First I would like to address definitions. What I am talking today about is digital currency, to be more precise: decentralised digital currency. It is digital currency because it exists only within that format, is not virtual currency as it is not used in a virtual world. Is used in this very real world.
It is decentralised digital currency because there is no issuer, there is no one particular company/institution managing the transactional network, there is no one controller over changes to the protocol.
In contrast, a ‘managed’ digital currency has elements of control which would make it more an innovation in fintech rather than a parallel financial system. I would deem Ripple, Credits, Eris or other private blockchain initiatives to fall within that category.
Also, a decentralised digital currency (DDC) has value in itself. It is, therefore, more akin to a commodity, albeit intangible in nature. In contrast, the same technology can be used for the creation of tokens referencing an external value, such as gold or other precious metals. These are no different to bearer instruments, such as promissory notes but issued and held in a digital format.
My emphasis today will be on DDC in its purest form, because other forms of digital currency do not bear the same risk characteristics, and are far closer to traditional financial systems.
There is a huge spectrum but if we concentrate on the currency aspect of this technology, and if we concentrate on the decentralised version of this technology, then we can start to address the core elements of risk.
Beyond that, if you move along the spectrum towards fintech the benefits of digital currency are evident, faster payment systems, faster settlement times, these are all tangible benefits derived from digital currency technology, which we will touch upon at the end of this note. Key word here is ‘technology’. On this side of the spectrum the digital currency technology is just an extension of the existing financial system, an alternate to visa/Mastercard networks or traditional hugely inefficient Payment Settlement systems.
It is important not to confuse DDC with digital currency technology or blockchain technology; as the risk matrix is completely different.
Today will look at the ‘edgier’ form of digital currency. One that you cannot control, one that will continue to exist regardless of how you regulate. It is this technology that we will turn our attention to.
Happy with the way things are?
I think it is important to look at the traditional financial system first. We have to ask ourselves are we satisfied with the current state of affairs, in fact this is not a question to the people around this table it more a question for society, and consumers to decide.
Is it true that the financial system, as it currently exists is serving the public well? Are consumers really reaping the benefits of the existing financial system. Are we really happy with the way things are at present?
Now, if you take the view that things need to change then you have to ask yourself the question: change for what, change for the better of course.
If digital currencies are contributing towards change for the better then, of course, this is something that we should all be paying attention to.
Bank fees, international remittances are expensive.
Many of us in this room a pay between £20-£30 to make an international remittance, that was until TransferWise came in and said not only will we do the transfer less than 5 pounds but in addition to that we will ensure that the forex rates you receive is that of the mid-market, i.e. the bulk rate that the bank has access to before it passes on a markup to consumers.
Digital currency is but a mere part of a greater wave of innovation that we are seeing in financial services. That said, it is most certainly the sharper edge of fintech today.
Mainly for one reason: digital currency in its decentralised form (DDC) exists independently of the existing financial system. Whereas fintech sits on-top of existing financial system and innovates in the delivery of the service; DDC sits outside.
Let’s explore this idea of independence further.
DDC as a community
DCC is a community of peers; it is organised and built as a community with little critical dependencies, apart from needing access to the internet.
If there is another financial crisis of the magnitude of 2009 then bitcoin will continue to exist unaffected. Northern Rock being bailed out by the Bank of England will be irrelevant to bitcoin/ digital currency users. Why is that?
Digital currency leverages a community. It is not a debt-based monetary system; it is not built with key dependencies on intermediaries such as custodians, deposit institutions.
There are different roles in the bitcoin community, those who use bitcoin, those you support the network and those who ‘mine’ transactions i.e. secure the network. The agents in the community don’t know each other, yet they are still able to coordinate sufficiently to sustain the entirety.
Some might say that an independent/parallel financial system might be a good safety net to the traditional system that we are used to. If one goes ‘pop’ you at least have something else to rely upon. Possibly, one may argue that there is resilience in this approach.
Now the key word here is independence. DDC is independent of national borders, independent of national sovereignty.
In essence DDC knows no law apart from the law of mathematics.
This is when the minds of regulators’ round the world start to boggle.
An independent/parallel financial system is almost an anathema to the concept of regulation and policy as we conceive of it today.
Anathema to policy
The current policy strategy today is focused on bottom-up reporting, total information control, and international coordination. None of that applies to DDC.
In our traditional system, financial intermediaries are tasked with feeding information to FIUs and then FIUs coordinate supra-nationally and work with enforcement agencies.
The only instruments that sit outside this traditional system currently are bearer securities and cash; both of which are either being banned, severely restricted or diminished in status (Denmark have recently reduced the legal tender status of cash).
The 41 FATF Recommendations adopted a trickle-down approach, for example, FATF recommendations are transposed with an EU directive and replicated 28 times into all member states’ legal systems. Consistency across borders and a strong financial chain of intermediaries makes for an effective macro-AML strategy. This is the strategy today in tackling money-laundering.
But DDC sits outside that system, meaning reporting, information collection, trickle-down legislation, has no incidence over DDC.
This is the power and the problem of this new technology.
Anyone can join, anyone can leave the DDC community, so long as they have one thing: internet access.
So you have to be realistic about what can be controlled in DDC from a policy perspective.
On a positive note for the FATF, invariably in a DDC community, intermediaries are still needed. Not everyone in DDC want to store their own DDC; they will want to task an intermediary with that responsibility.
Thankfully for policy makers, it is those gateways/ intermediaries that should be the target for traditional AML compliance; they should fall within the remit of FATF.
Speculation is abound surrounding digital currency and whether or not it can access the 2.5 biIlion people who suffer financial exclusion in this world.
Fundamentally, without the Internet there is no digital currency, so parts of the world with no Internet will not necessarily benefit from digital currency. According to Google, 2/3rds of the world don’t have internet access, but with their Project Loon they want to spread internet access more evenly across borders.
With a bit of internet, maybe people will use DDCs more. More likely, Central Banks will issue their own DDCs or private institutions will create domestic digital currencies on par with domestic currencies.
This may not be the case where the domestic currency is volatile. In that instance, DDC may prove to become a real alternative store of value/medium of exchange.
Interesting experiments for increasing financial inclusion may be possible by mixing mobile money payment systems and blockchain technology, for instance an MPESA version of bitcoin which is one-to-one on Kenyan Shillings.
Identity – the cornerstone
But addressing financial inclusion goes beyond a digital currency initiative. ‘Identity’, the gateway into financial services is too formalised for informal markets. FATF requires customer due diligence, but not everyone on this planet have sufficient papers to demonstrate their identity.
We run events around the world, see Hackcoin.io, to explore different use cases surrounding digital currency. Our last event with Barclays concentrated on digital identity and the blockchain. Interesting innovations arose, including one idea which may end up being used by UNICEF.
So potentially a three-pronged approach: digital currency, mobile money and blockchain digital identity may achieve more financial inclusion than ever before.
Who knows, we are still in the early adopters phase. Controversy and big ideas are awash, stimulating interest but, from my side, I’d like to see real solutions, to real problems, not endless solutions trying to find problems.
In a community, there are good and bad actors. In digital currency, the same is true. Within this community, just like a mirror on society, there are nefarious types whose sole aim is to circumvent the existing legal system and they use DDC for that aim.
My role within UKDCA and also, separately, as a digital currency lawyer, is to legitimise this technology: to allow the potential of this technology to reach its zenith where everyone/ anywhere in the world can have access to financial services but to balance that prerogative against public policy.
When I started in this industry over two and a half years ago as an advisor to businesses there were no specific DDC policies/laws in place. It was the Wild West, but now there is far more regulatory clarity than ever before.
We run a website the tracks global regulations on DDC, Merkletree.io. On the website we grade countries according to their position on DDC, green signifies ‘permissive’, yellow means ‘contentious’, red is ‘illegal’ and black ‘unknown’. We have seen on that map, colours change from black unknown to green permissive from black to yellow contentious or from black unknown to red hostile.
The map is constantly changing and, in fact, the follow up from this workshop may cause 53 countries on that map to change their status. Thus why I’m here. My aim is to make all your countries green; embrace innovation, but manage the risks. Stamp out digital currency related crime, but allow the technology to reach its potential.
Two paradoxical, and competing aims but not unmanageable.
You may have heard that there is some element of traceability in DDC, you may have heard that platforms now exist that can track the blockchain and tell you the origination of some of those funds.
This, of course, is a natural trajectory to counter the risks of anonymity and must be pursued further.
Any regulated institution needs to know where funds have derived from, in fact, they will also need to be assured that the funds are actually coming from the customer not from a third party; a very tricky thing to establish with DDC considering that it is a bearer instrument.
But thinking compliance technology will obliterate the independence of DDC is exaggerated.
This is because there are two polar opposites that co-exist in DDC systems: transactional transparency versus financial privacy.
If you know someone’s bank account number then you only know their account number and that is it. However, with DDC, if you can correlate a public address (i.e. an account number) against an identity then you know how much money a person has.
I doubt any government would want in-bulk to force its citizens to deliver up all of their financial information to other peers. This, of course, is overruled when there is a national security at stake, it is for this reason alone that banks to not breach data protection laws when submitting suspicious activity reports to FIUs.
Public policy aside, I think it is commonplace for people to cherish their financial privacy and it is for this reason that alternate DDCs will continue to emerge to guarantee financial privacy within digital currency, such as Monero or such like.
Policy Line – fight AML
We have to now think about how policy can encourage innovation yet address these risks within DDC. This is a fine line, one that may not be easy to address immediately.
That said, without any question and without any hesitation: normal AML/CTF requirements should be placed upon DDC intermediaries. That is the baseline needed to stamp out crime and change the perception of this industry as a whole.
But let’s not reinvent the wheel when talking about AML/CTF. There is no point placing additional requirements on DDC intermediaries; gold-plating will not allow DDC intermediaries to be on a level-playing field with other financial institutions. This will, in fact, create a hindrance on innovation. This is what New York tried to do with the Bitlicense: gold-plate AML beyond federal requirements, an unnecessary extension of controls. The result is an exodus from the state of NY of businesses.
If you are considering adaptations, then why not consider alternative means of proving identity that harnesses digital technology rather than anachronistic methods such as notarisation/certification and apostille of physical documents.
Let’s bring identity into the 21st century. Let’s talk about digital signatures, government issued digital identities to provide greater, faster, seamless access to financial services. DDC is a great area where you can experiment with this new approach. It is an opportunity for you, as policy-makers, to do things differently.
In terms of categorisation, it seems perfectly suitable to designate digital currency intermediaries as you would, generically, money service businesses; so we are talking about remittance, currency exchange as principal activities. A typical intermediary within the space is a place where you can exchange digital currency for fiat/ government issued money.
But remember there are limitations. Even regulating DDC intermediaries doesn’t mean that you can regulate DDC itself. You cannot stop, and this is a fundamental point, anyone, anywhere in the world from sending bitcoin to anyone, anywhere else in the world. It is just not possible. You can make it illegal but you can’t stop it unless of course you shut down the Internet. So the policy objective has to be realistic and focus on the intermediaries within this space.
This is what we have achieved in the UK as the UK Digital Currency Association. Our discussions with Majesty’s Treasury have been to achieve a baseline of AML compliance for DDC intermediaries. So from next year, HMT will impose AML laws on DDC intermediaries.
Now tax is, of course, another policy facet. You cannot apply tax in context of sales tax or VAT to a bitcoin transaction; doing so will destroy the industry overnight and that industry will move to another country or it will go underground. It is as simple as that.
Australia, another Commonwealth country, applies sales tax because it views bitcoin to be a barter trade. They are currently reconsidering this position. Nonetheless, this tax policy has resulted in DDC exchanges leaving Australia.
So, if you want to attract fintech industry, then you need to have the correct form of taxation. At the UKDCA, we worked hard with HMRC to achieve that objective. Their initial approach was to see bitcoin as a form of credit voucher subject to VAT; we lobbied systematically with them for them to reverse their approach. The position in the UK is that digital currency is VAT exempt; this position has been echoed in other EU states including Spain and France.
It is also important to have some perspective on the nature of this technology. This is not all about financial services. Elements of digital currency technology could be used in many other industries.
Therefore, if you tax digital currency from a VAT point of view, you could affect the emergence of non-financial industries using this technology.
For instance, using bitcoin technology, I can create a token and that token can represent anything; it is simply a vessel and within that vessel I can add any attribute.
I can say, for example, well this token represents certificates/ diplomas and I’m issuing diplomas to people using the bitcoin blockchain.
For a University, this may be quite a sound way of keeping track of their diplomas due to the transparency and the permanency of the blockchain.
But this is not a financial transaction, therefore, taxation in this context should not apply. Bitcoin in this context is simply being used as a placeholder, as a decentralised database.
So taxation has to consider this non-financial, non-barter aspect of this technology.
Better just to exempt DDC of VAT as you do foreign currency.
AML/CTF is not about consumer protection. At least, not in any direct way. KYC on customers does not help the customers themselves.
But if we take the position that the benefits of digital currencies can only be achieved through increased consumer-use then we need to ensure that the technology itself is suitable for consumers.
To be honest managing digital currency yourself is not for everyone. The consumer interface, although being simplified, is still complex for the average consumer and the security requirements, difficult to navigate. Wallets can just be software without a service, other wallets can be custodian based. Consumers will need to build familiarity with the differences.
In addition, there is a dire need for more transparency, and accountability from DDC intermediaries. Everyone remembers the downfall of MtGox. It is imperative for those catastrophes to be averted.
Now there are two approaches to address consumer protection. The first is the most instinctive for policymakers: regulation; the second more innovative: industry standards/self-regulation.
In the US, for instance, regulation seems to be the only answer to every digital currency question. DDC or any other form of digital currency intermediary, will need both federal and state level licensing as a money service business. This entails a budget over $2 million and potentially two years of work. For some entrepreneurs, this may be overly draconian, for policymakers this seems inevitable. Furthermore, certain US states require specific digital currency licensing, most famous being New York and California.
I admire the US position for being so clear so early on, the only other country that expressed such early regulatory clarity was Germany.
It is fair to say that the US is leading the way in terms of a comprehensive regulatory framework for digital currency businesses.
A critique, however, of the US position is not that they have regulated DDC intermediaries, but that there is little consistency and absence of any mutual recognition of licensing efforts. It seems incongruous to any innovative industry to require a startup to obtain 50+ licences to conduct their business.
I should hope that the Commonwealth, if it deems regulation to be the best way forward on both the AML and consumer protection front, that there will be some form of mutual recognition between countries: allowing one licensed entity in a Commonwealth state being able to provide its services to another Commonwealth state.
This will encourage market access, create consistency, which benefits consumers, certainty for entrepreneurs and will allow for better overarching coordination between states.
The UK experiment
In the UK, however, we are conducting a unique experiment. We are currently in the process, with the full endorsement of HMT, of creating an industry-led standard for digital currency intermediaries.
The priority of the standard is to address consumer protection. The content of the standard, we expect, is to encompass both technical and conduct-based principles.
Conduct-based principles are normally what you would find in a regulatory framework, however, the critical idea here is that it is industry itself that is producing the framework.
The key distinctions between regulation and a standard are as follows:
First it is a standard is voluntary; in contrast, regulation is obligatory.
Second, the hypothesis is that a standard will be more flexible than regulation. Change of regulation involves a political process mired by different vested interests and competing political agendas; an industry standard changes according to the industry’s interest in evolving that standard further.
One thing of certainty is that digital currency is in constant flux. It seems to be in a constant process of metamorphosis. In the beginning, we talked of bitcoin, then we talked of altcoins, then of blockchain technology, then we talked of tokenisation using the blockchain, then we talked of governments issuing their own digital currency, we talked of different ways of securing digital currency, from online/off-line storage of bitcoins, to multi-signatures (equivalent of joint signatory access). Service providers in this space seem to be constantly upgrading their tools.
In addition, a new protocol seems to emerge every few months and shape shift the entire landscape of what is possible. For instance, Ethereum has just launched, which is effectively a decentralised computer that can process any code without ever being shut down. This may entail far more disruption across-industry than ever in bitcoin.
The unique aspect of an industry standard is that it will be future-proofed and reflect the industry’s experience of constant change.
Our aim may be for the standard to be auditable, with auditing firms available to ensure compliance. In time we should expect a certification mark, creating a recognisable sign of quality within this industry.
We are, of course, a long way off that final objective, yet efforts are being made today to see it to fruition. In fact, we invite the whole international community including countries here today to participate in this standards process.
Moving the goal posts
If as a government you characterise regulated intermediaries as for example broker is, custodians, what happens when the technology fundamentally changes and those categories of business become redundant.
This is partly why there should be no need to goldplate AML to DDC intermediaries, better to extend standard AML to those intermediaries rapidly and spend time investigating new emerging business models and think about how to regulate them.
The key challenge is that in increments the financial system is becoming more decentralised. And decentralisation, in effect, has the effect of circumventing traditionally regulated business models. In essence, this is part of the bigger process of disintermediation.
For instance Ethereum, this global decentralised computer, will enable peer-to-peer prediction markets. In certain jurisdictions prediction markets are illegal or may be licensable. A decentralised world circumvents licensing to an extent.
However, the new regulated business models on the horizon should be the provision of price feeds, or market offers which are used for prediction market contracts; these are not traditional regulated models but this is where your focus should be in terms of policy.
This is why I think standards are more flexible, more in tune with a decentralised world. For instance if someone is providing price feed for peer-to-peer futures contracts, they could apply the standard to their business and provide a global baseline of quality, accountability, some transparency for that price feed.
In sum, I would endorse any approach that applies standard AML/CTF rules to DDC intermediaries, addresses consumer protection through standards or regulation, then thinks ahead of new activities that don’t fit within our standard notion of an intermediary.
If this is a forum for new ideas I would like to present one. Mutual recognition. Here every jurisdiction is sovereign, writes its own laws has its own responsibility towards its citizens to fight crime etc sustain the rule of law.
But I would ask that any initiative around regulation of DDC intermediaries leads to a form of mutual recognition.
I would ask that the Commonwealth countries should mutually recognise a licence issued by another Commonwealth state. This to say if New Zealand were to have their own licence for a DDC intermediary that the same licence would give access to the rest of the Commonwealth.
This would make a big difference and spur innovation.
If the potential of digital currency is international payments, access to financial services, mutual recognition of licensing would make remittance corridors in the Commonwealth, faster and more efficient.
Meaning, one operation in one jurisdiction, would have legitimacy and similar legitimacy within another Commonwealth jurisdiction.
And I would urge the Commonwealth as an organisation to achieve that singularity. Not only within digital currency, but within fintech.
They would be no point to coordinating a meeting of this nature if the objective was not to come to some form of consensus around policy and if that is what can be achieved and that is what is implemented at a state-by-state level then please recognise other states who have done likewise and allow the interoperability of this ecosystem. Otherwise, the Commonwealth will be as fragmented as the US, 53 licences versus 50 state-level licensing.
In terms of the future to digital currency, it is almost impossible to envisage a scenario with governments not issuing their own ‘managed’ digital currencies, in some shape or form.
Cash is an outdated payment instrument, digital currency is the future of money and payments.
It would be a ‘managed’ digital currency to the extent that the central bank will control the payment network, or the network will be franchised to accredited bodies, for instance banks.
You could to foresee a scenario with the Bank of England issuing Sterling Coin. In this environment, the Central bank would have ultimate control over the digital currency. This explore a few themes surrounding central bank as issuer the digital currency.
They would be able to remotely freeze addresses; a highly effective, elegant method to fight crime. Currently, the assets to be frozen requires a court order of some nature, and some form of international coordination. During this bureaucratic process, the funds may move further and disburse. Conversely, if every central bank issues its own digital currency then the same institution would be able to remotely freeze assets. Asset freezing will be instantaneous with only one counterparty required in order to enforce.
Should central banks issue their own digital currency, monitoring the money supply will be and much easier endeavour. Currently central banks rely upon reporting from financial institutions to garner data surrounding their money supply. In this new paradigm, central banks will check the blockchain and not rely upon any form of reporting. This stands to be a huge efficiency gain.
Payment systems we use today are remnants of the past. SWIFT was built on a telegraphic protocol – when was the last time you sent a telegram? Digital currency is both money and a payment system packaged into one. If the central bank is issuer then it too becomes the payment network. Settlement of sterling anywhere in the world will route through the Bank of England’s payment network. Settlement will be instantaneous.
It is almost inevitable that this technology will be embraced and taken as its own.
The irony in all this is that digital currency, on the one hand, spells an almost Libertarian dream and but, on the other, could lead to the best form of money ever invented for government, with total control and 100% accuracy, what I term ‘totalitarian money’.
As I seek to conclude the key take-aways should be: apply standard AML to DDC intermediaries and move fast. Don’t gold-plate AML. If you intend to adapt your laws, then re-think digital identity and how that can be proven.
Join us in the experiment in the UK industry standards, or in the alternative take those standards as your template for regulation. Consistency across borders will achieve better system for all participants. If you intend to regulate then please ensure a level playing field for DDC intermediaries.
As alluded to above, there is much opportunity within the technology to achieve greater effectiveness and reduce your costs. Consider issuing your own digital currency.
Thinking ahead: the world is being disintermediated – the world is Uberised – we are moving towards a peer-to-peer existence. We therefore have to rethink the future business models anticipating where the risks may lie.
That I would say is a policy objective worth pursuing. AML is simple it is just a matter of extending existing requirements to DDC intermediaries, considering them as MSBs. The thinking ahead part requires more sensitivity to where this technology is leading and more awareness.
I would suggest potentially running innovation hubs, creating an open forum between regulators and start-up communities and facilitating a channel of communication.
From my experience, the UK is unparalleled in its openness within the sector. We are in constant dialogue the government, regulator, tax authority, which allows for a much more inclusive coordinated approach. We are blessed to have financial regulator that is open to start-up organisations, see Innovation Hub project. This level of openness will achieve your objectives.
Last I would say if this meeting leads to a policy, and that the policy leads to legislation at the state level, which leads to the regulation of DDC intermediaries, then I would ask you consider some form of mutual recognition to allow fintech markets to thrive and consumers to be provided with better/faster access.