The past decade has seen several structural changes in know your customer (KYC) and anti-money laundering (AML) regulations in Europe and globally. High-profile money laundering cases and the penetration of illicit funds into global markets have caught the attention of regulators and the public, and rightfully so.
The Wirecard scandal was a particularly salacious example, in which the investigation into widespread fraud revealed a chain of shell companies involved in illegal distribution of narcotics and pornography. Over at Danske Bank, some $227 billion was laundered through an Estonian subsidiary, going virtually unnoticed for nine years.
In the United States, the Securities and Exchange Commission filed an action against Ripple Labs and two of its executives, claiming they had raised over $1.3 billion through an unregistered, ongoing digital asset securities offering. That case is ongoing.
Traditional forms of regulation from the fiat world do not reciprocally apply to every aspect of crypto nor to the fundamental nature of blockchain technology.
As regulators and financial institutions improve their understanding of these criminal practices, AML requirements have likewise been improved. But these adjustments have been an overwhelmingly reactive, trial-by-fire process.
To address the challenges of the fast-evolving blockchain ecosystem, the European Union has begun to introduce more stringent financial regulations that further bolster the regulatory system in order to improve licensing models. Many member states now regulate crypto assets individually, and Germany is leading the way in being the first to regulate cryptocurrencies.
These individual regulations clearly prescribe the pathway for crypto companies, outlining the requirements for obtaining and maintaining a financial license from the regulator. Compliance naturally boosts investor confidence and protection.
As these financial crimes and crypto itself evolves, so have regulatory bodies’ efforts to monitor, address and enforce restrictions. Internationally, the most prominent monitoring body is the Financial Action Task Force (FATF), which outlines general guidance and determines best practices in anti-money-laundering practices and combating the financing of terrorism.
Although FATF is considered soft law, the task force sets the bar for workable regulations within crypto assets. Especially notable is FATF’s Recommendation 16, better known as the “travel rule,” which requires businesses to collect and store the personal data of participants in blockchain transactions. In theory, access to this data will enable authorities to have better oversight and enforcement of crypto market regulations. In other words, they’ll know exactly who is doing exactly what. Transparency is key.
The travel rule conundrum
FATF’s travel rule impacts two types of businesses: traditional financial institutions (banks, credit firms and so on) and crypto companies, otherwise known as virtual asset service providers (VASPs).
In its original incarnation, the travel rule only applied to banks, but was expanded to crypto companies in 2019. In 2021, many of the FATF member jurisdictions began to incorporate the travel rule into their local AML laws. This regulatory shift sent shockwaves through the crypto sector. The stakes of refusal are high: Failure to incorporate the travel rule results in a service provider being declared noncompliant, which is a major obstacle to doing business.
But, the travel rule is also a major hindrance that doesn’t take into account the novelty of crypto technology. It is problematic for crypto businesses to integrate due to the major amount of effort it poses when obtaining KYC data about the recipient and integrating it into day-to-day business.
In order for crypto businesses to obtain this information for outgoing payments, data would have to be provided by the client and would end up being virtually impossible to verify. This is highly disruptive to the crypto’s emblematic efficiency. Moreover, its implementation presents challenges regarding the accuracy of the data received by VASPs and banks. Also, it creates further data vulnerabilities due to additional data silos being created across the globe.
When it comes to international standardization measures rather than those isolated within certain communities, there is a wide gap between exclusively on-chain solutions (transactions that are recorded and verified on one specific blockchain) and cross-chain communication, which allows for interactions between different blockchains or for combining on-chain transactions with off-chain transactions that are conducted on other electronic systems, such as PayPal.
We must eventually find a halfway point between those with valid concerns about the anonymity crypto assets provide and those who see regulation as prohibitively restrictive on crypto. Both sides have a point, but crypto’s continued legitimacy and viability within the larger financial markets and industry is a net positive for all parties, making this negotiation nothing short of crucial.
Not anti-regulation, just anti-unworkable regulations
Ultimately, we need to regulate with efficacy, which necessitates legislation that is applicable specifically to digital assets and does not hinder the market without really solving any AML-related problems.
The already global nature of the traditional financial industry underscores the value of and need for FATF’s issuance of an international framework for regulatory oversight within crypto.
The criminal financial trade — money laundering, illegal weapons sales, human trafficking and so on — is also an international business. Thus, cracking down on it is, out of necessity, an international effort.
The decentralized nature of blockchain, which runs contrary to the central-server standard we know and use nearly everywhere, presents a formidable challenge here. Rules and regulations for traditional financial institutions are being implemented part and parcel onto crypto — a misstep and misunderstanding that ignores the innovation and novelty this economic ecosystem and its underlying technology entails.
Traditional forms of regulation from the fiat world do not reciprocally apply to every aspect of crypto nor to the fundamental nature of blockchain technology. However well intentioned they may be, because these imposed regulations are built on an old system, they must be adapted and modified.
The creation of fair restrictions on the technology’s use requires a fundamental understanding and cooperation within the limits and characteristics of those technologies. In traditional financial circles, the topic of blockchain is currently subject to more impassioned rhetoric than genuine understanding.
At the heart of the issue is the fundamental misunderstanding that blockchain transactions are anonymous or untraceable. Blockchain transactions are pseudo-anonymous and, in most circumstances, can offer more traceability and transparency than traditional banking. Illegal activity conducted on the blockchain will always be far more traceable than cash transactions, for example.
Technology with such immense potential should be made accessible, regulated and beneficial for everyone. Blockchain and digital assets are already revolutionizing the way we operate, and regulatory measures need to follow suit. The way forward cannot simply be delivering old-school directives, demanding obedience and doling out unfair punishments. There’s no reason a new way forward isn’t possible.
The end of the outlaw era
Activity can already be monitored through a collective database of users known to abide by international standards. This knowledge of approved users and vendors allows the industry to spot misconduct or malfeasance far sooner than usual, singling out and restricting illegitimate users.
By means of a well-thought-through tweaking of the suggested regulations, a verified network can collectively be built to ensure trust and properly leverage blockchain’s potential, while barring those bad actors intent on corrupting or manipulating the system. That would be a huge step forward in prosecuting international financial crimes and ensuring crypto’s legitimacy globally.
Crypto’s outlaw days are over, but it’s gained an unprecedented level of legitimacy that can only be preserved and bolstered by abiding with regulatory oversight.
That regulatory oversight can’t just be the old way of doing things copy-and-pasted onto blockchain transactions. Instead, it needs to be one that helps fight criminal activity, shores up investor confidence and throws a bone — not a wrench — to the very mechanics that make crypto a desirable financial investment.