If you follow developments in the blockchain and crypto spaces, you must have noticed the words “blockchain” and “compliance” appearing side by side more often.
That’s a little surprising. After all, many see blockchain and compliance as contradictory terms. Blockchain’s most recognizable application to date, cryptocurrencies, still generate discomfort in institutional and traditional finance circles. Investors see them as a promising yet unregulated, speculative and manipulation-ridden class of assets — far from the safety of compliance. At the same time, legislators and regulators are still just getting to know the space. How can anything be compliant, when there’s no regulation to comply with?
Nonetheless, the industry is maturing by the day and its leaders are thinking and debating what would compliance mean when regulation does catch up. This important discussion can get a little confusing, with “blockchain compliance” meaning different things in different contexts.
In this post, we try to help organize the conversation by listing and explaining some of the main issues comprising the blockchain compliance conversation. Since the issue in question is new and dynamic (like more or less anything crypto or blockchain), the list is a work in progress. If you think of important additions — we’d love to hear from you.
1. Blockchain and Crypto Regulation
Regulation is a prerequisite for compliance. The ability to be compliant depends on a legal framework, translated to regulatory requirements. Regulation is therefore an fundamental part of the crypto compliance discussion.
For the moment, with regulators demonstrating immense interest but in practice only making intermittent and inconclusive statements on key questions, like whether ICOs, Ethereum and Bitcoin are securities, there’s still a long way to go. While the industry is asking more compliance clarity from regulators, and regulators are asking for more due diligence from blockchain innovators, we’re in an interim state of chicken or the egg. If you’re interested, read more about our analysis and suggestions for both sides in this piece.
2. KYC, AML, and CFT
Know Your Customer and Anti-Money Laundering are two important components of compliance that help companies, and regulators, ensure they are doing business with legitimate clients. While this can fit in the first category — since blockchain can theoretically be used to streamline KYC/AML processes in traditional industries — here we focus on the new challenge of KYC/AML in blockchain and crypto applications.
AML refers to a wide array of regulations and systems that allow companies and regulators to ensure products and services are not used to transfer funds and resources illegally or worse, to support terrorism (CFT — Counter-Financial Terrorism). According to a study by CipherTrace, $760 million worth of assets have been laundered using cryptocurrency just since the beginning of 2018 — three times more than in 2017.
KYC/AML is a massive cross industry challenge, extending far beyond blockchain. Even in the heavily scrutinized and regulated traditional finance industry, where users must provide bank accounts, credit histories and other identifiers, KYC/AML accounts for a heavy compliance-related burden.
What makes it a particular challenge in crypto and blockchain, is that they essentially call to remove many of these intermediary agents and enable users to directly hold their assets. Many blockchain innovators particularly emphasize anonymity, altogether raising very specific KYC/AML concerns.
What would KYC and AML look like in a blockchain-based digital economy, then? Would the regulatory solution be to simply illegalize complete anonymity? Or are there intermediary solutions? Those questions — and proposed answers — are debated as part of the blockchain compliance conversation.
3. Tokenized Securities
One attempt to push the compliance conversation towards the solution phase, is the concept of security tokens.
Initial Coin Offerings (ICOs), a process where blockchain-based tokens are used to raise funds and fuel companies’ products, generated billions of dollars, but also dire concerns of non-compliance with securities and commodities laws. Leading innovators therefore conceived a class of digital assets that also uses blockchain-based tokens to raise money in a way that’s more closely aligned with existing regulations. As Anthony Pompliano defines them quite simply in his Official Guide for Tokenized Securities, “Security Tokens are digital assets subject to federal security regulations.”
It is important to note that to date, regulators have not confirmed that security tokens in their current form will be considered a compliant form of securities. The Security and Exchange Commission (SEC) has clarified that ICOs are almost always a form of securities, and therefore must comply with securities laws. It is yet to be established whether security tokens are in fact compliant with securities laws or not
4. Market Surveillance
Last but not least, trade surveillance is an umbrella term for mechanisms put in place to detect attempts of manipulation, fraud and abuse, as well as provide general visibility into asset markets.
Markets are complex ecosystems, where numerous actors with different roles and interests operate in pursuit of value and profit. Naturally, some actors try to play the system in their favor, through various exercises like “spoofing,” “front-running,” “wash-sales” and other catchy names. Surveillance systems monitor trade and issue alerts when they detect malicious activity. They deter manipulators and allow timely responses to manipulation attempts.
Regulators, committed to leveling the playing field and protecting investors and the economy as a whole, have therefore put in place extensive surveillance requirements for traditional markets. The regulation was intensified significantly since 2008, due to the role of “rogue” traders and other malicious actors in the economic crash that year.
When it comes to blockchain-based asset markets, however, surveillance scarcely exists. The result is gargantuan levels of reported abuse, manipulation and fraud. In some cases, evidence demonstrates that as much as 93% percent of trade volume in established crypto exchanges was in fact the result of manipulation.
The crypto ecosystem is paying a severe price for the lack of surveillance. In monetary terms, a vast amount of value is lost to manipulation. There’s also a reputational cost in terms of credibility and integrity — institutional investors and the general public won’t stop seeing the crypto space as an unsafe environment until strong anti-manipulation standards are instituted.
Finally, from a compliance perspective, it is hard to imagine an evolved crypto ecosystem that does not have to comply with strict surveillance regulation. Regulators will need to know that investors are protected from manipulation and other fraud-related risk, before they can approve of any compliant forms of digital assets. Innovators that begin addressing this issue now, will not only reduce their risk of painful non-compliance fines, but also pave the way to friendly rather than aggressive regulation, and an altogether more sustainable ecosystem.
Blockchain compliance is still a nascent concept, and the conversation is ever-evolving. We hope this list is helpful, though there are certainly other noteworthy topics or developments to come. Think of something? Please reach us on Twitter at @Solidus_Labs, comment here, or shoot us an e-mail to email@example.com.
Did we miss something? Let us know.