What are the crypto regulatory and compliance challenges? Right from the time when Bitcoin was launched for the first time the regulatory landscape of it has been evolving continuously.
This is primarily because, typically designed by Satoshi Nakamoto as ‘a peer-to-peer electronic cash system,’ the network utilizes the decentralized nature of the P2P network.
And, for that there is no need to go through a central authority or an intermediary that can regulate the transactions like in the traditional financial systems.
That is why it can afford to maintain anonymity of the users making any transaction on the blockchain.
It is not only the regulators of the US who are looking to regulate the world of crypto but it is the same all over the world.
The regulators from all over are responding to the risks that are inherent in crypto trading and investing and developing stricter rules.
This will need all participants including the crypto users and the exchanges to comply with the regulations.
It will also prevent the bad actors from exploiting the vulnerabilities present in the system and mask their transactions to launder profits made from unfair practices and through illegal means.
Well, these regulations are viewed as challenges to the crypto industry that it should overcome in order to hit mainstream.
These challenges have different forms which need a more rigorous level of due diligence to comply.
These regulations also need some structural changes to be made which includes and are not limited to the Know Your Customer or KYC protocol and AML or Anti-Money Laundering regulations.
Since both the regulators and the crypto industry need to improve, the regulatory challenges can be termed as a reactive process for both.
What are the Crypto Regulatory and Compliance Challenges?
In order to deal with the challenge of the blockchain network, financial regulations are imposed which bolsters the regulatory system further.
The regulations are typically national driven and without a doubt point to the future path for the crypto companies.
Having their requirements outlined, they now have to obtain proper financial license to operate in a few countries for their regulators.
This increases the challenges for the crypto companies, a few experts say, when it comes to the regulatory compliance.
But, there is no way to avoid these regulatory measures since it also has a greater positive effect.
It boosts the confidence of the investors in crypto by adding an additional layer of protection on their funds which may help substantially in its mass adoption in the process.
The regulatory bodies of the world have now started to monitor crypto activities and are addressing and enforcing restrictions wherever and whenever necessary.
The Financial Action Task Force or FATF seems to have taken the responsibility pretty seriously to formulate better guidelines and determine the best practices to follow by the crypto industry.
The primary objective of these regulations is to reduce money laundering and financing of terrorism which has increased significantly after cryptocurrencies started to flourish.
However, these regulatory measures have not been able to do away with the challenges in its compliance. Some of these significant challenges are as follows.
The anonymity factor:
According to the FATF Recommendations number 16, which is more commonly known as the ‘Travel Rule,’ all crypto businesses are required to collect personal data of the sender of funds and the recipient in blockchain transactions and store them safely.
This notable regulation means that this data will be accessible to the authorities whenever they need to have better supervision and enforcement of the existing or newer crypto regulations.
In simple words, this means that the authorities will know exactly what is done by whom from now on.
A significant challenge it surely is, since anonymity and transparency are commensurate with crypto.
Though these regulations on crypto will surely increase the efficacy of this new asset class it somewhat contradicts the anonymity aspect.
This may pull back some of the investors and traders who specifically favor crypto for its ability to maintain anonymity, and in turn, it will surely hinder the growth of the market and the industry.
However, the FinCEN tried to make this rule a little less harsh on the people by bringing down the threshold under FATF rules from the $1,000 to just $250 provided the transactions starts and ends outside the United States.
No matter what, implementation of the Travel Rule seems to be very unrealistic because it causes unnecessary headaches and challenges for the crypto users and operators alike.
This is because it is very difficult, if not impossible, to design a Travel Rule complaint system that will make everyone happy.
One of the most significant challenges of it is to deduce who owns a particular address on the blockchain and with whom the info is to be shared.
However, as of now it has been easy because the businesses are following a piecemeal approach and are rolling out products to jurisdictions like Singapore, Switzerland, and the US.
However, looking at the other side of the coin, the crypto industry does need some regulations since it is one of the best and fastest ways for criminal financial trading.
And these crimes encompass everything from money laundering to illegal weapons trade, and from financing terrorism activities to human trafficking.
All of these crimes are international and therefore it should be an international effort.
However, it is the decentralized character of the blockchain technology that presents a difficult challenge here.
Rules of fiat landscape imposed:
Another significant challenge of the regulatory measures on crypto and its compliance is that the rules and regulations that are best suited for the traditional financial institutions are being implemented into the crypto landscape on a whole scale!
This is quite arguably a wrong thing to do because it does not take the uniqueness and innovative nature of this technology into account.
Typically, traditional regulations of the fiat landscape do not reciprocally fit well into every aspect of every aspect of the blockchain technology or crypto.
The main reason to say so is that all these regulations are typically built on a very old system.
The fiat system has been around for several decades while crypto, in comparison, is just a decade or so old.
Therefore, it is nothing but common sense that the regulations to be imposed on crypto should be well-framed, modified, and adapted.
Must get to the grips:
Crypto regulatory and compliance remains a big headache for the crypto buyers, sellers, investors and operators alike.
However, all of them must essentially get to grips with these rules and regulations in 2022 and beyond.
Back in 2021, the picture was not very pretty.
The biggest crypto exchange of the world, Binance, was investigated by the US Justice Department and Internal Revenue Service.
They tried to find out clues to potential money laundering.
Other authorities from different countries that included the UK, Germany, and Japan were also very concerned about it.
Then, a couple of months before that incident, charges were laid by the US federal prosecutors against BitMEX under the Bank Secrecy Act for allowing thousands of customers in the US to trade.
The exchange however claimed publicly of not doing that but three of their officials pleaded guilty and went for trial in March this year. They are at the risk of going to jail!
Therefore, the rules and regulations on crypto are very strict now and are abiding.
It is therefore not surprising that the number of crypto regulations and compliance will become the priority by the crypto players in the future.
In fact, to prove its significance, the stat that it increased from 53% to 86% in a matter of just four months in 2021 is enough.
Diversity of regulation:
Another significant challenge of the crypto regulatory measures is the sheer diversity which makes it too big a problem for the crypto players and organizations to handle.
For example, take a look at the state sanctions compliance.
Typically, in the borderless world of cryptocurrencies it is often seen that the cross-border rules come from any and every possible direction and are enforced most erratically.
Binance crypto exchange, which is known to take crypto regulation and compliance very seriously, often has to deactivate accounts held by the Cubans and Iranians. Why? This is because the United States has rigid controls in these countries.
For similar reasons, the ConsenSys Academy, which is one of the leading Ethereum-based educational organizations, also banned about 50 Iranian students in November 2021 from their online platform.
And, on the other hand, BitGo, a custody startup, was penalized for too little control over the users coming from the sanctioned jurisdiction of the US.
This penalty was imposed on them by the US Office of Foreign Assets Control or OFAC in 2020.
Now, coming back to the diversity of the regulations, it is required to cut the challenge down to size.
For this the regulators will have to focus more on the centralized crypto exchanges and regulating them and their wallets rather than attempting to regulate and control the Decentralized Applications or dApps or the on-chain transactions.
The good thing about focusing more on the centralized exchanges by the regulators is that it will not only allow them to ensure anti-money laundering but also offer the consumers a much better protection.
Apart from that, it will protect the funds of the investors, improve market integrity, and improve other significant aspects.
Typically, it is a sheer waste of time and effort trying to control decentralized protocols because it will surely and always find another way. It is just like trying to control the wind, but in vain.
On the other hand, the crypto exchange should comply with these regulations not by simply disallowing unsophisticated investors but also by proving that they are all out in preventing exploitation of retail investors by the more sophisticated traders through market manipulation.
Proper customer verification:
This is another significant challenge of crypto regulation and compliance. Well, the main problem lies in getting hold of the fake documents.
You will get an idea how fake IDs are generated if you Google search and also know what type of inconveniences are faced by the crypto compliance teams.
Documents are usually created from leaked documents if you pay a lower price for it but you can get faked documents from already verified accounts for a higher price.
A more advanced scammer and bad actor will typically intercept photo IDs and documents that are transferred via unsecured Wi-Fi or other inferior and unsafe technologies.
Ideally, the crypto landscape and its systems are pretty vulnerable to be exploited by the attackers especially if there is no appropriate ID verification with processes like liveness and other additional checks.
These are very important checks to make because the too sophisticated social engineering attacks of today make it easy for the scammers because the victims themselves do the work for them.
In fact, these techniques are so sophisticated and complicated that it is almost impossible to identify a fake document and catch the bad actor.
Moreover, things are made even more complicated by the added vulnerabilities produced by remote desktop access.
Therefore, scamming is a serious concern for the industry and more so because the conventional banks are now moving into the crypto territory.
They will have a hard time complying and spend a significant amount of money to ensure foolproof compliance.
The Bitcoin and crypto regulatory environment, especially with respect to the US, is broken down typically in two specific categories.
- The laws that protect general Bitcoin and crypto users and
- The laws that focuses on the wider societal impacts created especially by those users who use crypto and Bitcoin for criminal purposes such as money laundering and financing terrorism.
This specific work upholds the hindrances to more efficient regulation of crypto and Bitcoin that will address specific issues related to ownership, theft, and attribution to susceptibilities that the digital assets are often subject to.
However, the challenge involved in these rules and regulations on crypto is that eliminating thefts and pilferage as well as attacks on the crypto exchanges completely is yet to happen.
Till date, one of the largest incidents of theft of Bitcoin happened in February 2014 at the Bitcoin exchange Mt Gox.
This incident saw a loss of 850,000 Bitcoin which was valued at $US 450 million at that time.
Reclaiming those stolen funds was considered to be a major risk for the users.
A few crypto experts believe and argue that the crypto systems are practically unimpeded by the Anti-Money Laundering and Counter-Terrorism Financing regulations.
This is much unlike the conventional financial institutions and money transfer businesses.
Apart from that, the crypto systems do not collect and store the essential Personal Identifiable Information or PII. Therefore, they cannot implement stricter reporting procedures for financial transactions.
This means that they are not able to mitigate illegal financial activities and the misappropriation of funds.
Ideally, the crypto environment is plagued with issues like the legality of operations, AML and CTF implications, and taxation.
In order to help people understand what a favorable environment for the general users of crypto means, The Law Library of Congress published a complete review paper titled: Regulation of Cryptocurrency in Selected Jurisdictions in June 2018.
In this paper the policy stance and complete review of the crypto regulation for specific jurisdictions are mentioned which are believed to have a fairly better crypto environment. These jurisdictions include:
Not all of these jurisdictions are still crypto-friendly because the crypto market and environment changes dramatically and pretty quickly which may have forced some of these countries to impose stricter regulations and even ban crypto completely like China did in September 2021.
However, for most of these countries there is a dedicated foreign law specialist whose primary job is to assess the legal aspects and conditions in their respective jurisdiction.
Legality of Markets
The above paper reveals how legality of the crypto markets of different countries is ensured based on the laws of their respective jurisdictions.
The report also highlights the specific laws that are passed for the crypto markets in one jurisdiction in contrast to another.
For example, the countries like Jersey, Belarus, Gibraltar, and Mexico have passed specific laws recognizing the crypto markets.
On the other hand, Iran and China in comparison are warning the financial institutions from engaging in the crypto markets.
However, the legality of the crypto markets can also change dramatically and all of a sudden making it more challenging for the crypto players to stay abreast and comply with.
The example of China will make things very clear to you. Initially, China was considered to be the most favored country for dealing with crypto.
A lot of companies were set up and it became the number one crypto hub of the world.
However, due to some debatable reasons, China thought of controlling crypto activities in the country.
In order to prevent use of crypto, a wide range of entities were given the power to supervise the crypto companies. These entities are:
- The People’s Bank of China or PBOC
- The Cyberspace Administration of China or CAC
- The Ministry of Industry and Information Technology or MIIT
- The State Administration for Industry and Commerce or SAIC
- The China Banking Regulatory Commission CBRC
- The China Securities Regulatory Commission or CSRC and
- The China Insurance Regulatory Commission or CIRC.
All these entities agreed together that a ban on Initial Coin Offerings or ICOs is necessary and so it was implemented on September 4, 2017.
The reason given was to prevent financial risks and ensure investor protection.
Further, in September 2021, all types of crypto transactions including crypto mining were banned.
The reason given now was the excessive use of energy and the adverse impacts on the environment.
Therefore, you can see that it does not take time for things and conditions to change in the crypto space.
Tax implications have always been a significant challenge because most people do not know which transactions are taxable and which are not.
However, the IRS considers profits from crypto transactions as capital gains and considers it to be a taxable income.
But simply holding crypto in the wallet for a long time may not be taxed.
The application of Tax Law and how crypto is treated as a financial instrument is actually a very hot topic for debate.
Therefore, whether it is insufficient knowledge or for any other reason, tax evasion is a very important and challenging aspect.
However, you will get a clear idea about how crypto is taxed across different jurisdictions if you follow the report of The Law Library of Congress.
Anti Money Laundering
Since one of the primary reasons to impose regulatory measures on crypto is to deal with money laundering and financing terrorism, you should also consider the challenges related to AML and CFT regulations in particular.
Billions of dollars have been traded illegally through different crypto platforms till date.
A major portion of this money has been traded illegally from one exchange to another across the borders.
This shows that there is an immediate need to impose AML and CFT regulations and also make sure that the crypto exchanges adopt them and see that compliance is achieved.
And, that is what has been done in several jurisdictions.
However, the compliance challenge lies in the fact that different jurisdictions have different AML laws, regulation and compliance instruments in context with Bitcoin.
However, every Act requires the entities to report and verify the identity of the customer before providing them with any designated service.
Apart from that, it is also required to assess each risk individually for specific types of customers wanting specific types of services.
It must also include the ways in which these services will be provided to them and whether or not any foreign jurisdictions need to be crossed.
Add to that, the state of connection with the foreign jurisdiction of that specific financial entity should also be assessed.
However, every jurisdiction may not have the same type of requirements.
For example, the Anti-Money Laundering Directive of the European Union ensures detection and prevention of such illegal fund transfers through their unique legislative framework.
According to this framework, more emphasis is given on the national Financial Intelligence Units or FIUs.
These FIUs reduce the risks related to the anonymity in transactions by collecting information that will allow them to relate the addresses of virtual currency transfers to the identity of the owner of the currency.
According to the AML and CTF Act, it is required to ensure that the crypto exchanges follow a Know Your Customer protocol and Customer Due Diligence process.
The FIUs and the financial institutions leverage strict KYC and CDD practices.
This helps any reporting entity to follow all necessary customer identification procedures.
This is very important to find out the real-world identity of the customers and their behaviors.
This will help further in understanding their predictable financial activities.
Therefore, in short, the KYC and CDD processes typically help in mitigating the AML/CTF risks.
It also ensures that the legal obligations of the players successfully protect the society and the consumers from any bad effects due to the misuse of crypto for unlawful purposes.
Financial Intelligence Units
As said earlier, the regulatory and legislative frameworks are supported by the major FIUs. These include:
- The Financial Crimes Enforcement Network or FinCEN
- The Financial Action Task Force or FATF
- The Australian Transaction Reports and Analysis Centre or AUSTRAC and others.
FinCEN is the Financial Intelligence Unit of the US Treasury. It supports all US as well as international law enforcement investigations.
Apart from that, the FinCEN also formulates guidelines and advisory notices with respect to illegal usage of cryptocurrencies.
For example, it has issued regulations for all Money Services Businesses or MSBs that deal with Convertible Virtual Currencies or CVCs.
The regulation also specifies how exactly these MSBs are subject to the US Bank Secrecy Act.
Apart from that, the FinCEN also provides all required definitions and applications of the Act as well as the obligations that the MSBs are required to follow while dealing with CVCs.
FATF, on the other hand, provides standards and recommendations related to prevention of terrorism financing and money laundering to more than 200 jurisdictions.
In these recommendations the FATF offers a consistent and more comprehensive framework of regulations that will help several countries to prevent such illegal activities through crypto.
This particular framework includes provisions related exclusively to Virtual Assets and Virtual Asset Service Providers or VASPs.
There is a specific guidance document that helps in identifying the different risk indicators with reference to the VA context.
It lays additional prominence on factors that will conceal transactions or restrain the ability of the VASPs further in identifying the customers.
And finally, the AUSTRAC is primarily engaged in collection and analysis of intelligence regarding AML and CTF and also provides guidance related to prevention of these illegal activities.
Apart from that, it also administers the register of the digital currency exchanges in Australia and also provides proper guidance to these businesses in building and implementing a proper AML and CTF program.
The misuse of crypto is needed to be policed but the problem is that the law enforcement agencies do not have the right procedures, standards, laws, and regulations for that.
This challenge is somewhat minimized by the FATF which sets out global standards to prevent money laundering and terrorist financing especially along with other major threats that are inherent in crypto transactions.
If this is not done properly, it will upset the integrity of the financial systems of the world.
The good thing about these agencies is that they have been able to cut down on the rate of transfer of criminal funds through crypto by nearly 50% with the most potential and effective AML and CTF measures.
Also, the authorization of the FIUs according to the EU directive to supervise the use of crypto is an indication that the world is moving towards a more holistic approach to fight against the threats of AML and CFT.
This provides the necessary balance through a more proportionate approach which not only safeguards the technical advances but also offers a very high degree of transparency in this exciting space of alternative finance.
However, all these rules and regulations pose significant challenges in compliance which is primarily due to the international nature of crypto transactions that may result in some sort of cyber criminal activities.
This challenge can be efficiently countered by preventing the offenders from moving from one jurisdiction to another.
And, to hold them back, enforcing AML, CTF, KYC, CDD and other provisions will act as an effective deterrent.
However, there is no need for extremely stringent provisions because that will prevent the innovative and useful blockchain technology underlying cryptocurrencies to function properly.
In order to ensure that the provisions are able to do their desired job properly and it facilitates information sharing, international cooperation, and proper monitoring, the help of the crypto service providers and FIUs will surely be necessary.
It is true that there are lots of crypto regulatory and compliance challenges that can impede the industry as it is pointed out in this article.
However, if regulations can work efficiently in the traditional finance landscape, so can in crypto as well.
I have special interest in crypto and intend to help common people to gain knowledge about the digital asset as well as its potential. Follow Me at Linkedin.