The Travel Rule officially extends to "virtual asset services providers" (VASPs) this month. It requires VASPs, such as crypto exchanges, to collect the names of both transaction senders and receivers, as well as the national IDs of the former.
For the crypto sector, whose main value proposition is arguably (quasi-)anonymity of financial transactions, this development is said to be an existential crisis. Or it threatens to drive the sector underground. Adviser to the Organization for Economic Co-Operation and Development Joseph Weinberg has warned the rule extension could “drive the entire ecosystem back into the dark ages.”
We argue instead that the rule divides the industry in two: one part that is brought into the light of existing international financial regulation while another is pushed further into the dark net. To understand this outcome, and why it is both good and bad for crypto, the notions of protocological control and financial infrastructures are illuminating.
Protocological control
The Travel Rule’s origins lie in a more than two-decades-old U.S. requirement that banks store and obtain customer information related to transactions above $3,000. Its extension to crypto illustrates the persistent international power of the U.S. through the Financial Action Task Force.
Contrary to claims of draconian power, the FATF is not exercising direct control by extending the U.S. "travel rule" to VASPs. This Paris-based intergovernmental organization is exercising indirect power in influencing who and where “protocological control” is exercised.
Protocological control refers to the manner “computer protocols govern how specific technologies are agreed to, adopted, implemented, and ultimately used by people around the world.” Developed in the 2004 book "Protocol: How Control Exists After Decentralization," media studies scholar Alexander Galloway showed how the World Wide Web Consortium (W3C) and the Internet Engineering Task Force shaped the coding of computing protocols underpinning the design of HTML.
The FATF is exercising similar influence over the protocols underpinning decentralized crypto-networks. Yet, this intergovernmental organization is not developing its own protocols for enabling the exchange of customer information amongst VASPs. Nor is it leaving protocol development up to its 39 member states.
Rather, the FATF is promoting market competition both among crypto startups, as well as big banks, to come up with protocols ensuring information interoperability amongst VASPs. The FATF’s indirect power is as a “market maker," facilitator and coordinator.
But what does this indirect exercise of power mean for the crypto-ecosystem?
Dual infrastructures
On the one hand, the FATF’s focus on market competition helps to avoid the typical “cat-and-mouse” chase in which “regulatory cats” pursue naughty industry mice at several steps distance from their more nimble opponents. The FATF’s multi-year consultation has encouraged a level of cooperation and mutual learning between industry and regulators, instead leading to a chase in which the industry continually attracts the continual ire of AML/CFT enforcers.
On the other hand, the FATF’s approach is dividing the crypto-ecosystem into dual infrastructures.
See also: Leah Callon-Butler: Crypto Exchanges Need Common Messaging to Comply With Travel Rule
One more consolidated and centralized infrastructure enables compliance with the Travel Rule and its identification requirements. But a more decentralized and privacy-centric infrastructure is pushed further into gray markets and the shadows of the dark web.
The division of the crypto space into dual infrastructures ultimately undermines the FATF’s attempt to bring the entire ecosystem into official regulatory remit.
Where to go from here?
Where all this will end up is anyone’s guess. The gaps between privacy-focused and identification-compliant infrastructures in the crypto-ecosystem may widen further. Emerging protocols like Enigma may gain traction and privacy tools might turn most traceable cryptocurrency into anonymous payments.
While this may be great for maintaining privacy, it is inevitable that regulatory attention will be attracted to this infrastructure if illicit activities grow in size and scope. Indirect power can be fickle and next time around international regulators may seek more direct forms of control, as well as be less willing to cooperate with the industry.
But the gaps between infrastructures may also narrow as protocols based in AML/CFT regulation are developed. Groups like OpenVASP attempt to strike a balance between openness and compliance by creating open protocols to share information between operators uniformly. The Travel Rule may prompt a yet unanticipated “squaring of the circle,” maintaining privacy while enhancing identity data collection and circulation.