On June 21, the Financial Action Task Force, or FATF, is expected to adopt a proposal that could have a big effect on the cryptocurrency world. FATF wants cryptocurrency exchanges to act like banks, collecting identifying information not only from its own customers, but also the people to whom these customers send cryptocurrency.
This seems to go against the very nature of electronic cash. Cash provides consumers with an information-light method of transacting. Want to protect your personal data in order to avoid identity theft and hackers? Use cash, either the paper or electronic version. But the moment all parties to a cash transaction must submit identifying information, all of cash’s data-shielding virtues are voided and it stops being cash.
FATF is the most powerful international institution you’ve never heard about. An intergovernmental body that was formed in 1989 to promulgate standards for combating the laundering of drug money, FATF became involved in the fight against the financing of terrorism after 9/11. Once FATF issues a recommendation, the task force’s 38 member countries implement their interpretation of the rule on a national level.
In the heady early days of cryptocurrency, FATF and anti–money laundering rules were generally ignored. Anyone could open an account at a cryptocurrency exchange, no questions asked. As time passed, cryptocurrency exchanges began to comply with standard anti–money laundering practices. No longer could one pass oneself off as JohnX1234 and immediately start trading bitcoin. Exchanges now required driver’s licenses, identity cards, or other forms of ID to open an account.
This week, FATF could bring so-called virtual asset service providers, or VASPs, further in line by having them conform to Recommendation 16, a guideline that the crypto world has heretofore ignored. Now if a customer wants to transfer cryptocurrency from their exchange, or VASP, to a customer at another VASP, the originating exchange will be obliged to collect information about the recipient (i.e., the beneficiary) before allowing the transfer to proceed.
Once the beneficiary’s information has been acquired, it must be packaged together with pertinent information about the sender, this data archive “traveling” along with the cryptocurrency to the receiving VASP. The sort of information that will have to be collected includes both the sender’s and recipient’s name, address, and account number.
Banks have long been required to conform to FATF’s Recommendation 16, sometimes referred to as the travel rule. By obliging banks to collect and pass on information about both the originating and beneficiary customers to the next bank, Recommendation 16 was intended to forge an information trail for law enforcement agencies in pursuit of money launderers.
But Recommendation 16, which, according to FATF, applies to “cross-border wire transfers and domestic wire transfers,” is an awkward fit for cryptocurrencies. One of the attractive features of cash, both the paper and electronic types, is how easy it is to transfer. In the case of bitcoin, all that is required is an electronic address. Click. It’s done. But if the recipient’s name and physical address must be collected prior to the transfer being completed, then that damages the user experience. Sending cryptocurrency becomes pretty much like making a wire transfer.
Granted, FATF’s recommendation would only apply to transfers of cryptocurrency from one VASP to another. Cryptocurrency users would still presumably be free to make transfers from a VASP to a non-VASP address, or direct person-to-person transfers, without having to abide by FATF’s rules.
But the recommendation will be quite difficult for exchanges and other VASPs to implement. VASPs will somehow have to figure out whether a given outbound payment is going to another VASP. If it is, the originating VASP will have to communicate with the destination VASP in order to verify that the identity of the recipient customer is accurate.
CipherTrace, a blockchain-analytics firm, suggests that some sort of “overlay” communications network will have to be built to allow VASPs to exchange customer data. It points out that this network will be both costly and technically and politically challenging.
It’s hard not to see this all as a big waste. FATF’s Regulation 16 is about creating an information trail. But cryptocurrency information trails already abound. Most of the popular cryptocurrencies are implemented on public blockchains, meaning that transaction flows can be seen. Although the identities of users are unknown, firms that specialize in analyzing these flows can link them back to actual people. If the capability to trace transactions already exists, why rebuild it?
The proposal to apply FATF’s Recommendation 16 to cryptocurrency exchanges is symptomatic of two broader themes. First, in their zeal to fight money laundering and terrorism, FATF and other financial gatekeepers consistently sacrifice the financial privacy of regular law-abiding citizens.
This is more than just a cryptocurrency phenomenon. Cash remains the most widely accepted means of reducing one’s information footprint, but the range of acceptable uses for banknotes is gradually being restricted. In Spain and France, regulators have ratcheted down the maximum allowable transaction size for cash to €1,000. Many banks in the U.S. and UK no longer allow third-party cash deposits. Prepaid debit cards are another information-light payments method, but thanks to regulatory pressure the window for using them anonymously is already small and shrinking.
In an age in which digital surveillance is pervasive and people are becoming more careful about preserving their personal data, surely more regulatory space will have to be cut out for information-light payment systems.
The second theme is the shoehorn approach to regulation. Cryptocurrencies are a different sort of financial technology from bank deposits, yet they are being shoehorned into the same category for regulatory purposes.
Regular banks have dominated the payments system for so long that the entire regulatory apparatus has been designed with them in mind. When new entrants don’t quite fit the mold, regulators require these new entrants to either conform to pre-existing categories or be shut down. Again, this isn’t just a cryptocurrency phenomenon. In the U.S., the Federal Reserve refuses to open master accounts for narrow banks, a new type of safe bank, because they aren’t designed on the same principle as a regular bank.
June 21 is coming soon. FATF could take the old shoehorn approach and further restrict financial privacy, or whether it could take a more balanced approach.