December 1, 2016 | The Hill
Blockchain tech is our financial future — America can get ahead of it
It may not have the sexiest of titles, but the new Congressional Blockchain Caucus could not have come at a better time.
Created by two lawmakers this fall, the bipartisan caucus is designed to raise legislators’ awareness of blockchain technology, an innovative software protocol that logs transactions in an online ledger distributed across multiple computer networks, allowing parties to validate the transfer of assets.
It’s a fast-growing business: financial firms are investing $1 billion in blockchain technology this year, and blockchain startups have received hundreds of millions in venture capital funding since 2013.
Blockchain technology originated as code for generating, distributing, and tracking the bitcoin cryptocurrency. That original purpose, however has since expanded, and the technology can now create all types of shared ledgers to authenticate asset transfers across international borders within minutes, rather than the days needed to work through conventional banking infrastructure.
The world’s largest central banks are carefully considering the technology’s advantages — not necessarily to transact in bitcoin, but to develop new blockchain systems for financial transactions.
The U.S. Federal Reserve, the People's Bank of China, the Bank of Englandand Central Bank of Russia have in recent months all signaled their interest in the technology.
It appears clear that blockchain technology is going to be a part of the world’s financial and business future. What is less clear is how the innovation it represents should be treated by legislators.
As one who has spent over a decade analyzing national security threats, I would recommend legislators learn to identify how nefarious actors might use it as it becomes more mainstream.
Most financial authorities are being careful to not prematurely over-regulate the blockchain tech space. As the technology is still in its infancy, regulators are taking a “Do No Harm” approach as they did when the Internet arrived in the 1980s and early 1990s.
Nonetheless, here are some questions the Caucus should ask to get ahead of the curve:
1. How will criminals adapt to law enforcement investigating blockchains?
Last summer I wrote about the first publicly verifiable example of terrorists fundraising through bitcoin.
While this development is alarming, bitcoin’s public distributed ledger provides some mitigation, allowing public tracking of bitcoin activity. New tools are being developed to help investigators uncover criminal transactions through digital financial forensics.
Fintech startups like Block Seer and Chainalysis in the U.S. and Elliptic in the UK provide blockchain analysis software for law enforcement and financial institutions to identify illicit bitcoin transactions and potentially the criminals behind them.
However, some within the cryptocurrency community see blockchain analysis tools as a threat to digital currency users’ privacy.
Many are shifting to newer digital currencies that supposedly are harder to track. For example, in recent months, users of popular darknet websites selling illicit goods have increased their demand for Monero, a two-year-old cryptocurrency that supposedly provides better anonymity than bitcoin.
Of course, seeking privacy in one’s digital currency transactions does not mean one is doing something illegal. But, like with messaging encryption, criminals are likely to use whichever platforms they can access to hide their activities.
Law enforcement and counterterror finance officials will need to look beyond bitcoin alone and monitor blockchain technology’s evolution as criminals try to stay a step ahead of forensic tools.
2. How can Americans be safeguarded from financial contracts with faulty code?
Last summer, blockchain enthusiasts were disappointed when a “smart contract” project known as the Distributed Autonomous Organization (DAO) was hacked for $50million.
The DAO raised $150 million through a crowdfunding model. Anyone around the world could contribute money through a blockchain platform called Ethereum and invest in future ventures for the DAO to fund. The hack occurred when one of the anonymous investors exploited a coding loophole allowing the person to draw into a holding account more funds than he or she had invested.
Members of the Ethereum community later intervened and drew up new code to keep the funds from being lost, but the incident shows the risks involved in global smart contracts.
The theoretical benefit of such agreements is transparency and immutability of terms and processes. But if such ventures have no country of incorporation or specific domestic law to be governed by, participants are operating with little legal recourse should a contract go awry.
Smart contract business models are experimental. Some permutations may fit within current commerce regulations, but some will stretch beyond them.
Sound review of the software code in such contracts will become as important as sound legal review.
There is likely to be a period of trial and error before smart contracts enter the mainstream. Congress should foresee the use-cases which may require new approaches to the business regulatory framework.
3. How might blockchain technology enable sanctions busting?
Some actors are seeking to leverage distributed ledger technology to circumvent sanctions. Earlier this year, a Russian parliamentarian encouraged Russian businesses to use the technology to bypass U.S. and EU sanctions that restrict Russia’s banking sector.
It is not clear if the Kremlin is pursuing that strategy, but it is noteworthy that leaders in one of Ukraine’s Russia-aligned breakaway regions held meetings months later to identify ways that bitcoin and blockchain technology could provide alternatives to fund their heavily-sanctioned financial sector.
Treasury’s sanctions rules are broad enough to prohibit U.S. persons from transacting in digital currencies like bitcoin with specially designated nationals.
But some foreign regimes looking for independence from the SWIFT international banking system may appreciate blockchain technology’s lack of centralized authority.
In 2012, as tensions over Iran’s nuclear program escalated, EU regulators under pressure from Congress removed certain Iranian banks from SWIFT. This hampered the country’s ability to transact with foreign banks, which is critical for the country’s oil sector. Iran — and other nations — may have learned lessons from this “de-SWIFTing.”
Despite Russian talk about using the blockchain to skirt sanctions, it is unlikely that a digital currency platform could in the near future provide an alternative to replace the impact of Treasury or EU sanctions.
The bitcoin blockchain is currently capitalized at $12 billion; a pittance considering that the world’s top ten global banks each are valued at over $100 billion. Creating a true blockchain alternative would mean developing an economy with major industries transacting in a digital currency, and international trading partners suited to do business accordingly — a tall order.
Still, even aspirational rhetoric can point Treasury to U.S. adversaries’ efforts to buffer themselves from the threat of sanctions. The U.S. needs to understand what it might look like if a nation or coalition of nations starts implementing a full-on blockchain sanctions-evasion strategy.
The Congressional Blockchain Caucus can help the U.S. government climb the learning curve for understanding new financial technologies. But its approach should consider both obvious benefits and less-visible risks.
As other countries expand their own fintech products and business models, it will become more important for the U.S. to keep pace.
Legislators must be vigilant to ensure that blockchain technology will be used to improve the lives of consumers and not by those who seek to use financial innovation for ill.
Yaya J. Fanusie is the director of analysis at the Foundation for Defense of Democracies’ Center on Sanctions and Illicit Finance. Disclosure: The author owns a small amount of bitcoin and ethereum. He tweets at@SignCurve.