The EU’s Anti-Money Laundering Strategy Is a Mistake
The EU’s new anti-money laundering regulation risks upending their current lead in crypto rulemaking.
The lead — largely due to the recently passed Markets in Crypto Asset (MiCA) legislation — generally takes the right path by focusing on crypto asset issuers and intermediaries. It smartly exercises restraint with regard to regulating new DeFi protocols, pseudo-entities such as DAOs, and other novel features of the peer-to-peer crypto network space.
This heavily-debated strategy makes sense, according to an overwhelming majority of opinion, because the peer-to-peer environment, and DeFi especially, requires more study and thought before regulation is prescribed.
But the new anti-money laundering regulation, currently undergoing final negotiations, unfortunately looks like it is going to take a different approach.
This new regulation aims to reduce risks of money laundering, terrorist financing, and other illicit finance generally. A worthy aim, no doubt.
The problem is that the current draft of these AML laws would meaningfully undercut the future potential for blockchain in the EU.
These AML provisions are akin to taking a car, removing its engine, and fastening a team of horses to prevent speeding.
Mandating intermediaries
It is striking how antithetical this approach is to everything the EU is trying to accomplish through MiCA.
Simply said, the Parliament’s proposed regulation would greatly reduce the usefulness of blockchain for EU businesses.
It would limit the amount a business can spend or receive for goods and services using peer-to-peer crypto to 1,000 euros — unless either a crypto asset service provider intermediates the transaction or the counterparty to the business “can be identified.”
This restriction severely hampers commercial efficiency gains and is an unforced error for the EU economically.
The new legislation dramatically expands the scope of AML compliance to basically every business in the EU, not just those that arguably present risks of money laundering.
Such compliance would require all sorts of new types of businesses that want to accept crypto payments to follow know-your-customer procedures that are incredibly expensive and time consuming, as well as burdensome and privacy-invading for customers.
Requiring intermediaries for blockchain-based commerce will also erase any efficiencies gained by the technology. One of the clearest value propositions that peer-to-peer blockchain transactions present is to allow every business — not just individuals — to avoid a toll-taking, time-wasting intermediary.
Having an intermediary serve as recordkeeper is redundant: The blockchain itself serves this purpose.
Blockchain analytics and the chain’s immutable ledger already tells you almost everything you need to know to track funds across the network. It is even becoming more widely recognized that unhosted wallets are not all that private, as their activity history is a matter of public record.
There are many other practical problems with this mandatory intermediation that would push businesses away from peer-to-peer transactions.
Exchange rates would cause some transactions to be lawful when agreed to — but unlawful when executed. A cap on payment in crypto would also require multiple payment methods depending on the amount. Unsolicited customer payments above the prescribed cap could not be stopped or avoided by a business because of how transactions work on the network.
These burdens and risks on both businesses and customers would make transacting peer-to-peer an unacceptable liability for many businesses.
Front-running MiCA 2
The Parliament’s proposed AMLR is unworkable for crypto in at least one more respect that requires attention, and that is its attempt to directly regulate DAOs and DeFi.
Regulating DeFi right now would be a troubling change.
The EU has already decided to address major questions about DAOs and DeFi in what has been called “MiCA 2,” which would be drafted after extensive study over the course of many months. A proposed AMLR provision obligating DAOs and DeFi protocols to comply with AML obligations would frontrun that work.
How the AMLR would purportedly regulate these areas is also rife with problems.
A threshold matter is that the AMLR does not even define “DAOs” or “DeFi” protocols. It just requires such entities to comply if they are engaged in “crypto-asset services” and are controlled “directly or indirectly” by identifiable natural persons or legal entities.
But the AMLR does not adequately explain what “identifiable” or “indirect control” means, and what constitutes a “crypto asset service” remains concerningly vague.
This provision runs the risk of requiring DAOs and protocols that pose absolutely no threat of money laundering to implement burdensome AML programs. As just one example, it sets the stage for the golfing DAO that acquires golf courses and offers golfing perks to surveil its golf enthusiast members.
Perhaps the most troubling issue is that the scope of these obligations does not appear to be limited geographically.
Consider DAOs and DeFi protocols from far-flung regions that have a minimal EU footprint. Must they all comply with this requirement? As far as anyone can tell, one EU-based DAO member or DeFi protocol participant may be enough to require compliance.
The Trilogues can fix these problems
Although they have many competing priorities during the upcoming trilogues, the EU Council, Commission, and Parliament (also known as the Trilogues) should dedicate meaningful energy to debating these issues.
After all views are shared, it is the simplest and best option to not include these provisions in the final regulation. Instead, both Parliament and Council should continue to engage with the Commission and industry to develop a regulatory framework that does not unduly inhibit the benefits of blockchain networks.
When you look beyond digital assets as an investment class and to the underlying technology of peer-to-peer blockchain, you see that it is young and that its future globally is bright.
By taking a step back and giving parties the time to find correct, consensus-driven answers, the EU would ensure that its recent policy gains are not inadvertently squandered and would further consolidate its position as the leading jurisdiction in the peer-to-peer blockchain space.
Bill Hughes is the Senior Counsel and Director of Global Regulatory Matters for ConsenSys, the leading Ethereum blockchain software company. Bill focuses on the diverse and ever evolving crypto global regulatory landscape, and the legal and public policy issues with which ConsenSys and the broader crypto ecosystem is grappling. Bill joined ConsenSys after serving as an Associate Deputy Attorney General at the Department of Justice, where he managed, among other things, the Department’s work on prospective regulations, legislative proposals, and policies across a broad spectrum of legal and operational issues. He worked closely with the White House and other federal agencies on regulatory and policy initiatives and coordinated the DOJ’s law enforcement response to COVID-19-related consumer fraud and money laundering. Bill began his career as a clerk for a federal judge in New York and litigating with the firm of Sullivan & Cromwell LLP. Bill received his JD from the University of Virginia School of Law and his BA from Vanderbilt University.