The logic is linear and inescapable. The moment an exchange takes custody of your funds — even for the seconds required to match a trade — it has become a financial intermediary. Financial intermediaries, in every jurisdiction that has ever thought seriously about money, are required to know who they are intermediating for.
This is not a matter of regulation being overly aggressive. It is a matter of liability. The custodian holds your money. The custodian is responsible for what happens to it. The custodian needs to be able to account for where it came from and where it went.
The record is not incidental
When a centralised exchange asks for your passport, it is not performing a security check on your behalf. It is creating a record that transfers liability from itself to you. If something goes wrong — a hack, a subpoena, a regulatory seizure — the exchange can demonstrate that it followed procedure. The record exists to protect the exchange, not the customer.
Non-custodial exchange is not a feature. It is the only configuration that does not eventually require you to explain yourself.
Non-custodial exchange removes this requirement structurally. When funds never pass through an intermediary's wallet, there is nothing to be a custodian of. There is no account to freeze. There is no record to subpoena. There is no database to breach.
What this means in practice
The privacy of the transaction is not a setting you enable. It is the default state of the architecture. There is no less-private mode available because there is no mechanism to enable one. This is the correct way to build an exchange. Everything else is a compromise, and it is worth being precise about who that compromise serves.
The answer is: not you.