2022 was a tough year for crypto – it’s time to build better

This article is brought to you thanks to the collaboration of The European Sting with the World Economic Forum.

Author: Ashish Singhal, Co-Founder and Chief Executive Officer, CoinSwitch, Arushi Goel, Specialist, Data Policy and Blockchain, World Economic Forum, C4IR India

• After a turbulent year, the crypto industry would benefit from better policy and best practices, specific to the different players.
• Centralized exchanges cater to largely novice crypto users and hence should take extra care to build trust.
• Recent move by exchanges to publish proof of reserves shows the ecosystem is on a path to build better.

In every crisis lies an opportunity. This prolonged crypto winter – from the destabilization of Terra-Luna to the fall of FTX – provides an opportunity to strengthen the bulwarks of the industry.

The crypto ecosystem is diverse. On the infrastructure side are the protocol developers, miners and validators and node service providers; on the market side, there are the decentralized exchanges, swap protocols, centralized exchanges and other intermediaries. Each of these functions is varied and may, at times, operate independently of the other. Just as one rulebook cannot govern all financial institutes and technology providers, a framework for crypto should recognize and accommodate these distinct functions.

Centralized exchanges and other intermediaries are critical in the crypto ecosystem, acting as a bridge to the decentralized world of crypto. However, as these intermediaries cater to largely novice crypto users, they should take extra care to facilitate their experience. A misstep here could have a cascading effect on the crypto’s progress. We look at emerging industry best practices, through the lens of centralized exchanges and platforms.

Due diligence and risk assessment

As the Financial Stability Board recommends and the Forum’s forthcoming paper on regulatory pathways for crypto assets reveals, centralized exchanges should give governance and risk management more attention.

Accounting practices

Exchanges should be diligent about their accounting practices. If the business is to enable users to buy and sell crypto based on an order-book model, then the company books should be assiduously kept. That seems like standard practice, but recent developments have reminded us that such a golden rule is not always complied with.

Disclosures and user protection

Most users discover a token on centralized exchanges, but in most jurisdictions, the exchange is not accountable as an intermediary to assess the token’s financial health. As such, there is a great need for exchanges to conduct due diligence and risk monitoring of the tokens they list.

Evaluation of a token should precede its listing on the exchange and continue as long as it is available on the platform. Exchanges should closely monitor the token’s circulating supply and market capitalization, trading volume, liquidity, the developer ecosystem and the stability and uptime of the base network or smart contract, among other factors.

An additional nudge to users alerting them of unusual activity or volatility in a token before they complete a purchase will also go far for user protection. Such app-based or platform-based nudges – or Riskometer as it is called at CoinSwitch – can prevent users from falling for fear-based or peer-pressure-based purchases.

Exchanges should also have robust disclosure mechanisms in place, which allow disclosure of specific risks particular to the listed tokens and risks specific to exposure to counterparties, custodians and other market participants. They should also raise users’ awareness of safeguarding tokens (cybersecurity, market conduct-related disclosures and custody) to build trust in the ecosystem.

It’s also important to note that roles and responsibilities in crypto can be blurred, unlike in traditional capital markets that have safeguards to prevent conflict of interest. Thus, the token issuer, liquidity provider and exchange may be the same or related entities. The recent events demonstrate what can go wrong here.

https://cdn.jwplayer.com/players/HA3iJzlG-ncRE1zO6.html

User risk assessment

On the users’ side, the single-most-important consideration is know-your-customer (KYC) checks. The ​​Financial Action Task Force (FATF), the global watchdog, formulated the first set of standards for virtual asset service providers (VASP) in 2019. Called the Travel Rule, FATF recommends a risk-based approach to KYC, requiring VASPs to obtain and exchange information on sender and beneficiary for transactions above $1,000.

In India, the Aadhaar system, one of the most sophisticated ID programmes in the world, enables crypto exchanges and intermediaries to reliably verify the identity of the customers against a government database, avoiding gaps during verification. The public digital rails in the country also enable exchanges to verify against a government database with the customer’s Permanent Account Number (PAN) card, an alphanumeric identifier linked to the user’s financial activities, including income tax and bank accounts.

“

While unscrupulous actors, negligent or intentional actions and the resultant contagion grab the headlines, many responsible players want to co-build a human-centred, innovative ecosystem.”— Ashish Singhal, Chief Executive Officer and Co-Founder, CoinSwitch | Arushi Goel, Specialist, Data Policy and Blockchain, Centre for Fourth Industrial Revolution India, World Economic Forum

Existing crypto regulations matter

It is often argued that the crypto ecosystem requires bespoke regulations as this is a new technology. Parts of this ecosystem would benefit from well-thought-out, evidence-based and coordinated policymaking. However, the existing rules and regulations are not redundant. Many current laws, whether related to consumer protection, data protection, data management or cybersecurity, remain relevant and applicable, albeit with a few clarificatory changes.

For example, the framework established by the Computer Emergency Response Team-India (CERT-In), the national nodal agency on cybersecurity functioning under the Ministry of Electronics and Information Technology in India, was amended to include transactional data management of crypto users.

It mandates that crypto service providers:

• Maintain all information obtained as part of a user’s KYC.
• Maintain records of financial transactions for five years.
• Maintain accurate information so that individual transactions can be reconstructed.
• Maintain logs of ICT systems for 180 days. Designate a point of contact to interface with CERT-In.

While sentiment and context on data storage would differ in other jurisdictions, similar measures will help exchanges and intermediaries standardize practices. Adherence to data management rules, KYC or anti-money laundering norms and identification credentials (such as India’s Aadhaar-based unique identification) can address the concerns over money laundering and capital controls.

Similarly, relying on existing regulatory frameworks on data management, CoinSwitch, has implemented further controls, including geofencing its services to India, restricting customer banking service to only India-registered bank accounts, and cross-checking and restricting access to the service to sanctioned individuals.

Discover

How is the World Economic Forum promoting the responsible use of blockchain?

The World Economic Forum’s Platform for Shaping the Future of Blockchain and Digital Assetsensures equity, interoperability, transparency, and trust in the governance of this technology for everyone in society to benefit from blockchain’s transformative potential.

• The Forum helped central banks build, pilot and scale innovative policy frameworks to guide the implementation of blockchain, with a focus on central bank digital currencies.
• TheRedesigning Trust with Blockchain in the Supply Chain initiative is helping supply chain decision-makers implement blockchain, while ensuring that this technology is utilized in a secure, responsible and inclusive way.
• The Centre for the Fourth Industrial Revolution UAE is testing the application of digital assets and tokenization to improve financial systems.

Contact us for more information on how to get involved.

Progress is happening

The silver lining is that the industry is continuously improving its practices. While unscrupulous actors, negligent or intentional actions and the resultant contagion grab the headlines, many responsible players want to co-build a human-centred, innovative ecosystem.

Welcome changes such as the recent drive by centralized exchanges to publish Proof of Reserves and Liabilities are a case in point. Such disclosures bring much trust and transparency in the ecosystem and reassure users that centralized exchanges only hold such assets they claim to have custody of and are in a position to meet all redemptions.

The year was no doubt turbulent for the crypto ecosystem and costly for users, but if the stakeholder’s response to this chaos is greater transparency and accountability, that means progress. The early days of the stock markets also saw their fair share of problems, which helped the regulators instil guardrails to protect investors. Still, the stock markets are not immune to malpractice.

Crypto assets are part of a fast-evolving ecosystem and as industry stakeholders and users grow wiser, its safeguards will develop. Although 2022 may have delivered crypto some painful messages, it has also seen much improvement.