All views expressed in this piece are those of the author and do not necessarily reflect the official policy or position of Torca or any of its employees.---Bitcoin was designed for pure decentralisation and the sovereignty of its holder and since its birth, over 2200 more cryptocurrencies have been minted. It’s widely agreed that virtual assets will be the future of money.
However, the transition to that point from a post-economic crash counterculture is a long and winding road. The centralised economy benefits from decades of legislation and regulation and the security that offers; crypto evangelists seek the same security for the decentralised economy while retaining the autonomy of its participants. This presents a conundrum that will take significant innovation to solve.
So, last week, the cryptocurrency industry looked towards Osaka. Running concurrent to the G20 Summit, a round table—dubbed the ‘V20 Summit’—brought together government agencies, leading crypto companies and representatives of the Financial Action Task Force (FATF) to discuss a workable, unified regulatory approach for all market participants.
The FATF’s proposed standards
The summit presented a fantastic opportunity for industry experts and legislators to collaborate on the best route forward, but a key driver for this conversation are the recommendations that the FATF finalised this week.
The inter-governmental body is already moving forward with the expectation that they laid out in their Interpretive Note from February this year. Virtual Asset Service Providers (VASPs), they say, should “obtain and hold accurate originator information on virtual asset transfers”. This direction, which clearly aims to protect consumers and stem the flow of cryptocurrency-based money laundering, runs contrary to the nature of many digital currencies.
The digital wallet addresses used to store virtual assets are generated randomly, contain no detail about the owner and do not exist on a single register. What the FATF proposed would equate these addresses with conventional IBAN numbers, which contain the country, bank, brand and account number of a transaction originator.
The implementation of these rules would either mean a fundamental restructuring of Distributed Ledger Technology (DLT) or the building of a brand new system that works in line with the FATF’s requirements.
Contributing to this vital conversation in Osaka were big crypto players such as Huobi, Coinbase, Kraken and international industry bodies Global Digital Finance, the Australian Digital Commerce Association (ADCA) and ACCESS of Singapore. It was vital that the industry has a voice at the table, not to ward off rules and regulations completely, but to ensure that a more measured approach is taken than that which the FATF has proposed.
A pivotal point for crypto
On face value it’s clear to see why the FATF have taken this approach. Money laundering and other criminal activity has been a thorn in the side of the crypto space and the FATF, which represents 36 countries, was created after 9/11 to set global standards that combat exactly that.
Stories of cryptocurrency theft and its use in financing criminal organisations are a key theme in the general public’s crypto consciousness. Mt. Gox, a Tokyo-based exchange, went bankrupt in 2014 after losing $435 million of bitcoin to hackers; in 2018, Coincheck, BitGrail and Tech Bureau similarly lost a combined $771 million and most recently, Binance lost $41 million of bitcoin in May this year. It has also been reported to the U.N. Security Council that North Korea has successfully attacked Asian cryptocurrency exchanges at least five times, acquiring $571 million in the process.
The recommendations mimic the longstanding “travel rule” that international banks are subject to. Under the guidance, each cryptocurrency transfer would need to include five pieces of information:
- The originator’s name;
- The originator’s account number where such an account is used to process the transaction (e.g. the virtual asset wallet);
- The originator’s physical address, or national identity number, or customer identification number (i.e. not a transaction number) that uniquely identifies the originator to the ordering institution, or date and place of birth;
- The beneficiary’s name, and;
- The beneficiary account number where such an account is used to process the transaction (e.g. the virtual asset wallet).
But the unique nature of virtual assets and the underlying technology asks for an equally unique solution. The travel rule was created for a system where transactions had clear intermediaries, so rather than focusing solely on screening the originator and the beneficiary, perhaps the onus of these rules should be on how to demonstrate regulatory compliance through blockchain’s native transparency and traceability.
Just last week, Ripple papered a partnership with crypto RegTech startup Coinfirm to explore precisely this. Ripple’s XRP is the third-largest cryptocurrency and the deal will enable them to collect more anti-money laundering data about its users – without needing their actual identities. Information such as whether not an address is owned by an exchange that allows anonymous trading and whether or not the entity that owns the address is registered in a country deemed high risk will contribute to a grade of low, medium or high risk for the user, all without the need for personal data. Certainly a novel solution, but whether the FATF deem this as sufficient for their requirements is yet to be seen.
For crypto in its current state, the guidance proposed would tick boxes when it comes to increasing overall global governance and helping to reduce money laundering, but it stifles innovation and lands significant compliance costs at the doors of service providers in favour of a relatively easy fix. Furthermore, by rendering services non-compliant, cryptocurrency transactions may be driven underground through non-custodial wallets, away from official venues where processes and rules can be more effectively maintained.
Finding a fix
It is important to note that the FATF guidance is not immediately binding; there is a 12-month period within which member countries should independently legislate for the rules before they risk being placed on a blacklist.
This gives some time to find a suitable fix. JP Morgan have developed a solution called the Interbank Information Network (IIN) to fulfil this purpose, although it is specifically for banks. The IIN is a blockchain-powered peer-to-peer network which “allows member banks to exchange information in real-time as a way to verify that a payment has been approved.” A private, permissioned blockchain such as this is precisely what VASPs would need to fulfil the FATF requirements.
But therein lies the problem: a standardised KYC chain isn’t in common use today and we are yet to see it in practice. The crypto space moves quickly, but can it move fast enough to deliver a global blockchain that facilitates the exchange and verification of information between VASPs?
So what’s next?
Cryptocurrency exchanges and custodial wallet providers will certainly feel the operational and compliance burden of these rules, but asking privacy-conscious cryptocurrency users to relinquish their personal data may cause an exodus. Some exchanges—which have somewhat of a chequered past when it comes to securing currency—have faced criticism over lax KYC processes. Now, with increased KYC requirements, users may rightly feel unnerved in handing over yet more information.
With regards to finding a solution, Mary Beth Buchanan, General Counsel at San Diego-based cryptocurrency exchange Kraken, says “there’s not a technology solution that would allow us to comply fully. We are working with international exchanges to try to come up with a solution.” So, VASPs are preparing to comply with the FATF’s rules as they are within the time limit given, but the general feedback from the industry highlights the importance of the discussions in Osaka.
The summit had four key initiatives:
- An urgent meeting of key parties during the G20 Summit in Osaka including government agencies and crypto companies, as well as notable representatives of the FATF working group
- A coordinated proposal for ‘bottom up’ regulation by the industry and to influence the standards proposed by FATF to better reflect the unique nature of virtual asset transactions
- A proposal for the extension of the timeline for the updated FATF standards to come into effect to allow an appropriate response to be prepared
- Development of protocols and standards to underpin a new platform (or similar) to meet the information collection requirements of FATF
A favourable outcome for the industry would be one where sufficient regulatory oversight is achieved while the speed and openness of distributed ledgers are preserved. The current President of the FATF, Marshall Billingslea, cited cryptocurrency regulation as an urgent priority, so time is a precious commodity as the dialogue progresses.An extension to the 12-month transition period may be necessary to develop the best possible technological solution to the money laundering problem, but we are on the precipice of another new dawn; one where the cryptocurrency space is no longer seen as radioactive by traditional financial services and where true collaboration can take place. At the close of the V20 Summit, the attendees signed a Memorandum of Understanding “to establish an association to provide a global unified voice for the virtual asset industry”. In the short term, the FATF recommendations appear to present problems by retrofitting rules, but we can hope that in practice, they contribute to new, progressive industry standards and protect legitimate cryptocurrency users.