Privacy coins under fire: Can lawmakers regulate untraceable transactions? Brendan Cochrane · 10 mins ago · 4 min read
A risk-based approach targeting illicit activities could balance privacy and regulation without undermining core protections.
Cover art/illustration via CryptoSlate. Image includes combined content which may include AI-generated content.
The following is a guest post by Brendan Cochrane, Partner at YK Law LLP.
Privacy coins, or cryptocurrencies with privacy-enhancing features designed to boost anonymity and reduce traceability, are at the heart of a brewing battle between personal financial freedom and government regulation. The future of anonymous transactions hangs in the balance.
Privacy coins, which appeal to users seeking enhanced anonymity and untraceable transactions, are viewed warily by regulators and law enforcement due to their potential misuse in activities like money laundering. Despite this, some countries welcome them.
Others, on the other hand, have imposed bans. Thus, the proliferation of these coins presents an interesting question: can privacy coins, with their enhanced anonymity and personal financial privacy, co-exist with regulatory regimes such as anti-money laundering and sanctions programs? The answer to this question is yes, if a nuanced and adaptive approach is followed.
A risk-based approach that targets illicit activities rather than undermining privacy for all users could allow privacy coins to operate within these legal frameworks. Such a balance could includes the use of enhanced analytics tools, selective transparency mechanisms, and strict KYC/AML compliance at critical points, such as exchanges and large transactions. All of this could be done without eliminating the core privacy protections these coins offer.
How Privacy Coins Work
Before delving into regulations, however, let’s briefly review just how privacy coins work. Unlike Bitcoin and Ethereum, which are pseudonymous, privacy coins use advanced cryptographic techniques like ring signatures and zero-knowledge proofs to shield transaction details, creating a completely, or almost completely, anonymous cryptocurrency.
In recent years, privacy coins have become even more “private.” Monero’s “bulletproofs”, which allow transactions to be verifiably published to the XMR blockchain without revealing their size, have added to privacy, but also the degree of difficulty in tracing them.
Regulatory and Legal Challenges
Privacy coins present significant challenges to existing regulatory regimes. Privacy coins, it appears, struggle to satisfy the FATF (Financial Action Task Force) Travel Rule, a compliance requirement designed to combat money laundering and the financing of terrorism, because privacy coin transactions by design hide most or all of the identifying information required by regulatory authorities to accompany transactions above a certain threshold.
Many exchanges do not list privacy coins, and with good reason. Recent actions by US regulators such as the U.S. Treasury’s Aug. 8th, 2022 barring of U.S. customers from using mixer Tornado Cash suggest that tolerance for enhanced privacy in cryptocurrency is waning. It is an ongoing challenge for exchanges to decide whether or not to de-list privacy coins and thereby avoid legal risks.
Privacy vs. Security: The Core Debate
Discussions over the future of privacy coins goes back to older debates between privacy advocates and regulators. Privacy advocates argue that privacy coins are necessary to protect personal freedom, financial autonomy, and data privacy in an increasingly surveilled world. Law enforcement, on the other hand, highlight privacy coins as tools for illegal activities like money laundering, sanctions evasion, and ransomware payments.
The Lazarus Group, a collective of North Korean cybercriminals, deals heavily in the privacy coin Monero, purportedly increasing it’s mining activity of the coin by at least tenfold since May 2019, and turning to privacy coins for other criminal operations as well.
Can Privacy Coins Co-Exist with US Regulatory Regimes
It is possible, however, to satisfy both groups, but in order for privacy coins to co-exist with US AML-CFT and sanctions regimes, there will need to be some selective transparency or a “hybrid” model for the industry. Though the US could follow the lead of Japan and implement a total ban, a hybrid model appears to be the best way forward.
Such a model could allow users to retain anonymity for most transactions while implementing selective transparency for regulatory purposes, such as anti-money laundering (AML), counter-financing of terrorism, and sanctions enforcement.
Zero-knowledge proofs (ZKPs), could potentially prove compliance without revealing full transaction details. Something like a zkKYC system, wherein a trusted third party validates a user’s personal details, issues a cryptographic proof which is shared with an exchange without revealing an identity, is one way this could be accomplished.
Privacy coin networks could also adopt a permissioned layer for exchanges, with these centralized institutions complying with Know Your Customer (KYC) requirements, ensuring privacy remains preserved for users but with exchanges allowed to help prevent illicit activities.
In terms of legal reforms that would enable privacy coins to flourish, the U.S. could explore several frameworks. Exchanges and intermediaries handling privacy coins could be specifically mandated to integrate compliance features, such as auditability for specific transactions or third-party reporting obligations for suspicious activities.
The coins could also be subject to a threshold reporting system, where only transactions above a certain value require transparency, similar to cash transaction reporting in traditional finance. By setting clear, proportionate guidelines and leveraging technology like zero-knowledge proofs, regulators can enforce AML-CFT and sanctions rules without stifling privacy coin innovation or infringing on legitimate users’ rights.
The Path Forward: Balancing Privacy and Regulation in the Digital Age
Throughout the history of cryptocurrency there has and likely will continue to be a tension between the need for privacy and the need for authorities to prevent these technologies from being used for harmful activities. The very innovation of something like a privacy coins is a sign that various segments of society desire more privacy over their transactions than what currently exists. Regulators can go a long way toward addressing these concerns with a balanced approach that ensures security without totally compromising financial privacy.
As privacy coins evolve, their widespread adoption could challenge law enforcement, but it may also drive innovations in regulatory technologies and frameworks that promote both privacy and security across the broader cryptocurrency ecosystem. Privacy coins, then, are a crucial part of the future of this new digital landscape and should be nurtured through an adaptive and nuanced regulatory approach.
Join the Conversation
The future of privacy coins is evolving rapidly. If you’re interested in exploring how privacy and regulation can coexist, or want to discuss potential solutions, connect with me on LinkedIn or email me at [email protected] Let’s navigate this complex landscape together.