant or nonsensical
  • Demonstrates lack of understanding of due diligence

4. Risk Assessment (1 point per scenario)

What to evaluate: Realistic assessment of Low/Medium/High risk to the exchange, with appropriate justification considering regulatory, reputational, and operational risks.

Points Level Criteria
1 Excellent
  • Risk level is realistic and consistent with analysis
  • Justification explains multiple risk dimensions (regulatory, reputational, operational, financial)
  • Shows understanding of potential consequences
0.75 Good
  • Risk level is reasonable
  • Basic justification provided but lacks depth
0.5 Fair
  • Risk level is questionable or inconsistent with analysis
  • Weak or circular justification
0 Poor
  • No risk assessment provided
  • Risk level is completely unrealistic

5. Presentation (5 points total)

What to evaluate: 10-minute presentation addressing the three required reflection questions.

Points Component Criteria
2 Most Difficult Decision
  • Clearly identifies which scenario was most challenging and why
  • Explains the tension between competing considerations
  • Articulates how they resolved the dilemma
2 Regulatory Gray Area
  • Identifies a scenario where regulations provide incomplete guidance
  • Explains the gap or ambiguity in regulatory framework
  • Discusses implications for compliance practice
1 Recommendation for Improvement
  • Proposes practical change to crypto regulation
  • Justifies how it would improve compliance or innovation
  • Shows critical thinking about regulatory design
Presentation Deductions:
  • -1 point: Significantly over or under time limit (less than 7 minutes or more than 13 minutes)
  • -1 point: Does not address all three reflection questions
  • -0.5 points: Poor organization or unclear communication
Bonus Points (Up to +15 Maximum)

Each bonus scenario completed: +5 points (same rubric as required scenarios)

  • Bonus 1 (Minor with Parental Consent): 1 point regulatory citations + 1 point decision + 1 point info requests + 1 point risk + 1 point presentation quality
  • Bonus 2 (PEP - DeFi Usage): Same breakdown (5 points total)
  • Bonus 3 (Cross-Border Remittance): Same breakdown (5 points total)
  • Bonus 4 (Privacy Coin Conversion): Same breakdown (5 points total)
  • Bonus 5 (Gambling Winnings): Same breakdown (5 points total)

Maximum bonus: +15 points (completing 3 bonus scenarios)

Note: Students may complete more than 3 bonus scenarios, but maximum bonus credit is capped at 15 points.

Final Grade Calculation

Component Points Student Score
Regulatory Citations (5 scenarios × 3 points) 15
Decision Quality (5 scenarios × 3 points) 15
Information Requests (5 scenarios × 2 points) 10
Risk Assessment (5 scenarios × 1 point) 5
Presentation 5
SUBTOTAL (Required Work) 50
Bonus Points (max +15) +___
FINAL SCORE / 50
Grade Scale:
  • 45-50 points: A (Excellent compliance analysis, demonstrates mastery)
  • 40-44 points: B (Strong compliance thinking with minor gaps)
  • 35-39 points: C (Adequate understanding but significant weaknesses)
  • 30-34 points: D (Minimal compliance competence, major gaps)
  • Below 30: F (Insufficient understanding of regulatory requirements)

Bonus points can push scores above 50, but are not required for an A grade.

© Joerg Osterrieder 2025-2026. All rights reserved.