Stablecoins – a digital version of Swiss bearer savings books

Before anti-money laundering laws arrived in Switzerland, anyone could walk into a Swiss bank and open an account without showing any ID. The bank would then issue you something called a bearer savings book, otherwise known as inhabersparheften or livrets d'épargne au porteur. Ownership of the savings book was considered by the bank to be proof of ownership of the underlying funds in the account. The person who opened the account could keep the book or, if they wanted to, pass it on to someone else without notifying the bank, at which point this second person was now entitled to the underlying funds, who could pass the book on to a third person, etc.

In essence, Swiss banks were issuing their very own version of cash.

As time passed and society's awareness of money laundering grew, usage of Swiss bearer savings books accounts was circumscribed by law. In 1977, banks were required for the first time to identify the initial customer to open the account. Also, anyone who wanted to withdraw over CHF 25,000 had to be identified by the bank. But the savings books still enjoyed a significant degree of anonymity. After account opening and prior to withdrawal, books could continue to circulate without identity checks.

In 2003, the issuance of new bearer savings books was prohibited by the Swiss government. Banks were now required to cancel existing savings books when they were presented to a bank's physical desk. Existing bearer savings books could continue to circulate anonymously from hand to hand, like cash, but thanks to steady cancellations they represented just 0.002% of the total assets held in Swiss bank accounts by 2019.

And so ended the Swiss bearer savings book. In the meantime, however, a similar financial instrument has arrived: the stablecoin.

To get some stablecoins, you need to deposit funds with the issuer, which will identify you upon deposit, but after that the stablecoins are free to circulate in the wild without any sort of checks. You can send them to a friend, and she can send them to a relative overseas, and that relative can transfer them to a drug dealer, and none of these subsequent owners need to show their IDs to the issuer. Stablecoin issuers, much like Swiss banks that once issued bearer savings books, often have no idea who they are dealing with.

So if Swiss bearer savings books have long been prohibited, why are stablecoins allowed to proliferate?

This is exactly the point made last month by FINMA, Switzerland's financial regulator, when it indicated that it will no longer tolerate the anonymous transfer of stablecoins. New guidance states that the identity of anyone holding a stablecoin must be "adequately verified by the issuing institution." So not only yourself, but your friend, her relative, and the drug dealer in the above transaction chain will be required to provide their ID.

To justify its new policy, FINMA appeals to the idea of technological neutrality. My take on technological neutrality is that just because a financial product—in this case a payments product—appears on a novel medium, or substrate (i.e. a blockchain) doesn't mean it is exempt from the same rules that already apply to equivalent products like bank savings books, which are issued on older substrates. Same function, same regulations.

Up till now, stablecoin issuers like Tether have tried to dodge these identification requirements with the legal fiction that only primary holders of stablecoins (i.e. those who originally deposited funds to get stablecoins) are their customers, and so it is only to this batch of holders that they have a due diligence obligation. Secondary, tertiary, and subsequent holders are not "customers", and so the issuers say they don't need to identify them.

But FINMA isn't buying this argument, and rightly so. All holders, not just primary ones, have a "permanent business relationship" with the issuer, says FINMA, and so everyone must be identified. You can certainly understand why FINMA wants to get ahead of this problem. If regular Swiss banks all see that stablecoins are enjoying special treatment, then they'll all join in on the party by switching over to the new substrate.

FINMA's guidance may not seem like a big deal. There are only two Swiss franc stablecoins to which it applies, and they are both tiny. Bitcoin Suisse's XCHF has under 1 million CHF in circulation, and Centi's CCHF doesn't appear to have much more. (Facebook may have run into an earlier informal version of this rule when FINMA assessed initial versions of its Libra stablecoin.)

But as a respected part of the global regulatory fabric, FINMA could very well be copied by other regulators. More importantly, FINMA is a member of the  Financial Action Task Force, or FATF, an umbrella organization representing the anti-money laundering authorities of 38 major nations. FATF promotes global anti-money laundering standards by blacklisting countries that fail to adopt them. If FINMA's policy on stablecoins is indicative of an emerging FATF approach to stablecoins, then expect it to spread.

The shocking thing to me is that it has taken this long for a major global regulator to issue a concrete ruling on the issue of stablecoin anonymity. It's about time. Standard anti-money laundering practice requires financial institutions to verify who is using their platform. Stablecoin issuers shouldn't get a free ride.

From unknown wallet to unknown wallet

Antony Lewis recently published a useful article on stablecoins. In it he describes something called "permissioned pseudonymity". In traditional payments systems, people only get to access to payments services after opening an account. This requires that they provide suitable identification. So these systems are not pseudonymous. Usage and personal identity are linked.

Stablecoins operators, on the other hand, sever this link. Users can transfer stablecoins to other users without providing personal information. John Doe can pay Jane Doe, no questions asked. Antony calls this permissioned pseudonymity because regulators permit pseudonymous usage of stablecoin networks.

🚨 🚨 30,000,000 #USDC (29,926,581 USD) transferred from unknown wallet to unknown wallet

Tx: https://t.co/ujdi6cvpZ8

— Whale Alert (@whale_alert) October 9, 2019

The above payment is an example of permissioned pseudonymity. It is a $30 million transfer between two unknown wallets along the USD Coin stablecoin network. The operator of this network, Centre, may have no idea who did this transfer.

I do wonder how long regulators will allow pseudonymous usage of stablecoins to continue. Most of the rules surrounding payments emanate from the Financial Action Task Force (FATF), a global committee of regulators that meets together every once in a while to determine how to fight ghoulies like money laundering and terrorist financing. The FATF guidelines are in turn applied by local regulators in each country with some modifications, and monitored by FATF for compliance.

FATF regulations are supposed to be technology-neutral. In short, the same principles apply to new technologies and incumbent technologies alike. This makes sense. We probably don't want regulators to picking winners and losers by setting one set of requirements for companies A-E and another set for F-J. The competition for market dominance only begins after they've complied with the same rulebook.

So far FATF hasn't had much to say on stablecoins. But you can be sure that something is in the works, and it isn't likely to be good for stablecoin operators. The problem is that granting permissioned-pseudonymity to stablecoin operators contradict technology-neutrality. It sets one set of standards for bank accounts and another for stablecoins.

Banks are already obliged to collect the personal information of all their account holders. If two people transfer $30 million along the bank payments network, you can be sure that the banks who manage these accounts have already gone through the costly process of collecting personal information. 

5,000,000 #PAX (4,989,146 USD) transferred from unknown wallet to #Binance

Tx: https://t.co/IRjcUFh1bL

— Whale Alert (@whale_alert) August 14, 2019

Why should stablecoins like USDC and PAX be exempt from this obligation?

Antony suggests that stablecoins qualify for an exemption because they meet regulatory concerns through other sensible means. Because stablecoins use blockchains, and blockchains record transactions, the information trails left by pseudonymous stablecoin users can be traced and monitored for suspicious activity. The stablecoin issuer can then toggle a kill switch and freeze potentially dangerous addresses.

This makes sense. But if stablecoin issuers can avoid identifying its customers by implementing a process of monitoring and freezing, it seems to me that the incumbent technology, the bank account, should also be granted the same opportunity. After all, account-based systems can do kill switches and tracing just as well as stablecoins can.

For instance, say that Citibank were to set up its own pseudonymous account payments network, call it Citibank HushAccounts. Customers can open a HushAccount without providing personal information. They can then use the HushAccount network to trade balances pseudonomously to other account holders. Citibank bankers monitor HushAccount transactional patterns and freeze anything that looks odd. Personal information only needs to be provided when a user wants to cash out of the HushAccounts system.

Of course, we already know that Citibank can't implement HushAccounts. It's illegal. Which underlines my point about technology-neutrality. Why can a stablecoin like USD Coin get away with pseudonymity but Citibank can't?

Let me put it differently. If stablecoin issuers can get away with not collecting user ID, then expect to see Citibank make a few cosmetic changes to its traditional account-based system so that it qualifies as some sort of stablecoin blockchain thingy. And now that it needn't collect as much information about its customers, it can fire a bunch of its compliance staff. Other banks would copy it. Soon we'd get hyper-stablecoinization. Every bank account would be converted into a stablecoin. But FATF rules aren't supposed to favour any one technology.

So for the sake of maintaining neutrality, I wouldn't be surprised to see regulators put an end to pseudonymous stablecoin usage. Stablecoin issuers will only be able to give out addresses to people who have passed through some sort of know-your-customer process.

🚨 🚨 20,000,000 #USDT (20,113,052 USD) transferred from unknown wallet to unknown wallet

Tx: https://t.co/f7BTC2S6U4

— Whale Alert (@whale_alert) September 27, 2019

There's a second possibility. As Antony points out, there is one notable regulatory exception to universal identification in payments. In many parts of the world, people can buy prepaid debit cards (or in Europe, e-money) without providing any ID. This provides the card owner with pseudonymous access to the Visa or MasterCard networks. I've written about these cards before (in fact, it's one of the most popular posts I've ever written). You can also trek over to my article at Sound Money Project on the topic.

Stablecoins, like prepaid debit cards, might be granted their own exemption.

There is a caveat to pseudonymous prepaid access. Regulators have set a very low ceiling for the amount of pseudonymous value that prepaid cards or e-money wallets can hold. In the case of the U.S. it's just $1,000. (In Europe, it's just 150 euros). Anything above that and a prepaid card holder must submit identification. There are other limits too. In the U.S. the cards must be non-reloadable, and people can't use them for person-to-person payments, at ATMs, or for international purchases. This makes for an extremely constricted payments product.

Regulators believe that by keeping the pseudonymous prepaid ceiling low and reducing the features that a card offers, they achieve two things. The risk of money laundering and terrorist financing are minimized. At the same time the unbanked and those without ID still get access to the retail payments system.

If FATF were to allow stablecoins to offer a limited amount of pseudonymity, the ceiling for it would probably be quite low, much like prepaid debit cards. No more $30 million person-to-person payments, just $20-$2000 ones. After all, it's hard to make an argument for why genuinely needy folks without IDs would need to make million dollar stablecoin transactions. 

I should point out here that I'm not saying that I'm a fan of FATF and its mission to unveil every single transaction. I've written many times about the benefits of financial anonymity. And a lot of smart people that I read think that the cost of enforcing anti-money laundering rules far outweighs any benefits that it provides. All I am saying is that I suspect that permissioned pseudonymity for stablecoins isn't going to last very long, in its current form. It'll either be banned altogether, or a very low ceiling will be set on it.

---

P.S. If I had to predict, I'd go with a ban. It's easy to get around a ceiling. If the ceiling is set at $1000, then users can set up 1000 pseudonymous accounts in order to get $1 million in pseudonymity.