Crypto in 2021: It’s Not an Old Dog — Yale Cyber Leadership Forum

By: Amir Perk, YLS ‘23

Introduction

Cryptocurrency has become impossible to ignore. Bitcoin’s market capitalization is over $1 trillion and Ethereum’s is nearly $250 billion. On a given day, $100 billion worth of Bitcoin and $60 billion worth of Ethereum change hands, and these are just two of the most popular cryptocurrencies. Meanwhile, an artist sold a non-fungible token (NFT)—a unique file that lives on a blockchain—for $69 million, Kevin Rose sold an NFT of his NY Times article about NFTs for $560,000, and a Top Shot moment—a virtual NBA trading card based on NFT technology—depicting a Lebron James dunk sold for nearly $400,000. And, besides these recent trends, blockchain, the technology behind crypto, has been reshaping industries with diverse use cases across the economy. This is the future. Our regulators cannot and should not hide from it.

Now that crypto is here to stay, regulators should respond to it in an informed way. This post traces the latest rise of crypto and then argues, through a case study of anti-money laundering (AML) law, that regulators have taken the mistaken approach of trying to fit crypto into preexisting frameworks. Instead, regulators should better understand how crypto works, then regulate it as its own entity, adjusting for its idiosyncrasies that make certain forms of monitoring significantly more effective than others. Regulators should change their strategy from treating crypto as an old dog with new tricks to regulating it as a diffferent beast altogether.

The (Latest) Rise of Cryptocurrency

Following President Biden’s $1.9 trillion stimulus package to counteract the economic effects of COVID-19, investors have begun to fear inflation. Whether this fear is warranted is a matter for debate, but it certainly has fueled excitement about cryptocurrency, as investors have started using it as an inflation hedge. Even in April 2020, when Bitcoin was worth a tenth of what it is today, investors referred to it as digital gold that could hold value more consistently than fiat currency. The theory is simple: The Federal Reserve can dramatically increase the money supply through monetary policy such as quantitative easing, while the supply of Bitcoin will never be greater than the fixed limit of 21 million coins. With over 18 million Bitcoins already mined, of which an estimated 3-4 million have been lost forever, the theory is that Bitcoin can eventually become a more stable store of value than U.S. dollars.

Against this excitement, Coinbase, the leading crypto exchange, made its direct listing in April 2021, closing at a share price of $328.28. With 130 million shares outstanding and a $60 billion market cap, Coinbase’s listing is the latest example of what enthusiasts have long argued: crypto has simply gotten too big to write off.

But with all the hype around crypto, Dmitri Alperovitch of Silverado Policy Accelerator, has called it “the oxygen that fuels the fire of ransomware.” He argues that ransomware’s concurrent rise with Bitcoin over the last decade is no coincidence and that decloaking the anonymity of crypto can have a major deterrent effect on its illicit use. And beyond cybersecurity, crypto raises a host of issues in areas such as money laundering, securities law, tax, and many more. Across these areas, regulators need to update for crypto. Anti-money laundering law provides a useful example of how not to regulate cryptocurrency.

How Not to Regulate Cryptocurrency

One of the main challenges crypto has raised for regulators is the way it has been perceived as a tool for money laundering. Because Bitcoin allows for anonymous peer-to-peer payments with no centralized facilitator, it is commonly perceived as a useful tool for funding criminal enterprises. Indeed, since 2009, one source estimated that criminals have used Bitcoin to launder over $2.5 billion of value.

However, because the blockchains recording Bitcoin transactions are completely transparent and publicly accessible, it is relatively easy to link them together and identify transmitters. Indeed, blockchain monitoring, a crypto parallel to transaction monitoring that utilizes public blockchain data to observe patterns in funds’ full history, can provide more information to exchanges on whether/how customers are engaging in suspicious activity.

Importantly, blockchain-based currency differs fundamentally from fiat money. As Satoshi Nakamoto, Bitcoin’s pseudonymous creator, explained:

The traditional banking model achieves a level of privacy by limiting access to information to the parties involved and the trusted third party. The necessity to announce all transactions publicly precludes this method, but privacy can still be maintained by breaking the flow of information in another place: by keeping public keys anonymous.

In other words, in the “traditional” model, the parties’ identities are known but the transaction is private. In the Bitcoin model, the parties’ identities are private while the transaction is public.

This fundamental difference means that AML should be adjusted for the crypto context. So, while the Anti-Money Laundering Act of 2020 made important strides in bringing crypto into the Bank Secrecy Act’s (the main AML statute in the United States’) scope, it is only a starting point. Among its strengths, the AML Act provided for GAO studies on virtual currencies in the trafficking context (see section 6505). But it also fell short in important respects. Rather than explaining blockchain monitoring and recognizing the key opportunities and challenges for AML in the crypto context, the Act expanded the definition of Money Services Businesses, one of the previously regulated categories of financial institutions subject to the Bank Secrecy Act, to include transmitters of “value that substitutes for currency” (see section 6102(d)). Presumably, this means crypto exchanges would be treated simply like any other money transmitter.

Such a copy-paste approach is lazy at best, outright dangerous at worst. Just imagine if we had built our money laundering law around a Bitcoin model in the first place—where there were no banks or intermediaries, but only crypto exchanges with anonymous peers but public transactions—then copy-pasted that approach onto the current banking model. Just as copy-pasting in that direction would be ludicrous, so is copy-pasting the way we have.

The Future

The fact that 97% of laundered Bitcoin ends up in countries with extremely lax Know-Your-Customer and AML regulations suggests these regulations may have been effective in deterring crypto-based money laundering. But what if this is only so because of convenience? What if the 97% is driven by the fact that criminals would rather face zero regulation than any regulation, even if the any is inadequate?

As international norms around crypto-based money laundering tighten, it is possible that the deltas in regulation will disappear and our regulations will be truly tested. When that happens, regulators should be prepared to adjust their approach. While transaction monitoring might work for the “traditional” model, a blockchain-based approach will become crucial for the Bitcoin model. Indeed, while FinCEN (the network of regulators that enforces AML) has nodded to the fact that many “money transmitters . . . track and monitor the transaction history of a CVC [convertible virtual currency] through publicly visible ledgers,” it should explain how to do this effectively. Critically, regulators need to understand that cryptocurrency is not an old dog with new tricks, but a different beast altogether. And, they should respond accordingly.