Whilst each jurisdiction and regulatory body in the world can take their own approach to the setting of rules, often there will be one that leads the way and informs the decisions made by the rest of the western world. Regulators now feel some pressure to rush through regulation of the crypto and DeFi space as it continues to gain traction with institutional investors and retail traders. What happens in America could very easily happen here in the UK next.
Knowing that the hearing could impact future regulations a number of companies involved have released their own suggestions for Regulatory Requirements in the industry. Coinbase, Ripple, Binance & FTX have all created guidelines for digital asset regulation designed to help the committee develop cryptocurrency regulations.
The guidance from FTX is just one example and we have decided to look at how their proposed rules would affect the industry and how they could be met by our clients here in the UK and across the globe.
Key Principles for Market Regulation
In FTX's proposal they identify 10 key principles that should be followed when considering the rules and regulations over the industry:
Proposing One Primary Market Regulator with One Rule Book for Spot and Derivatives Listings.
Full-Stack Infrastructure Providers and Maintaining Market-Structure Neutrality.
Custody of Crypto Assets – Key Functional and Disclosure Requirements.
Full-Stack Market Infrastructure Providers and the Lifecycle of a Trade – Addressing Risk Related to Token Issuance and Asset Servicing, Orderly Markets and Settlement of Trades, Cross Margining and Risk Management of Positions.
Trading Platform Providers – Ensuring Regulatory and Market Reporting.
Ensuring Customer Protections.
Ensuring Financial Responsibilities are Met.
Ensuring Stable Coins Used on Platform Meet Appropriate Standards.
Full-Stack Infrastructure Providers – Ensuring Appropriate Cybersecurity Safeguards are Kept.
Full-Stack Infrastructure Providers – Ensuring Anti-Money Laundering and Know Your Customer Compliance.
They open initially by discussing the jurisdictions of different bodies and how there should be one primary regulator for the crypto industry. This of course makes sense, there can be so many different asset classes represented on a blockchain that regulating the space would require the SEC for anything considered a security, but on the same blockchain you could facilitate derivative trading which would fall under the purview of the CFTC.
The details of the proposal are well worth a read but for Crypto Brokers in the UK the suggestions made for Custody of Crypto Assets, Cybersecurity Safeguards, AML, KYC and Ensuring Regulatory and Market Reporting are the ones to pay attention to as they are rules that often transcend nations.
Custody of Crypto Assets - Key Functional and Disclosure Requirements.
FTX suggests that a number of important questions should be answered by regulators on the issue of custody. While individuals and funds should be given the freedom to self-custody the importance of correctly storing your cryptocurrencies shouldn't be overlooked and as FTX points out "Where custody is performed on a customer’s behalf by a platform operator or intermediary, appropriate safeguards should be disclosed in policies and procedures of the custodian."
To meet the requirements Crypto Brokers in the UK should consider if their custodian has Insurance, what wallet architecture they use, how private key security, management and transfers are managed, managing risks related to insider collusion or fraud; and physical security of data centres.
"Market supervisors should require regulated platform operators to perform regular diligence on their vendors and to have sufficient business continuity and disaster-and-recovery programs in place in connection with their vendor suite." At Trustology we always anticipated that regulations would take this direction which is why it was a priority to become registered with the UK's Financial Conduct Authority. Our FCA registration is another example of our commitment to providing regulatory compliant custody for brokers and exchanges in the United Kingdom.
Full-Stack Infrastructure Providers
Ensuring Appropriate Cybersecurity Safeguards are Kept
For brokers and exchanges cybersecurity is not a secondary thought. The importance of securing assets and data is vital, yet we hear of regular hacks against exchanges and brokers with devastating consequences. Additionally, with many brokers and exchanges, client funds are commingled or swept into a few addresses at times throughout the day. This is usually because the infrastructure they are built on makes this cheaper and faster to do as well as allows for faster trades. The problems arise from hacks where funds aren't segregated, as large amounts can be stolen in one swoop.
FTX is proposing that regulators adopt policies that help facilitate the standardisation of cybersecurity safeguards domestically as well as globally. Trustology understood the need for segregated accounts from inception. With our Trustvault platform a broker/exchange can open as many subwallets as they want, meaning that clients can have their own cryptocurrencies in segregated wallet addresses but still access capital for trades and liquidity with sub-second latency. This is just one feature that we believe can satisfy potential future rules on cybersecurity.
Our upcoming rollout of an Ethereum DeFi simulator and decoder should further help with providing additional security measures. In simple terms, institutions will be able to simulate a transaction to see where the funds will actually end up before signing a transaction. But the key here will be the ability to see in plain English what they are signing (Decoder) and where their funds will likely end up (Simulator) vs. spending time and effort figuring out what the underlying binary or transaction hash data says. In this way, Trustology is enabling early detection of fraud or illegal activity and minimising the potential for financial losses.
Full-Stack Infrastructure Providers
Ensuring Anti-Money Laundering and Know Your Customer Compliance
Appropriate use of KYC as part of user onboarding and conducting regular anti-money laundering surveillance of user activity (both on the trading venue and via the scrutiny of related on-chain transfers in and withdrawals out) is the key takeaway from the recommendations. FTX suggests that all marketplace operators should regularly perform self-audits.
AML compliance is going to be a requirement globally from both a KYC and KYT stance. At Trustology, we already have compliance baked into our platform with tools in place to meet these recommendations beyond even the standards set recently by the SBAI (Standards Board for Alternative Investment). When transactions are received by one of our clients they are all automatically run through Chainalysis and any suspicious transactions are flagged and investigated by our compliance team. Equally, outbound transactions are also monitored and investigated. Additionally, for all inbound and outbound Ethereum transactions, we provide our clients with transaction risk rating and counterparty cluster information e.g. gambling, mixers, terrorist financing etc. through our webhook payloads.
This ensures an easier way of monitoring for direct transactional exposure risk, eliminating the need for institutions to manually perform pre-flight checks themselves, which saves on time, cost and effort.
Trading Platform Providers – Ensuring Regulatory and Market Reporting
Crypto Brokers in the UK need to be able to report transactional activity if and when required. This can become a time-consuming task if the underlying wallet infrastructure isn't built with reporting in mind. The recommendations being put forward to the House Financial Services Committee are more focused on the risks of market manipulation.
"Regulatory reporting of transactional activity should be required in order to provide market supervisors appropriate visibility into the trading platform, and to better allow supervisors to police for market manipulation and other unfair trade practices." We looked at how Trustology can help with compliance and operational due diligence requirements when we recently reviewed the SBAI Operational Due Diligence on Crypto Assets guidance.
With our TrustVault custodial wallet platform, institutions can view transactions enriched with AML & DeFi data on web or mobile apps, export to CSV, or query via APIs, all in the currency of their choice. For institutional investors, we’ve included better NAV reporting by allowing them to see the value of all their portfolio assets deposited on protocols by a point-in-time, frequency or number of valuations view.
Building On The Right Solution Matters
With more and more governments looking at formal regulations for the crypto and decentralised finance exchanges and brokers are considering their position and making changes to pre-empt new laws. Waiting until regulations come through could lead to serious disruption to operations and potential losses in revenue.
For existing crypto brokers making those changes to the backend of their platforms can take some time so many are beginning the process now. For brokers and exchanges moving into crypto from traditional markets, this can be avoided by building on the right infrastructure solution. In either case, using Trustology's Trustvault platform for custody can reduce the friction and cost of meeting many of the possible regulatory requirements that may develop from this week's hearing.
Our custody solution does a lot more than just securely store private keys, we call this value-added custody and if you are looking for a safer, faster and easier way to manage your crypto exchange or brokerage talk to us.
Stay up-to-date with the latest crypto news, events, and crypto custody with Trustology. Over 2000 subscribers receive our monthly round-up of what made the headlines, upcoming events that institutions need to know about and the latest developments in crypto custody on our TrustVault platform. Be in the know, sign up today.