In October, the Financial Crimes Enforcement Network proposed a new regulatory regime for crypto mixing services that would treat the entire class of privacy tools as money laundering threats and force new recordkeeping rules on U.S. people or entities that use them. The industry had a chance to weigh in. Here’s the gist of their responses.
You’re reading State of Crypto, a CoinDesk newsletter looking at the intersection of cryptocurrency and government. Click here to sign up for future editions.
In October, FinCEN published a notice of proposed rulemaking suggesting it might designate crypto mixers as primary money laundering concerns, and asking for public feedback through a comment period which closed last week.
Why it matters
Crypto mixers – privacy tools that let users obscure the origin or source of funds when transacting – have been controversial in U.S. national security circles due to concerns that malicious actors are using them to launder funds from hacks or to support terrorist organizations. The U.S. sanctions watchdog, OFAC, has added several mixers to a global blacklist in efforts to lock these entities out of the global financial system. Its sanctions against Tornado Cash in particular have drawn legal challenges.
Breaking it down
There were some 2,000 comments posted as of the time of writing this (of which I read or skimmed a couple dozen), with respondents raising concerns that the proposed rule would infringe on personal rights, capture more of the crypto ecosystem than FinCEN intends and drive legitimate crypto use offshore.
Chainalysis, a crypto analytics firm, said the proposals “are too broad” to be effective, and “will result in inconsistent and excessive reporting on transactions,” most of which wouldn’t be tied to illicit activity.
For example, “everyday economic activity” like liquidity pools or swaps might be captured in the part of the proposal that addresses users exchanging different types of digital assets, a letter from the DeFi Education Fund said.
A few of the letters warned that FinCEN’s rule might move activity into other jurisdictions, which could backfire on the U.S. regulator.
The Blockchain Association’s letter, for example, said “FinCEN must appreciate that there could be a tipping point at which overbroad and inappropriate anti-money laundering requirements could drive digital asset businesses to other less regulated countries, where there would be no requirement to file suspicious activity reports (SARs) to FinCEN and therefore limit U.S. law enforcement’s access to valuable information.”
A letter attributed to America’s Credit Unions – a new entity formed after the merger of the Credit Union National Association and the National Association of Federally-Insured Credit Unions – said that while credit unions don’t currently engage in crypto transactions, the proposed recordkeeping requirements would be “potentially burdensome,” and that those regulations “should not be duplicative of existing requirements.”
“FinCEN should limit the application of its reporting and recordkeeping requirements to certain transactions. As noted, FinCEN has extensive experience with various thresholds,” the letter said.
The letter did not provide a suggested threshold, suggesting creating one may not even work “given the complex nature” of crypto mixing.
“Perhaps a safe harbor based on the frequency of transactions might be appropriate. This is something FinCEN should analyze and work with the industry on, ultimately pursuing such changes through a subsequent proposed rulemaking,” the letter said.
Fewer comments expressed support for the rule. One, by data analytics firm GeoComply – which describes itself as a company that uses “geolocation data intelligence to verify individuals’ true digital fingerprint” – called the rule “an effective first step,” but suggested there are places it could be stronger.
It recommended against relying on IP data, for example, noting that these digital addresses can be obfuscated by virtual private networks (VPNs) and the like.
Another comment, attributed to the Bangladesh Financial Intelligence Unit, Bangladesh’s central bank’s agency tasked with investigating money laundering, cited the recent U.S. Department of Justice action against Binance and recommendations from the Financial Action Task Force in supporting the proposal. Nevertheless, the FIU said the proposal might be a bit too heavy-handed. The Bangladesh FIU could not be reached for comment or to verify it indeed submitted the response, but FinCEN labeled the comment as coming from a state entity.
There were also, as Consensys’ Bill Hughes pointed out, a number of comments that appeared to be written by a bot. A lot of these comments said they were written “to express [their] concerns” and say parts should be reconsidered. These parts deal with the reusing of bitcoin addresses, mixers, bitcoin programmability, bitcoin’s use in terror financing and saying crypto users might use less safe offshore platforms.
They “urge the commission to evaluate the potential unintended consequences,” presumably because whoever programmed the bot didn’t realize that FinCEN isn’t the same as the Securities and Exchange Commission. This has happened before.
I asked the Treasury Department how it evaluated GPT-generated comments, and a FinCEN spokesperson said, “In accordance with the Administrative Procedure Act and other applicable laws, regulations and Executive orders, FinCEN reviews all public comments and responds to all significant comments.”
Many of the responses that seemed to be written by actual people (as opposed to bots) and filed from anonymous or individual submitters mentioned concerns about privacy and the right to transact.
And as appears to be tradition now, there are also a few random totally off-topic comments, including a handful pledging support for Richard Heart of Hex infamy and one supporting the Financial Innovation and Technology for the 21st Century Act, one of several pending attempts at comprehensive crypto legislation.
FinCEN now has to review the comments before officials decide whether they want to move to finalize the proposal, revise it or take some other action.
- 9:00 UTC (10:00 CEST) The European Banking Authority will hold a hearing on prudential regulation details within the Markets in Crypto Asset regulatory framework.
- (The New York Times) The Times is out with a troubling story about click farms and how AI is just another tool for them now.
- (The Air Current) TAC’s Jon Ostrower created a timeline for the Boeing 737 MAX 9 fuselage which lost a door plug mid-flight this month.
- (Fortune) Caitlin Long’s Custodia has been in litigation with the Federal Reserve over its rejection of the crypto bank’s bid for a bank charter. Leo Schwartz at Fortune dug through some recent filings.
You can also join the group conversation on Telegram.
See ya’ll next week!