Regulating crypto assets continues to be a tough feat

01 March 2022 6 min. read

The introduction of any innovative technology always comes with numerous challenges. Technological innovations such as blockchain, artificial intelligence and machine learning raise new problems that existing laws do not address, and the emergence of crypto assets has been no different.

A key question in the blockchain landscape is how regulators can strike the right balance between regulating the crypto asset industry to safeguard participants (consumers and investors) without overregulating and stifling innovation.

Paul Kayrouz, Head of Fintech, Blockchain & Emerging Technologies at PwC in the Middle East, explains why striking this right balance in the world of crypto continues to be a tough feat for regulators.

Paul Kayrouz, Head of Fintech, Blockchain & Emerging Technologies at PwC

Crypto assets can be broken down into three categories, consisting of: payment tokens which represent a medium of exchange and are used by proprietors as a digital means of payment; utility tokens, which are used by proprietors to access or use a digital resource or service such as a network or application; and security tokens, which represent a financial product.

In general, regulators use the underlying economic function of the crypto asset to determine whether it falls within the regulatory perimeter and, if so, which regulation applies. Crypto assets are generally classed as either a security, commodity, or currency, each being treated differently depending on their classification. For instance, in the US, bitcoin has been classed as a commodity along with gold and oil.

Anti-money laundering

One area that regulators need to address is establishing ownership to be able to apply anti-money laundering rules. In October 2018, the Financial Action Task Force (FATF), issued updated guidance on virtual assets and Virtual Asset Service Providers (VASP), which includes crypto asset exchanges.

The guidelines require that VASPs collect and share personal data during transactions. In essence, VASPs will be required to obtain originator and beneficiary information on virtual asset transfers and make it available to relevant authorities when requested.

However, given that crypto asset transactions take place between public addresses, it is often difficult to establish the owner of these addresses, therefore making the application of the FATF rule difficult.

The application of the FATF guidelines to decentralized exchanges and/or peer-to-peer trading platforms is also challenging as they lack a central point of contact with unilateral control, making it hard to regulate. A decentralized VASP would have a large number of contacts (often referred to as “nodes”) distributed in various jurisdictions across the globe, with control occurring on the decentralized VASP based on a majority consensus model.

Custody is another area that needs a solution. Custody is generally defined as having actual and exclusive possession of clients’ funds or securities or the authority to obtain possession of them. Traditional assets are normally tied to a centralized ledger entry or database, which identifies the owner, making it easy to confer possession without transferring ownership.

However, to hold custody of a crypto asset is complicated when it sits on a blockchain and ownership/access to the crypto asset is dictated by whoever knows the private key, with no other proof or record of ownership required.

Keeping up with the latest developments

That said, undoubtedly, some of the latest developments in the crypto asset space such as DeFi and NFTs need further regulatory attention. For example, decentralized exchanges allow for peer to peer trading between users while maintaining control of their funds in the selfcustodian manner of Defi protocols. As such, there are practical difficulties with how such decentralized exchanges can be regulated since they exist on the blockchain as a series of smart contracts.

For instance, in a decentralized exchange, how do you pinpoint entities or actors that are decisionmakers and may be held ultimately accountable for the operation of the network?

One viewpoint that has been advocated in recent times is dubbed as the gatekeeper approach. According to this, in the absence of a clearly defined accountable entity, regulators would resort to regulating entry and exit points (also known as ‘on-and-off ramps’) to DeFi systems. This would effectively put the burden of regulation on exchanges and/or other financial services providers that are operating at the margins of the DeFi system, as for instance when fiat is converted to crypto-assets and vice-versa.

However, such a regulatory framework would be limited as it would only address the first and last transactions at the entry and exit points of DeFi leaving the rest of the DeFi system unsupervised. This limited regime could nonetheless be helpful in establishing the income tax of such activity and mitigate the risks of tax evasion inherent to DeFi participation.

Yet another proposal for the regulation of DeFi argues in favor of a grace period for DeFi exchanges. During this grace period, network developers would be exempted from any registration/licensing provisions of securities laws, allowing them time to develop the decentralized network flexibly, without having to face legal liabilities.

The way forward

Irrespective, to move forward regulators will need to establish a clear and coherent framework that recognizes the “direct ownership” nature of crypto assets as opposed to traditional rules that require “actual possession” of client’s funds or securities. In parallel, regulators need to encourage the development of AML / KYC solutions tailored for DeFi.

Essentially, regulators need to rapidly learn about the business and technology that underpins crypto assets. One such method of learning has been through establishing a “sandbox,” which provides companies with a safe environment to test their business, and gives regulators a chance to work with and learn from them.

While sandboxes have now become common in the context of regulatory development, it would be important to develop a regulatory framework for sandboxes that are truly fit for purpose in the DeFi world.

By upskilling themselves, regulators can continue to learn about new risks and think of ways to address them. Pursuing a multi-tier phased regulatory approach, with a focus first on understanding the technology through a trial and error framework, means they can avoid a lengthy process of consultation and legislation. They can then create a regulatory framework that takes into account the evolving risks regarding crypto asset technology.

This article was previously posted in Corporate Investment Times, a business publication for leaders.