Regulators across countries worldwide are facing a crossroads when it comes to cryptocurrency, tokens and Decentralised Autonomous Organisations (DAOs). Generally, such decentralised ecosystems struggle to fit within legal frameworks and clearly defined lines. To boot, the constant changing and evolving nature of the crypto ecosystem makes regulating these technologies increasingly difficult. Additionally, these digital assets often have no directly accountable legal entity. This can be problematic because they can be used to facilitate criminal activity, such as the purchase of illicit items, as well as money laundering. For this reason, countries have taken different measures and stances to attempt to regulate this activity.
And to put this into a very current analogy, it is a bit like a game of ‘Red Light, Green Light’ from the latest Netflix craze, Squid Game, which has attracted over 142 million viewers from 94 countries making it the most watched Netflix original production. Okay, not quite! But hear me out. Without giving away any spoilers, in this game the players have to carefully approach the Doll (in the image below). When the Doll says “Green Light” the players move towards the finish line, but stay perfectly still when the Doll says “Red Light”, or else face elimination.
“Red light. Green light. Player 027 Eliminated.”
Source: cheqd.io (courtesy of Netflix)
Before the inception of the internet, regulation was much simpler. It stood that if you were on the land of a country, you were bound by the laws of that country. Then the internet came along and made everything a little bit more complex, with cyberlibertarianism declaring the internet independent from regulatory clutches. The Dark Web, for example, is a good example of this in practice. It is the internet in its rawest form, detached from indexing services like Google which, unfortunately, has made it into a playground for cybercriminals. Cryptocurrencies and tokens have, to a large degree, enjoyed similar lawlessness of existing outside of national borders.
Elon Musk wrote a tweet last year lampooning various concepts. Firstly, it is a direct reference to the 1984 sci-fi film, Dune, but secondly, it is an indirect reference to many articles that have come out since then (Dune referring to gating access to services such as the internet and net neutrality). The suggestion in these articles was that you cannot regulate the internet directly, but if you control the pipes and the access to the internet, you can regulate who uses it. Musk, of course, parodies this idea, instead suggesting that the control of the crypto universe is based on the communities (and memes) that thrive in the background, rather than through the control of a centralised state or system. This tweet, referencing the capacity of the state to control crypto assets is at the heart of the regulatory game of Red Light, Green Light.
To deal with the lawlessness of new digital assets such as coins and tokens on decentralised networks, countries can either decide to try and regulate them or simply prevent access to them.
The idea of technology functioning outside of a country’s jurisdiction and legal framework is a difficult pill to swallow. Furthermore, the oversaturation of different types of coin, token and stablecoin makes keeping up, from a regulatory perspective, a huge challenge. As such, in 2013, China banned its banks and financial services from making transactions using Bitcoin, and in January 2018, China’s leading internet-finance regulator issued a notice requiring Bitcoin-mining companies to ‘orderly’ stop their business. Recently in 2021, China has made all cryptocurrency transactions illegal. This method of giving crypto a full Red Light is effective to a certain extent, in the sense it removes the problem rather than dealing with it, although it does not make any inroads into progressing cryptocurrency. Moreover, it pushes cryptocurrency into being used in a black-market, beyond the visibility of the State – which is not a desirable outcome either.
Target Law on middlemen
In 2017, the European Parliament amended the fourth Anti-Money Laundering Directive to incorporate Virtual Currency Provisions. Article 32a of the Directive was amended to ensure that ‘Member States put automated centralised mechanisms in place […] which allow for the timely identification of any natural or legal persons holding or controlling payment accounts,
and bank accounts held by a credit institution within their territory’. The objective of the amendment was to ensure that money laundering could not occur through exchanges or custodian wallet providers, making these third-party sites accountable for the persons in their user-base. Similarly, the UK has recently implemented a new rule known as the ‘Travel Rule’ which requires that any virtual-asset transfer of above £1,000 must be accompanied by detailed personal information of both the originator and beneficiary. Currently, this would be achieved through an exchange or custodian doing KYC on its users and making this information available. Again, this type of regulation has worked to a certain extent. However, given the inconsistency of regulation amongst countries, users can simply hold and exchange their coins and tokens through services in countries where it is allowed, or use a decentralised exchange (DEX) which does not rely on a centralised middleman but facilitates peer-to-peer transactions. In this way, the regulation only has a limited effect.
Target Law on tokens
Most countries around the world have Securities Laws which digital assets, such as crypto, may fall under. The strength of the Securities Law and the nuances in the detail determine whether an exchange token will be able to be launched, exchanged and stored in that jurisdiction. The USA, for example, has a strong Securities Law, based on many years of legal precedent – notably the famous Howey Test. This does have a degree of effect on regulating tokens, since the SEC has not been shy in cracking down on creators of tokens that constitute securities, based in the USA.
However, Securities Law differs vastly around the world. So a token constituting a Security in the US does not mean that it will constitute Security in other jurisdictions and vice versa. This means that tokens which are prevented from being held in one country can quite easily be held, and given a green light in another, diluting the strength of global regulation on cryptocurrency.
Owing to the success and resilience of digital assets (such as cryptocurrency and tokens) and their non-reliance on banks or centralised bodies, some countries have given the Green Light to digital assets within a certain scope. For example, recently El Salvador made Bitcoin legal tender meaning that it can be freely traded without the regulatory hurdles to navigate. The only regulation in place here is that service providers, such as exchanges and custodians, need to onboard onto a Service Providers Register. This low barrier to entry enables not only citizens of El Salvador to access these services but persons from other countries can also benefit from the lack of regulatory barriers – and store or trade their assets through an exchange or custodian based in El Salvador.
Red Light, Green Light
A combination of the rigidity of existing law, the inconsistency of law across multiple countries and the rapid evolution of new tokens and coins makes regulatory clarity around digital assets problematic for regulators worldwide. Gating access and putting up a ‘Red Light’ is largely ineffective at preventing the use of crypto at scale, when exchanges and custodians can exist in ‘Green Light’ countries. For this reason, digital assets can, due to their decentralised structure, function outside of regulatory frameworks – and a different approach to regulating them is needed.
A different approach
There is a fundamental misalignment between the will to regulate digital assets and crypto and the practicalities of regulating digital assets and crypto. For this reason, countries need to look beyond the law to regulate – and take proactive steps – to encourage safer, more trustworthy systems which are regulated by the network architecture itself. What if the parties in the transaction itself had verified digital identities, and could share verified proof that they were a verified, actual person? And this was done in a privacy-preserving manner. Upon entering a transaction, the originator could create a direct channel with the beneficiary, sharing a Verifiable Credential, entirely off-ledger, to maintain privacy. Below £1000 this could just be proof of being an actual, verified person, and above £1000 this could be an actual exchange of personal information. Such an architectural shift would enable greater compliance with new regulations, enabling trusted transactions by default. It would also disincentivise criminals from using the token for illicit activities because there would be a much higher risk when transacting alongside a verified identity.
Bridging cryptocurrency and tokens with digital identity (something that cheqd is working on) opens up a range of new options to achieve trust, transparency and regulatory compliance in transactions. This not only makes crypto and tokens safer but also more commercially viable for real-world use cases and transactions in regulated industries, such as financial services. This can potentially create a world in which most countries do not have to pick Red Light or Green Light, but can find a strong middle ground.