It is clear that the power of technology has to be embraced in order to allow innovation to flourish and to encourage innovative solutions. In this paper, ISOLAS LLP’s Consultant and Fintech Ambassador Joey Garcia and Shlomit Azgad-Tromer, Chief Legal Officer at Sealance, provide an overview of recent developments affecting Stablecoins and potential implications for the wider industry, along with the technical developments designed to manage risk, in order to allow innovation to flourish without hindering its transformational potential.
The recent order that many people have been examining over the weekend confirmed that the Fed has denied Custodia’s membership application, as well as its application for a master account. However, the order goes quite a way beyond this in an 86-page release, with the Fed detailing the “fundamental concerns” with Custodia’s approach, many of which had related to its intent to issue stablecoins affiliated with the bank, and the nature of stablecoins issuance and trading. So what are the implications for stablecoins, stablecoin issuers and the industry more widely.
Among the main criticism points that have massive implications on stablecoins regulation going forward, the following points were highlighted:
● Lack of control for counterparty risks
● Lack of tools for suspicious activity monitoring and SAR issuance
● Lack of risk based approach tools to enforce policy tailored to specific user risk
● Transparency and how it correlates and supports potential runs
There is a question that immediately arises though. In an environment of rapidly evolving technology, are there no realms of ‘compliance innovation’ that would be able to deal with these concerns? Technology can be developed to provide new efficiencies, access to new markets and cross border payments infrastructure, but it can also be developed in the blockchain context to provide ‘on-chain compliance’ along with privacy controls that can easily address the concerns being raised and businesses like Sealance already run operating models of these systems. Focus on privacy and control of your own identify and data has become more and more of a focus point in recent times also. Are there systems that can protect a users data and privacy but allow stablecoin networks and the wider DeFi ecosystem to operate in a compliant and risk mitigated way? The answer is yes.
Summary of the Fed’s report
Heightened Risk in Stablecoins vs TradFi
The risk factors which are highlighted and identified by the Fed can be briefly summarized as below but for a full review of the order, this is publicly available here.
● The ability to identify users and monitor transactions is central to mitigating ML/TF risks, but crypto-assets often afford their holders significant anonymity. Users may transact through unregulated or less regulated money services businesses in a country lacking a robust AML/Combating Financing of Terror (“CFT”) regime, and financial transparency may be further decreased by crypto-assets held by users in “unhosted wallets.”
● Trading in crypto-assets is often conducted pseudonymously either on a peer-to-peer basis or through facilitation by lightly regulated or unregulated intermediaries.
● Crypto-asset trading can occur globally, and there are few to no limits to Digital Assets. It can be very difficult or impossible to determine who is accessing or in control of the use of cryptocurrencies in an unhosted wallet. Unhosted wallets allow for anonymity and concealment of illicit financial activity.
● While a financial institution can require customer identification information in connection with a customer onboarding process (e.g., with respect to custody customers), it can be very difficult for a financial institution that is an issuer of crypto-assets to identify holders of such assets in circulation, unless holders of the asset are limited to identified customers only.
● A financial institution’s ability to limit the misuse of crypto-assets for ML/TF depends in large part on the internal controls in place at points where crypto-assets interact with the traditional financial system, such as when a crypto-asset is obtained by a user in exchange for national currency. Stablecoins, however, may reduce the need for crypto-asset holders to interact with regulated institution.
● While the financial institution that issued the stablecoin might have information on the transaction flows on the applicable blockchain, it would likely not know the identity of the transactors other than the initial purchaser and the ultimate redeemer.
● Without information about the transactors, it is extremely difficult for financial institutions to comply with AML/CFT requirements to identify suspicious activity and sanctioned parties, especially within mandated reporting periods.
● Payments to validators may include illicit actors or sanctioned entities. validators are pseudonymous and randomly selected, and transactors cannot select particular validators that have been identified or screened for sanctions risks.
Custodia’s Compliance Plans
The compliance plans which had originally been proposed by Custodia are summarised below. However, we cannot make any assumption or offer any guidance on this being a determining factor in the ultimate decision of the Fed as our understanding was in fact that Custodia had retracted the plans to issue its ‘Avits’ stablecoin to deal with any concerns. We are also not commenting on any other part of the order which goes into significant detail over 86 page document (14 time longer than the next longest Fed denial in history).
● Board of Directors compliance committee to report and escalate risks to the Board.
● Customer identification onboarding involving due diligence on purpose and source of wealth.
● Use of vendors to assist with automated customer screening and transaction monitoring;
● Compliance staffing and resources.
● The program would include (i) the development and maintenance of comprehensive written policies and procedures that are tailored to its business model; (ii) designation of a compliance officer who has significant commercial bank BSA/AML compliance experience; (iii) ongoing training and education; (iv) independent review and testing; and (v) customer due diligence.
● For screening transactions for sanctions compliance, Custodia has indicated that it will (i) incorporate geolocation tools and IP blocking controls; (ii) implement screening of wallet addresses against those specifically listed by OFAC sanctions; (iii) implement screening of other IP or wallet addresses acquired in the course of the transaction; and (iv) employ blockchain analytics tools to identify and mitigate sanctions risks.
● Custodia proposes a phased roll-out of services and would initially limit its offerings to certain customers and certain activities; for example, it does not intend to accept non-U.S. businesses and natural persons to be customers at the outset, in order to allow for the build-out of a program commensurate with associated risks.
● Furthermore, Custodia seeks to rely on blockchain analytics firms and other vendors to mitigate any gaps in traditional AML/OFAC controls.
● Custodia has asserted that it will have the ability to freeze and seize its issued stablecoins in response to law enforcement requests and when a stablecoin is held by a “blacklisted” wallet.
Why the Fed believes this is Insufficient Compliance and what are the implications
The examiners identified significant gaps that indicated the bank has not yet established adequate AML and OFAC compliance. The more specific points are highlighted below but the implications of these kinds of determinations are implicitly much wider than Custodia, and are factors that will ultimately need to be considered by Stablecoin issuers and platforms, as well as the wider systems that are integrated with stablecoins.
● Examiners determined that the transaction monitoring systems for high-risk customers are insufficient and that the transaction monitoring processes are not risk-based or aligned with Custodia’s planned operations and risk profile.
● Furthermore, examiners found that Custodia’s policies, procedures, and processes did not allow for timely identification and reporting of suspicious activity.
● Users would have the ability to make or accept transactions to or from non-Custodia wallets, which would not have undergone an onboarding process with Custodia.
● Counterparty risk: due to the nature of pseudonymous blockchains on which Custodia will enable customers to transact with possibly pseudonymous or even anonymous non-customers. Non-customers will be able to hold its stablecoins and redeem them without undergoing the due diligence required for customer onboarding.
Page 40 of the order contains the following quote:
“While these are issues that neither FinCEN nor OFAC has specifically addressed and though Custodia has offered to voluntarily monitor noncustomer transactions and file SARs, such issues do highlight the inherent risks and challenges associated with crypto-assets that need to be mitigated to ensure this activity can be conducted in a safe and sound manner”
So what are the ways that such risks can be mitigated and is this really necessary in an international context or not?
National Bank Permissibility and Risks
The permissibility of the issuance of “stablecoins” for national banks is subject to OCC Interpretive Letters 1174 and 1179. Three types of risks are emphasized in particular:
● OCC Interpretive Letter 1174 states that stablecoin arrangements “should have the capability to obtain and verify the identity of all transacting parties, including for those using unhosted wallets.” Custodia’s proposal for issuing and redeeming stablecoins did not meet this expectation. The first party that receives stablecoins from Custodia and the party that attempts to redeem stablecoins with Custodia would be known to the bank. But any other person or entity, anywhere in the world, would be able to acquire or transfer stablecoins in the secondary markets without being known to Custodia, so long as the wallet to which the transfer is made has not been blacklisted due to sanctions concerns. This is of course, the same as all major stablecoins currently in issuance and circulation.
● Further, and due to the methodology of public blockchain to charge fees, both Custodia and holders of stablecoinss will pay transaction processing fees to unknown transaction validators. Again, this is the same as all major stablecoins.
Transparency and Risks related to Runs
On most public blockchains, the public is able to see tokens moving from one wallet to another, including as they are issued and redeemed. …the public would know when Custodia’s stablecoins are being redeemed in high or higher-than-usual quantities. This redemption transaction visibility could potentially increase the likelihood of a run on Custodia’s stablecoins, other deposit liabilities, or custodied assets (which could affect its fee revenue). While Custodia has said it will manage liquidity risks by keeping all the dollars backing stablecoins in a master account at the Federal Reserve if such an account is granted, history has shown that runs on any bank or financial intermediary have led to panic and contagion that spread to other banks and financial intermediaries.
Users could trade stablecoins on
● non-compliant exchanges;
● lend on crypto-lending platforms;
● and invest in decentralized finance protocols.
Each of these poses risks to stablecoin holders, as stablecoin holders engaging with these intermediaries and protocols may not be in a position to understand the risks they are exposed to, given that such intermediaries often do not comply with, or are not subject to, disclosure rules, conflicts of-interest standards, prudential regulation or consumer protection standards.
So how can these Risks be Addressed?
There are exciting new technologies that can provide blockchain-native compliance mechanisms that can be layered on top of any stablecoin. Platforms like Sealance allow for every stablecoin to create a compliant version (e.g., “sealed stablecoin”) that enforces jurisdictional policies while preserving the asset’s economic value and technological capabilities.
Sealance’s technology augments blockchains with additional information about actors’ identity and funds’ provenance, in a privacy-preserving way, and uses this information to automatically enforce regulatory compliance, risk management policies, transaction reporting obligations, and record-keeping policies on the blockchain in real-time. Policies are jurisdiction-specific and can be set by the pertinent government regulators, by self-regulating bodies, or by financial institutions based on their own risk tolerance. Since Sealance’s controls are not only tied to an asset holder but also to an asset itself, sealed stablecoins will always enforce their assigned regulatory and issuer-specific controls throughout their lifecycle independent of current and future asset holders and their jurisdictions, and independent of specific usage patterns.
Sealance ensures compliance without compromising the financial privacy and security of cryptocurrency users. While identities and other compliance-related information may be recorded on the blockchain ledger, they are cryptographically protected and not publicly visible. Instead, sensitive personal information (direct or derived) is visible only to authorized parties, subject to the predetermined policy.
The technology can absolutely technically permit any stablecoin to enjoy the following as augmented compliance controls on the asset itself:
Tailored risk-based approach
Nuanced risk-based policies that reason about multiple risk indicators particularly tailored for each user. Transaction blocking and alerting can weigh myriad criteria including identity attributes, the source of identity attestations, amount thresholds, past transaction history, activity patterns, and alert/block lists. These policies can reflect the regulatory mandates, augmented with the VASP own risk policies and tolerance, and can use data feeds such as customer records and existing chain analytics.
Suspicious Activity Reports
Compliance policies can also specify the mandatory generation of reports of suspicious or high-risk activity in accordance with FATF Recommendation 20 (SAR/STR), as well as CTR and CMIR reports, or other reports as defined within an organization. Sealance’s protocol ensures report generation in real-time, concurrently with the inclusion of the transaction in the blockchain. The policy determines what is included in these reports, and who can access them, limiting disclosure to authorized personnel only. Triggering conditions can include attributes of the parties, funds provenance, alert lists, and other red flags., such as:
● Abnormal transaction volume, whether within a single transaction or “structured” over multiple transactions. The threshold may be fixed, or dynamic and algorithmically-determined (e.g., relative to the total trading volume in that asset).
● Transaction activity not commensurate with the customer’s character or income (e.g., as ascertained during the KYC process associated with their wallet), or abnormal compared to their past activity (e.g., heavy activity in a previously-dormant account).
● The user’s account is already flagged as suspicious or high-risk, whether by algorithmic rules or at the discretion of authorized parties.
● Complex risk-based reasoning may include heuristics, data analytics, deductions, and machine learning. These decisions may reason about users’ information without revealing it.
Reports are policy-mandated, non-discretionary, and are issued in real-time, concurrently with the inclusion of the transaction in the blockchain. The policy determines what information is included in these reports, and who can access them within the pertinent law enforcement authorities within the jurisdiction.
Moreover, where reporting criteria are themselves sensitive or confidential, they can be protected from scrutiny; the transaction senders remain unaware of these criteria and whether a report has been associated with their transaction.
DeFi and Lending Participation
Solutions like Sealance allow the development of tools that allow asset issuers to continuously monitor and potentially charge transaction fees for client activity over DeFi. DeFi itself on the other hand is completely passive in our model. DeFi participants may rely on global identifiers, attestation and policies for internal risk management processes and regulatory-compliance processes. These policies will include the requisite assurances, such as robustness of identity attestations and ongoing sanction monitoring. However, compliance and policy are enforced by programmable smart contracts without needing to change the underlying protocol, and significantly, without exposure to regulatory SEC risks due to active identification and monitoring of clients.
Critically, the right solutions also integrate privacy-preserving cryptographic protocols to protect transaction and user information. The sender, recipient, asset and amount for every transaction are private, and are only subject to selective disclosure to those authorized compliance agents at the asset issuer or at other specific authorized VASPs. Data, and deductions from it, are revealed only to authorized parties. The integrity of the data, and of mandated actions such as reports, is cryptographically ensured — without reliance on centralized, high-risk repositories of sensitive information.
The Fed has emphasized the particular enhanced risks presented by stablecoins. However, these risks are not inherent in the technology. The very same technology that allows for blockchain-based payments carries the ability to innovate compliance and financial regulation processes and modernize the current system used by banks. Implementing these innovative technologies, stablecoins can present a safer and more compliant alternative for users, and lead to a new era in blockchain-based financial regulation and secure standards.