Staying on Top of Crypto Regulatory Landscape with AI and AutomationIT Risk & Cyber Risk | 7 Min Read |07 September 22|by Loren Johnson
In January 2009, the first cryptocurrency, Bitcoin, entered the market. The concept of a digital, encrypted currency has been on the minds of innovators and entrepreneurs for decades. As designed, Bitcoin and the nearly 10,000 additional cryptocurrencies that have entered the market in the last 13 years operate via blockchain technology. Blockchains help ensure transactional anonymity, encryption, decentralization, and distribution of synced, duplicate records around the world.
Cryptocurrencies are means of completing digitally facilitated transactions around the world, in a global currency with no third parties, like banks and governments, involved. Because cryptocurrencies are typically ‘minted’ a determined number of times (either ever or annually), their value grows as demand for them increases. This is why many have acquired coins with the purpose of increasing their value rather than spending them in the marketplace. With no financial or governmental third parties involved in transactions, those who advocate for cryptocurrency promise little to no delay in processing payments at little to no cost. In theory, this model has the potential to revolutionize some elements of common financial transactions, on a global scale.
In the last few years, interest in cryptocurrencies has crescendoed, with both investment professionals and laypeople purchasing coins. Reportedly, nearly 20% of Americans have invested in cryptocurrencies. In the last six to nine months, however, many to most cryptocurrencies have experienced significant losses in value. There have been multiple accusations of fraud, misrepresentation, and dishonesty as well. Especially as cryptocurrencies had gradually broken through from a small group of technorati to almost the mainstream, these sudden and massive drops in value and integrity are causing concern among cryptocurrency advocates, established investors, and governments.
Even while investors and the public pressure governments to step in and reduce some cryptocurrency market volatility, regulators have been cautious in moving forward with cryptocurrency regulations. The first hurdle is an agreeable definition of what is and what is not a cryptocurrency and how it may fit within a government’s authority. The anonymity, encryption, and decentralization of cryptocurrencies purposefully make them opaque. Further, as there are multiple blockchains that don’t share data, defining data rules is also elusive. Finally, governments typically cannot claim oversight over businesses and transactions outside of their jurisdictions. Because there is no central bank for a cryptocurrency and records may live in nodes and personal wallets across the world, jurisdictional claims can be hard to assert. That said, central banking authorities, such as the U.S. Federal Reserve, the Bank of Canada, the Monetary Authority of Singapore, and others, are considering issuing their own central bank digital currency (CBDC), which could alleviate this regulatory blocker but may not be accepted by the market.
While some governments are moving forward with extending existing financial regulations on money laundering and financing terrorism, there remain questions of applicability. Do financial or technology regulations apply to cryptocurrencies? Much of this is being determined now, and multiple governments are working together to create similar legislation that could in effect reach farther around the world. Either way, cryptocurrencies are here to stay. With the recent adventures in value, it is wise to expect that more comprehensive, sticky, and global cryptocurrency regulations are not far off.
The Deluge of Crypto Regulatory Change
I recently hosted a webinar with Jennifer Clarke, Senior Editorial Manager, Regulatory SME, CUBE, Alex Royle, Head of Compliance and Regulatory Affairs, EMEA, Galaxy Digital, and Suneel Sahi, Marketing, Europe, MetricStream, to discuss how to best manage the deluge of new cryptocurrency and digital asset regulatory change.
Jennifer made an interesting observation – CUBE captured nearly 10,000 pieces of regulatory data in 2021 that were related to crypto or crypto-related keywords. And, the volume of crypto regulations is only going to increase going forward.
Here is a look at some of the recent regulatory activity in the crypto space:
- In the U.S., the Infrastructure Investment and Jobs Act, which was signed into law by President Biden in November 2021, extends information reporting requirements to digital assets. In its Financial Institution Letter 2022, the Federal Deposit Insurance Corporation (FDIC) said that FDIC–supervised institutions that engage or intend to engage in crypto-related activities should notify the agency and provide information that will allow it to “assess the safety and soundness, consumer protection, and financial stability implications of such activities.”
- European regulatory authorities are drafting crypto rules not just for ensuring consumer protection and preventing financial crime but also to reduce the carbon footprint of cryptocurrencies.
- The Bank of England is also not lagging behind. Earlier this year, the central bank published a paper highlighting the potential risks of cryptoassets to UK financial stability. “Where crypto technology is performing an equivalent economic function to one performed in the traditional financial sector, the FPC [Financial Policy Committee] judges this should take place within existing regulatory arrangement, and that the regulatory perimeter be adapted as necessary to ensure an equivalent regulatory outcome,” it read.
Likewise, regulatory authorities in Canada, Singapore, Japan, India, and other countries are also coming up with crypto-focused regulations and frameworks.
Leveraging AI and Automation
Another key takeaway from the webinar was that while regulators are increasingly working on crypto regulations, there remains too much of a lack of collaboration across borders. So, while we will be seeing more regulations, it is likely to be fragmented and piecemeal, without any real harmonization across borders for some time. Needless to say, it will only add to the challenges of compliance teams to keep up.
So, how can you manage this growing number of crypto regulations? The answer lies in AI and automation in regulatory compliance. When legislatures propose and enact cryptocurrency regulations, understanding how, where, and when they apply to digital coins and their markets may be critical knowledge.
Artificial intelligence (AI) can be a real game-changer here. It is almost impossible to manually monitor and track the ever-evolving regulatory environment for updates, especially when dealing with a global financial and technology environment. An AI-based system can deliver alerts and initiate an applicability assessment based on your requirements, triggering automated workflows to ensure compliance with regulatory changes and greatly enhancing the efficiency of your compliance team.
With organizations today looking at achieving compliance with thousands of regulatory requirements, having an AI-based system with automated workflows is an absolute must. It can help you automatically capture new regulations and regulatory updates, map them to corporate policies, adapt your systems, and test your controls. Ultimately, AI and automated workflows can alert you to urgent needs or necessary adjustments to your policies, employee training, attestations, and other compliance, ethics, and behavioral standards.
Where companies apply AI to initiate regulatory assessments and alignment, compliance professionals can apply more resources to and better focus on the human intelligence required to adapt specific business processes to those regulations. When regulations relevant to crypto payments, donations, exchanges with third parties, and anti-money laundering/combating the financing of terrorism (AML/CFT), come into effect, you can more quickly and easily adapt your policies and rules to specific requirements.
Regulatory change management is, of course, a part of governance, risk, and compliance (GRC). We, at MetricStream, believe that AI and automation is central not just to compliance but all things GRC – risk management, third-party engagements, ESG, cyber compliance – in relation to cryptocurrencies. When the use of cryptocurrencies inevitably becomes more commonplace, the full range of GRC functionality will need to adjust to new, unanticipated, and emerging vulnerabilities and threats. At that time, organizations will need to adapt their approach to GRC and adopt next-gen technologies to stay ahead of the new risks, regulations, and challenges that a cryptocurrency world will create.
In any situation, it is incumbent on all of us to understand what we’re investing in. There has been a lot of hype in cryptocurrencies – complete with celebrity-endorsed commercials at highly viewed sporting events – in the last few years. There have been promises made and promises invested in that have come crashing down in the last six months. The market is going through a cycle of excitement to instability and – hopefully – to a more secure and dependable long-term status.
The way I see it, cryptocurrencies as a concept are here to stay. Much of the market has embraced the concept of purely digital currency, along with the benefits of the rapid exchanges and processes cryptocurrencies offer. What’s missing is stability, governmental assurances (ironically), and mass adoption. In the end, I assume we will all be using some degree of cryptocurrencies in the not-too-distant future. Whether we will be using an existing coin or an offspring from the current market remains to be seen. Until then, keep an eye on the regulations and their impact on the market.