In the relentless cat-and-mouse game between regulators and cryptocurrency developers, the cats are about to add some serious firepower – this time in the form of a global alliance.
But if you think the intergovernmental Financial Action Task Force’s forthcoming know-your-customer (KYC) compliance standards spell the end for the mice, think again. If anything, the FATF’s move, expected to be released next month, will drive developers to accelerate work on non-custodial exchanges and other tools that will make it easier for end-users to transact directly outside of regulated intermediaries.
As CoinDesk managing editor Marc Hochstein explained last week , the new rules are likely to require exchanges and other custodial entities that take custody of their customers’ cryptocurrency to obtain identifying information about both parties before allowing a transaction over their platforms.
Functioning much like the FATF’s “travel rule” for correspondent banks, the new regulatory approach would be backed by the task force member institutions’ unique powers to “graylist”– and ultimately blacklist – entire countries if they are judged to be non-compliant.
When combined with the European Union’s forthcoming AMLD5 anti-money laundering rules for cryptocurrencies, the new framework conjures up the image of an all-encompassing global system for cryptocurrency transactions in which no one user is unaccounted for.
‘Satoshi’s vision’ destroyed?
Libertarian-minded cryptocurrency believers will view this as an abominable surveillance system that contravenes the censorship-resistant principles upon which bitcoin was built.
From a practical perspective, the new rules are going to be a burdensome imposition on custody-handling exchanges. It may well spur industry consolidation as smaller players may find the compliance costs too high. Blockchain analysis firm Chainalysis, which counts regulatory agencies among its clients, argued in a submission to the FATF that the new rules are impractical and would drive more activity in cryptocurrencies into services that make it much harder for authorities to track illicit activity.
The rules could also, sadly, add to the “de-risking” problem that excludes billions of under-identified people in developing countries from the global financial system.
But all is not lost. In most countries, there is nothing illegal about holding cryptocurrency itself under your own custody. And, as was clarified in guidelines recently published by the Financial Crime Enforcement Network, or FinCEN, the world’s regulatory institutions won’t, for now at least, be imposing the same KYC requirements on providers of self-custody wallet software.
What is likely to emerge, then, in parallel to the FATF-regulated ecosystem of regulated custody-taking institutions, is an entirely separate economy of peer-to-peer exchanges among people who control their own cryptocurrency.
If you hold your coins with Coinbase, you will no longer be able to send or receive crypto to or from just any old bitcoin address if it has been through a KYC process. Once you move your funds into a non-custodial account, you’ll be free to send them to any self-custody address, but if you’ve never formally associated your identity with that address via a regulated entity, you won’t be able to transact with a Coinbase address or one administered by any other regulated custody provider.
The point, though, is that this otherwise draconian regulatory framework still leaves room for Satoshi’s vision of a peer-to-peer payments system. And with more work on technical and business model development, that system could still become sizable.
In fact, the new rules could be a catalyst for developers to more urgently tackle the core technical and logistical challenges that have limited the adoption of self-custody cryptocurrency wallets. These challenges fall under the categories of security, market coordination and fiat on-ramps, all three of which are currently showing significant progress.
A key incentive for people to hold their cryptocurrency with custodial services such as Coinbase has been an unwillingness to risk either misplacing their private keys or having them stolen. Stories of hacks and loss abound and have long discouraged newbies from “being their own bank.”
In recent years, secure hardware wallets such as Ledger and Trezor have made it easier for people to control their assets without exposing their private keys to online hackers. But security experts claim to have found vulnerabilities. And the user experience is still far from convenient for the non-savvy.
Still, a new generation of smartphones that employ military grade security and end-to-end encryption should make it easier to securely hold cryptocurrency, locally, on a device that easily connects to the Internet for global payments. HTC led the way in this technology. Samsung is now catching up.
Phone makers are employing sophisticated, locally stored biometric proofs to indelibly tie control to a user. When combined with multi-signature technologies, human-friendly key recovery solutions such seed phrases kept with trusted associates, and a bit of education, the risk of loss can be reduced to an immaterial level.
Other changes to the ecosystem, such as decentralized insurance programs and more aggressive measures to hold phone carriers to account for “SIM swap” attacks such as the one that led Michael Terpin into a lengthy legal battle with a hacker and AT&T, will also boost confidence.
Over time, more and more people are going to feel more comfortable managing their own key custody.
Market coordination and fiat on-ramps
The next challenge is to reduce the widespread dependence on custody-based exchanges.
Cryptocurrency users need to efficiently find buyers and sellers, and until now, that has left them dependent on centralized exchanges, which are key targets of the new regulations.
The answer lies in the rapidly growing field of decentralized exchanges, where custody is retained by the investor and where technologies such as atomic swaps allow seamless peer-to-peer transfer of assets without either party being able to defraud the other.
As a nascent technology, DEXs currently struggle to attract the liquidity of the larger centralized exchanges, which makes them less attractive. But with Binance having launched a beta version, there is likely to be rapid development in this space.
Meanwhile, Boston-based startup Arwen has launched a protocol that would give investors access to the matching engines of large centralized exchanges but allows them to retain custody through a smart contract solution that locks up their coins in escrow. KuCoin has integrated a beta version of the technology into its exchange.
Even if decentralized exchanges and self-custody trading can help crypto-to-crypto transactions stay out of the regulatory net, they won’t solve the related problem of access to fiat currency. For the moment, that’s a service that has been almost solely provided by regulated, centralized exchanges.
The solution lies with the new batch of stablecoins, where dollar-pegged tokens such MakerDAO’s algorithmic solution, Dai, are competing with reserves-backed stablecoins such as those of Gemini, Paxos and a consortium led by Circle and Coinbase.
In theory, there’s nothing technical stopping these stable-value tokens from moving in and out of unidentified self-custody wallets, which offers a way around the fiat on-ramp problem by enabling access to de facto dollars, if not actual dollars. Only when users redeem them for actual greenbacks via the token-issuing companies will they drop into a regulated environment and have to identify themselves.
Facebook vs banks?
Now, all these services must be underpinned by real fiat resources, which means that stablecoin providers and DEX software providers will still need bank accounts. And given banks’ ongoing reluctance to support cryptocurrency businesses, obtaining them could be a potential obstacle to startups looking to grow of this ecosystem.
In this way, banks could continue to be the wedge with which regulators impose limits on the otherwise unregulated cryptocurrency industry.
But as I’ve argued elsewhere , banks’ growing interest in other blockchain developments, such as in making markets in tokenized equity and bond offerings, is going to induce them to support tokenized payments. This will eventually demand a more friendly approach to some of these service providers, especially stablecoins.
Most banks won’t want to cede the future of digital fiat payments to a competing bank such as JPMorgan , and they’ll be reluctant to let Facebook turn its more than 2 billion active users into an instant global payment network that bypasses banks. Ironically, that could draw them closer to rebel providers of these self-custody-enabling services.
The Tom and Jerry show will continue, in other words. Don’t change the dial.