financial regulation international · february 2016 · issue 19 · financial regulation...

Financial Regulation International · February 2016 · Issue 19.1

8

14. All UCITS assets are required to be entrusted to the depositary for safe-keeping which has to apply detailed requirements for fi nancial instruments and other assets. See arts 13 and 14 of the Draft Delegated Regulation C (2015) 9160 fi nal.

15. The operations of a UCITS have to be monitored by the depositary. See art 3 of the Draft Delegated Regulation C (2015) 9160 fi nal.

16. The segregation requirements are specifi ed in art 16 of the Draft Delegated Regulation C (2015) 9160 fi nal.

17. See in more details arts 18 and 19 of the Draft Delegated Regulation C (2015) 9160 fi nal.

18. Further details on sound remuneration policies under the UCITS Directive and AIFMD can be found in the respective ESMA Consultation Paper (2015/ESMA/1172) which will soon be fi nalized. See www.esma.europa.eu/sites/default/fi les/library/2015/11/2015-1172_cp_on_ucits_v_u_aifmd_remuneration_guidelines.pdf.

19. Key personnel means any category of staff whose professional activities have a material impact on either the risk profi le of the management company or the UCITS.

20. Variable remuneration is understood as remuneration awarded on the basis of performance criteria.

21. This is understood as at least 50%. 22. Alternatively, equivalent ownership interests, share-linked

instruments or equivalent non-cash instruments with equal incentives can be used.

23. At least 40% is considered a substantial portion. 24. For further details on ESMA’s technical advice see

www.esma.europa.eu/system/files/2014-1417.pf . Regarding the related AIFMD empowerments regarding depositaries’ duties in 2011 see www.esma.europa.eu/system/fi les/2011_379.pdf.

25. See C (2015) 9160 fi nal. 26. See Kammel, Government Versus Markets in Weiss/

Kammel (Ed./2015), The Changing Landscape of Global Financial Governance and the Role of Soft Law , p25.

Bibliography Moloney, N (2014), EU Securities and Financial Markets

Regulation , Oxford University Press. Veil, R (Ed./2013), European Capital Markets Law , Hart

Publishing. Weiss, F/Kammel, AJ (Ed./2015), The Changing Landscape

of Global Financial Governance and the Role of Soft Law , Brill | Nijhoff Publishing.

Between Scylla and Charybdis: Lessons from a comparative analysis of the regulation of Bitcoin in the US and UK Technological innovation, particularly in the area of fi nance, invariably requires regulators to muster an equal amount of ingenuity in order to both harness the benefi ts of, and address threats posed by, the innovation. This has been evident with the advent of Bitcoin, a decentralised digital currency that came to the fore in 2009. Since its inception, regulatory authorities around the world have grappled with how best to oversee the phenomenon, taking diff ering approaches and strategies to its regulation. In general, it has been found that ‘the debate over how to deal with this new virtual currency is in its infancy’.[1] This article will contribute to this debate by exploring the insights that can be gained from comparing the approaches of two leading jurisdictions, the US and the UK, to the regulation of Bitcoin. With this in mind, this study shall fi rst provide an overview of Bitcoin fundamentals in order to identify both the potential benefi ts as well as the main regulatory concerns of Bitcoin. This shall be followed by an analysis of the current regulation of Bitcoin in the US and the UK respectively. The strengths and weaknesses of these two approaches shall be used as the basis of the main recommendation of this study, namely a ‘Bitcoin enforcement pyramid’ as a potential middle ground between the fi gurative Scylla and Chardybdis of these distinct strategies.

Bitcoin fundamentals What is Bitcoin? Bitcoin is defi ned as either a virtual currency (VC), a digital currency (DC) or alternatively, as a cryptocurrency. A VC can be defi ned as “a type of unregulated, digital money, which is issued and usually controlled by its developers, and used and accepted among the members of a specifi c virtual community”.[2] The ECB defi nes Bitcoin as a sub-type of VCs that has bi-directional fl ows with conversion rates that allow it to be both bought and sold for the purchase of both real and virtual goods and services. Although Bitcoin as a VC is the more prevalent typology used by regulators in the US and in Europe, more recent defi nitions of Bitcoin classify it as a DC as is the preference of UK regulators. Here, emphasis is placed on a DC being “a privately issued code or serial number representing value that is circulated online”[3]; a move towards incorporating some of the technical features of Bitcoin into its defi nition. More technologically succinct still are the additional features to DCs that have led Bitcoin to be uniquely labeled as being a cryptocurrency. This is because “it relies on peer-to-peer networking[4] and cryptography”[5] to maintain its integrity. As explained by De Filippi, “cryptocurrencies are digital currencies that rely on a cryptographic protocol to regulate the

9

www.fi nancialregulationintl.com

You may be breaching copyright if you photocopy any pages from this publication. To purchase additional copies or site licences, please contact Rhodri Taylor on 020 7017 7787

manner in which (and the extent to which) currency can be created and/or exchanged … Bitcoin is [therefore] a distributed, worldwide, decentralized cryptocurrency that is managed solely and exclusively by an open source cryptographic protocol: there is no government, company, or bank in charge of issuing or managing bitcoins.”[6]

The use of other defi nitions based on the extent to which Bitcoin meets the unit of account pre-requisite of money and the varying classifi cations of Bitcoin for tax purposes are beyond the scope of this study. However it is important to note that Bitcoin is the fi rst and by far the largest of numerous other Cryptocurrencies such as Litecoin, Dogecoin and Ripple[7].

How does Bitcoin work? In order to best understand how Bitcoin works, it is helpful to explain the roles and functions the two key actors in the Bitcoin sphere namely the miners and the exchanges.

The miners Bitcoins are generated through a process called mining. Miners produce bitcoins through the use of software designed to solve complex mathematical problems. Here, miners earn bitcoins each time a correct response is generated by their software. The software is designed to transform blocks of transactions into a hash, which is a shorter string of numbers and letters verifying each transaction based on the transaction preceding it. More specifi cally, “because each block’s hash is produced

using the hash of the block before it, it becomes a digital version of a wax seal. It confi rms that this block – and every block after it – is legitimate, because if you tampered with it, everyone would know”[8]. This aspect of cryptography ensures that it is nearly impossible to fake Bitcoin transactions. However, it also means that all Bitcoin transactions are irreversible. Miners play a vital role because it is only after the mining process verifi es the transaction that the bitcoins relating to that transaction are generated and issued to the recipient. In sum, unlike fi at currency[9] that is created when central banks print money, bitcoins are generated at the point of verifi cation on the blockchain through cryptographic hash functions.

Figure 1 below illustrates the basic Bitcoin ecosystem, with miners generating bitcoins and Bitcoin users having complete access to the blockchain, using the peer-to-peer network to transact. Each Bitcoin user has two ‘keys’ generated for them upon installation of the software. Keys are long strips of numbers and letters or code. The fi rst is the public key that acts as the user’s bank account or Bitcoin ‘wallet’. This is given to anyone who wishes to send, or ‘deposit’ bitcoins to the user. The second key is a private key that acts in the same way as an ATM pin. Users use this key to authorise Bitcoin transactions. In sum, there are four main ways to acquire bitcoin. These are by mining, as payment for goods and services, exchanging bitcoin with other users and fi nally by purchasing bitcoin at an exchange.[10]

BLOCKCHAIN

Miners

Retailers Consumers

Figure 1: Basic Bitcoin Ecosystem

The exchanges Exchanges are a vital component of the Bitcoin ecosystem with the pivotal role of converting

cryptocurrencies to fi at currency. Some exchanges are large exchanges for institutional traders whilst others are simpler wallet services with more limited buying


10

and selling capabilities[11]. As can be seen in Figure 2, exchanges such as Coinbase are the primary means

through which bitcoins (BTCs) are integrated into the real economy.

Figure 2: Role of Exchanges: Coinbase (Source: Coinbase[12])

In addition to this, exchanges are also the primary sources for VC trading activities as well for storing investment in ‘vault’ services that secure BTCs offl ine or through security measures such as ‘multisig’ wallets that use a number of keys to protect the account.[13] In this way, exchanges are the link between VCs and the real economy and the de facto intermediaries between consumers and the de-centralised peer-to-peer network the forms the blockchain.

How is Bitcoin being used? Bitcoin can be used for the purchasing of goods and services. Usebitcoin.info contains a growing database that currently shows 4,335 business accepting BTCs[14]. The most signifi cant of these retailers are Microsoft, Dell and Overstock.com. In addition to e-commerce use, BTCs

are used to purchase gift cards, to purchase meals, to book hotel accommodation, for gambling on dedicated websites well as for the purchase of goods and services on exclusive to Bitcoin online marketplaces[15]. Bitcoin can also be used for speculation and investment purposes. An example of this is Cryptofacilities[16] which allows customers to trade a forward contract on the BTC price to hedge against fl uctuation.

With a current market price of US$270 per BTC and a transaction volume of slightly over US$70m in June 2015,[17] Bitcoin adoption is on the rise. However, this rise in use must be contextualized in light of pre-existing conventional payment systems. As illustrated in Figure 3 below, the average daily transaction volumes of Bitcoin are considerably less than those of Visa, MasterCard and China Union Pay.

Figure 3: How Bitcoin Activity Stacks Up Against Other Payment Networks (Source: Coinmetrics[18])

11



As explained on MIT Technology Review, although the number of mainstream retailers accepting Bitcoin has increased fourfold in the past year (2015), there are very little increases in retail purchases using Bitcoin[19], as a result, it has been suggested, of a lack of customer incentive to switch to Bitcoin, the high level of volatility of Bitcoin and the high-profi le collapse of some exchanges. This was highlighted in a study by the Federal Reserve, which showed that Bitcoin is “barely used for payments for goods and services”[20]. This view is shared by the European Banking Authority (EBA) which stated that “using a generous interpretation, the number of global VC transactions has never exceeded 100,000 per day across the globe, compared to approximately 295m conventional payment and terminal transactions per day in Europe alone (ie credit transfers, direct debits, e-money transfers, cheques, etc.)”[21] In addition to this, the Federal Reserve also noted how the vast majority of Bitcoin addresses have been dormant, suggesting that the VC is mainly being horded for investment purposes[22]. The same can be seen in the UK where a recent survey showed that “two-thirds of those responding said they either use them for savings or future purchases. Day trading is the next most common response at about 20%, closely followed by sending it to friends and family”.[23] This means that retail purchases with Bitcoin are dwarfed by purchases using conventional payment methods and the use of Bitcoin for retail purchases appears to be signifi cantly less that its use for savings and investment purposes.

What are the potential benefi ts? The key benefi t of Bitcoin lies in the innovation value of the blockchain technology and the public ledger. Because VCs allow for the validation of transactions without the need for a trusted third party, they have been described as a ‘generative technology’ which has the ‘capacity for leverage across a range of tasks, adaptability to a range of diff erent tasks, ease of mastery, and accessibility’.[24] An example of this is smart contracts. Smart contracts use computer programming to automatically execute the terms of a contract by using ‘if-then’ statements that lead to the execution of a corresponding contractual clause when a pre-programmed condition is triggered. An example of this, as explained by Ripple Lab’s Phil Rapport, “If you order something online you might not want to pay a merchant immediately until they fulfi ll their end of the bargain … so you could easily have a contract that looks for FedEx tracking date saying that the package you ordered has been delivered to your address before releasing payment to the sender”[25]. Signifi cantly, smart contracts can also be used by those who cannot aff ord legal counsel, as the contracts are self-enforcing,[26] as well as to increase access to credit by automating and guaranteeing recourse to default. In addition to this, a future in which all derivatives contracts are facilitated on the blockchain is highly likely. According to The Times , “Barclays, Goldman Sachs and JP Morgan are among the big investment banks

that have began exploring the potential of the ‘universal register’ technology that underpins Bitcoin as they ‘look for ways to apply it to their multitrillion-dollar books of complex fi nancial derivatives”[27].’

Lowering transaction costs is another potential benefi t. According to research conducted by Santander, blockchain technology “could reduce banks’ infrastructure costs related to cross-border payments, securities trading and regulatory compliance by $20bn a year up to 2022”.[28] This technology has further applicability extending from performance-based remuneration and “smart property”[29] to location-based contracts where GPS signals are used to prove contractual performance as a pre-condition for payment.[30] The distributed ledger of blockchain also has the potential to revolutionise the auditing industry with the presence of time stamped and irreversible transactions.[31]

Other benefi ts of Bitcoin including privacy (pseudonymity), security and data protection, payment freedom (from banks and institutional authority), and the transparency and neutrality of the public ledger are linked with the ideas of personal fi nancial autonomy that are central to understanding Bitcoin’s cultural-political roots. These are, in turn, linked to the benefi ts of fi nancial inclusion due to the lower transaction costs than those in traditional banking systems.[32] These benefi ts are why Bitcoin is viewed by some as being, “an exciting innovation that has the potential to greatly improve human welfare and jump-start other potentially revolutionary developments in global communications and business”.[33]

What are the regulatory concerns? However, despite these benefi ts, concerns about the use of Bitcoin in money laundering, trading of elicit goods and tax avoidance have been raised with various cases of these forms of criminal activities having already occurred. According to the EBA, the highest risks to consider with VCs are to do with fi nancial crime, money laundering and terrorist fi nancing and risk to users. With regards to the risks to Financial Integrity, the EBA notes how money laundering and terrorist fi nancing are possible because “criminals are able to launder the proceeds of crime because they are able to deposit and transfer VCs anonymously, globally, rapidly and irrevocably’[34]. Similarly, because of pseudonymity, terrorists can use VC’s remittance systems and accounts for fi nancing purposes whilst ‘undermining the ability of enforcers to obtain evidence and recover criminal assets”.[35] Regarding risks to users the EBA identifi es the highest risks occur when VCs are used as a means of payment, particularly with fraudulent exchanges, exchanges being hacked and a numerous range of personal e-wallet security concerns. Also of note is the irreversibility of transactions and how this can be disadvantageous to consumers.[36] These threats are evidenced most notably by the Silk Road case and by the fall of Mt. Gox.


12

Silk Road Silk Road was an online marketplace used for the sale and purchase of illicit drugs as well as “stolen credit and debit card numbers, fake IDs, counterfeit currencies, hacking tools and login credentials for hacked accounts”[37] that was shut down by the Federal Bureau of Investigations (FBI) in October 2013. Its founder Ross Ulbricht was recently sentenced to life imprisonment after being convicted of seven charges related to narcotics distribution, computer hacking and conspiracy.[38] The Silk Road case highlights how Bitcoin can be used for money laundering and fi nancial crime as all purchases on the website could only be made through bitcoins. Following on from Silk Road other black markets focused on selling drugs, such as Atlantis and Silkroad 2.0 and 3.0 have arisen and as such, the risk of bitcoin use for nefarious purposes is still ongoing despite advances in enforcement. Here, it must be noted that Silk Road could only be accessed through the Tor Anonymising network. Tor is free software that allows users to anonymously browse the Internet in an untraceable way and is the gateway to what has been described as the ‘Deep Web’ that exists beyond the reach of enforcement agencies. In this way, the existence of illicit markets such as Silk Road is based on the use of Bitcoin on the Tor network.

Mt.Gox Prior to its collapse in 2014, Mt.Gox was the largest Bitcoin exchange in the world. After a period of gross mismanagement and a spate of attacks and thefts by hackers, Mt.Gox fi led for bankruptcy, suspended trading and ceased its exchange services. Upon its collapse, it announced that over $450m worth of Bitcoin was either missing or stolen.[39] Although a formal claims process was recently initiated by Mt.Gox’s bankruptcy trustees and security consultancies were appointed to attempt to trace the missing bitcoins, customers have been left out of pocket. In this way, the case of Mt.Gox illustrates the negative eff ects of inadequately secured and overseen exchanges.

This section has shown fi rstly how Bitcoin can be classifi ed as a VC, a DC or, most recently, as a Cryptocurrency. This highlights how Bitcoin is associated more with its form rather than its function. This factor is signifi cant in that the value of Bitcoin derives more from how it is created and administered rather than what it does or can be used for. This important factor is further emphasized on considering the benefi ts of Bitcoin. Here, it has been shown that the true value of VCs lies in the generative nature of the distributed ledger, peer-to-peer blockchain technology and its potentially ubiquitous applicability across multiple sectors. It can therefor be concluded that an ideal regulatory response to Bitcoin must fi rstly be able to ensure that the innovative technology behind Bitcoin is harnessed and allowed to fl ourish .

Secondly, the section has described how Bitcoin highlights the role of exchanges in Bitcoin markets. Exchanges are the primary link between VCs and fi at currency and between the digital and ‘real world’. The signifi cance of this role is shown when the threats associated with Bitcoin are described. Here, it can be seen that the locus of issues of regulatory concern are the exchanges. This is the channel through which money can be laundered, taxes can be evaded, gains from the sale of illicit goods can be integrated into the real economy, ill-informed consumers can be exploited, investments can be lost and should the VC market grow signifi cantly, exchanges would be the main conduits of systemic risk. It therefore follows that an ideal regulatory response to Bitcoin should focus on ensuring the safety and soundness of Bitcoin Exchanges .

This factor is further highlighted when one considers what Bitcoin is used for. This study has described how Bitcoin’s use for the purchase of goods from retailers is negligible. The main use of Bitcoin thus far seems to be for speculation by investors who are either hoarding the VC in anticipation of a rise in its future value, or engaging in short-term speculation based on Bitcoin’s large fl uctuations in value. Given the volume of Bitcoin transactions unaccounted for outside the retail and investment communities, it follows that the remaining Bitcoin transactions and bitcoins in circulation are being used for illicit purposes either for purchases on ‘deep web’ markets or for transfer of funds by individuals requiring a service that allows them to do so beyond the gaze of the state. This observation re-enforces the need to focus regulatory attention exchanges but also means that an ideal regulatory response for Bitcoin should be able to bring to light who is using Bitcoin and what they are using it for .

Linked with this factor, the fi nal conclusion drawn from this section has to do with the risk of Bitcoin use for the purchase of illegal goods and services. As the Silk Road case has shown, Bitcoin is only one half of the equation that led to Silk Road’s existence. The other factor of at least equal, if not more signifi cance, is the existence of the Tor network, or the ‘dark web’, which allows criminal activity to fl ourish undetected and untraceable. This is because ‘every communication sent through Tor is bounced back through numerous relays within the network and wrapped in numerous layers of encryption’[40] in addition to concealment of the true Internet Protocol (IP) addresses of the computer servers hosting the websites. As mentioned above, the Tor network enabled the Silk Road website to sell a full range of illicit drugs including heroin and cocaine; ‘services’ including computer hacking and ‘hitmen’; as well as ‘digital goods’ including malicious software along with a wide range of forged identity documents[41] in the same way that ordinary e-commerce websites function. Apart from the overtly illegal nature of the wares on sale, the distinguishing feature of Silk Road was that it would only accept payments in BTCs. Upon registering on the

13



website, users had to open a Silk Road Bitcoin wallet which held BTCs in escrow pending the completion of the transaction. In this way, Silk Road generated revenue of over 9,519,664 bitcoins amounting to US$1.2bn in revenue between 2011 and 2013[42]. It is evident that in the absence of both Tor and Bitcoin, Silk Road and other illicit markets like it could not exist. In this way, Bitcoin and Tor can be seen in economic terms as complementary goods.[43] The implications of this symbiosis means that an ideal strategy for the regulation of Bitcoin should consist of an equal and opposite or complementary regulatory strategy for the far reaches of the internet .

Bitcoin regulation in the US The US has a multi-layered approach to the regulation of VCs with regulatory initiatives taking place at both the state and the federal level. At the federal level, Bitcoin and other VC exchanges are treated as money transmitters[44] and as such are subject to licensing and reporting requirements, including anti-money laundering (AML)/Know Your Customer (KYC) requirements as stipulated by the Financial Crimes Enforcement Network (FinCen) under the Bank Secrecy Act (BSA) and the Patriot Act, whilst Consumer Protection in the use of VCs is regulated by the Consumer Financial Protection Bureau (CFPB) and VC securities are regulated by the Commodities Futures Trading Commission (CFTC)[45]. At the state level, there has been variation with most states putting in place regulation specifi c to VCs, consisting mainly of Money Transmitter rules that additionally include Consumer Protection, Capital Requirements and Cybersecurity[46]. The most robust and topical of these is the New York Department of Financial Services (NYDFS)’s BitLicense, which consists of, amongst other rigorous requirements, state-based supervision that allows it to approve or deny as well as revoke or suspend licenses.[47] This diff ers from a few states such as Montana, which does not apply any money transmitter licensing requirements to VC exchanges and California, which does not include any AML provisions or reporting obligations.[48] In this way, aside from the overarching federal requirements, there are diverging approaches to the regulation of VCs at the State level.

Preserving and harnessing innovation There have been no obvious attempts within the US’ regulatory approach to Bitcoin to preserve or harness innovation. In fact, some commentators are of the opinion that onerous regulation of VCs in the US imposes a ‘tax on innovation’ for start-ups.[49] This has led to VC business to move to more accommodating states or set up in less onerous regulatory environments with, as shall be seen in the following chapter, the UK being the destination of choice. To the extent that exchanges are essential to the functioning and therefore innovation potential of Bitcoin, the implications of regulatory arbitrage need to be further addressed. On explaining why it was ceasing business

activity in Wyoming, Coinbase stated that, “it is impractical, costly, and ineffi cient”[50] for it to comply with the Wyoming Money Transmitter Act, which required them to ‘hold and maintain a dedicated fi at reserve equal to the face value of all Bitcoin held by the company’[51] as is similarly required by the NYDFS. The indirect eff ect of the US approach to regulating Bitcoin has therefore been the repelling of Bitcoin start-ups. This can be seen by how “there are very few US-based bitcoin exchanges … the three largest exchanges, representing over 80 per cent of all BTC volume, Bitstamp and BTC-e exchanges are in the European Union, while Bitfi nex is based out of Shanghai, China”.[52] The two exchanges that are in the process of attempting to gain licensing throughout the US and meet all state and federal requirements, Coinbase and Gemini, have done so by being large enough to raise a substantial amount of capital to meet compliance costs,[53] costs that smaller, incoming Bitcoin exchanges and start-ups have struggled to meet. The indirect consequence of this for the US will invariably be the loss of fi rst access to the positive gains from the innovation that might arise from the phenomenon.

Focus on safety and soundness of exchanges The US approach to the regulation of Bitcoin at both state and federal level focuses robustly on the safety and soundness of exchanges. This is done by their classifi cation as Money Transmitters at both the state and federal level automatically requiring licensing and AML/KYC reporting as explained above. This requirement is re-enforced by further supervision at the state level. Along with this, the threat of hacking of exchanges is addressed in some states through the cyber security requirements consisting of mandatory reporting and software requirements. Finally, consumer protection is taken into account by both the CFPB and state regulators focusing on activities such as advertising, restitution, data protection and Federal Deposit Insurance Corporation (FDIC)-insured fi at deposit safety nets. In so doing, particularly in New York, the risks associated with exchanges are largely addressed and in this aspect, the US regulatory approach to Bitcoin is comprehensive.

Addressing pseudonymity Similarly, the pseudonymity concerns with the use of Bitcoin are addressed through the AML/KYC reporting requirements present in the Money Transmitter regulations at both state and federal levels. Along with reporting requirements under the BSA, Bitlicense also has numerous other rigorous requirements including a record-keeping component requiring the names, account names and physical addresses of customers and counterparties to transactions to be held for seven years.[54] The Bitlicense takes this one step further by requiring Bitcoin merchant-payment-processing companies to collect personal identifying information on every transaction. According to commentators this


14

approach is problematic in that with fi at currency “AML and KYC regulations are normally reserved for large transactions in excess of US$10,000. Not enforced on local shop owners selling pizzas and coff ee”.[55] This application of reporting requirement broadly across all types of BTC transactions has also been described as ‘bad for business’ and, linked to this, ‘bad for innovation’. As such, it can be argued that the US approach to addressing pseudonymity concerns with Bitcoin goes above and beyond what many commentators and entrepreneurs believe is reasonable.

Co-opting regulation of the dark web The oversight of the dark web is not addressed in the regulations pertaining to Bitcoin. Recent initiatives to regulate the internet by the Federal Communications Commission (FCC) focus on service providers and the need for ‘net neutrality’.[56] However, these do not extend to Tor and are fraught with political contention. Department of Justice (DOJ)’s Computer Crime and Intellectual Property Section stated that VCs can be attractive to entities that seek to facilitate or conduct computer crimes over the internet.[57] However, this has not led to any direct reciprocal link between the regulation of VCs and the regulation of Internet crimes. Instead, combined eff ort is made at the enforcement stage. An example of this is the investigation that led to the ending of Silk Road. More recently, the FBI collaborated with the Secret Service on an investigation of Coin.mx whose executives were charged with knowingly handling funds tied to Bitocin ransomware attacks along with unlicensed Money Transmitter and money laundering charges.[58] In this way, although the regulation of the dark web is not incorporated in the regulatory strategy for Bitcoin per se, at the enforcement level, multi-agency action is taken as a matter of necessity.

The US approach has some key strengths as well as weaknesses. Whilst the safety and soundness of exchanges and the issues surrounding pseudonymity are addressed comprehensively, the preserving and harnessing of innovation as well as the co-option of the regulation of the dark web are not. Although exchanges are well regulated, the implications of the barriers to entry created by the licensing requirement that forms the cornerstone of the US regulatory response needs to be considered. According to the Bitcoin Exchange Guide the major Bitcoin exchanges today are Bitstamp, Coinbase, BTC-e and Cryptsy and only two of these are given their ‘highly trusted’ rating; the Bitcoin exchange market has very few credible market participants. Part of the reason why the collapse of Mt. Gox led to a loss of as much as US$460m was due to the sheer size of the exchange and volume of transactions.[59] Prior to its fall, Mt. Gox enjoyed the status of being a monopolist as it dominated an estimated 80–90 per cent of the Bitcoin-Dollar trading volume.[60] In this way, while the US case illustrates the need to

consider the eff ects of unintended consequences of both these approaches to regulation particularly relating to the barriers to entry created by duplicitous and onerous licensing requirements.

Bitcoin regulation in the UK Unlike the US, which has made defi nite regulatory decisions about VCs from the start, the UK has taken a ‘wait and see’ or, as stated by the Bank of England, ‘cautiously optimistic’[61] stance. The regulation of VCs in the UK was initiated by a ‘Call for Information on Digital Currencies’ published in November 2014[62]. This process was completed with a report on the responses to the call for information and the next steps to be taken being issued in March 2015. Here, it was stated that the UK government’s main objectives in the regulation of VCs at this time are (a) providing clarity and certainty to those involved in all aspects of digital currency on the application of existing regulation and legislation; (b) limiting the opportunities for criminals and terrorists to use digital currencies for illicit activities; (c) creating the right environment for legitimate digital currency entrepreneurs to fl ourish; and (d) supporting monetary and fi nancial stability in the UK by monitoring the extent of digital currency usage in the UK and regularly assessing the risks posed.[63]

Given these objectives, four regulatory actions were published. Firstly, the government “intends to apply AML regulation to digital currency exchanges in the UK”.[64] Linked to this, the UK government intends to consult in parliament about “how to ensure that law enforcement bodies have eff ective skills, tools and legislation to identify and prosecute criminal activity relating to digital currencies”.[65] Thirdly, the government stated that it intends to work with the British Standards Institution (BSI) and the digital currency industry to develop “voluntary standards for consumer protection”.[66] Finally, the government stated its intention to increase by £10m funding for the launch of a research initiative to address the challenges and opportunities of digital currency technology.[67] This, along with a 2014 policy guidance paper by the HMRC on the VAT treatment of Bitcoin,[68] forms the totality of the UK’s strategy on the regulation of Bitcoin thus far.

Preserving and harnessing innovation Given the aim of “creating the right environment for legitimate digital currency entrepreneurs to fl ourish”,[69] it can be seen that preserving and harnessing innovation is a principle goal of the UK government. This was expressed by the Chancellor of the Exchequer, who stated his intention to put in place “pro-innovation regulatory measures to unlock the potential of new technology”.[70] This has been applied specifi cally to VC start-ups where the same pro-innovation stance has been taken by the FCA which launched ‘Project Innovate’ aimed at helping new and

15



established businesses to introduce innovative fi nancial products and services to the market. Here, the project’s ‘Innovative Hub’, which assists companies to understand and comply with regulations in place,[71] acts to imbed the harnessing and preservation of innovation within the regulatory framework. In addition to this, HM Treasury has also stated that it will form a ‘regulatory sandbox’ for FinTech startups to test ideas in a lightly regulated environment with the ‘informed consent’ of customers.[72] In this way, it can be seen that unlike the US, the UK’s regulatory approach to Bitcoin is expressly aimed at preserving and harnessing innovation.

Focus on safety and soundness of exchanges With regards to a focus on exchanges, this has been limited to the recent statement of intent to regulate digital currency that focuses on yet to be specifi ed AML/KYC requirements and voluntary standards in the area of consumer protection. Compared to the US, this approach leaves the safety and soundness of exchanges under question, particularly in the area of cybersecurity where the UK has been shown to be particularly vulnerable. According to a survey carried out in 2014, “81 per cent of large UK businesses and 60 per cent of small companies suff ered a cybersecurity breach”.[73] In fact, in January 2015, UK-based exchange Bitstamp announced it lost nearly $5m when its wallet system was breached.[74] This example highlights the shortcomings of the UK’s regulatory approach in this area and the need for more action to be taken with regards to ensuring the safety and soundness of exchanges.

Addressing pseudonymity The issue of pseudonymity is to be addressed by the stated intention to introduce yet to be specifi ed AML/KYC reporting requirements which limit the opportunities for criminals and terrorists to use digital currencies for illicit activities.[75] However, it is interesting to note that prior to the announcement of the intention to introduce AML/KYC requirements, the digital currency industry in the UK was already largely self-regulating. An example of this is Lazycoins, which stated that it has “stayed a step ahead by already obtaining a Money Services Business License, and following a strict AML/KYC verifi cation process” in anticipation of regulation; and Elliptic, which stated that they “have been actively developing compliance tools to directly address the Treasury’s AML concerns”.[76] In this way, it can be argued that the light touch regulatory strategy has been successful in inducing industry-led compliance without the need for direct government intervention, as has been the case in the US.

Co-opting regulation of the dark web Although the regulation of the dark web has not been directly incorporated into the UK’s statement of intent to regulate, it can be foreseen that the regulatory concerns raised by Tor will arise during the course of research and

consultation within the well-funded ‘Innovation Hub’. It can also be reasonably assumed that any strategies to address the concerns of regulation of the dark web are most likely to arise in the innovation ‘sandbox’ to be put in place by the government. In this way, although this issue has yet to be addressed, the UK’s regulatory structure is more likely to arrive at solutions at the pre-enforcement and regulatory strategy level than that of the US.

The UK’s approach to the regulation of Bitcoin has the strong advantage of fostering innovation whilst keeping an eye on changes and developments within the VC industry as well as within other jurisdictions through research and collaboration. However, it displays weaknesses in the key area of ensuring the safety and soundness of exchanges and, like the US contains no direct strategy to address the existence of the dark web. In general, the main strength of the UK’s approach is that it can be seen as the most proportionate to the current threat posed by VCs at this time as mass adoption has not yet reached the critical mass necessary to pose any systemic risk. This view is echoed by the BOE which states that “digital currencies do not currently pose a material risk to monetary or fi nancial stability in the UK, given the small size of such schemes”[77] and that there is a remote possibility that this could change if the use of digital currencies were to grow signifi cantly. This is why the UK’s approach, with its emphasis on research, collaboration and consultation is particularly promising.

Closing thoughts This study started by giving an overview of Bitcoin focusing on what it is, how it works, how it is being used and what the benefi ts and concerns with the use of Bitcoin are. Answering these questions led to the identifi cation of four key areas that Bitcoin regulation should ideally seek to address. These are harnessing innovation, ensuring the safety and soundness of exchanges, addressing pseudonymity and overseeing the regulation of the dark web.

Here it was shown that the US’ strategy has robustly addressed the issues of safety and soundness of exchanges and pseudonymity however did not lead to the harnessing of innovation. By contrast, the UK’s light-touch approach has led to the harnessing of innovation albeit at the expense of insuffi ciently addressing the issue of pseudonymity and the safety and soundness of exchanges. Given the aim of identifying insights to be gained by the comparative study, between the Scylla of the shortcomings of US-style ‘command and control’ and Charybdis of the limitations of laissez-faire, a fi nal recommendation can be made.

For those jurisdictions yet to defi ne their position on the regulation of VCs the main proposal that can be suggested based on the lessons learnt from this comparative study is the putting in place of a ‘Bitcoin Enforcement


16

Pyramid’ adapted from the regulatory approach proposed by Ayres and Braithwaite[78]. This could consist initially of UK-style light-touch regulatory strategies such as the use of industry-led consumer protection and cybersecurity commitments enforced in a co-regulatory

manner. From there, enforcement could escalate as necessary from reporting requirements, to licencing and AML/KYC requirements culminating in US-style regulation where capital requirements could be required as illustrated in Figure 4.

CapitalRequirements

KYC/AMLRequirements

Licensing Requirements

Reporting Requirements

Industry‐led Consumer Protection &Cybersecurity Commitments

Figure 4: Proposed Bitcoin Enforcement Pyramid

In line with the key strength of the UK’s approach, it can additionally be proposed that this escalation of enforcement be based not on the actions the regulated entities but instead be based on the level of mass adoption attained by VCs. This is because as the use of Bitcoin increases and as its penetration into fi nancial markets and the fi at economy increases, so too will its capability to pose systemic risk correspondingly escalate. In sum, it can be foreseen that a regulatory strategy using some form of measured regulatory escalation to Bitcoin would best harness the strengths whilst eliminating most of the weaknesses associated with the regulatory approaches used by the US and the UK. Given the non-territorial nature of VCs, balancing these considerations will prove to be a growing multi-jurisdictional concern in the future.

Immaculate Motsi is a researcher at the School of Law, University of Warwick.

Endnotes 1. Hill, K (2014) ‘Bitcoin’s Legality Around the World’,

Forbes , 31 January 2009. http://www.forbes.com/sites/kashmirhill/2014/01/31/bitcoins-legality-around-the-world/

2. European Central Bank (2012) Virtual Currency Schemes. https://www.ecb.europa.eu/pub/pdf/other/virtualcurrencyschemes201210en.pdf.

3. Mullan, P (2014) The Digital Currency Challenge: Shaping Online Payment System through US Financial Regulations , New York: Palgrave Macmillan.

4. Peer-to-peer is a computing terminology that describes ‘networks in which each computer can act as a server for

the others, allowing shared access to fi les and peripherals without the need for a central server’ Defi nition from http://searchnetworking.techtarget.com/definition/peer-to-peer.

5. Cryptography is ‘a method of storing and transmitting data in a particular form so that only those for whom it is intended can read and process it’ Defi nition from http://searchsoftwarequality.techtarget.com/defi nition/cryptography.

6. De Filippi, P (2014) ‘Bitcoin: A Regulatory Nightmare to a Libertarian Dream’, Internet Policy Review , 3(2).

7. For information on these currencies and their market capitalisation see http://coinmarketcap.com.

8. Coindesk (2014) ‘How Bitcoin Mining Works’ Coindesk Internet: http://www.coindesk.com/information/how-bitcoin-mining-works/.

9. Term for everyday money that the government has declared as legal tender.

10. Bitcoin.Org (2015) ‘How are Bitcoin created?’ Bitcoin.Org Internet: https://bitcoin.org/en/faq#how-are-bitcoins-created.

11. Coindesk (2015) ‘How Can I buy Bitcoins?’ Coindesk Internet: http://www.coindesk.com/information/how-can-i-buy-bitcoins/.

12. Image from https://www.coinbase.com/buy-bitcoin. 13. Ibid. 14. See http://usebitcoins.info. 15. Coindesk (2015) ‘What can you buy with Bitcoin?’

Coindesk Internet: http://www.coindesk.com/information/what-can-you-buy-with-bitcoins/.

16. See https://www.cryptofacilities.com. 17. For more up to date Bitcoin statistics see https://

blockchain.info/stats.

17



18. O’Farrell, S (2014) ‘Will Bitcoin Be Bigger Than Facebook?’ BrandWatch https://www.brandwatch.com/2014/06/will-bitcoin-bigger-facebook/.

19. Orcutt, M (2015) ‘Is Bitcoin Stalling?’ MIT Technology Review http://www.technologyreview.com/news/535221/is-bitcoin-stalling/.

20. Badev, A and Chen, M (2014) ‘Bitcoin: Technical Background and Data Analysis’ United States Federal Reserve http://www.federalreserve.gov/econresdata/feds/2014/fi les/2014104pap.pdf.

21. European Banking Authority (2014) Opinion on ‘Virtual Currencies’ http://www.eba.europa.eu/documents/10180/657547/EBA-Op-2014-08+Opinion+on+Virtual+Currencies.pdf.

22. Ibid. 23. Smart, E (2015) ‘United Kingdom Poll Shows People

Want Bitcoin Regulated’ Cryptocoinnews 16 June 2015. https://www.cryptocoinsnews.com/united-kingdom-poll-reveals-people-want-bitcoin-regulated/.

24. Zittrain, J (1975) The Generative Internet, 119 Harv L Rev 1975, applied to Bitcoin by, for example Marian, O (2015) ‘A Conceptual Framework for the Regulation of Cryptocurrencies’ University of Chicago Law Review Dialogue (82) pp. 53–84.

25. Cassano, J (2014) ‘What are Smart Contracts? Cryptocurrency’s Killer App’ Fastcolabs http://www.f astcolabs .com/3035723/app-economy/smar t-contracts-could-be-cryptocurrencys-killer-app.

26. Ibid. 27. Wilson, H ‘Bitcoin Technology off ers Clarity for

Derivatives’, The Times. 16 February 2015 http://www.thetimes.co.uk/tto/business/industries/banking/article4354987.ece.

28. Williams, A, ‘London Takes the Lead in Bitcoin Innovation’ CityA.M 29 June 2015 http://www.cityam.com/218965/london-takes-lead-bitcoin-innovation.

29. Supra Note 24. 30. See http://www.smartcontract.com. 31. An idea presented by Matthew Spoke http://www.

coindesk.com/blockchains-and-the-future-of-audit/. 32. For mini-case studies of developing and emerging

markets with active digital currency markets see http://nextbillion.net/m/bp.aspx?b=4076.

33. Mullan, C (2014) Supra Note 2. 34. European Banking Authority (2014) Opinion on

‘Virtual Currencies’ http://www.eba.europa.eu/documents/10180/657547/EBA-Op-2014-08+Opinion+on+Virtual+Currencies.pdf.

35. Ibid. 36. Ibid. 37. Zetter, K (2013) ‘How the Feds took down the Silk

Road Drug Wonderland’ Wired.Com Internet: http://www.wired.com/2013/11/silk-road/.

38. Higgins, S (2015) ‘Silk Road Operator Ross Ulbricht Sen-tenced to in Life in Prison’, Coindesk 29 May 2015 Inter-net: http://www.coindesk.com/ross-ulbricht-sentenced/.

39. McMillan, R (2014). ‘The Inside Story of Mt. Gox, Bitcoins $460m disaster.’ Wired.Com Internet: http://www.wired.com/2014/03/bitcoin-exchange/.

40. United States of America v Ross William Ulbricht . https://www.cs.columbia.edu/∼smb/UlbrichtCriminalComplaint.pdf.

41. Ibid. 42. Ibid. 43. A complementary good is described as ‘a material or

good whose use is interrelated to an associated or paired good such that the demand for one (tires for example) generates a demand for the other (gasoline for example)’. Defi nition from http://www.businessdictionary.com/defi nition/complementary-good.html.

44. Such as Western Union, MoneyGram and PayPal. 45. Grinberg, R (2015) ‘Bitcoin: Overview of US Legal

Treatment’, All Payments Expo, Davis Polk & Wardwell . Internet: http://bitcoin-reg.com/docs/All%20Payments%20Expo%20-%20Presentation%202.24.2015.pdf.

46. Ibid. 47. Wilson, F (2014) quoted in Coindesk , State of Bitcoin

Q1, 2015 http://www.coindesk.com/state-of-bitcoin-q1-2015-record-investment-buoys-ecosystem/.

48. Cooley (2015) Client Alert: The Regulation of Virtual, Digital and Crypto-Currencies. Internet: http://www.cooley.com/70734.

49. Wilson, F (2014) Supra Note 44; See also Smart, E (2015) ‘Escape from New York: Kraken and Paxful join ‘Bit-Exodus’’ Cointelegraph. http://cointelegraph.com/news/115089/escape-from-new-york-kraken-paxful-join-bit-exodus?ref=2257.

50. Bitcoinist.Net (2015) ‘Coinbase Suspends Service in Wyoming Indefi nitely’. Inside Bitcoins. http://insidebitcoins.com/news/coinbase-suspends-service-in-wyoming-indefi nitely/32924#.

51. Ibid. 52. Dotson, K (2015) ‘Coinbase To Open First ‘Licensed’

U.S-based Exchange’ Silicon Angle January 25 2015. http://siliconangle.com/blog/2015/01/25/coinbase-to-open-fi rst-licensed-us-based-bitcoin-exchange/.

53. Coinbase raised US$106m in backing (see Ibid ) whilst Gemini’s founders received US$65m in a law-suit against Mark Zuckerberg (they co-founded Facebook) as well as other venture capital support.

54. Grinberg, R (2015) ‘Bitcoin: Overview of US Legal Treatment’, All Payments Expo, Davis Polk & Wardwell . http://bitcoin-reg.com/docs/All%20Payments%20Expo%20-%20Presentation%202.24.2015.pdf.

55. Murphy, T (2014) ‘The Big Problem with Bitcoin Regulations’. CNBC 20 November 2014. http://www.cnbc.com/2014/11/20/the-big-problem-with-bitcoin-regulationscommentary.html.

56. See http://www.foxnews.com/politics/2015/02/26/fcc-approves-sweeping-internet-regulation-plan-obama-accused-meddling/.

57. GAO (2014) ‘Virtual Currencies: Emerging Regulatory, Law Enforcement and Consumer Protection Challenges’ United States Government Accountability Offi ce. http://www.gao.gov/assets/670/663678.pdf.

58. Higgins, S (2015) ‘CoinMx Execs Arrested for Operating Illegal Bitcoin Exchange’ Coindesk 21 July 2015. http://www.coindesk.com/coin-mx-arrested-operating-illegal-bitcoin-exchange/.


18

59. McMillan, R (2014). The Inside Story of Mt. Gox, Bitcoins $460m disaster . http://www.wired.com/2014/03/bitcoin-exchange/.

60. For more information on exchanges see http://www.investopedia.com/articles/investing/111914/look-most-popular-bitcoin-exchanges.asp#ixzz3ekcjbsip.

61. Blatchord, J (2015) ‘Will the UK Government Create a Bitcoin Hub?’ http://www.coindesk.com/will-the-new-uk-government-create-a-bitcoin-hub/.

62. HM Treasury (2015) ‘Digital Currencies: Response to The Call for Information’. https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/414040/digital_currencies_response_to_call_for_information_fi nal_changes.pdf.

63. Ibid. 64. Ibid. 65. Ibid. 66. Ibid. 67. Ibid. 68. HM Revenue and Customs (2014) Bitcoin and other

Cryptocurrencies Brief 9, 2014. Internet: https://www.gov.uk/government/publications/revenue-and-customes-brief-9-2014-bitcoin-and-other-cryptocurrencies.

69. Supra Note 2. 70. HM Treasury (2015) ‘Digital Currencies: Response

To The Call for Information’. https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/414040/digital_currencies_response_to_call_for_information_fi nal_changes.pdf.

71. Financial Conduct Authority (2015) ‘Innovator Businesses: Project Innovate’. http://www.fca.org.uk/about/what/promoting-competition/project-innovate.

72. Glick, B (2015) ‘Budget 2015: First Look at the Policies for Technology’ ComputerWeekly.Com 18 March 2015. http://www.computerweekly.com/news/2240242539/Budget-2015-First-look-at-the-policies-for-technology.

73. Crichard, M (2015) ‘UK Cybersecurity: Insure Against ‘Rapid, Highly Damaging Public’ Threats’, International Law Offi ce 14 June 2015 http://www.international lawoff ice.com/Newsletter s/D e t a i l . a s p x ? g = 4 a 4 2 2 4 2 1 - 6 0 a 2 - 4 1 e e - b d 9 a -d2267c674a1a&utm_source=ILO+Newsletter&utm_medium=email&utm_campaign=IT+%26+Internet+Newsletter&utm_content=Newsletter+2015-07-.

74. Higgins, S (2015) ‘Bitstamp Claims $5m lost in Hot Wallet Hack’, Coindesk 6 January 2015. http://www.coindesk.com/bitstamp-claims-roughly-19000-btc-lost-hot-wallet-hack/.

75. Supra Note 2. 76. Richards, C (2015) ‘UK government pledges £10m

to digital currency research, alongside regulation’ Cointelegraph Internet: http://cointelegraph.com/news/113733/uk-gover nment-pledges-us146-million-to-dig ital-cur rency-research-alongside-regulation.

77. Ali, R, Barrdear, J, Clews, R and Southgate, J (2014) ‘The Economics of Digital Currencies’ Bank of England Internet http://www.bankofengland.co.uk/publications/Documents/quarterlybulletin/2014/qb14q3digitalcurrenciesbitcoin2.pdf.

78. Ayres, and Braithwaite, J (1992) Responsive Regulation: Transcending the Deregulation Debate. Oxford University Press.

About changes in Russian regulatory approaches This article highlights major changes in the Russian regulatory landscape, both implemented and proposed, with a view to gaining a better understanding of which instruments the Russian regulator intends to use to react to the developments of the last two years.

Consequences of license withdrawals There has been an increased number of withdrawals of banking licenses in recent years[1] and, according to informal signals from the Russian Central Bank (the CBR), withdrawals will continue. It is typical for a bank to become bankrupt after withdrawal of its license, which in turn under the law leads to the obligation of the deposit insurance agency (DIS) to reimburse any existing depositors.[2]

At least some of the public assessments about license withdrawals suggest that the losses were caused by the very fact that the license was withdrawn. Apparently many owners were able to anticipate the withdrawal, and have come up with new ways of decreasing the assets of the banks in question.[3] Also, whilst pension reform[4] was intended to clean up a sector where asset quality was

believed to be particularly doubtful, during the course of reform further major losses occurred,[5] which can only partially be attributed to the continuing uncertainty in the markets about the long-term future of the private part of the pension system.[6] It is maybe in this context that one of the stated aims of the 2013 pension reform, namely to not increase the pension age, seems to have given up.[7]

Acknowledging or anticipating payments under deposit insurance,[8] the relevant contribution of the banks has been tied to the interest paid on deposits and the fi nancial stability of the payor-banks,[9] butit remains unclear whether the thus increased contribution will, in the long run, suffi ce to cover related expenses.[10] Rather the DIS has been promised loans of up to RUB 110 bn from the CBR for fi ve years,[11] a period which seems more than what would be required to cover short term losses. DIS, by November 2015, appeared to have taken RUB 75 bn.[12] Publicity appears to be retroactive and limited to major events such as the mentioned loan being disbursed.[13] Accordingly, the ultimate cost of deposit insurance to the state budget remains unclear.