Virtual currencies are now well-established and governments around the world worry that they have little or no control over virtual currencies, unlike traditional money that is heavily regulated.
Now the United States Treasury, through the Financial Crimes Enforcement Network agency, has put together a set of AML/ATF rules that would require banks, exchanges and financial institutions to know their cryptocurrency customers making transactions over US$10,000 ($14,060).
If FinCEN needed justification for pushing ahead with AML/ATF rules for cryptocurrencies, the plethora of ransomware criminals extorting corporations around the world provided the perfect excuse for government intervention.
Along with North Korean and other state hackers raiding cryptocurrency exchanges, there are malware miners and ransomware bandits making a mint with virtual dosh, not just the original Bitcoin but harder-to-trace variants like Zcash and Monero.
The proposed FinCEN rules were published just before Christmas, with only a 15-day period over the holidays for public consultation. The cryptocurrency industry is in shock as the rules are vague and appear to require anyone with a digital "wallet" to register their contact details, individuals and financial institutions alike.
Essentially, if you want to be your own bank, you'll be regulated like one.
This is somewhat ironic because cryptocurrencies aren't very private by design.
Transactions are entered into a distributed, public electronic ledger or database called blockchain where each new record is cryptographically linked to the preceding one. This is to avoid having a central authority for the virtual currency and to stop people spending the same money for multiple transactions.
The blockchain means virtual currencies are pseudonymous and traceable to a degree.
Taking out cash from an ATM will be recorded by the bank and tied to the account holder, but from there the transaction trail breaks. You can't tell if you spent the cash in a shop or with a P dealer.
A database that records each transaction perpetually, matched with "wallets" registered at government agencies would provide a very accurate picture of people's dealings, time-stamped to the microsecond they took place.
That level of regulation seems like a privacy nightmare, and it's not guaranteed to work either.
The attraction of using an exchangeable digital currency outside government control that allows funds to be quickly sent via the internet and not through the banks' networks means there's a strong will to find a technological way to anonymise transactions.
The trick here is to complicate and obfuscate the transaction recording with multiple money trails, making it hard for tracers to figure out where funds were sent to.
Services such as tumblers and mixers break up transactions into smaller pieces and mix them with others, with different virtual currencies thrown in, before funds are sent. For a fee of course.
FinCEN readily admits that mixers and privacy-oriented virtual coins "pose particularly severe illicit financial challenges" for tracking transactions.
The question then becomes: will the new AML/ATF rules make legit use of existing cryptocurrencies much harder, while not affecting criminals much? If you want to send Bitcoin to support human rights activists in Iran or China, it would be nice to do so without them (or yourself) being identified, for example.
Next year will show what effect the proposed rules have. Will they add a sheen of legitimacy and stability to cryptocurrencies, or will the registration requirement make them too onerous to use?
The US is very good at exporting its laws and regulations; if and when FinCEN's rules come into effect, they're likely to affect New Zealanders as well.
