An Open Letter To FinCEN: Newly Proposed Regulations On Cryptocurrency

2021-1-1 23:20

Policy Division

Financial Crimes Enforcement Network 

P.O. Box 39

Vienna, VA 22183 

FinCEN Docket No. FINCEN-2020-0020, RIN 1506-AB47 

December 30, 2020

To Whom it May Concern:

I am Ben Davenport, an entrepreneur and investor. I previously co-founded BitGo, the first non-custodial multi-sig wallet provider, and now leading provider of custodial services for cryptocurrencies. I am also an investor in companies like Kraken, Xapo and Paxos. Today, I am a Venture Partner at Blockchain Capital, the oldest venture fund in the cryptocurrency space. These comments are my own, and do not reflect the opinions of either my current or former employer, or the companies I have invested in.

I appreciate the opportunity to comment on the proposed regulations. However, I take serious issue with the process by which these proposed rules are being rolled out. Rather than a more standard 30- or 60-day comment period, FinCEN has decided to use only a 15-day comment period, at the peak of a pandemic, at a time of year when most people are enjoying time with their families. It feels unnecessarily rushed, and gives the appearance that FinCEN and/or the Secretary are attempting to slip new regulations through unopposed, or to simply steamroll through any such opposition. FinCEN owes it to its own reputation & credibility, as well as to the American people, to immediately lengthen the deadline for comments, so that more thoughtful & diverse voices can be heard.

I also have serious objections to the substance of the rules themselves. The new rules would:

go far beyond any existing measure of financial surveillance,provide little in terms of new investigatory powers,push bad actors to offshore or unregulated venues,destroy Americans’ financial privacy, andput Americans in real physical danger.

Comments on CTR Requirement

The rules propose applying the existing CTR reporting framework to any customer making a withdrawal or series of withdrawals over $10,000. On the surface, this may seem reasonable, since the same rules apply to customers withdrawing cash from a bank or MSB. But below I give some important reasons why this is not a straightforward analogy, and explain why the rules as proposed would create serious risks for Americans.

i) The traceability of cryptocurrency means permanent privacy loss for Americans.

While Bitcoin and cash are both bearer assets, they are very different in terms of traceability. Cash is effectively untraceable once it has left the bank. On the other hand, Bitcoin and other cryptocurrencies are highly traceable, and law enforcement agencies say that they would much prefer that criminals use cryptocurrency rather than cash, exactly because of the tracing powers it gives them. In fact, transaction history on a blockchain lives forever, and becomes more traceable every day, both as new techniques evolve, and as more blanks are filled in, making it a particularly bad choice for criminals.

All this means that once FinCEN has a database of every major withdrawal by any customer, they not only know the fact of that withdrawal, but they can watch and trace, in real time, the flow of all of those funds on the blockchain. Or, if the transaction is a deposit, FinCEN can look back in time to trace the user’s complete prior history of transactions no matter how small or innocuous. In other words, the proposed rules would violate law-abiding Americans’ privacy in a way that is far beyond the existing ability to subpoena bank/MSB records, because they operate in a broad undiscriminating manner, much like mass wiretapping and bulk phone metadata gathering.

ii) The massive aggregation of data puts Americans in real, physical danger.

The proposed CTR requirements would create a massive database at FinCEN/Treasury which would ultimately put Americans in real physical danger. The huge amount of data would create a honeypot so juicy as to be irresistible to hackers, whether state-sponsored or monetarily-motivated. And with the recent revelation of major databases at Treasury being hacked and stolen, this risk is far from theoretical. 

It is likely that most cash withdrawals subject to CTR are not taken home and put under the customer’s mattress. Rather, they are used relatively soon thereafter, to make a large purchase, to gamble in Las Vegas, or for some other transactional purpose (whether licit or illicit.) On the other hand, Bitcoin and other cryptocurrencies are largely used as investments. So, a withdrawal to a non-custodial wallet is more likely than not to be simply a person deciding to hold his own assets without being subject to counterparty risk.

This means that, while a traditional CTR record for cash is not that valuable to an attacker, since the cash is usually long gone, a CTR for cryptocurrency can be extremely valuable. The record would contain the subject’s name and physical address and the address and amount of cryptocurrency. The attacker can even see on the public blockchain whether the coins have moved or not, guiding them to the most vulnerable victims to extort. Even a database theft from a single bank or MSB can cause innumerable problems for the affected customers. But concentrating the risk at the Federal level, endangering every American holding more than a token amount of cryptocurrency, is simply unconscionable.

This point is so critical, I will reiterate: Creating a centralized repository of individual owners of cryptocurrency puts them all at serious risk, and, far from reducing crime, creates the potential for an eventual unprecedented wave of violent crime.

iii) Large cryptocurrency deposits & withdrawals are far more common than with cash.

The percentage of cash withdrawals or deposits where something nefarious is involved may be relatively substantial (although I don’t know the specific numbers). This is simply because in today’s world there are not that many types of transactions where cash is needed or desired, and so illicit uses make up a correspondingly higher fraction of the overall cash transactions. On the other hand, with cryptocurrencies, which are predominantly held as investments, larger transactions are simply an everyday occurrence. And it is common wisdom in the community that trusting exchanges to hold one’s coins for the long term is a very bad idea due to the risks of cybercrime and/or fraud by the MSB.

Because of this fact, any signal of bad actors received by FinCEN will be totally buried in the noise of completely normal large withdrawals and deposits. So, without sophisticated blockchain analytics picking out the funds moving to bad actors, the CTR records are not useful to law enforcement. And, if the blockchain analytics software can identify trails of funds moving to or from bad actors, then identifying information for any link in that chain that touches an exchange or other MSB can already be easily be gotten through the normal subpoena process without violating the privacy of law-abiding citizens. The conclusion is that the mass collection of CTR records serves only to create the aforementioned panopticon into everything innocent users do (or have done) with their funds.

Comments on Wallet Verification

The proposed rules also appear to require that MSBs “verify” the address of customers when sending or receiving more than $3000. There are serious problems with this requirement, leading to significant friction for users and difficult make-work for exchanges, while providing exactly zero additional information useful to law enforcement. My reasons are as follows:

i) It is impossible to prove ownership of an address.

At first, it appears that Bitcoin and other cryptocurrencies make it easy to prove ownership of an address. Simply sign a message with the public key associated with an address, or make a small transaction back to a specified address. But that proves nothing about the ownership of said address. All it proves is that the user doing the transaction can get the person or entity who does control the address to jump through these additional hoops.

ii) Transactions do not have a “sending address.”

For all UTXO-based cryptocurrencies (such as Bitcoin), there is no such thing as a “sending address” for a transaction. Thus, while verifying an address for a withdrawal may be possible (though meaningless as shown above), verifying the source of an incoming transaction is essentially impossible in the usual case, where a transaction’s inputs are the outputs of multiple prior transactions. The user would be potentially forced to jump through hoops to pre-consolidate his funds to a single address, which he then verifies with the exchange, for no real gain of information to law enforcement.

iii) The proposed requirement provides no actual new information.

When a user at a regulated MSB makes a deposit or withdrawal, they are required to have KYC information on that user in order to serve them. So we already know who is responsible for the deposit or withdrawal, regardless of what wallet it came from or went to: the user who is known to the MSB. Whether a user withdraws directly to his own “verified” address and then subsequently sends to a bad actor, or whether the user sends to the bad actor directly from the exchange makes no difference to law enforcement’s investigatory powers. In fact, I believe that law enforcement would likely prefer that the illicit transaction happen directly on-exchange where there is a chance that the exchange can use its own blockchain analytics software to either block or file a suspicious activity report (SAR). As they stand, all the proposed rules do is force bad actors to practice better operational security.

iv) Law enforcement efforts are actively harmed.

As mentioned above, the more hoops that US exchange users must jump through, the more the likelihood that those users think twice before using those exchanges to do their illicit activity. And it is exactly the use of these regulated exchanges that allows law enforcement to make arrests and successfully prosecute bad actors. By pushing illicit activity to offshore or unregulated exchanges, law-enforcement powers are necessarily diminished.

v) New emerging uses of cryptocurrency are crippled.

There are many emerging uses for cryptocurrency where the user is depositing from or withdrawing to a smart contract, rather than another MSB or his own wallet. A smart contract can neither abide by FinCEN guidance (it is not a legal entity and may have no owner or controller), nor can it prove its identity to an MSB. These applications of smart contracts (which are currently attracting hundreds of millions of dollars in venture capital) would be crippled, and American competitiveness would be severely damaged in this potentially important emerging space.

Conclusion

Given the serious problems raised above, I think it is absolutely incumbent on FinCEN and the Secretary to significantly lengthen the period for comments on this proposal, and to begin a real 2-way dialogue with companies and experts in the industry, while also listening to the concerns of the general public. What is at stake is nothing less than:

the privacy and safety of millions of Americans, the ability for law enforcement to do its job effectively, and the competitiveness of US companies in an important emerging technology sector.

Respectfully yours,

Ben Davenport

The post An Open Letter To FinCEN: Newly Proposed Regulations On Cryptocurrency appeared first on Bitcoin Magazine.

Similar to Notcoin - Blum - Airdrops In 2024

origin »

Open Trading Network (OTN) на Currencies.ru

$ 0.0064948 (+0.67%)
Объем 24H $0
Изменеия 24h: 1.44 %, 7d: 12.76 %
Cегодня L: $0.0064948 - H: $0.0064948
Капитализация $13.149k Rank 2181
Доступно / Всего 2.025m OTN / 100m OTN

regulations cryptocurrency financial proposed letter newly open

regulations cryptocurrency → Результатов: 126


Japanese Regulator Set to Improve Cryptocurrency Regulations to Combat Speculative Investments

Japan’s Financial Services Agency is reportedly taking steps to update the country’s cryptocurrency regulations in a bid to combat the rise of speculative crypto investments in Japan. The Need for Improved Cryptocurrency Regulations The Japanese Financial Services Agency (FSA) is looking to improve its regulations on cryptocurrencies in the wake of speculative investments.

2018-8-10 22:27


Фото:

Russia: Court Issues First Ever Fine For Cryptocurrency Advertising

A Russian court has ruled for the first time that a local newspaper must pay a fine of 50,000 rubles ($760) after it ran a cryptocurrency mining advertisement. ‘Financial, Not Consulting Services’ As local news outlet Interfax reports August 8, the Eleventh Arbitration Court of Appeal (ACA) found the publication Edinstvo Nizhnekamsk, which circulates in the Republic of Tatarstan, in breach of advertising regulations.

2018-8-9 14:00


Фото:

Liechtenstein-based Blocktrade.com to Become First Fully Compliant Crypto Exchange, to Support Security Tokens and Tokenized Assets

Potential investors are sometimes hesitant to go into cryptocurrencies because of their volatility and the fact that not many crypto exchanges are compliant with regulations. For crypto investors who want to trade in these digital assets in a more secure platform, Liechtenstein-based Blocktrade.

2018-8-3 17:01


Фото:

Regulations Round-Up: Holland Targets Electricity Theft, MI Republican Wants More Oversight

In recent regulatory news, Dutch police have reported an increase in electricity fraud associated with crypto mining, a Michigan Republican member of the House Financial Services Committee has urged Congress to make the development of clear guidelines overseeing the cryptocurrency industry a top priority, and digital currency advocacy group, Chamber of Digital Commerce, has published […] The post Regulations Round-Up: Holland Targets Electricity Theft, MI Republican Wants More Oversight appeared first on Bitcoin News.

2018-7-31 18:35


Bitcoin, Ethereum, XRP and other coins to be protected better with the new bill, says South Korean official

On 25th July, South Korean officials made it clear that the country’s governing bodies must come together to enforce cryptocurrency regulations. This comes in the wake of major hacks that has threatened to destabilize the financial markets as well as dissuade people from adopting cryptocurrencies on a larger scale. South Korea is making a steady progress […]

2018-7-27 23:34


Фото:

Regulations Round-Up: Malta Clarifies Law, UK Wealth Managers Urge FCA Action

In recent regulatory news, Malta’s financial regulator has sought to clarify the nation’s cryptocurrency regulations following the passing of an act pertaining to crypto assets, UK-based wealth managers have called for the FCA to take a strong stance regarding cryptocurrencies, and the deputy governor of Bank of Israel has predicted that cryptocurrencies will contribute to […] The post Regulations Round-Up: Malta Clarifies Law, UK Wealth Managers Urge FCA Action appeared first on Bitcoin News.

2018-7-25 02:05


Фото:

Malta Is All Set to Become a Blockchain Hub for Crypto Companies With Financial Services Act Soon Coming Into Force

Malta previously released a new set of regulations in a bid to become the first blockchain island in the world. A triad of laws, namely the Virtual Financial Assets Act (VFA Act), the Innovative Technology Arrangement and Services Act (ITAS Act) and the Malta Digital Innovation Authority Act (MDIA Act), was passed earlier this month.

2018-7-24 12:59