Thursday, May 23, 2019

Regulating Cryptocurrencies

Satoshi Nakamoto's Bitcoin emerged not just from three decades of computer science research, but also from two interrelated cult-like ideologies of the right, libertarianism and Austrian economics. Governments are generally happy with computer science research until it gets in the way of law enforcement, but non-kleptocratic governments tend to be unhappy with both libertarianism and Austrian economics, particularly when they get in the way of law enforcement.

Below the fold, a look at the varying approaches governments are taking to the problems they perceive cryptocurrencies pose.

When Satoshi Nakamoto introduced Bitcoin, he motivated it thus:
Commerce on the Internet has come to rely almost exclusively on financial institutions serving as trusted third parties to process electronic payments. While the system works well enough for most transactions, it still suffers from the inherent weaknesses of the trust based model. Completely non-reversible transactions are not really possible, since financial institutions cannot avoid mediating disputes. The cost of mediation increases transaction costs, limiting the minimum practical transaction size and cutting off the possibility for small casual transactions, and there is a broader cost in the loss of ability to make non-reversible payments for non-reversible services. With the possibility of reversal, the need for trust spreads. Merchants must be wary of their customers, hassling them for more information than they would otherwise need. A certain percentage of fraud is accepted as unavoidable. These costs and payment uncertainties can be avoided in person by using physical currency, but no mechanism exists to make payments over a communications channel without a trusted party. What is needed is an electronic payment system based on cryptographic proof instead of trust, allowing any two willing parties to transact directly with each other without the need for a trusted third party. Transactions that are computationally impractical to reverse would protect sellers from fraud, and routine escrow mechanisms could easily be implemented to protect buyers.
Lets compare Nakamoto's goals to the state of cryptocurrencies in practice:
  • No trusted third parties. In practice you have to trust both exchanges and mining pools.
  • Irreversible transactions. In practice immutability is a double-edged sword, but in any case the 51% attacks on smaller cryptocurrencies illustrate the reversibility of transactions.
  • Micro-transactions. In practice the average fee to get your transaction confirmed is more than $1 - as I write it is $4.
  • Parties transact directly without intermediaries. This is possible, but in practice for large transactions you need exchanges, and for small transactions you would need the Lightning Network (if it worked).
  • Buyers need not reveal personal information. In practice, except to an exchange. And note that de-pseudonymizing cryptocurrency addresses turns out to be fairly easy in practice.
  • Irreversibility protects sellers from fraud. In practice, fraud is rampant.
  • Escrow protects buyers from fraud. In practice, escrow mechanisms have not turned out to "easily be implemented".
So Bitcoin hasn't been a great success measured by Nakamoto's goals for it. But it has been a considerable success at enabling fraud, theft, flight capital, money laundering, tax evasion, and the sale of officially-disapproved-of commodities. None of which are things most governments favor when their citizens are victims, and especially when it is their taxes that are being evaded.

So lets start with India, a country that traditionally uses gold to evade government controls (tip of the hat to David Gerard). Krunjit Singh reports for The Economic Times that Government departments discuss draft bill to ban cryptocurrencies:
The “Banning of Cryptocurrencies and Regulation of Official Digital Currencies Bill 2019" draft has been circulated to relevant government departments, ... The government had formed a panel under finance secretary Subhash Chandra Garg to draft regulations for cryptocurrencies last year. ... the Department of Economic Affairs (DEA), Central Board of Direct Taxes (CBDT), Central Board of Indirect Taxes and Customs (CBIC) and the Investor Education and Protection Fund Authority (IEPFA) have endorsed the idea of a complete ban on the “sale, purchase and issuance of all types of cryptocurrency” according to a government officials who did not wish to be named. ... A committee including representatives of the DEA, CBDT, CBIC and the IEPFA was “of the view that already there is a lot of delay in taking action against cryptocurrency. ... There is an urgent need to ban sale purchase and issuance of cryptocurrency”
It is possible that Indian law enforcement is capable of enforcing an immediate complete ban on cryptocurrencies, but the Chinese central government's approach is more gradual and thus probably more realistic in the light of China's powerful provincial and municipal governments. Starting in about 2013 China dominated both cryptocurrency mining and speculation, but:
  • In August 2017 the government started pressuring exchanges to shut down:
    Then in August came first rumours of a shutdown of crypto trading on exchanges, and in September the People’s Bank of China told exchanges to cease trading within the next month or two. Exchange executives were asked not to leave the country while the PBOC was investigating, “to assist refunding work.”
  • In November 2017 the pressure on miners to shut down started ramping up:
    Bitcoin mining had relied for years on overbuilt power plants that weren’t well-connected to the national grid — so the surplus was cheap or near-free for miners to use. But in November, Sichuan Electric Power Corporation told its increasingly grid-connected power plants to stop selling electricity to crypto miners.
    A local report in YiCai (translation) attributes this to both economic concerns over crypto trading, and the waste of electricity involved. The Internet Financial Risk Special Rectification Office had apparently been meeting with local governments as far back as 20 November [2017].

    On Wednesday 3 January 2018, a closed-door meeting on how to curb mining became public. Provincial governments have been asked to “guide” miners towards an “orderly” exit from the Bitcoin business.

    cnLedger notes: “The first steps would be canceling preferential benefits and strict in checking taxes etc, and monitoring activities.” Local offices have been asked to report monthly on the Bitcoin mining companies — name, founding date and financial and tax details— and power consumption, rent or land price subsidies and electricity prices and subsidies.
  • In April this year the pressure increased:
    China’s National Development and Reform Commission (NDRC) released guidance (PDF in Chinese) on Monday that includes shutting down Bitcoin mining — and even the manufacture of mining hardware. From the South China Morning Post:
    Industries in the eliminated category include those seen as wasting energy or polluting the environment, according to rules enacted by China’s cabinet in 2005. Investment and loans in those industries are banned. During the elimination period, authorities are allowed to raise electricity prices for relevant businesses to force them to close. The manufacturing, sale, and use of products in the eliminated categories are also prohibited.
    Bitcoin mining is one of the sectors to be eliminated immediately.
Anyone who has watched Under The Dome, Chai Jing's extraordinary movie about pollution in China, will understand that policies such as these take effect slowly, by gradually raising the risks involved in defying them. Progress is uneven, but incremental.

The US approach is different again, and comes in two forms:
  • The US tries to keep tight control over the gateways between cryptocurrency and "fiat currency".
  • The US tries to protect investors by preventing deceptive marketing of cryptocurrencies, ICOs and similar innovations.
Within these boundaries, the US takes a somewhat hands-off approach.

Controlling the gateways is a fairly effective technique. Since few legal merchants accept cryptocurrency directly, cryptocurrencies are largely a mechanism for speculation. For a speculator to use any winnings to buy their Lamborghini, they need to pass through one of the gateways.

The US rules for gateways are enforced by FinCEN, the Financial Crimes Enforcement Network. FinCEN's view of cryptocurrencies was recently codified in Application of FinCEN’s Regulations to Certain Business Models Involving Convertible Virtual Currencies. It relates mostly to obligations under the Bank Secrecy Act incurred in the process of transmitting value using cryptocurrencies. It looks likely to apply to all possible cryptocurrency exchanges, ICOs, etc. requiring them to observe the Know Your Customer/Anti-Money Laundering laws and other restrictions that cryptocurrencies were invented to evade. And in particular, as David Gerard notes, it looks like a death knell for the Lightning Network:
The FinCEN paper doesn’t mention the Lightning Network at all. But it seems obvious to me, and others, that running an intermediary node would really obviously involve money transmission, would not hit any listed exemption, and would require you to engage in anti-money-laundering compliance to the full extent of the BSA.
The US Stock Exchange Commission has strict rules governing offerings of financial instruments, and has been evolving their application to cryptocurrencies. SEC Commissioner Hester M. Pierce's speech How We Howey lays out the SEC's recent actions in this area:
In 2017, before my arrival at the SEC, the Commission issued the DAO Report, which found that—despite some confounding factors—the tokens issued by the unincorporated organization known as the DAO were indeed securities under the Howey test. In early 2018, SEC Chairman Jay Clayton testified during a Senate hearing “I believe every ICO I’ve seen is a security.” Later that year, Director of Corporation Finance Bill Hinman gave a now well-known speech “When Howey Met Gary (Plastics),” in which he stated “calling the transaction an initial coin offering, or ‘ICO,’ or a sale of a ‘token,’ will not take it out of the purview of the U.S. securities laws.”

We also have brought a handful of enforcement actions against individuals and organizations that have issued what are clearly securities without either registering the offering with us or qualifying for an exemption. I have been pleased to see that our staff has worked to enforce our laws fairly and, in crafting its recommendations, has taken pains to provide relief where issuers have self-reported. For example, in February of this year, we settled with Gladius Network LLC. In late 2017, after the SEC’s DAO report was public, Gladius conducted an ICO without registering the offering with the SEC or qualifying for an exemption. In 2018, Gladius self-reported and demonstrated a willingness to work with the SEC to take the necessary remedial steps. Because of this, we imposed no penalty. Instead, as is typically required for improperly issued private offerings, Gladius was required to make a rescission offer to its investors and to register its tokens as securities. One notable part of the order was a provision envisioning the possibility that one day the tokens might no longer be securities.
But she also criticized the lack of clarity in this area. For example:
Investors typically use brokers to buy and sell their securities. Brokers and investment advisers who hold client assets are subject to regulations regarding the custody of those assets. How can they satisfy the custody rules if the thing being custodied is a digital security? How can auditors fulfill their obligations in connection with digital securities? If a broker is selling a digital security, how can the broker prove that it has control over the security such that no one else can sell the same asset? May a broker-dealer’s business include a mix of digital assets, only some of which are securities? If a platform wants to allow trading in digital assets, what are its obligations? Is it permitted to trade both securities and non-securities?
As with FinCEN, Commissioner Pierce is looking for hard boundaries within which a hands-off approach is appropriate:
Our Jackson Pollock approach to splashing lots of factors on the canvas without any clear message leaves something to be desired, so we still have work to do in clarifying what factors are the most important in making that determination. It is time for us to tackle the remaining legitimate legal questions in a way that does not throw merit-based obstacles in the way of socially beneficial innovation. As I said last year, regulators are not in charge of the creative process. We should not be trying to guide innovation, but we also should recognize that we cannot stop it and embrace the potential for positive change that innovation offers. Our silence is likely to simply push this innovation and any attendant economic growth into other jurisdictions that have done their work and provided clear guidelines for the market participants to follow. The U.S. securities markets have historically been the envy of the world; I do not want heel-dragging by the SEC in crypto to mar that well-deserved reputation.
Max Yakubowski's interview Emin Gün Sirer on Rethinking Blockchain, Promoting Good Crypto Use and Leaving Stagnation Behind is interesting, although Sirer is to some extent "talking his book" as co-director of the Initiative for Cryptocurrencies and Smart Contracts. But Sirer's response on regulation is on point:
Law enforcement will develop new techniques and I have no fear whatsoever that they [law enforcement officials] are supremely tech-savvy, way more than the average person.
And to their credit, law enforcement and regulators have been supremely cool, especially in the U.S., about cryptocurrencies. They have taken this sort of wait-and-see approach. They haven't come in with a heavy hand. They have allowed the technology to flourish. I think it has been pretty amazing, so I hope that continues, and I don't fear the bad use cases.

They already happen — crime is gonna take place in one way or another. But if we find a way to completely kill it off, so that there are no bad cases or abuses, then that is not money.


David. said...

More evidence that governments are losing patience with the crypto-bros in David Gerard's latest post:

"The Financial Conduct Authority (FCA) writes up the one consistent use case for cryptos — Over £27 million reported lost to crypto and forex investment scams. They suggest you read their ScamSmart site.

The SEC is really rolling on busting bad ICOs. They got an emergency injunction against Jose Angel Aman’s “Argyle Coin” ICO from October 2017, which ended up being run as a ponzi scheme. (SEC complaint.) And one against Daniel Pacheco of iPro, a fraud so weird that Matt Levine led with it in yesterday’s Money Stuff.

The SEC denies yet another Bitcoin ETF — as if you expected anything else. This one is the Van Eck proposal.
Dutch authorities shut down a Bitcoin “mixer” for money laundering — since obscuring transaction trails is literally what “mixers” and “tumblers” were designed to do. Bitcoiner Sjors Provoost is outraged that the law could enact the “worrying precedent” of treating laundering of money as money laundering. He also literally says "Banning mixers is akin to banning cryptography”, which is like saying that banning crystal healing is akin to banning transistors. “This action puts lives at risk” — presumably, the risk of number not going up."

David. said...

Here is Matt Levine quoting the SEC on the iPro fraud:

"Anyway here’s a Securities and Exchange Commission case against an alleged pyramid scheme that was also an alleged illegal offering of crypto tokens, sure:

Pacheco conducted a fraudulent, unregistered offering of securities through two California-based companies he controls, IPro Solutions LLC and IPro Network LLC (collectively, “IPro”). IPro raised more than $26 million from investors by selling instructional packages that provided lessons on e-commerce. Investors also received “points” that could be converted into a digital asset known as PRO Currency. Investors who contributed additional funds could earn a mixture of cash commissions and additional convertible points by recruiting new investors into the IPro network. As alleged in the complaint, however, IPro was a fraudulent pyramid scheme.

David. said...

Izabella Kaminska takes down a superb example of misleading cryptocurrency PR in Emperor has no clothes, Jaguar crypto press release edition:

"A fantastic recent example comes by way of Jaguar Land Rover's April 29 press release announcing that Jaguar drivers will soon be able to earn cryptocurrency as they drive.

As an exercise in the black arts of media persuasion and the utilisation of language for the purpose of misdirection — giving the impression that an entity is doing something innovative and valuable, when really it's not — it was genius. The impact of the release across the media space was decidedly one presenting the service as a fait accompli. Jaguar, in other words, will be or is already integrating crypto payments into its services, as far as the press is concerned.
But sources close to Jaguar tell us nothing could be further from the truth. To the contrary, the press release was allegedly motivated by a last-ditch effort to draw some sort of value (a.k.a. temporary buzz) out of an otherwise failed investment. The source added, if one was to go through the press release carefully one would soon discover it was phrased very cleverly to give the impression that Jaguar was committing to a crypto service when it actually wasn't."

David. said...

Gregory Barber's Cryptocurrency firms renew push to break free from SEC rules shows that the US approach is effective:

"Many cryptocurrency startups and investors are unhappy with the Securities and Exchange Commission’s uncertain approach to the sector, saying the agency is killing innovation and driving companies from the US. Now the Canadian social media company Kik—backed by prominent voices in the crypto world—is stepping up its effort to use the courts to force the SEC’s hand.

On Tuesday, Kik announced a crowdfunding effort to help it fight the SEC over the company’s 2017 initial coin offering, in which it sold nearly $100 million worth of a token it called kin. The company says it sold a currency that could be used across a network of apps, whether to get paid for taking surveys or to buy new stickers and themes. The SEC disagrees, arguing in a proposed action last November that kin are securities—investments subject to strict rules about how they can be sold.
Kik has already spent $5 million on SEC negotiations."

David. said...

More on the lawsuit the SEC filed against Kik from David Gerard and Jemima Kelly. And also from Mike Masnick, who has a surprising belief in the ability of cryptocurrencies to enable micropayments.

David. said...
This comment has been removed by the author.
David. said...

In FSB warns tokenised liquidity could be illusory, Izabella Kaminska points to some of the conclusions of the Financial Stability Board's Decentralised financial technologies: Report on financial stability, regulatory and governance implications. In particular:

1) "If tokenisation were adopted more broadly, it is possible that it might create an appearance of liquidity in assets that are inherently illiquid. This may also have negative implications for financial stability. In particular, risks could arise where there is a liquidity mismatch between the token and the underlying asset, or where investors have limited understanding of products packaged into a token."

2) "It is important that regulators continue to assess the degree to which current rules provide adequate safeguards in the case of tokenisation. Issuers of tokenised securities should also properly consider applicable regulation. This could include issues around: (i) settlement and settlement finality and the role of miners and validating nodes (which may fall outside of existing regulations); (ii) the safekeeping of private keys and the interactions with the existing custody/safekeeping rules; and (iii) the security of the underlying DLT protocol and codes, including in relation to smart contracts."

3) "The shift towards smart contracts and self-executing code could also create specific governance and accountability issues. These include the question of whether – and to what extent – software developers, system operators or users can be held responsible if contracts do not function as intended. "

She concludes:

"All of which suggests the idea tokenisation can magically engineer frictionless liquidity for all sorts of assets and in so doing reduce risks, ignores the degree to which new risks may be introduced as a consequence.

New risks include the complexity of key management, which exposes the system both to new frictions and capital loss risks, as well as the dependence of tokenised systems on the very human limitations of software developers, which exposes the entire system to coding mistakes, bugs and hacks, as well as uncertainties about who is ultimately accountable when things go wrong."

David. said...

See also Izabella Kaminsk'a Is Lufthansa an e-money issuer?:

"In the age of ICOs and cryptocurrency issuance, these details matter a lot in terms of regulatory implications. The long and short of it is, if you're issuing cash-like liabilities you have to be regulated as a bank or e-money issuer/ transmitter. And that adds a whole lot of complexity to your business model."

David. said...

Rainey Reitman's EFF and Open Rights Group Defend the Right to Publish Open Source Software to the UK Government on the EFF's blog reports that:

"EFF and Open Rights Group today submitted formal comments to the British Treasury, urging restraint in applying anti-money-laundering regulations to the publication of open-source software."

Tim Anderson at The Register provides some context:

"The Transposition of the Fifth Money Laundering Directive (5MLD) was published (PDF) for consultation in April. 5MLD is an EU directive which the UK is obliged to put into law by January 2020 – presuming that the UK is either still in the EU or in transitional arrangements.

One of the key issues is cryptoasset exchange, widely used by criminals (there is a reason why ransomware extortionists invariably ask for payment in cryptocurrency such as Bitcoin) and which governments are keen to regulate.

HM Treasury is therefore interested in regulating "the publication of open-source software (which includes, but is not limited to, non-custodian wallet software and other types of cryptoassetrelated software)" (clause 2.38)."

Where is Phil Zimmerman when we need him?