Compliance is a topic that cannot be avoided in the development and growth of the cryptocurrency industry. In order to help market participants better understand the compliance trend of the cryptocurrency industry and integrate into the wave of digital finance development, Lianwen invited Wang Yijia, Chief Compliance Officer of ZING , a compliant financial solution platform, to write an article to interpret Sino-US cryptocurrencies from a professional perspective Current status of compliance.
The full text is divided into two releases. The first part explains the current status of China’s cryptocurrency industry compliance. This article is the second part, analyzing the experience of U.S. cryptocurrency compliance and its reference to relevant Chinese laws.
Author: Wang Yijia, Chief Compliance Officer of ZING, Master of Laws from Northwestern University, Senior Legal Counsel in the Digital Currency Field
ZING is a digital asset compliance financial solution platform jointly created by the traditional financial services company Taichu Financial Holdings and the American digital financial service provider Legend Trading. It is committed to providing institutional customers with compliant investment channels in the field of encrypted digital currencies. ZING currently holds a financial service provider license (MSB, Money Service Business). In the future, under the compliance license, it will strengthen the construction of transaction infrastructure such as clearing and settlement and liquidity, open up traditional financial fields and blockchain fields, and provide overall financial services solution.
What are the real regulatory red lines and compliance requirements?
Regulatory red line
From the issuance and implementation of various documents in China, as well as the supervision of OTC transactions, exchanges and other businesses, it is not difficult to conclude that the biggest concern and concern of the regulators on encrypted digital currencies lies in the issue of “fighting of legal currency” . That is, “where does the money come from, where does it go, and whether it is used for illegal acts under the guise of encrypted digital currencies.” Specifically, the biggest regulatory red lines are:
- Do not use encrypted digital currency for money laundering;
- Do not participate in foreign exchange evasion through large-scale transactions such as exchanges or OTC service providers;
- Do not engage in financial crimes such as fraud, fundraising, and pyramid schemes in the name of “encrypted digital currency” or “blockchain”
Compliance requirements
We can see that the current development of China’s blockchain industry has far exceeded the speed of sound laws and regulations. In the past few years, in the face of the above-mentioned difficulties in the supervision of the encrypted digital currency field, the Chinese supervisory authorities have mainly imposed implicit normative restraints by “prohibiting” certain businesses or prompting “precautions”, all of which are relatively passive. Initiative. And in this “unreliable” situation, China’s major exchanges, wallets, OTC service providers, encrypted digital currency depository/custodians and other practitioners are living in the cracks between “legal and illegal”. With the further development of the industry, the encrypted digital currency trading system, KYC system, and on-chain tracking technologies are becoming more and more perfect. Law enforcement and judicial institutions have gradually enriched their experience in combating encrypted digital currency crimes, and are currently implemented through “encrypted digital currency” Criminal behavior is becoming more difficult. This year, the People’s Bank of China is also actively exploring an official encrypted digital currency such as “DCEP”. It is not difficult to see that the legislative and compliance requirements with guidance and regulation as the core are already very urgent.
How to achieve “Compliance”?
Legal “Compliance”
First of all, the most intuitive way of “compliance” is the soundness of the legal system. At present, China still has not fully qualitatively defined “what is encrypted digital currency”. In contrast, based on China’s statutory legal system, it does take a relatively long time to clarify each business and ecology in the encrypted digital currency format. Therefore, it may take a relatively long time to achieve “perfect legislation.” From the perspective of actual case handling and business implementation, it may be possible to supplement some existing laws and regulations, or to gradually promote the improvement and construction of legislation by gradually introducing “judicial interpretations.”
Technical assistance, the future trend of compliance
Since encrypted digital currency itself is a product based on the combination of blockchain technology and encryption algorithms, the compliance of its transactions should also rely largely on technical means. For example, when illegal funds enter an encrypted digital currency transaction, they will quickly flow on the chain. The fate and recovery of these illegal funds and the “dirty coins” they exchanged need to be assisted by security technologies such as chain tracking and IP tracking. .
The first line of defense to prevent illegal funds from entering the cryptocurrency field is KYC. However, under the background that the “KYC” step is generally carried out by an automated system, a large amount of false KYC information has flooded into the market, which has led to information screening in KYC that can only be achieved with technical support.
“Regular Army” to “Compliance”
The so-called “regular military” compliance refers to the channel of “legally handling related businesses” for relevant practitioners such as exchanges in the field of encrypted digital currency. Bring the business side into the scope of supervision and set certain entry thresholds and rules to make it a “regular army” of “legal business.” The author uses the U.S. supervision of “transactions” and “exchanges” as a reference.
(1) The United States has a special department to supervise encrypted digital currency related businesses
The latest “Cryptocurrency Act of 2020” in the United States assigns the definition of “federal digital asset regulator” to three agencies, namely the Commodity Futures Trading Commission (CTFC), the Securities and Exchange Commission (SEC) and the Financial Crime Enforcement Network (FinCEN) ). Divide digital assets into three categories: encrypted currencies, encrypted commodities, and encrypted securities. The US Commodity Futures Commission (CFTC) is responsible for encrypted commodities; the Securities and Exchange Commission (SEC) is responsible for the encrypted securities business; and the Financial Crime Enforcement Network (FinCEN) under the US Treasury Department is responsible for the encrypted currency business. Every federal cryptographic regulatory agency is required to provide the public with and maintain an up-to-date list of all federal licenses, certificates, or registrations that are necessary to create or trade digital assets.
In different scenarios, the same digital currency may be supervised by one or more departments. For example, spot transactions are mainly FinCEN; futures are CFTC; and the digital currency in ICO is usually regarded as securities and is mainly regulated by the SEC.
(2) In the United States, the regulation and compliance of encrypted digital currencies is mainly through “licensing” to make relevant exchanges legally engage in business.
According to the FinCEN regulations that implement the BSA, all “money service businesses” (“MSB”), including “fund transfer businesses”, must be registered with FinCEN and comply with the record keeping and transaction monitoring obligations required by the BSA. According to BSA, money service business is subject to the federal anti-money laundering regulations promulgated by FinCEN. “Fund transfer business” is a money service business regulated by FinCEN.
A fund transfer agency refers to a person who provides a “cash transfer service”, which is defined as “accepting currency, funds or other values to replace one person’s currency, and transferring the value of currency, funds or other alternative currencies to another in any way Location or person”. The definition of fund transfer business does not distinguish between legal tender and digital assets. “Accept and deliver anything of value that can replace currency and make it a money service organization” and require this person to comply with BSA regulations.
In other words, the related businesses of encrypted digital currency transactions are regulated by “FINCEN”, and MSB is a necessary but insufficient condition for compliant digital asset transactions. If you need to engage in fiat currency trading exchanges, you also need to apply for the MTL or trust licenses of each state. Several states also have separate licenses for encrypted digital currencies (such as the special BIT LISENCE in New York State). Therefore, after holding MSB, you can conduct currency trading business in the United States in compliance, and after holding the MTL of each state, you can conduct legal currency exchange related business in the state in compliance.
(3) In addition to the license, there are also KYC/AML/CFT requirements for the daily operations of digital currency companies
KYC (Know your customer) means “know your customer”, that is, the verification of customer identity and the understanding of business behavior. AML refers to Anti Money Laundering, anti-money laundering; CTF refers to Counter-Terrorism Financing, to combat terrorist financing.
KYC can effectively detect and report suspicious behavior. The specific scope of KYC includes but is not limited to: confirm the identity of the direct customer, who or who the customer is; verify whether the independent documents, data or materials submitted by the customer’s identity are true and reliable; confirm the actual ownership and control rights-confirm What natural person ultimately owns and controls the direct customer, and/or the actual beneficiary of the transaction; verifies the identity of the actual owner of its customer and/or the actual beneficiary of the transaction; conducts continuous due diligence and scrutiny-in contact with the customer During the duration of the business relationship, conduct continuous detailed inspections of transactions and accounts to ensure that ongoing transactions are consistent with the financial institution’s understanding of customers, customer businesses, and customer risk status. If necessary, the source of funds should be confirmed.
The U.S. government’s main body responsible for AML, CFT and KYC related supervision is the Financial Crimes Enforcement Network (FinCEN) under the Department of the Treasury. FinCEN cracks down on financial crimes within and outside the United States from three different aspects: AML, CFT, and KYC, but these three are inextricably linked. On the one hand, one of the targets of AML measures is terrorism financing services, and a very important method of CFT is to implement strong AML measures. Therefore, broad AML usually includes both aspects. When the term AML is used in the following, both refer to AML and CFT. On the other hand, one of the important aspects of AML measures is KYC, so we can see that some AML/CFT specifications also include direct or indirect KYC requirements, but the broad KYC is not only for the purpose of anti-money laundering. To sum up, the three regulatory scopes overlap and have their own coverage areas.
KYC/AML/CTF risk is an important focus of US regulatory agencies.
- The key requirements of KYC are mainly
A complete KYC specification consists of the following parts: (i) Customer Identification Program (CIP)-including the collection, verification and record keeping of customer identification information, as well as customer verification based on a list of known terrorists; (ii) Customer Due Diligence (CDD)-to identify and screen customers who are too risky to conduct business with them; (iii) Enhanced Due Diligence (EDD)-a more in-depth investigation of high-risk customers Due diligence to collect more information and in-depth understanding of customer activities, thereby reducing the risk of financial crimes such as money laundering;
- Digital currency anti-money laundering (AML) key requirements
Usually money laundering behavior can be divided into three stages: Placement, Layering and Integration. Since encrypted virtual currency itself has the characteristics of decentralization, anonymity, and irreversibility, compared with traditional money laundering, using it to commit money laundering crimes makes it more difficult for regulatory agencies to track. By using encrypted virtual currency, money launderers can quickly obtain an anonymous account through the encrypted virtual currency exchange. Even if the virtual currency transaction service provider requires identity authentication, the money launderer can still use false identities, steal the identities of others, and use agents To avoid identity verification, and to combine anonymous e-wallets and tracking-free virtual private networks (VPN) to achieve anonymity of transactions. Blockchain technology and digital currency can be used as tools for money laundering, which has long attracted the attention of financial regulators.
On June 22, 2019, the FATF of the Anti-Money Laundering Financial Action Task Force officially released the “Risk-Based Perspective: GUIDANCE FOR A RISK-BASED APPROACH TO VIRTUAL ASSETS AND VIRTUAL ASSET SERVICE PROVIDERS )
The European Union has also tightened its control on the “money laundering” of digital currencies and introduced a new regulation called “5AMLD”.
- Blockchain transaction monitoring
In order to cope with the characteristics of anonymous transactions of digital currency and easy to be used for money laundering, digital currency trading platforms need to connect with third-party blockchain transaction monitoring tools to query data for each transaction that occurs with the platform’s wallet, and determine the source address or address of the transaction. Whether the destination address has illegal use. When illegal transactions are discovered, related assets and users should be actively frozen, and remittances should be sent to the monitoring department.
The main services provided by this type of blockchain data monitoring are:
(1) Real-time monitoring and analysis of public chain
Check the account information and transaction history information of the block data of the mainstream cryptocurrency system, and provide real-time monitoring services, including Bitcoin, Ethereum, etc. By establishing an account identity information database, you can view suspicious account transaction records and report history at any time, and regularly review the validity of account identity information, and revise account risk ratings in a timely manner. Risk rating is carried out in accordance with the procedures of system preliminary evaluation, manual re-evaluation, dynamic trigger rating and regular review rating.
By analyzing various transactions on the public chain, setting data extraction rules, and then extracting account data and transaction data to the data warehouse of the anti-money laundering system. The system screens out suspicious accounts and suspicious transaction related information according to the set suspicious transaction standards and anti-money laundering blacklists.
(2) Investigation and evidence collection
Such software can also provide professional cryptocurrency account and transaction investigation analysis and evidence collection services for regulatory agencies. Through the time monitoring and analysis system and the blockchain analysis expert team to investigate virtual asset crimes, find related suspicious activities, and generate investigation reports. Real-time tracking of the asset trend of the account involved in the case, helping law enforcement agencies grasp the asset transfer destination of the suspect account, and then tracking the real user identity corresponding to the suspicious account through comprehensive account analysis, and issuing evidence collection reports that meet the requirements of judicial evidence collection.
What can China’s encrypted digital currency law learn from the United States in terms of compliance?
Clarify the competent regulatory authority
Although each country has a different judicial environment and rule of law system, and the regulatory experience of the United States may not be fully applicable to China, the existing financial regulatory systems of the two countries have obvious similarities. China’s traditional financial sector currently also adopts a “license-based” management method. To engage in banking, trust, securities, insurance and other fund transactions requires corresponding financial licenses, which are also under the supervision of the China Banking and Insurance Regulatory Commission and the China Securities Regulatory Commission respectively; to engage in online loan business requires a “Internet small loan” license; such as Alipay, which is the most well-known payment field For Ant Financial, you need to hold a “third-party payment” license. The application, daily supervision, and continuous compliance requirements and difficulties of each license are different, which greatly restricts and improves the professional and compliance requirements of financial service institutions, and realizes the supervision and management.
Licensed
As mentioned earlier, the United States already has relatively sound “licensing” rules for “legally engaging in encrypted digital currency transactions”. However, China has not yet clarified a dedicated regulatory agency for encrypted digital currency business, nor has it set up complete rules to provide a formalized channel for encrypted digital currency practitioners. The author believes that in the future, Chinese regulators can learn from the existing financial license management system in terms of regulatory system design and compliance requirements, and learn from the United States and other countries in terms of supervision and management, detailed KYC/AML internal control/external control rules, etc. Experience, and “licensing” may be one of the feasible directions in the absence of rapid formation of systematic laws and regulations.
Support blockchain big data and compliant technology companies
Transaction monitoring is a very critical part of digital currency anti-money laundering. At present, most of the mainstream digital currency transaction monitoring companies are European and American companies, such as CypherTrace, Chainalysis, and Elliptic. These service providers have better monitoring of the addresses and transactions of the digital currency wallets belonging to overseas countries, and have established a rich and accurate marking database. However, there are many large-scale trading platforms and transaction data in the Chinese market that have not been included, and local technology companies in China are required to collect and organize data and provide query services.
For cryptocurrency practitioners, when China’s regulatory system is not yet complete, they can also refer to the regulatory requirements of the United States and other countries to actively improve their compliance level, and at the same time increase investment in the field of technical security, deploy key technologies, and To assist in the compliance control of trading behavior.
