For many years Bitcoin and other cryptocurrencies have been considered a potent tool for money laundering. However, not until last year when the ICO boom propelled cryptocurrencies into the headlines of mainstream media has there been an increase in the urgency with which regulators try to deal with this negative element of virtual currencies. Now, the global Financial Action Task Force (FATF) has announced that it was close to establishing a worldwide set of AML standards. PlanetCompliance looks back at what happened so far and what lies ahead.
A new level of Cryptocurrency AML Regulation
Ever since cryptocurrencies propelled itself into the headlines last year as part of the great ICO boom, the discussion has heated up the role of cryptocurrencies for money laundering, terrorism financing and tax evasion, but the response by lawmakers and regulators has been mixed.
Last week the FT reported that the FATF was getting closer to establishing a worldwide set of standards to apply to virtual currencies. The president of the Financial Action Task Force, Marshall Billingslea, told the FT that he is optimistic that at its plenary, due in October, the FATF will agree a series of standards that will close the anti-money laundering “gaps” that all nations face.
The FATF is an inter-governmental body founded in 1989 on the initiative of the G7 to develop policies to combat money laundering. The organisation develops international AML & CFT standards in the form of recommendations and monitors the progress of its members in implementing these standards.
With regard to virtual currencies, the work of the FATF cannot be described as keeping pace with developments. Bitcoin was created in 2009 as the first cryptocurrency and Swiftcoin, Namecoin and Litecoin followed in 2011. In the same year Bitcoin gets under fire for its use on the online black market Silk Road and U.S. law enforcement agencies start to move against it. This culminated two years later in the arrest of its alleged founder and the shutdown of the platform in October 2013. The first sign of the FATF working on the subject though is the research paper on virtual currenciespublished in June 2014. In this report, it seeks to provide Key Definitions and Potential AML/CFT Risks of virtual currencies, which however were nothing more than a preliminary assessment of the associated ML/TF risk that were aimed to “form a basis for further policy development”.
Fast forward more than four years and an average daily USD transaction volume of at least $3.5 billion this year (with a peak of $27 billion in January) in Bitcoin alone and not considering the other cryptocurrencies that all together create a market capitalisation north of $200 billion: following a number of plenary meeting and roundtables the FATF has come to the conclusion that “it is essential that we establish a global set of standards that are applied in a uniform manner”. According to its president, the task force has accelerated its work and made significant progress on reaching a “consensus across nations” – not before the G20 requested the organisation tackle the issue as a matter of urgency though.
The next plenary meeting will take place in Paris between 14-19 October and the FATF will discuss which of its existing standards need to be updated to address virtual assets, since its current recommendations do not acknowledge them. It will then revise the methodology it uses to assess how countries implement these standards and when this revised assessment methodology will take effect. If this lengthy process doesn’t sound concerning and doesn’t get any better considering that if the plenum can’t come to a conclusion it is possible to be delayed to the next FATF plenary meeting, which is to take place in Paris in mid-February 2019. Hopefully, the optimism by its president is more than lip service and a result can be achieved next month.
Why such a fuss?
Why make such a fuss about a common set of AML rules or standards with regard to cryptocurrencies? To start with, Mr. Billingslea correctly describes the current framework as “very much a patchwork quilt or spotty process,” which is “creating significant vulnerabilities for both national and international financial systems”. He also pointed to the rising concerns of an emerging use of virtual currencies by terrorist organisations including Isis, as well as in extortion schemes, such as the WannaCry attacks.
It also creates a considerable risk to the financial innovation that comes with cryptocurrencies as regulatory uncertainty has been looming of the industry for some time and leads to rising costs for the different stakeholders. It is therefore somewhat concerning when the FATF president states that “in terms of regulation you can’t tilt too far in one direction or another since blockchain, the technology that underpins virtual assets, will continue to evolve”. While Mr. Billingslea spoke of virtual currencies as a great opportunity, it appears to show a lack of understanding of the issues. Existing rules are not likely to fit properly as they are not made for the decentralised nature of cryptocurrencies. They also risk to ignore acentral element of cryptocurrencies is that it provides a level of anonymity and does not require counterparties to know and trust each other.
The real issues
This “lack” of total transparency regarding the identity of the transacting parties however causes a problem: without providing measures that complies the requirements of AML&CFT regulations, it keeps potential investors out of the market as they have to fear a backlash from the authorities. Regulators therefore have to step in and establish a framework that satisfies the justified need for the sake of preventing money laundering and terrorism financing while preserving the specifics of virtual currencies and the benefits they bring.
While many in the crypto community are outright against regulation it disregards two important aspects though:
- First, for cryptocurrencies to thrive and open to bigger levels of institutional investments that in turn will lead to deeper adoption the stigma of unregulated or illicit activity needs to be removed entirely.
- Second, believing that an existence outside the regulatory framework of countries is feasible is simply disregarding the reality.
On the other hand, the regulatory response has to provide (at least) two things:
- A set of rules that removes the current KYC procedures that are often pointless and sometimes dangerous. Providing dubious players with the tools to request sensitive data without systems that help limiting the risk that this data ends up in the wrong hands only increases the damage that can be done through the criminal use of cryptocurrencies and ICOs. Simply look at the growing list of ICOs that report data leaks and consider the incentive for criminals to target these; and
- A framework that appreciates the nature of cryptocurrencies and provides a level playing field that eliminates room for regulatory arbitrage between strict and light-touch jurisdictions.