Privacy & Compliance
Defining Compliance in the Context of Privacy
In general, compliance, specifically regulatory compliance, describes rules and policies that prohibit and regulate certain products, practices, and services. From one side, it has a protective function. From another, invasive. In general, people despise the latter until they understand how much they need the former (normally in the aftermath of the FTX/Lehman moments). Any regulatory regime is characterized by some balance between the two, or put it differently - the balance between privacy and compliance.
Think retail. For users of regulated institutions dealing with crypto, there are few things more burdensome than having to comply with the AML and KYC rules. AML/KYC regulations are especially relevant for the web3* world given the pseudonymous nature of blockchains. From the perspective of an individual, these regulations are perhaps the most invasive of all - there are few other statutes that would require businesses to subject their users to disclosing so much private information. It also does not really help that businesses are also not particularly good at safeguarding these data.
When considering institutions, elaborate rules and heavy disclosures contained within investor protection rules and banking regulation and imposed upon them by the likes of the US Securities and Exchange Commission (SEC) and Commodities and Futures Trading Commission (CFTC) serve investor protection and, on a broader level, uphold system integrity and confidence of agents comprising it. It is another side to regulation that, as recent events have shown and always in hindsight, probably deserved much more scrutiny for the good of the web3 sector.
In the last several months crypto has seen its own 2007/08 credit crunch - some of the largest firms in the CeFi space, including but not limited to FTX, 3AC, Celsius, and BlockFi have imploded in a spectacular fashion as a result of bad incentives and good old credit contagion. We have seen it many times - as time goes, only the dates, brands and names are changing, while the underlying principles of 'Lehman style market events' remain the same[5][6].
On December 6 of this year the Economist published an article[7] where Hayden Adams, founder of Uniswap, notes:
'CeFi and traditional financial institutions, such as banks, are prone to risk build-ups. That is because their balance sheets are insufficiently transparent to investors and regulators, and their interests are often not aligned with those of their users. For example, when employees' compensation models incentivise risk, other stakeholders can be left in the lurch if things go wrong. FTX is not the only casualty among cryptocurrency firms in recent months. Major consumer lenders, including BlockFi, Celsius and Voyager, also met similar fates. Public blockchains allowed users to watch $6bn of asset withdrawals happen in real time from a wallet that was owned by FTX. But because FTX is a CeFi company, there was no visibility into how much was owed to customers and where those withdrawn funds were going. When it comes to more traditional financial bodies, consider that it took months to untangle flows between Archegos Capital, an investment firm which collapsed in 2021, and its counterparties, and more than a decade to unwind Lehman Brothers, a bank which filed for bankruptcy in 2008.'
Trustless and free, financial either of web3's DeFi is designed to not require assumptions about counterparty integrity and good standing. No ledger disclosures and audits are required as everything is by definition on-chain. Transactions are conducted between consenting adults. Justice is served by the code. Among other factors, the lack of specific regulation targeting investor protection in the context of DeFi has led to the proliferation of various unethical practices which are now well documented[8][9][10].
With the right opsec, no privacy is sacrificed in the process and as the last business cycle has shown, financial resilience is achieved without regulation. But is DeFi, as we know it, the endgame?
As a side note, knowing your counterparty allows for much more fine-tuned risk management techniques and in aggregate improves the allocative efficiency of capital deployed. Think of different interest rates a bank could charge to a reputable borrower when compared to a NINJA applicant.
Rules serving investor protection would be a value add to the web3 space, given its scale, the centralized and obscure nature of CeFi ledgers and the hyper-financialized anonymous nature of DeFi. But nothing in this world is free and privacy is the price to pay for compliance. Or is it?
The question we will attempt to answer in this article is whether we can leverage the latest advances in blockchain technology and zero knowledge cryptography to have it all - regulatory compliance, and ledger transparency, all while retaining user privacy.
Compliance and TradFi
Investor Protection
In the US, the 1929 stock market crash opened the floodgates to regulatory intervention in the financial services industry. Among others, the SEC was created in 1934 to scrutinize companies offering securities for sale and those companies intermediating these assets' sale and trading (e.g. exchanges). All advanced economies today have similar statutes when considering securities and one of their main goals is investor protection. [11] [12] [13] [14] In layman terms, the SEC's mandate is to ensure that an outright fraud and less trivial, but still willingly committed infractions don't happen, and more importantly, even if they do, that wrongdoers end up broke and behind bars. Nobel in their design and intent, these statutes stand in stark contrast to what is common in crypto where the pseudonymous nature of accounts makes it so much more trivial to defraud the commons and disappear in the neon ether of crypto space, unpunished and unidentified.
When investor protection rules fail, a lot can go wrong:
- TradFi: Enron, Worldcom, Refco, Wirecard, Theranos and others.
- Web3: FTX, OneCoin, BitConnect and more[8][15].
Banking Supervision
Banking supervision was also enhanced with the introduction of the Glass-Steagall Act/Banking Act of 1933 (which was later effectively repealed by the Gramm-Leach-Bliley Act of 1999 and largely reinstated with the Dodd-Frank Act of 2010) and the Basel Accords. In very general terms, global banking regulation aimed to monitor and scrutinize how and how much risk banks are allowed to take (e.g. capital adequacy monitoring) with their depositors funds, reduce the risk of bank runs, and provide a framework for insurance of depositors funds. [16] [17] In other words, banking supervision frameworks are designed to prevent the recurrence of Celsius and BlockFi moments. Banks are not and should not act as hedge funds, and non-banks should not touch clients' funds.
The way banking supervision rules as we know them today have emerged is at the core of the belief by many that regulation is reactive in nature. Every fresh new iteration thereof is born out of yet another financial apocalypse:
- TradFi: Lehman Brothers, Washington Mutual, IndyMac, and more of the largest US banks that have been bailed out (e.g. Wells Fargo, JPMorgan Chase, and Citigroup)
- Web3: FTX, Celsius, BlockFi, Voyager Digital.
AML Regulations
Other prominent regulation includes the Bank Secrecy Act of 1970 (of which KYC and transaction monitoring/recordkeeping/reporting fall), the US Sanctions Program, and upcoming regulatory legislation, such as Europe's Markets in Crypto-Assets Regulation (MiCA)[18] all serve the purpose of tracing the funds acquired as a result of / sent towards various illicit activities. In order to comply, institutions develop a paper trail of illicit activity for regulators and enforcement agencies to follow when required. In order for the trail to be meaningful, there needs to be KYC**. KYC standards and transaction monitoring - under which entities of various classifications are required to meet information collection and transaction monitoring requirements under the aforementioned Bank Secrecy Act. In short, KYC/AML regulations are designed to make sure that when bad actors are identified, they are duly punished - with any funds acquired illicitly also being confiscated or otherwise made unavailable.
Financial Crimes Enforcement Network (FinCEN) has the total authority to administer the BSA, and bring enforcement actions against those in violation of its terms. The Department of the Treasury's Office of Foreign Assets Control (OFAC) has a broader jurisdictional mandate, overseeing all financial transactions in the US, and may sanction any individual, entity, or country that poses a threat to national security. Hence, if an OFAC-designated individual or entity has an interest in any transaction processed through or property held by a US person or entity - such as the aforementioned MSBs - they could be required to block, freeze, segregate funds, and file certain reports with OFAC. Effectively, OFAC must have the ability to scrutinize the various parties and entities interacting with US-based or US-affiliated entities, and if an OFAC-designated individual finds proof or believes there to be an item of interest then they can force the protocol or platform to comply.
As the BTC-E, and more recent Tornado Cash situations starkly illustrate, the nemesis for non-compliance by web3 with the statutes designed to overcome opacity of the traditional financial system is as harsh as it is inevitable. But can we really in good faith compare these two notorious cases? The former has been an example of conspiracy for money laundering and embezzlement, while the latter in principle has been designed as an open source solution for solving real world problems arising from the transparency feature of blockchain ledgers.
A Brief Summary on TradFi Regulation
'The transparent nature of public ledgers on blockchains stands in stark contrast to the default privacy of the traditional financial system, which arises from the recording of transactions on private ledgers maintained by financial intermediaries, supported by statutory rights to financial privacy and human controls on access to sensitive financial information. Indeed, regulations and guidance promulgated by the Department of the Treasury's (Treasury) Office of Foreign Assets Control (OFAC), responsible for the U.S. financial sanctions regime, and the Financial Crimes Enforcement Network (FinCEN), responsible for U.S. anti-money laundering regulations and supervision, along with their enabling statutes, have been designed to compel transparency to overcome the inherent opacity of the traditional financial system and the privacy it affords. The recordkeeping and reporting requirements arising from these statutes require financial intermediaries to maintain and disclose information to the government (as well as take other actions such as blocking access to assets) in order to support law enforcement investigations, stop terrorist financing, and advance national security policies, among other things. Importantly, these measures create exceptions to protected privacy rights and represent a balance - albeit an imperfect one - between privacy rights and compliance requirements.'
a16z: Privacy-Protecting Regulatory Solutions Using Zero-Knowledge Proofs[20]
While governments and regulatory authorities strive to continuously improve investor protection, enhance AML frameworks, and contribute to more efficient markets, it is important to note that regulation is relatively slow, for many reasons not always effective and is often considered of mostly reactive nature. [21] [22] [23] [24]
This statement is highlighted by the events around Enron, WorldCom, Lehman Brothers, Wirecard, WeWork, Nikola, Theranos and many others where billions were lost while eroding investor confidence.
A Note on DeFi Credit Markets
DeFi implemented on public blockchains enables full transparency into credit markets' balance sheets by default. TradFi giants JPMorgan, Goldman Sachs and the European Investment Bank believe that on-chain bond issuances will reduce various risks including but not limited to settlement, operational, and liquidity. Notably the DeFi's 'self-custody' model leaves the control and risk management - that is they choose their own security model - either by trusting a custodian (e.g. Fireblocks) or themselves. It is important to stress that self-custody implies that assets are accessible only to the individual holding the key, not a 3rd party custodian each with their own set of moral hazards, risk management practices and ethical standards.
Despite the extremely volatile market, over the past year, DeFi credit markets (e.g. Aave and Compound) have proven to be stable by processing nearly $50 billion in loans and nearly $1 billion in liquidation with minimal bad debt. Importantly, and in light of the aforementioned, DeFi credit markets by design do not need clearing brokers - that is, liabilities will always be equal or lower than the assets backing them.
Note that FTX/Alameda Research had to honor their DeFi commitments despite having their balance sheet disintegrating, as margin calls in DeFi are non-negotiable effectively prioritizing these over their CeFi counterparts.
The Question
In other words, the conundrum is simple: DeFi offers a superior transparency and security model and runs a far superior technological platform when compared to TradFi and CeFi. At the same time, however, it is:
- prone to low capital efficiency as a result of trustlessness assumptions baked into the system, is
- unregulated and hence prone to abuse and fraud,
- pseudonymous and hence too transparent in some respects (simple profiling, hacks, threats of physical violence),
- and yet not transparent enough in others (fraudsters/hackers routinely get away with their crimes at the expense of users and ultimately web3 adoption).
Can we take the best of both worlds, while leaving inefficiencies of both systems in the backwaters of history?
Privacy and Public Networks
From its inception, the blockchain technology was built around user anonymity, and the benefits thereof are immense; for example, blockchain users enjoy an extent of certainty that no central authority can, by force (unless physical), influence their decisions and actions. From the personal standpoint of an everyday user, the assumption of anonymity is closely related to that of security.
While holding true when transactions are confined to a single blockchain - this anonymity is surface level at best when exposed to any number of simple, real-life scenarios possible in the context of mass-adoption, for example:
- Alice wishes to buy something at a supermarket (that permits BTC payments), in-person, with her Bitcoin.
- The supermarket will provide Alice with its Web3 payment details and Alice will make her payment.
To Bitcoin blockchain this transaction is completely anonymous, as on-chain data in isolation suggests nothing about Alice's off-chain information, but the supermarket has more information - they know how Alice looks, or might have a rewards program providing additional information, and using the information she knowingly (or otherwise) disclosed, they can connect her on-chain activity to her real world name and physical address. Assuming this knowledge the supermarket would also now know the balance of the account Alice used, and from her transaction history they can know which services she might have used in the past. The privacy concerns are aggravated further if one considers modern blockchain analytics technology. Contemporary heuristic analysis of interactions within a blockchain easily erodes privacy - while there is benefit of detecting suspicious financial activity, the drawbacks are numerous including susceptibility to social engineering, fraud, and theft of assets.
Various projects have attempted to guarantee the privacy of Web3 users with many having working implementations of their product - one can explore some of them in the Appendix.
But as anything, privacy comes at the cost and in the blockchain space this cost is compliance with regulations, and thus, ultimately, crypto's mass adoption.
Compliant-Privacy via Zero Knowledge Proofs
As the discussion above illustrates, there are clearly many benefits that can be realized by combining both compliance and privacy on-chain; a new paradigm providing what might be considered the strongest compromise of Web3's founding principles, and regulatory compliance solving very real problems for both, DeFi, transparent, yet scam prone and TradFi, regulated yet obscure. Let's unpack this.
Distributed ledgers are infinitely superior to the TradFi tech stack. They lend themselves to more effective (self) regulation, and composability while enabling true financial and economic sovereignty. Yet, they cannot exist in isolation from the capital fueling the veins of the traditional financial system. If these two are to interact, they have to converge and this convergence will take two forms: technological and regulatory. Absence of regulation for web3 will necessarily come at the expense of adoption - it is as objective as it is unfortunate that an average web3 startup could benefit immensely from more dedication on the side of its founders and less frictionless access to retail exit liquidity. At the same time applying TradFi statutes to web3 head first won't work either due incompatible ethos and technological stack. It would also destroy the immense innovation potential currently flourishing in the web3 space. Is there a compromise?
Can we have the best of two worlds?
The cryptography of zero knowledge proofs, and the tech stack that evolved around it, provide the base from which both privacy and compliance may be achieved; with the ideal situation being one in which a user would be able to prove with full mathematical certainly aspects of their identity, transactional history, reputation and financial good standing to other on-chain entities, regulated or otherwise, without disclosing any private information. On the other hand, with the use of zk stack, the said on-chain entities would be able to pre-set programmable rules of interactions (such as only KYC'ed accounts can interact) creating sorts of dynamic whitelists (who can and cannot interact) and conditions of this interaction (different terms depending on one's web3 footprint).
Pseudonymous protocols can serve as a foundation of various economic, financial and social primitives such as over-collateralized lending, moderately complex composite and contingent transactions, and trivial governance frameworks. Zk-powered tech stack and the privacy made available through it, would make on-chain compliance possible and provide the Web3 space with gains in terms of better incentives (or less bad incentives to be precise), more elaborate governance primitives, and vastly superior attainable capital efficiency.
As alluded to elsewhere:
'Zero knowledge proofs, a cryptographic innovation that enables auditable security without undermining secret-keeping, is one solution to reconcile consumer privacy and regulatory compliance. …Zero knowledge proofs are powerful tools for preventing the abuse of privacy-preserving web3 protocols.' [25]
In the upcoming articles we will be introducing potential applications of zero knowledge proofs and related tech stack to web3 privacy, especially in the context of regulatory compliance. In the meanwhile for those who missed it:
- ZkKYC design: https://docsend.com/view/85ua264xxc8sesut
- Tech Article #1: https://medium.com/galactica-network/technical-article-1-oracle-nodes-and-zkcertificates-ea55edcd6b99
- Whitepaper: https://docsend.com/view/n5nnsyraaifzpvqw
- Use-Cases: https://docsend.com/view/r6k4pmuzqmhte957
Appendix - Privacy-Oriented Solutions
There are a number of privacy solutions available in the Web3 space today, making various attempts to hide, or otherwise obfuscate a user's transaction history for the purposes of increasing user privacy - sometimes at the expense of the ability to remain compliant. We note several relevant examples here to further the reader's knowledge and provide context for future sections.
ZCash
Zcash was built on the original Bitcoin code base with several key improvements, namely privacy-preserving shielded addresses employing zkSNARK technology.
Zcash addresses are either private (z-addresses) or transparent (t-addresses). Between these two types of addresses, there are four transaction types:
- T-to-T: Public
- Z-to-Z: Shielded
- T-to-Z: Shielding
- Z-to-T: Deshielding
A Z-to-Z transaction appears on the public blockchain, so it is known to have occurred and that the fees were paid, but the addresses, transaction amount, and memo field are all encrypted and not publicly visible. This type of encryption is only possible through the use of zero knowledge proofs (ZKPs), and the owner of an address may choose to disclose z-address and transaction details with trusted third parties.
A T-to-T transaction works just like Bitcoin: The sender, receiver, and transaction value are publicly visible. While many wallets and exchanges exclusively use t-addresses today, many are moving to shielded addresses to better protect user privacy.
ZCash is not programmable, thus its primary use case lies in its utility as a payment service.
Monero
Monero is a cryptocurrency that emphasizes privacy from the outset, and was launched in 2014. It is a fast, private, and secure open-source protocol utilizing the CryptoNote application layer. Monero is the first cryptocurrency in which all users are automatically anonymous. Stealth Addresses, Ring Signatures, and RingCT are the three main technologies that obfuscate the sender, recipient, and transaction number.
Tornado Cash
Tornado Cash is currently a sanctioned entity in various jurisdictions, however, it is still worth mentioning here for the valuable technical perspective it provides. A decentralized non-custodial privacy solution built on Ethereum blockchain-based zero knowledge proofs Tornado Cash enables users to break the links in on-chain transactions and enhance transaction privacy between deposit and withdrawal addresses.
Tornado Cash creates a secret hash when a user deposits crypto, and its protocol admits the deposits and the hash in a process known as commitment. The commitment identifies the owner of the funds and confirms them during withdrawal, and when withdrawing funds, the user must input the secret hash to prove ownership while maintaining on-chain anonymity.
Essentially Tornado Cash is a coin mixer - i.e. when you mix assets using the Tornado Protocol, you have the ability to break your blockchain transaction link to gain a high level of privacy, even on a public network like Ethereum.
Railgun
Railgun is an on-chain privacy solution for Ethereum, BSC, and Polygon, with plans to expand into the likes of Solana, NEAR, Arbitrum, and Metis. Railgun leverages zero knowledge cryptography (ZKC) to enable arbitrary smart contract calls, privately and without leaving the security of the user's preferred chain.
Railgun also allows users to interact with smart contracts, such as those used for DEX trading, yield farming and other dApps. Layered upon this unique on-chain system is a suite of adapters called Adapt Modules that may be utilized by existing applications on Ethereum.
When a user deposits assets to Railgun, a zero knowledge 'note' is created that represents both the assets themselves, and the owner of those assets - in addition users can split their notes into smaller ones, and even modify the owner of said notes.
Users withdrawing assets from Railgun can prove their ownership of zk-notes, and the notes are burned when the assets are withdrawn. Privacy is preserved by the sheer multiplicity of users performing deposits, splits, transfers and withdrawals on the system.
Aztec
Aztec Network is the first private ZK-rollup on Ethereum, enabling decentralized applications to leverage privacy at scale. Aztec's rollup is secured by the PLONK proving mechanism used in many leading zero knowledge scaling projects, and the first product built on this rollup was zk.money, a private transfer protocol. Aztec also developed the first private bridge for Ethereum called Aztec Connect, which, together with the products mentioned above, allows users to easily transfer funds between each other on both the Aztec network, and other well established DeFi protocols in a private manner.
Technically, Aztec Network employs the use of zero knowledge 'notes' that users may split in any manner they wish, and may modify ownership details of any notes they possess.
In terms of compliance, Aztec has put some restrictions on the amounts users can deposit at the address-specific, IP-specific and Network levels. To further reinforce compliance All Aztec accounts are created with viewing keys that guard viewing access to details of all transactions received and sent with the accounts (e.g. sender, receiver, asset type, amounts). In order to demonstrate compliance, users can share their viewing keys with whomever makes a request to view their Aztec transactions.
We will close this section with yet another quote:
'While there are newer, more narrowly adopted layer-1 blockchains that primarily focus on privacy, for those blockchains that are not inherently private, users have to rely on a host of smart contract protocols and layer-2 blockchains that anonymize transaction data, many of which use zero-knowledge proofs, privacy-preserving cryptographic techniques, to achieve anonymity. These protocols and blockchains have commonly been derided as having solely nefarious purposes (including by being labeled 'mixers'), and while it is irrefutable that a portion of their volume has ties to hacks and other illicit purposes,1 there is undeniable value in advancing privacy-preserving technology for lawful purposes. In fact, such technologies could permit legitimate consumers to benefit from a level of financial privacy and consumer protection beyond what is enjoyed by consumers of traditional financial services.' [20]
* Within the context of cryptocurrencies, compliance often refers to either US-based (anti-terrorism financing laws[1], and the SEC[2] respectively) or EU-based regulations and regulatory bodies (see the coming EU AML/CTF package[3], or the EU's Commission on Finance[4]). The US and the EU tend to occupy the spotlight on compliance standards as a result of more developed capital markets and, hence, effective regulatory regimes and enforcements standards.
** It is here that MSBs and other regulated businesses dealing with crypto are expected to obtain KYC information from the persons using their services or products to conduct transactions. The minimum information MSBs must obtain is the user's name, address, and tax identification number as part of this KYC process[19]. Furthermore, it is expected of MSBs to monitor and record all transactions made through their platforms for the filling of Suspicious Activity Reports (SARs).
References
[1] US Department of State. Anti-Money Laundering and Countering the Financing of Terrorism
[2] US Securities And Exchange Commission. Crypto Assets and Cyber Enforcement Actions
[3] PwC. The EU AML Package
[4] European Commission. Enforcement and infringements of banking and finance law
[5] Yale School of Management (2019). The Lehman Brothers Bankruptcy A: Overview
[6] Wiley (2011). Corporate Financial Distress and Bankruptcy: Predict and Avoid Bankruptcy, Analyze and Invest in Distressed Debt, 3rd Edition
[7] The Economist (2022). A crypto-exchange founder makes his case for decentralized finance.
[8] Chainanalysis (2021). The Biggest Threat to Trust in Cryptocurrency: Rug Pulls Put 2021 Cryptocurrency Scam Revenue Close to All-time Highs
[9] F.Cernera, Massimo L.M, A.Mei (2022). Token Spammers, Rug Pulls, and SniperBots: An Analysis of the Ecosystem of Tokens in Ethereum and the Binance Smart Chain (BNB)
[10] Solidus Labs(2022). The 2022 Rug Pull Report
[11] US Securities And Exchange Commission. The Role of the SEC
[12] Federal Financial Supervisory Authority
[13] Swiss Financial Market Supervisory Authority
[14] Financial Conduct Authority
[15] Chainanalysis (2022). Mid-year Crypto Crime Update: Illicit Activity Falls With Rest of Market, With Some Notable Exceptions
[16] Corporate Finance Institute (2022). Glass-Steagall Act
[17] Basel Committee. History of the Basel Committee
[18] European Union. Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on Markets in Crypto-assets, and amending Directive (EU) 2019/1937
[19] European Council on Foreighn Relations (2016). Records to be made and retained by financial institutions
[20] a16z (2022). Privacy-Protecting Regulatory Solutions Using Zero-Knowledge Proofs
[21] Geneva Reports on the World Economy (2009). The Fundamental Principles of
Financial Regulation
[22] Harvard Law School Forum on Corporate Governance
[23] US Securities and Exchange Commission (2015). Protecting Investors through Proactive Regulation of Derivatives and Robust Fund Governance
[24] Financial Conduct Authority (2022). Critical issues in financial regulation: The FCA's perspective
[25] a16z (2022). Achieving Crypto Privacy and Regulatory Compliance
