BitGo on Why the Travel Rule Should Not Apply to Digital Assets
BitGo CEO Mike Belshe and COO Jeff Horowitz talk about one of the hottest topics facing the crypto industry today: regulation. They discuss…
- what BitGo does
- why Jeff left his successful TradFi career to go crypto
- how crypto compliance and custody differs from the traditional finance world
- the state of crypto education amongst regulators
- why Jeff and Mike think the infrastructure bill is a win for the crypto industry
- what FinCEN is doing to regulate crypto
- why they think the infrastructure bill’s goal of raising billions in crypto taxes could only bring in millions
- what FATF guidance regarding VASPs requires of crypto companies
- why the travel rule could lead to US customer data being shared overseas
- how digital assets change the implications of the travel rule
- how regulators are attempting to deal with DeFi
- what the FATF guidance means for FATF countries, like the US
- why DeFi is not ready for strict regulations
- Jeff’s views on Brian Brooks’s departure from BinanceUS
- the Galaxy Digital acquisition of BitGo
- what security issues a trillion-dollar wallet presents
- why BitGo refused to put a “freeze” function in its WBTC contract
- why Tesla and MicroStrategy purchased BTC and why other companies have been slow to follow suit
- whether BitGo will offer NFT solutions going forward
Thank you to our sponsors!
Mike Belshe — CEO BitGo
- LinkedIn: https://www.linkedin.com/in/mikebelshe/
- Twitter: https://twitter.com/mikebelshe
- Previous Unchained appearance: https://unchainedpodcast.com/mike-belshe-on-what-bitgos-kingdom-trust-acquisition-means-for-crypto-and-how-security-will-develop-in-the-future/
Jeff Horowitz — CCO BitGo
- Website: https://www.bitgo.com/
- Twitter: https://twitter.com/BitGo
- Blog: https://blog.bitgo.com/
- Galaxy Digital purchase: https://www.coindesk.com/galaxy-digital-to-buy-bitgo-for-about-1-2-billion-in-stock-cash
- FATF solution: https://www.coindesk.com/us-crypto-giants-build-first-version-of-fatf-compliant-travel-rule-tool
- New York Trust Charter: https://decrypt.co/60110/bitgo-new-york-trust-charter-crypto-wall-street
Infrastructure bill and its implications for crypto
- Unchained coverage:
FATF and the travel rule
- Unchained coverage:
- Unchained coverage:
- Brian Brooks’s BinanceUS departure: https://www.coindesk.com/binance-us-ceo-brian-brooks-quits-cites-strategic-differences
- Poly Network hack: https://www.elliptic.co/blog/the-poly-network-hack-600-million-in-crypto-stolen-and-returned-in-24-hours
- WBTC: https://www.bitgo.com/newsroom/press-releases/wbtc-brings-bitcoin-to-ethereum/
Hi, everyone. Welcome to Unchained, your no-hype resource for all things crypto. I’m your host, Laura Shin, a journalist with over two decades of experience. I started covering crypto six years ago and, as a senior editor at Forbes, was the first mainstream media reporter to cover cryptocurrency full-time. This is the August 3, 2021 episode of Unchained.
The Crypto.com App lets you buy, earn and spend crypto, all in one place! Earn up to 8.5% interest on your Bitcoin and 14% interest on your stablecoins – paid weekly! Download the Crypto.com App and get $25 with the code “LAURA” – link is in the description.
Polymarket is the leading information markets platform where you can trade on the most hotly-debated topics, whether it’s politics, coronavirus, current events, and more – all on the blockchain.
With over 130 million dollars traded on the platform, Polymarket is the go-to place to settle the biggest debates of the day.
For a limited time, sign up with referral code “Unchained” to get your first trade reimbursed up to $100.
Today’s guests are Mike Belshe, co-founder and CEO of BitGo, and Jeff Horowitz, chief compliance officer at BitGo. Welcome, Mike and Jeff.
Why don’t we, before we get into the discussion, why don’t we just start with a basic description of BitGo. You guys have been around forever, but just for people who may be new to the space.
BitGo got started in of the early generations back in 2013. Started out as a technology company. Pioneered multi-signature technology, which is used almost everywhere today for securing large amounts of digital assets. We’ve grown to support over 20 different blockchains, several hundred tokens, and provide infrastructure to a large portion of the ecosystem. We continue to push forward on security and compliance. I guess that’s why we’re here today: to talk about compliance.
We are a regulated trust company in two different states, both South Dakota and also New York. We also have regulated entities abroad and do about half our business here in the US, half outside the US. I think most recently, BitGo and Galaxy have agreed to merge. So that deal is still in progress. Hopefully closing in not too long, but that’s where we’re going next. And that’s all about institutional adoption of digital assets. That’s a little about BitGo.
And so speaking of institutional adoption, Jeff, you spent many years in traditional finance before making the jump to crypto. Some of those years were at Pershing, Citi, Lehman Brothers, and Goldman. Then you did spend time at Coinbase before joining BitGo. Why did you decide to leave traditional finance for crypto?
Great question. After 25 years doing some of the same things every day, sometimes you look for something entrepreneurial or a little more innovative. And when I received the call to join Coinbase, I hadn’t really researched crypto yet. In taking the call, I figured out how to do some homework. And I found myself getting really enthusiastic about what was the promise of crypto, what could it do, and have a seat at the table to help shape regulation for a brand new asset class — it was just too hard to turn down. And it’s been an exciting three years in the space, and really looking forward to what the next five years will bring.
And so what do you do as a CCO? And how would you say that compliance in the crypto space differs from that of traditional finance?
Sure. I think the first question that gets asked when you’re talking about crypto or regulation is: is it only used for bad guys? Why do we need it? You know, Venmo and PayPal, and other payment processors are working fine here. And I think the answer is it’s a global challenge. We don’t have PayPal and Venmo around the globe. It’s very expensive to do remittance. And so the first thing I do is I set up an AML program, right? How do we identify and find the bad actors? How do we report them to law enforcement and have a risk-based, reasonably designed compliance program?
And the other part of my job is working with regulators. Whether that’s getting new licenses or running a program, which needs to have trading compliance, surveillance, AML policies, and procedures. It’s very similar to traditional finance. You know, we’re, we’re overseen by the New York DFS. They don’t have a different rule book for us than they do Citibank or Bank of New York Mellon, who they also oversee. So it’s really combining what you’ve done in traditional finance but in a fast-moving and brand new asset class where some of the technology is just different than the traditional markets.
And Mike, since BitGo started really as a crypto custody company, and obviously you were really a big pioneer in that, how would you say crypto custody differs from being a traditional financial custodian?
Well, as Jeff said in a lot of ways, it shouldn’t. But a big part of what we do is help regulators kind of through the process. Right? So look, we got into this space because we do see the opportunity to make a financial system that is far superior to what we’ve seen in the past, in terms of transparency, in terms of fairness and equality, and also being global. As Jeff said: this is the first time we’ve really had the pipes connected around the planet. So this creates a lot of confusion. People look at digital assets, and they’re like, this is just different. I remember the first time, in one of my early pitches to traditional finance, I was out at JP Morgan. It was really kind of exploratory, they were learning what crypto was. It was 2015 or 2016 or something like that.
And just describing how digital assets work, what is multisig, how do the private keys work? All this? You start to see the light bulbs go off when they get it. And when I started to segue that with like, well, here’s how the traditional markets work and here’s how they should think about it. They could start to relate to it. I remember asking them afterward, like, why am I teaching you guys about how market structure in digital assets should work? And they just said, they’ve been so confused because it’s such a different asset class. The technology is so foreign compared to what they’d looked at before.
So look, it’s no surprise. I think we’ve all gone through this curve as we get into it. And it’s a fascinating space because there are so many different angles of digital assets: from decentralization, to what is the private key storage, to how to distributions work, and whatnot — it’s going to take a lot of education.
And we’re definitely seeing that now from regulators. So kind of back to the chief compliance officer role. I would say actually, on one hand, the compliance officer role is probably supposed to be similar to what you’d see anywhere else, but actually in digital assets right now, it’s different. And the thing that’s different is its problem-solving. It’s helping regulators understand what’s the metaphor between a particular activity in digital asset space compared to traditional markets, and then helping them get over the curve of accepting, like, yes, even though the technology is kind of upside-down, frankly, compared to how the banking system works, that we can actually manage these and we can have safe access and we can fulfill what we’re trying to do as regulators and keeping money transmission safe.
It sounds like a huge piece of that is education, but obviously, what we’ve seen in recent weeks with this huge storyline around regulation and this whole fight that went down over the crypto provision of the infrastructure bill, I wondered how you felt that education piece has been going? Cause the industry, even though it’s still fairly new, has been around for a while. Companies like yours have existed for a while. So I just wondered what your sense was of the understanding of the technology from regulators.
Well, look, I applaud the Senate for trying to understand and working toward it. I think what we saw here in this bill was a lot less to do with crypto, as it was to do with politics. As you know, they were spending a trillion dollars on an infrastructure bill, and they needed to have ways to show that they were going to bring revenue coincident with that. And they decided to go and look in the crypto sector. And I think what they thought was going to be relatively easy peasy, they realized, wait a minute, this is more subtle and complicated than we thought. And in particular, that bill would have classified a bunch of people that are clearly not brokers as being brokers. So making a payment in digital assets would now classify you as a broker. Being a miner — all these other activities, it clearly doesn’t match.
So I think this was more of an artifact of having done that very quickly. They’re in a hurry to get the infrastructure bill out. Hopefully, that’s for good reason. And this kind of became a bit of a tag-along. Now on the other side of it, I think there was a huge win for the digital asset space — Bitcoin/crypto, with this. The Senate saw firsthand how passionate people are about democratizing money. And this is an area where we were able to mobilize, we being crypto digital asset community, very, very quickly. Obviously, a lot of very technically capable people, but mobilizing on Twitter. They heard our voices loud and clear. And I think if anything, the best outcome for us, in particular, is that in the future, they’re going to be thinking about, hmm, what is my position on digital assets in crypto and how should I be thinking about that for my constituents in a way that can help them? Obviously, they want to get elected. I think they’ve recognized that this is a force that really, really matters.
Actually. I did want to ask about one point in what you said, where you said that the language would have included some people that were clearly not brokers. And I think you’re right, that at least for some of those roles, the way the regulation was written, whoever wrote that did not intend to capture people such as miners. But I wonder if there is contention about whether or not, or how, to tax people participating in DeFi? And I did wonder if maybe the way the language was written was intended to capture those people. And that that is a fundamental difference in the way that some regulators view how the space should be regulated versus how the industry views how those people should be regulated.
I think there was more of a lack of education than a targeted view of DeFi. A lot of the reports came out that Janet Yellen and Treasury was advising some of the Senators on the language. I do think they have a behind-the-scenes view that they want to regulate this space as much as possible. But to do it in a tax bill and to rope in either miners or stakers or validators was not the best way to do it. I look back to March of 2020. Secretary Mnuchin, who was a crypto critic, actually convened a meeting of some leaders in the crypto industry and FinTech and some traditional financial services to discuss what were the risks in the space? How do we not stifle innovation?
And it was all around, what are we going to do about unhosted wallets and the travel rule? And it was a really good dialogue. And it was literally the week before the country shut down for COVID. But then you fast forward to December, and we had the midnight regulatory report come out about transaction reporting, and it kind of undid everything that we thought we had a good dialogue about. So I think we have fits and starts on the open dialogue and trying to educate. But this was another example of trying to rush regulation or legislation without partnering with the industry to get a better understanding of what it is they’re asking. I don’t think the industry is against people playing their proper taxes. But those are most likely exchanges who can do 1099s. I don’t like legislation that makes it impossible to be compliant with.
And I also wondered, as you mentioned, a lot of people were saying that it appears to be driven by Treasury. And I imagine as a CCO, maybe you interact more with kind of the rank and file regulators, presumably maybe in the IRS. And I wondered, do you have a sense of what their stance is on how this should be done?
We intersect with everybody. Multiple FinCEN directors over the last couple of years. I sat in on the Mnuchin meeting representing compliance and regulatory. So it starts at the top. But it is also the policymakers in between, and some of them have moved around government. Some of them are now advisors at FinCEN, then come from DOJ. I think the challenge is there’s always a rush to do this, and it’s not in a timely manner. And the industry needs to mobilize. We sent 7,000 letters the last week of December to stop regulation coming out that we just couldn’t be compliant with. That regulation is still floating around Washington, and we’re waiting for it to be reissued, but hopefully with some better definitions and something that achieves what the regulators are looking for. That’s how do we manage the risk? But how do we not drive all this innovation offshore and lose jobs? And I think that’s part of the conversation that’s happening now in Washington.
I was also gonna ask about about when you mentioned FinCEN. Obviously, the original FinCEN guidance it was pretty clear in applying to companies that take custody of customers’ funds. And I wondered if you felt that that was wavering because it does feel like various places, not just in the US, but even like FATF, that maybe that line is not as clear as it used to be.
I don’t think it’s wavering. I think the FATF has done a couple of reviews, the Financial Action Task Force action. They’re the global body that’s trying to set some global standards. It doesn’t apply to companies, but applies to countries. And the US is a leader at the FATF, they actually helped form it. So I don’t think Treasury is going to back away from wanting more transparency and reporting. We just need to figure out a safe way to do this, that we don’t cause other problems. If we centralize some of this travel rule reporting, it will be a honeypot of information. That’s not a good solution. There were six or seven leading vendors that are trying to come up with a solution. We’re a founder of the US travel rule working group. We’re trying to do it within the US, with companies that are all regulated under FinCEN as a money service business, or on a equal footing. And long-term, we’re going to need to have an interoperable solution, but that’s not going to happen for a number of years. There are privacy concerns and cross border data concerns. And really the conversation needs to happen is: how much is this helping law enforcement? Are we going to do reporting for the sake of reporting, are are we really going to partner and help law enforcement? And I think that’s the open question that the industry and the regulators really need to grapple with.
We’ll get more into FATF, Financial Action Task Force stuff, but I actually want to ask one more question about this crypto provision in the infrastructure bill. Mike, I saw you tweeted that the bill claims it would generate $30 billion in tax revenue, and you thought that that was preposterous. And you said you suspected it would be closer to $50 million. So why do you think that?
Well, I think in the US, actually, most participants in digital assets are law abiding tax paying citizens. So the bill is hoping to capture, to get additional reporting, to somehow capture people that otherwise would not have paid their full taxes. So it’s got a premise there, which is that somehow that’s not happening. I don’t know where those numbers came from. As I did back of the envelope math on trading and projections of how much the US could produce, it didn’t get close to $30 billion. I admit that the $50 million number — I don’t have any data behind it. But my point is that like, it’s very easy to come up with some numbers here. But we don’t really know or have a way to vet out whether that was a good estimate of how much revenue can be generated by doing this. So anyway, that was the genesis of that.
Okay, I mean it would be kind of hard to estimate that just because you would need an inside look at the books on certain exchanges. I would imagine that would kind of be the the main way, right?
You would have to know how much of this activity is happening with US taxpayers versus people that are abroad. Who’s subjected to it? What are the cost basis of these transactions? And I think when you see an industry that’s had such a positive success story in terms of growth in such a short period of time. We’ve never had an asset class grow from zero to this before. There’s a natural tendency to think those people might not be paying their taxes. And especially right now in the political environment, where obviously there’s a lot of spending going on, people are talking about whether billionaires are paying enough, or where are we going to get money from. It makes it an easy target. But it doesn’t mean that we should abandon our job of actually collecting data and figuring out, look, is this going to work for raising revenue? Or is this just fitting in with the hyperbole? And it doesn’t seem like a lot of diligence was done, given the speed at which this came together and given the lack of details behind the $28 billion number.
Let’s dig a little more into this FATF stuff. So this is like a global body, and it’s been looking at ways to handle DeFi. The FATF tends to target its guidance against what what it calls virtual assets service providers, or VASPs. And traditionally, as I mentioned before, those were defined as those that custody assets. So before we get into kind of the full discussion around this, Jeff, do you want to just give us some background on what these kinds of rules are and how they will apply to a company like BitGo, which does custody assets?
Sure. So I attended some of the original FATF private sector, public sector meetings going back to late 2018, when they started contemplating what would a travel rule mean, and how do we define a VASP? And I don’t think they were far off on their definition. We’re a custodian, we move assets for customers. There are exchanges that move assets for customers. I think where we ran into trouble, though, is how do you define customers of VASPs? And the privacy concerns with we’re now tasked with sending information from one VASP to another, how do you know what VASP that is? All we have is addresses. It’s not like the Swift Network, which is what they base the travel rule implementation on. And that took nine years to build. A rule came out and banks worked on it. We are still in the process of writing regulations for a white paper, and that’s just not the right way to go.
I think the definition of VASP is the right definition. As a global industry, we are working to define that. And how do we share information in a secure way? Some are doing it in enclosed loops, just between three or four exchanges or custodians. A lot of them are being designed regionally. There are a number happening in Singapore. We’ve got one in the US, and I’m sure there’ll be others in Europe. The biggest challenge, though, is how do you define who exactly is a VASP? Are they regulated? Are you comfortable to share information with a VASP that’s regulated in pick your developing country versus a framework like we have in the United States or Europe or Japan — where they’ve spent time trying to figure out what is the best way to regulate? That’s the big conundrum we’re trying to face, because we’re dealing with customers’ information. The way the rules are written, we’re required to send information on non-customers. They did not consent that we would share their information with another regulated entity. We need to balance all of that with the money laundering and terrorist financing risk that does exist out there. I just don’t know if all of this data sharing is really going to get us to the end game. We’re all regulated. We can all receive subpoenas. Do we really need to share that information to help law enforcement?
It is, first of all, sensitive information. Then second, it sort of gives this picture of a huge global surveillance network. But I did wonder, so because under this travel role, VASPs would be required to send personally identifiable information, or what’s called PII. How do you do that for crypto transactions? I don’t know exactly how this works. Could that then associate a person with particular addresses on particular blockchains? I’m sure it creates different risks. So can you talk a little bit about the security risks and how you guys are trying to mitigate those?
Tt’s a great question. As a regulated exchange or custodian, we’re subject to KYC in our clients. So we have that information on the beneficiary. What the rule is proposed is that we send information on the recipient. And so I need to go out to an exchange and say, do you own this address? You do. Oh, great. This is who my customer wanted to send it to. I’m now going to go into a private chat somewhere, and we’re going to share information on that client. Now that exchange or custodian I’m sending it to, if that information gets lost in transmission, it’s not secure, it’s hacked — somebody now has an address and a customer name. And yes, you can unwind that and figure out how to read the blockchain and figure out that this customer was a whale or this customer is whoever. That doesn’t happen in traditional finance.
JP Morgan’s customers or name your bank, that information is not out there. It’s only in this network, which has rarely been hacked sharing between two banks. That’s where I’m really worried. We’re trying to have an open and honest conversation with Treasury, that we could create a bigger problem you’re trying to solve if any one of these steps go wrong. So that’s why here in the US we’ve started with regulated VASPs. We have a process to vet them. Are they regulated? Have they had AML and KYC concerns? How long have they been in business? And we need to do that before I’m going to trust to send my customer information or any other VASP is going to do that. We’re then going to go down and do some pin tests and check security because, at the end of the day, the biggest risk here is that data gets out there on the internet and you can now take a look at the blockchain. That’s the whole point of crypto, right? It’s pseudonymous, it’s out there. Law enforcement, just in the recent cases today, is able to look at IP addresses and blockchain stuff, and figure out who the bad guys are. I don’t know that we need to do the travel rule to solve that problem.
And if I can a little bit here, it’s kind of reiterating Jeff’s point. There’s a big change, which is because it’s a digital asset. So if you were to go back in time, to before travel rule was ever a thing, and they were determining whether or not they should implement travel rule. They didn’t have to worry about exposure of travel rule data exposing your entire balance at the bank. It wasn’t a thing. It wasn’t a risk. But if they implement the same travel rule that we have for traditional finance, with digital assets, that now becomes a risk where your entire financial history could be exposed because of compliance with this law that, actually, was designed for a different system. So because we have a different system with digital assets, we need to rethink not only what does the regulator need, but what are the risks that accompany the collection of that data, however, it gets handled.
The second thing which has changed, and we’ve all seen this over the years. I don’t think the regulators have fully acknowledged it, or acknowledge their contribution to it. Look, digital security is a huge problem for our industry, whether you’re talking about digital assets or whether you’re talking about information privacy, or whether you’re talking about corporate espionage. I mean, obviously there’s a lot of digital security that we’re now tuned into that we weren’t in the past. The idea that this information can leak as a result of government collection of the data is real. We have seen the government hacked and all personnel data from the military leaked out onto the internet. We have seen Equifax leak all personnel data from all of their clients reporting credit information to them. I mean, these are huge, massive failures. Why do these things happen? So, unfortunately, to just take the rule that was created a long time ago — before we had this awareness around digital security — and apply it today, as those risks don’t exist, I think it’s it’s a real misjustice to the people, if we don’t reevaluate kind of how we’re doing that and the risks.
And just to make it clear for people. So when I use an exchange and I either I take a payment at that exchange, or let’s say that I have some some crypto on my own hardware wallet then I deposit it may be to sell it or whatever. There’s like a particular address, whether it’s on like the Bitcoin blockchain or Ethereum blockchain that’s associated with your account at that exchange. And so even though exchanges will kind of like co-mingle the funds in a hot wallet. And they always kind of keep it keep account of what your balances on their own ledger, from the outside looking at the blockchain, there can be a way to identify a person’s own funds, even in this like commingled kind of state. Is that correct?
That’s right. And there are dozens of companies that are building solutions to be able to analyze blockchain data and figure out who’s who. As you point out, identifying who is the exchange is a little bit less sensitive other than it could have a particular user at that exchange being identified, but when it’s going out of the exchange to somewhere else, that’s where you can really like expose a tremendous amount of data. So these analytics tools, though, are also an interesting concept. Remember, we don’t have analytics tools in traditional finance. There’s no way to go and look at those data — it’s all private, right? So they created the idea of travel rule, in part, because they didn’t have other tools. Now since we live in a world where a) we have a blockchain, so we can build these tools, which gives us a view that we’ve never had before.
And by the way, this has been working already. I’ll give a couple examples in a moment. But in near real-time, particular movements of money can start to be identified. There was a hack on the Liquid exchange yesterday. Some of those addresses are being blocked already, instantly, right. That never could have happened in the traditional finance system. So a) we’ve got new tools that we never had before. And then b) applying the same old solutions is creating new risk vectors in terms of leaking people’s personal information and personal finances. And then also creating honeypots of personally identifiable information, which frankly, and you mentioned earlier about regulators having slightly different views, or is this undoing FinCEN or whatnot.
Pretty much every regulator looking at crypto in different ways, and it’s no surprise that as they start to make definitions so that they can write the rules, that you sometimes see those definitions conflict. This is not new to crypto, right? We have lots of conflicting rules on the books between state laws, federal laws, and international laws about what different roles are. And especially when you think about things like GDPR and being an American company, it actually turns out to be hard to navigate a line where you can comply with all of the laws that you’re required to comply with. So yeah, that is coming as a result of everybody trying to change all at the same time.
Yeah. This is clearly not an easy issue to solve. All right. So in a moment, we’re going to talk a little bit more about these FATF rules. But first, a quick word from the sponsors who make this show possible.
Today’s sponsor is Polymarket, the world’s leading information markets platform where you can trade on the most pressing global questions – all on the blockchain.
Choose from a variety of markets: Will Cardano support smart contracts by October? Will the US have more than 200,000 covid cases per day before 2022? Will Trump run for president again? With over 130 million dollars traded on the platform, Polymarket is the go-to place to settle the biggest debates of the day.
Want tomorrow’s news today? Use Polymarket to see real-time data on what the market thinks will happen. No fake news, no pundits without skin in the game.
Think you know more than the market? Trade on your beliefs and earn a return if you’re right.
For a limited time, sign up with referral code “Unchained” to get your first trade reimbursed up to $100. Go to the description and click on the link to get started: polymarket.co/unchained
With over 10 Million users, Crypto.com is the easiest place to buy and sell over 90 cryptocurrencies. Download the Crypto.com App now and get $25 with the code: “LAURA.” If you’re a Hodler, Crypto.com Earn pays industry-leading interest rates on over 30 coins, including Bitcoin, at up to 8.5% interest and up to 14% interest on your stablecoins. When it’s time to spend your crypto, nothing beats the Crypto.com Visa Card, which pays you up to 8% back instantly and gives you a 100% rebate for your Netflix, Spotify, and Amazon Prime subscriptions. There are no annual or monthly fees to worry about! Download the Crypto.com App and get $25 when using the code “LAURA” – link is in the description.
Okay. Back to my conversation with Mike Belshe and Jeff Horowitz. So this whole discussion we’ve had about FATF has been for companies that do custody assets, which was who the travel role was initially targeted to. But here we have now this emergence of DeFi. In DeFi, it’s not really the same thing. Instead of traditional intermediaries that are custodying customers funds, we’ve got these smart contracts. So how are regulators looking at that? Are they looking to regulate that? Are they looking to redefine VASP in order to be able to target such things? How do you see that they’re thinking about regulating DeFi?
So I think first and foremost, it’s back to education. Just when you thought you might be getting a handle on layer one on-chain Bitcoin or Ethereum, boom income smart contracts to really blow your mind. And it’s a new level. Now there’s some things being done at a legislative level there. Wyoming is now starting to recognize a potential for a DAO, a smart contract to maybe be a thing. I think we could end up that way in the long run, where actually a counterparty can have a legal status, even if it’s code. But that’s still coming.
DeFi is really only a couple of years old now. So it’s no surprise that we’ve got less information around it. You know, we were talking about travel rule all the way back to 2013, when we got started. It was kind of like this, you know, elephant in the room. How is travel rural going to be applied to digital assets? We’re farther along now, but it’s still not fully finished. And I think the same is going to happen with DeFi.
We do see a industry starting to push for different types of smart contracts that may require identity to be built-in with them in order for the smart contract to interact with you. That’s going to have some technology impacts. That’s going to have some regulatory possibilities, both good and bad. So I think this space is still evolving. I hope that they let it evolve a little bit longer before we start clamping down too much. As Jeff said earlier, we could end up just pushing all this stuff outside of the US. It still happens, it’s just that now you’ve got no opportunity to participate, and it hurts American business.
Going back to the travel rule as applied to companies like yours, one thing I did want to ask was: so what would you like to see in terms of how the travel rule is implemented and how this sensitive data gets passed around? Or even you know, the extent of what data is passed around?
I was gonna say, I actually think the travel rule shouldn’t apply to digital assets because we have a blockchain. Since you have the blockchain, and you have the forensics that lasts forever, I think we really have to question whether or not it still applies. I know that might be a little bit hard for regulators to accept, but you’ve got to go back and think about what was the purpose of the travel rule. And then you have to say, what did it accomplish and how is it working? What crimes and activities is it catching today in traditional finance that are not being caught yet in crypto? And if there is a big gap there, let’s go look at that gap. But to say, we’re just gonna apply the same solution without thinking about the inputs and the risks, et cetera, I think actually ties everybody up for no good reason.
I agree with Mike. I think we need a crawl, walk, run solution here. We don’t want to do a travel rule unless we’re forced to do it, because of enforcement, we’re holding up new licensing. I think the industry is coming together and we are trying to figure out the best way to partner with law enforcement and what data they need. I think we got to go back to the original premise. FATF is setting global AML standards. If every either VASP or custodian has an AML/KYC obligation, we’re doing proper sanctions check; you don’t need to send the data to do that. I’ve done it on my part. And the customer on the other side has done that. Sending the data is just a risk. I don’t know how it really helps law enforcement given the way our technology works.
I don’t know how much of a choice we’re going to have in the end game, but I’ve been lobbying and pushing for a sensible solution. And let them evaluate and come back and go, yep, this is helping law enforcement or not. You know, the SEC and others, they have to do a review of did a new rule actually help. And I think they need to do that in some of the rules that they are putting on the crypto industry. At the end of the day, we need to be smart about the time and resources we’re putting towards this. And if we just send a lot of data, either directly to the government or to other exchanges, I don’t know what it’s going to do. I don’t think the government looks at all the SARS and all the CTRs and VCTRs that we file today. So why are we doing reporting for the sake of reporting?
A SAR is a suspicious activity report. A CTA — I forget what that stands for.
Currency transaction report. Which is what AML and the travel rule and all these things where we’re based on it. When you’re sending a $10,000 in cash or cash equivalent, you’re supposed to file a report.
So essentially the solution that you’re advocating for is one in which investigators just look at the public blockchain, they have their forensics tools, and then they use other tools at there disposal, such as subpoenas, or they can look at the SARs reports that you file, or whatever it is. And you think that that’s sufficient?
I think that’s fine for where we are today. I think we could get into some additional reporting, but not the way these rules are laid out. There’s too many variables. There’s not enough definition. And until we’re at a level AML playing field, there’s no way for me to know who’s a trusted VASP or not. But to get into the Swift Network, you need to be approved, and you need to be a regulated bank. We don’t have that global solution yet. And I think that’s what’s going to hold this up. And I think we’re doing a little cart before the horse. Let’s focus on, if everybody is regulated properly, they’re examined, we can then get to this next layer of how do we safely send information that may help law enforcement?
I think the global template is important to consider here as well. The travel rule started here in the US, but FATF has picked it up. Countries are applying it abroad. The global financial system is getting connected right now. It used to only be available to the likes of JP Morgan and the large banks, but now it’s available to everyone. So if the US implements this, and all other countries follow suit, which is more or less the path that we’re currently on, that means American taxpayer information is going to be sent out abroad in order to be compliant with both US and foreign policy.
Does the US have control over all of the entities outside the US, in terms of how they will protect that information and take care of it? We all know that, of course, they don’t have the ability to do that. But secondarily, think about whose hands your information is going to fall into if you actually implement this. And this is something that they didn’t have to think about with the current US law, but it’s very much important for what’s happening right now.
So as far as I understand, this FATF travel rule, that’s like an adopted you know form of guidance at the moment. So it’s being rolled out. I did see a report saying that maybe a little less than half of jurisdictions have actually begun implementing it, but I mean, it almost seems like the ship has sailed. Is that correct? Or do you feel like there’s a way to stop it at this point?
Yeah, so they’ve published their guidance and it’s written into their guidance. But their guidance is not law. It now is up to each country to adopt those FATF standards. And if they don’t, they can end up being named or shame that they’re deficient in a number of FAFT best practices. But no country is fully compliant with all of the FAFT best practices. I don’t think they’re going to back away from it, but I hope that the fact that they’ve continued to have the dialogue, they’ve postponed saying that they need to take a closer look. How are companies being compliant? What are the issues with being compliant? That ongoing conversation will help us develop one of these solutions. The fear I have is that certain countries have been reluctant to license crypto exchanges or custodians because of this FAFT rule hanging over their heads.
But to Mike’s point, until we have a global interoperable solution, we’ve only solved a small piece of this puzzle. So I think we can continue to chip away at it. Here in the US we are driving to adopt a rule and come up with a solution for that rule. The US travel rule is looking to start testing in October. But it’s a small subset. It’s 30 VASPs here in the US, but it’s a good step. And it showed Treasury and FinCEN, look, we understand that rules need to apply to us. We are giving our best efforts, but we need to continue to talk about how the technology differs and what are those challenges. I think Commissioner Clayton and others had said, “we have a rule book that works. We don’t want to rewrite the rule book.”
I think we actually need to change some of these rule books. We didn’t have some of this technology. We didn’t have decentralized smart contracts. As a country, and as a a financial industry, we need to adapt. And had we stifled the internet in the early days, we wouldn’t have the Amazon’s and the Uber’s of the world that have changed and made our life easier. I think the same promise for crypto of, can we move assets around the globe, cut out a lot of the middlemen, and make it cheaper. We need to make sure that we continue down that path.
And so just going back to DeFi, then, what would you like to see in terms of how DFI gets regulated?
That’s a great question. I wish I had a great answer. Other than from what I’ve heard, the regulators are starting to turn their heads towards, how do they surveil these decentralized protocols? How would they apply regs and rules? Some of the recent enforcement actions have come out and said, “I didn’t care whether you were half DeFi or partially DeFi. There are some controlling people, and that may fall under the securities rules.” So you know, somebody who is 100% totally decentralized, I don’t know that the rules can apply. But I don’t know if we have any of those yet. There are still people behind some of these protocols that help make the decisions. I think at the end of the day, we do need better consumer protection. We need better disclosures so that consumers know what they’re getting into. But I don’t know if we need to do that for AML purposes, or suitability purposes, but I think the regulators here in the US are not giving up on a decentralized regulation.
I also think there’s a first pass of this that industry will take on, on its own. You can’t deny that there are some elements of reputational risk with working with unknown parties. Industry, in order to participate at a large level, is going to need some amount of help for this. And I think they’ll come out with at least part of the solution by itself. I think DeFi too early to really say, hey, here’s the prescriptive route. If we do that, we could end up with a very complicated rule set that applies to some technologies, not others, and also stifles innovation in America. Let it play out for a little while. See what industry comes up with. If industry stays away and doesn’t participate, then that might actually answer some of the questions itself. But DeFi is definitely in the earlier stages than other parts of digital assets.
It’s almost like we don’t even know what it’s really gonna look like. So one other regulatory question I did want to ask about was, as we’ve seen in recent months, there have been all kinds of warnings and actions from regulators against Binance. And I did see Jeff that you did an interview with CoinDesk talking about how BinanceUS hired Brian Brooks, the former acting comptroller of the currency, and you called that a smart move. And I just wanted to get your reading on his abrupt departure, and just in general, sort of this moment in time for Binance and the kind of situation you think it’s in.