Crypto exchanges are regulated entities. This is shown as proof of trustworthiness by the crypto industry. However, the regulations to which crypto exchanges have to comply are completely outdated and inadequate.
In the United States, crypto exchanges have to register with the FinCEN as “money transmitters”. It’s a category within the Money Services Business (MSB) classification, which encompasses activities such as broker dealer, forex operators, or cashiers. The crucial part is that MSBs in general and money transmitters in particular are subjected to much less stringent AML/KYC regulations than banks. In the case of crypto, this is ludicrous.
Know Your Client (KYC)
As money transmitters, crypto exchanges’ AML/KYC regulations are mostly about knowing who their customers are. Exchanges that accept cash deposits must have on file a scan of your ID, generally with a selfie, and also keep a record of all your transactions for the last 5 years, while also filing reports with authorities on particularly large transactions. Those who don’t deal in cash, i.e. only accept crypto deposits, don’t operate in the U.S. so let’s focus on the first kind.
No inter-party transactions
Remember Liberty Reserve? It got busted by the FinCEN in 2013 for acting as a financial institution without having proper anti-money laundering (AML) procedures in place. The service would allow its users to deposit and withdraw cash, and to transact among them. Because it performed much less stringent verification than banks, it quickly became the go-to place for criminals and shady transactions.
Crypto exchanges are not Liberty Reserve. In particular, they don’t allow inter-account transactions. Those that deal in cash, only accept money from your bank account (requiring you to submit proof of identity), and only allow you to cash out to your own bank account.
For this reason, crypto exchanges are subjected to much less stringent AML regulations than banks. In particular, they don’t have to collect information about transactions (who you’re sending funds to, or whom you’re receiving them from), because, well, they supposedly don’t allow this kind of operation. They also don’t have to perform source of funds verification, especially when depositing crypto. Source of funds (or proof of funds) is a rule that forces your bank to call you up when you deposit a large amount, and require you to explain how you got all that money while flipping burgers at McDonald’s. Supposedly, because crypto exchanges don’t allow inter-account transactions, and only allow their users to transact with their bank accounts, and banks are performing those duties on their clients, everything’s above par.
Because crypto exchanges don’t allow transactions between accounts, they are considered by regulators like brokers, according to the idea that like with a broker, you deposit cash, buy some investments (crypto), sell those investments some time later, and cash out.
Outdated classification
Of course, this “no inter-party transactions” stuff is complete horseshit. Because you can buy crypto and send it to your wallet, and then send it whenever you want, this MSB classification makes absolutely no sense. Crypto exchanges are not stock brokers. When you buy a stock on Robinhood, it stays in your account until you sell it. Transferring your securities holdings to another brokerage account is possible, but very complex, and takes a lot of paperwork - in particular to prevent money laundering.
Imagine if you could send your $TSLA shares to someone else’s account, without any checks or verifications! That’s what crypto exchanges allow you to do, simply by going through the extra step of setting up an intermediary wallet, which takes a minute or so.
This “broker” classification goes back to 2013, when the crypto ecosystem was very new, and most people were indeed using crypto exchanges as brokerages, where they’d buy crypto, and hold (and lose it to hacks). But times have changed.
Regulators catching up
The fact that wallets can be used to bypass the “broker” status of exchanges has recently led to calls for regulation. In particular, a new proposed rule is that exchanges shouldn’t allow their users to send crypto to an anonymous wallet. That’s a first step, although ultimately pointless, as all you need would be to setup another wallet:
<sigh>
— Bryce Weiner (@BryceWeiner) January 16, 2021
No. AMLKYC for wallets is stupid because they are math and anyone can generate a new one in 2 seconds which has no AMLKYC and never will.
One cannot stop people from generating their own wallets and there’s no way to force travel rule compliance. https://t.co/R27fCYebkC
However, proposed regulation regarding stablecoins makes more sense. By requiring that stablecoins were fully backed by fiat, it implies that stablecoins can only be issued by known central parties, who can then be forced to only allow the creation of a new wallet if proper KYC requirements are met. This would, for example, force Tether to not only perform KYC on their “customers” - the institutions who receive newly minted USDT, but also on all USDT users.
As for stablecoins who try to bypass this regulation - by being backed by crypto, like DAI, for example - regulators would be able to ban their listings on exchanges, severely hampering their use and utility.
Crypto exchanges should be classified as banks
Current regulations are founded on the premise that in order to perform a transaction, you have to go through a regulated entity. This was true until crypto came along. The “be your own bank” meme is way more complex than most think. Because people are able to perform crypto transactions without a regulated entity performing KYC/AML checks on it, regulators are faced with a completely new paradigm. And they will change the laws to deal with it.
For starters, crypto exchanges will be reclassified, and be subject to much more stringent regulations. Public awareness of the problem will speed things up, like for instance:
Feds investigating whether foreign states helped fund the Capitol siege. Specific interest in $500k in Bitcoin transfered from French account to the raid’s organizers days earlier. @KenDilanianNBChttps://t.co/MxkTNf5UKM
— Carol Leonnig (@CarolLeonnig) January 17, 2021
The will be the crypto equivalent of online poker’s Black Friday. Poker websites was used to launder money, too. Just accidentally “lose” one big hand to the guy you want to transfer money to without leaving a trace, et voilà! An anonymous transaction. It was good while it lasted.
But banks launder money too
Yes, yes they do. But they get fined for it. And when the cat gets out of the bag, there are consequences. Right now, we are in a state of affairs where USDT being used for money laundering in China:
still allows Tether to say that they’re doing nothing wrong, and that they’re regulated and registered with the FinCEN and really doing everything the right way:
Tether is registered with FinCEN, complying with required rules and has strong KYC/AML processes.
— Paolo Ardoino (@paoloardoino) January 10, 2021
Donkeys that claim otherwise should get their facts straight. https://t.co/VoEsRuJyyP
Banks have to set up internal AML procedures that are much more stringent than crypto exchanges. For what it’s worth, the necessity to set up those same procedures will force the crypto industry to stop hiding behind the “it’s the technology, sir! the technology made me do all these awful things!” meme. If the technology is purposefully designed to circumvent laws, then the technology itself should be outlawed. And yes, “you can’t ban Bitcoin”, but you can ban exchanges that list Bitcoin, you can clamp down on banks that deal with those exchanges - and that’s roughly the same.