Circle CEO Jeremy Allaire recently appeared on the Unchained Podcast to discuss the proposed FinCen rule for unhosted crypto wallets.
BOSTON, January 6, 2021 — Circle CEO Jeremy Allaire recently appeared on the Unchained Podcast, hosted by Laura Shin, together with Kristin Smith of the Blockchain Association.
Examining the latest proposed regulations from FinCEN, the discussion considers the politics behind this action, the landscape and context in which it could be enforced, as well as the broader impacts for DeFi and Web3.
Laura Shin: Today’s topic is the recently proposed FinCEN rule around crypto transactions related to unhosted wallets, self-hosted wallets, or just plain wallets, whatever you want to call them.
Because this involves news, I’m just going to let the audience know upfront that we are recording Saturday morning, the day after the proposed rule was published. First, can you explain what this rule is?
Jeremy Allaire: The proposed rule is around transaction reporting for individuals that use a custodial wallet, or an exchange, or, it’s technically in the rule, a money service business or a bank. So, a regulated financial institution in the United States, and any transaction that involves essentially sending or receiving funds from a crypto wallet that is not associated with another regulated financial institution, or money-service business, whether internationally or the US.
It essentially says that if an individual is sending greater than 3,000 dollars over a crypto network, then you need to record their full KYC information.
You need to receive the name and address of the recipient, and then keep that record, and then if it’s greater than 10,000 dollars, let’s say you’re sending half a bitcoin to someone, to another bitcoin wallet that either you control or is someone else, you also need to collect that name and address of the recipient, and you need to report it, all that information, to FinCEN, essentially to the federal government and law enforcement in the federal government.
So, there’s essentially a data feed that gets sent to the US government with all transactions above 10,000 dollars with that collected information, and then they can go on and monitor that freely, and track your blockchain activity.
There are so many issues with the process by which this is happening. This is a midnight rulemaking attempt. This is extremely unilateral from the Secretary of Treasury himself, despite significant objections throughout the government, including from within law enforcement.
This is a highly politically-motivated individual who wants to jam this through, and is doing everything in his power to do that, despite many, many good actors in the federal government who, I think, realize that something like this should not be just jammed through, and requires really careful review, deliberation, and planning, and thinking.
When you look at blockchains, the fundamental innovation today is this infrastructure where you can actually have programmable money.
The breakthroughs that are happening and what motivated me to get in the industry almost eight years ago, was this idea that you could have money as a data type on the internet, and you could program it, and you could create contracts around it, and that those could be enforced by code, and work globally and interoperably. And that that would eventually allow for financial services innovation, and access to that financial services innovation globally.
This rule basically just completely ignores the fact that that even exists. It completely ignores the fact that innovation in open finance is built on this idea of smart contracts, whether they’re providing lending markets or other forms of economic arrangements, are executing in code, and that individuals, for the first time ever, have the ability to access and interact with those. That’s a huge breakthrough!
By saying nothing to that issue, it raises very significant questions about how Coinbase, if you’re on Coinbase.com, can you actually interact with a Smart contract? You know, what is staking? Is staking interacting with a smart contract? What are all these things? What can a consumer-facing or a business-facing institution do?
So, that’s a major issue, and I think coming back to the procedural question, you know, what we ought to do is say, okay, we have these kinds of concerns, and I think they are legitimate concerns.
Money laundering and financial crime is legitimate, and we can talk about that. But you don’t jam it through over the holidays without any consideration or industry engagement.
Just to maybe reiterate how that translates is: I go to an exchange, I’m getting some USDC or bitcoin, and in this new rule, let’s say I want to take 15,000 dollars and move it so I can use that and put it into DeFi or a DEX, I need to say I’m putting this in a self-hosted wallet.
It’s my wallet. You have my name and address. That’s what I’m doing, and you know, I can imagine a user interface where essentially, the service identifies, okay, you’re not sending to another VASP. You’re sending to an unknown wallet, a checkbox that says “This is my wallet,” and you know, it goes, and then you go and interact with DeFi.
So, at a practical level, I think that is accurate. Now, here’s the difference. Here’s the challenge.
Under this rule, this rule will mean that, effectively, the record of you as an individual doing that and the blockchain address, those just get sent in a data feed to the federal government and law enforcement, and they can do whatever they want with it. The data feed goes to the government, and you know, they’re quite capable of writing software.
So, you can imagine, now we have this data feed, and now we can basically have surveillance downstream over every transaction on-chain tied to a specific identity, and tied to that.
Now, in the traditional financial system, there’s nothing equivalent to that. Actually, the government needs a subpoena to get that information, unless the financial institution deems that the person is doing something suspicious, where they have reason to believe that there’s money laundering or financial crime.
If they do, then they have to report it to the government. Now, anyone who transacts above 10,000 dollars is presumed to be a money launderer, and are now under full surveillance and monitoring. They can be, without consent, and that is what this rule does.
When you take cash out of the bank, you take 10,000 dollars cash out of the bank, that does get reported, but there isn’t someone looking over your shoulder everywhere you go and seeing what you did. So, there’s a huge difference!
As we move into a world of “digital money” on the internet and on blockchains, this is a small step towards radically higher levels of surveillance, and it is different from the way it works in the existing banking system.
And so, while it might feel good to say, well, I can just put it in my self-hosted wallet and then I can do what I want. Well, you’ve also done that, and your blockchain addresses and your downstream transaction activity are now under surveillance, without you knowing or being able to do anything about it.
Laura Shin: One thing that I was wondering is how this rule could affect the wider world of DApps in general, or Web3? Like, if you had some 10,000 dollar CryptoKitty or something you wanted to buy from somebody, how would that affect things? Like, would you need to get the KYC from that person, or, like, I don’t know how this would impact…
Jeremy Allaire: If you’re using a DApp, you’re using that through a non-custodial wallet because that’s how Web3 works, and if you’re transacting with an NFT exchange, that NFT exchange is something you’re connecting to through a non-custodial wallet as well.
Effectively, what that would look like is, I move 10,000 dollars of USDC, or ether, or bitcoin, and I’m interacting with the marketplace, and I want to transact for an NFT, and I’m doing that on a permissionless infrastructure, and then I take possession of that. That activity is sort of in that kind of parallel permissionless blockchain world. Now, if a custodial service wanted to allow you to, you know, buy an NFT from a marketplace, and the custodial service is interacting directly with the smart contracts, that’s where it starts to get complicated.
This gets back to the whole smart contract discussion. There are lots and lots of services now, where it’s a custodial service that itself, behind the scenes, is putting stablecoins up into DeFi contracts, or is putting Ethereum up into DeFi contracts on your behalf, and interacting with smart contracts to give you access to it, where you don’t actually need to do self-custody.
That set of activities, there’s a giant question mark about that.
Like, is that even legally possible because there is no way for that exchange or that custodial service to know the name and address of the smart contract? Like, what’s the name and address of Compound protocol?
You know, it just doesn’t work.
This is, again, back to the rulemaking, why if this was serious in terms of process, we would take the time to think about how do financial intermediaries deal with DeFi in the context of these financial crime concerns? Let’s think that through, and frankly, give the industry time.
I believe that there are ways for decentralized identity, and identity protocols, and other things to be layered on this in a way where you can both have financial privacy and you can have accountability in recordkeeping that is compatible with the emerging world of smart contracts.