How much privacy should individuals be granted when it comes to financial transactions involving cryptocurrencies and wallets? Should that expectation of confidentiality change if the government believes disclosure of all or part of an individual's cryptowallet information could help uncover crimes such as money laundering or financing for terrorist attacks? How should these concerns be balanced against the right of privacy?

Government regulators, crypto enthusiasts, criminal defense attorneys, and civil rights activists can be expected to weigh in on these issues as the Financial Crimes Enforcement Network (FinCEN) a division of the US Treasury Department, considers "Requirements for Certain Transactions Involving Convertible Virtual Currency or Digital Assets (the "proposed rule") 

Like the existing Currency Transaction Reporting (CTR), the proposed rule would require that banks, money services businesses (MSBs), and virtual asset service providers (VASPs) maintain records, verify information, and file reports with FinCEN. The proposed rules would apply to every convertible virtual currency (CVC) or digital asset with legal tender status (LTDA) transaction exceeding $10,000 involving an unhosted wallet or an "otherwise covered wallet". Financial institutions would be required to record the CVCs and LTDAs of customers and their counterparties. In addition, banks and MSBs would have to identify their customer's counterparty if the transaction exceeded $3,000, and the wallet was unhosted or otherwise covered

Banks and MSBs would be required to collect and report more accurately under these proposed rules, which could aid government investigators by hindering money laundering and the financing of illicit businesses.

The Rocky Road to... Here

Championed by former Treasury Secretary Steve Mnuchin and introduced during the lame-duck portion of President Trump's tenure to address "substantial national security concerns", the proposed rule was viewed by opponents as an attempt to ramrod the regulation through without proper vetting by the industry.

Overview of a Bungled Rule Change

  • Mnuchin's FinCEN issues a notice of proposed rulemaking (NPRM) for the wallet rules with an unprecedented 15-day consultation. Backlash ensues immediately. Most FinCEN rule considerations include 30 to 90-day comment periods and some are as long as 120 days.
  • The initial 15-day consultation ended on January 2, 2021.
  • Under fire, FinCEN extended the crypto wallet rule comment period by 45 days on January 14, 2021.
  • On January 21, 2021, President Biden froze all Treasury Department rule-making pending a review for 60 days.
  • FinCEN's regulatory freeze ended on March 22, 2021

The proposed rule's resurrection by the Biden administration focuses on crypto's potential use by criminals and those who could threaten America's national security. While a decision could come as early as September, the thousands of comments generated by the original rule could lead the government to reopen comments to ensure that the concerns of the public are adequately addressed.

Privacy Concerns

The proposed rule would entail high administrative costs. It would also defeat much of the anonymity sought by parties conducting financial transactions using crypto and administering contracts on the blockchain, a fundamental pillar that attracts investors and technology companies. Privacy is a particular concern here because crypto wallets include the owner's complete transaction history, information that can easily be used for overall surveillance and profiling purposes.

Furthermore, with the pending explosion of the Metaverse, we are about to witness the spread of thousands of pieces of personally identifiable information. The legal framework for handling this information raises basic issues of individual privacy. For example, the federal government could easily track an individual's digital activity if exchanges are required to provide the government with blockchain addresses, physical addresses, and names. In contrast, when a person exits a bank with physical currency, the bank can report that event, but the currency cannot be used to track that person's location or prior transaction history.

Finally, and perhaps counterintuitively, the proposed rules could impede FinCEN's mission of tracking malicious actors: even if the new reporting requirements drive bad actors away from U.S. exchanges, they are likely to move to offshore platforms outside of FinCEN's jurisdiction

Implications for DeFi Platforms

The proposed rules would have to be implemented among exchanges, brokers, and other financial custodians. To ensure that funds are not sent to wallets without personal information, exchanges might have to authorize individual wallet addresses. This would almost certainly negatively impact the crypto user experience by increasing the time and effort required to complete transactions, in addition to raising the privacy concerns discussed above. 

Furthermore, it is unclear how the FinCEN proposal could be practically implemented by DeFi platforms, exchanges, brokers, and other custodians. Smart contracts lack a name or a physical address, so they cannot interact with U.S. financial systems. For a business to send a large payment using crypto, it must know the counterparty's name and address. 

The vagueness of the proposed rule makes it unclear whether funds used in DeFi would or could be accepted by a 'hosted' wallet. If the proposed rules are passed, current DeFi would be unusable in the United States. Without a strategy to address the issues raised in this section, the U.S. may be significantly disadvantaged compared to other countries that adopt effective policies to encourage innovation and development in this area.

The Response

Opponents forced the approval process into abeyance shortly after the proposed rule was promulgated, with many echoing Washington, D.C.-based Chamber of Digital Commerce President Perianne Boring's assessment of the proposed rule as "a huge overstep in privacy."

"As anybody knows, in the crypto or the blockchain space, once you have a wallet address, you don't only have the history of that one transaction that applies to that regulated institution, you have that person's entire transaction history going backward and going forward," Boring said. "That is what is an overstep and potentially would create, what I would argue, a surveillance state, which is absolutely not appropriate."

Groups and companies such as Coinbase have already begun drafting comments in response to FinCEN's proposal. Coin Center has set up a module for the general public to streamline the process

Compliance with Applicable Laws and Regulations

FinCEN should appreciate the magnitude of the comment period on this regulation as opposed to those for previous regulations. The Treasury Department, under a new administration, should continue completing these proposed rules incorporating changes based on feedback received during the comment period. 

The public should take advantage of this unique opportunity to provide feedback, which may be aided by input from counsel well-versed in the matter, to guarantee that perspectives from all categories of market participants are reflected as new rules are developed.

Consulting an experienced crypto attorney can help platforms, creators, and others in the convertible virtual currency space comply with all applicable laws and navigate the complex and constantly evolving legal and regulatory landscape.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.