Tuesday, January 05, 2021

Response by Simon Lelieveldt to FINCEN consultation on crypto, travel rules and such

This blogpost/longread (below) contains the content of reflections, as sent to the FINCEN as a response to the consultation on travel rule for crypto (Docket No. FINCEN-2020–0020; RIN №1506-AB47). It is written from the Dutch and European perspective and what makes it relevant for the US is that the Dutch supervisor has already imposed an even harsher rule (verification of beneficairy wallet holder for self-operated wallets regardless of amounts involved) as an undue (and legally disputed) market entrance rule. 

The blog is written from a personal perspective, based on my market and regulatory experience with 25 plus years of banking, e-money, crypto and e-payments. In essence I recommend the FINCEN to steer away from behaviour that qualifies as a human rights treaties violation and not force the private sector to disobey the human rights obligations that they independently have under those treaties. Regulators should align legal requirements into a coherent framework and not place the burden of incompatible requirements at the doorstep of the private sector. 

Of particular interest in this respect is the recent announcement of the European Data Protection Board (of late december 2020) which outlines their committment to step up their game and ensure that no AML/KYC measure infringes on human rights principles of privacy and innocense presumption: 

The EDPB considers it as a matter of the utmost importance that the anti-money laundering measures are compatible with the rights to privacy and data protection enshrined in Articles 7 and 8 of the Charter of Fundamental Rights of the European Union, the principles of necessity of such measures in a democratic society and their proportionality, and the case law of the Court of Justice of the European Union.

The brief version of my comments / summary is provided here, which is then followed by the detailed submission to the FINCEN, with hyperlinks replacing the footnotes of the original document.

======

Agency: Financial Crimes Enforcement Network (FINCEN)
Document Type: Rulemaking
Title: Requirements for Certain Transactions Involving Convertible Virtual Currency or Digital Assets
Document ID: FINCEN-2020-0020-0001

Comment:
Please find my contribution attached. Some highlights.

1. What worries me is that FINCEN are about to try to outdo the Crypto AG intelligence coup (the technical backdoor behind the scenes) by installing an overly intrusive surveillance front-door for crypto. Although this may seem surveillance business as usual to you, it is certainly not. It is not only a violation of human rights treaties in itself, but you are also forcing this violation upon the private sector, which has an independent duty under the same treaties to respect the human rights. I am therefore copying my response to the UN Special Rapporteur on privacy in a digital age and respectfully suggest you consult and abide with the relevant UN/EU Charters on human rights.

2. Why the FINCEN proposal is not justified: it continues the abuse of deliberate post 9/11 legal design flaws/choices that undermine human rights by misusing administrative law, financial supervision law instead of following penal law procedures which have proper safeguards for human rights.

3. Do also note that the European Data Protection Board has issued a clear statement outlining the limits of surveillance by states and under administrative law. In this respect do also take note of the dissertation by C. Kaiser of 2018, outlining that the EU KYC rules may be anulled if challenged in European courts. From an analytical perspective this would also hold true for the US rules and their compatibility with the UN charter on human rights.

4. Practically speaking: the FINCEN is being sloppy with data. Data breaches of FINCEN have a huge impact which is not catered for in terms of risk analysis and side effects. These side-effects, when quantified, outweight the benefits to a huge extend and less intrusive solutions will be available. But history shows that you are not seeking less intrusive powers but seek to increase your information position out of an organisational drive to remain in the game and grow bigger.

5. Finally, don't kid yourselves as to the relevance of picking up these bread crumbs on the table. You are punishing the citizens of the world, while leaving all big money launderers unchallenged. Most relevant example is that you have been unable to really do your job properly, How come that a well known money launderer was even able to become president of the US? I think you may want to reflect on your own organisation and functioning first,

I find it quite ironic that the US, that saved the Dutch population from a dictatorial regime, that taught us about the importance of human rights, true democracies, freedom of speech, privacy and the importance of the presumption of innocence, is now the country that violates the values it has inspired into others.

Uploaded File(s):

  • FINCEN-response-Lelieveldt-2020-01-04.pdf
  • FINCENFiles-thread-Annex 1.pdf
  • Annex-2-Lelieveldt submission FINCEN.pdf

=====


Policy Division
Financial Crimes Enforcement Network
PO Box 39 Vienna, VA 22183
United States of America


Dear Secretary Mnuchin,                         January 4, 2021


I would like to share some reflections on Docket Number FINCEN-2020-0020, RIN number 1506- AB47, and the proposed changes outlined in, FinCEN, Notice of Proposed Rulemaking, “Requirements for Certain Transactions Involving Convertible Virtual Currency or Digital Assets.” 

Although you limit the timeline of submission to 2 weeks, I am pleased to be able to still contribute to the debate, as the situation in the Netherlands is even worse. Without advance notice, the Dutch financial supervisor, DNB, has used its powers as a supervisor of a simple EU registration regime for crypto players to force upon the industry an even more intrusive obligation for all crypto-players in the Netherlands to verify beneficiaries of cryptowallets, regardless of the amount. The requirements imposed during the registration process will be challenged in court and you may wish to monitor those developments.

What worries me is that FINCEN are about to try to outdo the Crypto AG intelligence coup (the technical backdoor behind the scenes) by installing an overly intrusive surveillance front-door for crypto. Although this may seem surveillance business as usual to you, it is certainly not. It is not only a violation of human rights treaties in itself, but you are also forcing this violation upon the private sector, which has an independent duty under the same treaties to respect the human rights. I am therefore copying my response to the UN Special Rapporteur on privacy in a digital age and respectfully suggest you consult and abide with the relevant UN/EU Charters on human rights.

So who is writing this? 

Now let me introduce myself further. I am writing in my professional/personal capacity and driven by a personal motivation that is reflected in the seal/logo and motto in the right upper corner: the NOW is the PAST is the PRESENT is the FUTURE. The moto is imprinted, using an old coin press, upon a wooden coin, made out of a 130 year old tree that stood on the Amsterdam exchange square. The tree, an Elm, witnessed time passing by and the development of society and financial markets. It symbolises the value I attach to cherishing history, learn lessons and use those learnings for todays developments. I hope you may appreciate my reflections from this perspective and rest assured, I’ll get to the actualities of FATF and European privacy discussions in due time. 

Professionally, I started out my career In as an industrial engineer in the financial sector by documenting and publishing a study on electronic payments (EFTPOS) regulation in 1989. In my research I revealed that the US Intelligence agencies had been pushing DES to become aninternational standard. At the time I did not have the ability however to put this finding into a broader perspective. However, more recently it became clear from the Crypto AG case that it was part of a long standing practice in which the US was actively pushing backdoors in technology, to ensure continued surveillance of all citizens and governments of the world. I think it is fair to say this is indeed the ‘Intelligence coup of the century’. 

Since then I embarked on a professional career starting out at ING/Postbank, moving on to become a policy analist at the central bank, charged with developing supervisory frameworks for electronicmoney in the 1990s. By the time that I contributed to European legislation and supervision for electronic money issuers, your organisation, FINCEN seemed to have made a strategic decision toposition itself as the go-to supervisor for all kind of modern payments and e-money. Although I think such a move may be analytically unsound and undesirable, I also view this as a natural reality ofinstitutional power politics. It is up to citizens, politicians, courts and private sector organisations to push back and hence my reflections in this letter.

Next up in my career, I worked extensively in the payments policy department of the Dutch bankers association. As such I was quite involved in the international rulemaking for banks and actually wrote the Dutch implementation guideline for the FATF7-rule (the origin of the travel rule). I was also a close witness to the SWIFT privacy incident and subsequent discussions on the EU privacy shield. Later on I moved towards a role as head of the department on financial markets and bank supervision of the Dutch Bankers Association.

What struck me in those days was the very anecdotal evidence and political framing arguments in discussions on money laundering and prevention of terrorist financing. It seems that 15 years later the situation hasn’t changed and I would suggest the FINCEN to disclose and evaluate more precisely whether its role has been effective and whether this proposed rule actually adds any value when doing a broad analysis of costs/benefits. I’ll get to that issue later.

Since 2011 I am active as an independent regulatory consultant and interim compliance manager for both government agencies and private sector entities. In this work, which mostly covers payment instritutions, e-money and crypto, I try to reconcile justified regulatory requirements with business constraints/demands. And yes, the important wording is: justified

Let me try and explain why the FINCEN proposal is not justified: it continues the abuse of legal design flaws/choices that undermine human rights by misusing administrative law, financial supervision law instead of following penal law procedures which have proper safeguards for human rights.

Sidestep: what use are consultations if you don’t want to listen? 

The Dutch scientist Dr. M. Wesseling has written an extensive and worthwhile dissertation on theinternational and European fight against terrorist financing and money laundering. The dissertation outlines that the US intelligence agencies have smartly used the momentum of the 9/11 attacks to get something they wanted: spying possibilities via the front door of financial transactions, bypassing formal legal and penal law safeguards, by pushing bank regulation and administrative rules. So what happened before 9/11?

A third important discourse concerned civil liberties. In 1999, the US Treasury proposed strengthened Know Your Customer (KYC) regulations. These proposals faced stiff opposition in the US Congress for anti-regulatory reasons, but the main issue at stake was concerns over privacy (Eckert, 2008, p. 213, Napoleoni, 2004, p. 219). The US Treasury received more than 200,000 negative responses to its proposal from all political backgrounds objecting to the proposed requirements for banks to obtain extensive private information (Donohue, 2006, p. 359). The KYC proposal was also criticized for being a potential source of mistrust and resentment of government, particularly among immigrants and minority groups, as well as an undesirable form of generalized spying and reporting on citizens (Cato Institute, 1999).

What FINCEN has seen in these 2 weeks of consultation will analytically not be very different from the responses that the US Treasury received more than 20 years ago. I would suggest that you include a review of those responses into your work, as they will undoubtedly be just as relevant.

Wesseling outlines how the 9/11 attacks changed the regulatory picture completely with civil liberties and human rights being:

The attacks of 11 September 2001 substantially changed the urgency and importance assigned to these different debates. The relative insignificance of the amounts of money involved in terrorism, the burden on the financial sector, the civil liberties implications of strengthened regulation, and the doubts about the use of UN economic sanctions, all became subordinate to the increased urgency of terrorism. 

Although the 9/11 Commission would estimate in 2004 that the total costs of the attacks was between $400,000 and 500,000 and concluded that the costs of the attacks were relatively low compared to the amounts of daily financial transactions worldwide (2004, pp. 186-189), a radically different conclusion was drawn in the immediate aftermath of the 9/11 attacks. 

Starving terrorists of their money had become a key objective within global governance. Likewise, financial regulation, such as Know Your Customer requirements, had been strengthened with little opposition from politicians, civil society or the financial and banking sector. Their current scope exceeds by far any previous initiative, making the contentious proposals of the 1990s look soft. Civil liberties, it was now widely accepted, had to be traded in if they constituted an opportunity for terrorists to ‘hide’. 

What I am saying here is that since 9/11 your organization is in a group think tunnel which has the effect of a religion or a cult. There is a dangerous liaison between intelligence agencies, tax authorities and financial supervisors which impose all kinds of intrusive rules under the FATF-umbrella as so-called: recommendations. Instead of revisiting the post 9/11 approach as a regulatory overshoot, the groupthink has remained intact as it comes in handy.

Or to put it differently. The US have since 2001 moved the angle of their intelligence attack from hardware based intelligence and surveillance to the informational front door that lies in financial transaction data. And this move is so useful and successful that US authorities are now even able to pull it off in broad daylight. Generations of bank personnel have become used to KYC/AML procedures that infringe on human rights. Now, from this perspective, it is clear that there is no way FINCEN will actually read or take on board any of the remarks in this consultation. As an institution the FINCEN has by now also brainwashed itself into believing its approach is valid and legitimate. 

The big design flaw is that instead of penal law, the whole construct of administrative law and bank supervision law is misused to ensure unbridled and unchecked data flow of innocent citizens to authorities all around the world. So it is fair to say that the FINCEN has successfully contributed to maintaining a climate in which a legal design flaw is used in combination with a cultural ideology to hypnotise/brainwash financial professionals in acting in violation of clear human rights such as privacy and the right to be viewed as innocent until proven guilty.

Please see also Annex 1 to this letter (threadreader page - twitter feed) for a further explanation of the idiocy of still using administrative law when fine penal law structures exist and can be enforced to catch money launderers and terrorists on a spearfishing pull-request basis without the extensive data broadcasting and datamining requirements stemming from the pre-platform pre-big data age 2001. Then again, you could also read the 1999 consultation responses. All answers are in the public domain already. The real question is: FINCEN, are you listening. Really?

FINCEN violates human rights as a business model and should not force companies to join them 

Under UN Resolution RESOLUTION 28/16 (the right to privacy in the digital age), article 8.2 of the European Convention on Human Rights and the EU Court decision on data retention (ECLI:EU:C:2016:970), the EU understanding on mass surveillance of personal data of innocent persons is that it may very well constitute a violation of the right to privacy in cases where it is disproportional and no sufficient safeguards are in place.

In this respect I can recommend the dissertation by Dr. Carolin Kaiser from 2018, outlining that – under todays case law and interpretations - the current EU regulation of KYC/AML may well be annulled by the EU Court of Justice. I am pretty confident that by analogy the same will hold true for US KYC/AML legislation when read against the UN Charter of Human Rights. But let us focus on the EU situation more closely. 

Last month the European Data Protection Board issued an important statement outlining the importance they attach to protecting the human right toprivacy in particular given the intrusive money laundering procedures that have arisen all over the world.

The EDPB considers it as a matter of the utmost importance that the anti-money laundering measures are compatible with the rights to privacy and data protection enshrined in Articles 7 and 8 of the Charter of Fundamental Rights of the European Union, the principles of necessity of such measures in a democratic society and their proportionality, and the case law of the Court of Justice of the European Union. 

The EDPB therefore calls on the European Commission to be associated to the drafting process of any new anti-money laundering legislation in its early stages, with a view to provide legal advice on some key points from a data protection perspective, without prejudice to the consultation by the European Commission in line with Article 42 of Regulation 2018/1725 at a later stage. 

The EDPB is also ready to contribute to discussions within the Council of the EU and the European Parliament during the legislative process. Going forward, the EDPB stands ready to be involved and consulted in a timely manner by any European or international regulatory bodies or standard-setters, such as the Financial Action Task Force, currently chaired by an EU Member state, before issuance of the revision of their recommendations.

Coming back to the details of your proposed regulation. Human right treaties require that intrusive surveillance requires serious crime under human rights charters. It can hardly be argued that just the sheer use of unhosted wallets for higher amounts is a demonstration of this serious crime. The suspicion should come from formal police officers doing their job, not from private sector players which are obliged to snitch upon their customers and broadcast their data into all kinds of databases without reasonable suspicion being present.

Next up, you are also overlooking the fact that businesses are by themselves obliged to honour the human rights under the "Guiding Principles on Business and Human Rights: Implementing theUnited Nations ‘Protect, Respect and Remedy’ Framework", which were developed by the Special Representative of the Secretary-General on the issue of human rights and transnational corporations and other business enterprises. The Human Rights Council endorsed the Guiding Principles in its resolution 17/4 of 16 June 2011.

It should not be up to companies to reconcile conflicting legislative objectives. It is up to regulators to steer clear from conflicts of law and not impose undue human rights violations onto companies.

FATF: continuation of the ill-footed surveillance model

FINCEN is engaged in a regulatory experiment that has been agreed upon by the FATF in the summer of 2019 or 2020. Confronted with the new blockchain / virtual asset technology, the choice has been made to push the travel rule into the blockchain world. The US has used its leadership position of the FATF to push this agenda item through. Which essentially sums up 20 years of anti-money laundering policies worldwide. 

In Annex 2 I have listed the blogpost with which I tried to warn the FATF/public in spring 2019 on the fact that pushing through a travel rule for crypto is just as useless as it was for banks back in the days. There is no sufficient quantitative evidence that any of those rules has really benefited finding criminals and preventing terrorist attacks (see the dissertation of M. Wesseling). It is a cost burden to all professionals in the financial sector and the resources spent could be better allocated directly to police forces or Ministries of Justice instead, as this warrants better protection of suspect individuals.

The recent evaluation of the FATF virtual asset travel rule clearly outlines the 2-step approach that is being taken. First force the travel rule upon registered/licensed players, then as phase 2 force them to verify the beneficiary of wallet transactions. This is a requirement which even goes beyond the R15 and R16 regulations for banks !!

If I read the FATF document correctly the FATF-members have agreed to not follow a similar policy line but to use the year 2020/2021 as an experimentation year. The 12-month review of the revised fatf standards on virtual assets and virtual asset service providers is clear that there is no real risk present:
53. However, jurisdictions did not consider that there was sufficient evidence to warrant changing the revised FATF Standards at this point at time. There was insufficient evidence demonstrating that the number and value of anonymous peerto-peer transactions has changed enough since June 2019 to present a materially different ML/TF risk. Further research could be undertaken with the VASP sector, academics and software experts and engineers to better understand the scope of the unregulated peer-to-peer sector. 

Yet, the document also gives a path to further experimentation per jurisdiction. If government authorities put the risk levels on high, they may start to experiment with additional regulations:

54. The launch of new virtual assets however could materially change the ML/TF risks, particularly if there is mass-adoption of a virtual asset that enables anonymous peer-to-peer transactions. There are a range of tools that are available at a national level to mitigate, to some extent, the risks posed by anonymous peer-to-peer transactions if national authorities consider the ML/TF risk to be unacceptably high. This includes banning or denying licensing of platforms if they allow unhosted wallet transfers, introducing transactional or volume limits on peer-to-peer transactions or mandating that transactions occur with the use of a VASP or financial institutions. As of yet, no common practises or consistent international approach have emerged regarding the use of these different tools. Accordingly, there should be further work undertaken on the extent to which anonymous peer-to-peer transactions via unhosted wallets is occurring, the approach jurisdictions can take to mitigate the ML/TF risks, the extent to which the revised Standards enable jurisdictions to mitigate these risks and to continue to improve international co-operation and coordination.

Right now we have seen the FINMA issuing regulations beyond the informational travel rule, coming down to verifying the beneficiary of transactions. And the Dutch Central bank has also made thisrequirement a (disputed) prerequisite in their registration process for crypto companies. I view the FINCEN rules as a part of the same process.

What FINCEN is thus doing as a regulator/contributor to FATF discussion is something which could be called agile regulation. Where usually companies may seek to roll out products in not yet definitive form, I would qualify the current world wide regulatory approach on crypto assets and the travel rule as an agile form of experimentation, at the cost of the private sector.

Government agencies do not only have a duty to not write or impose conflicting requirements upon their constituents but also to ensure their actions are coordinated. But as the FATF intermediary paper says: As of yet, no common practises or consistent international approach have emerged regarding the use of these different tools. 

What you are proposing as FINCEN (and will be rolling out, as I fail to see any true intention of finding an optimal regulatory solutions) is an uncoordinated regulatory measure which will lead to increased cost in a number of different jurisdictions for an industry that is worldwide by nature. 

The side effects of the approach is that FINCEN and other regulators are making sure that only larger well capitalised companies in the crypto space can survive (as they are faced with different costs in different jurisdictions). Both by nature and their effect, the proposed rule impedes innovation and leads to undesirable market structures.

FINCEN operational risk and failures 

Now let’s turn to the track record of FINCEN itself. I will be blunt in a Dutch way here. You fail to keep your records safe. For this rule it means that basically we can envisage that at some point in time hackers will have the possession of names/address of owners of bitcoin addresses. This is an impact beyond the Ledger hack (which was already scary). It is the equivalent of throwing all peoples bank account statements in the streets. Which cannot be undone and I don’t see any appreciation of the operational/privacy risks that you create in this way. 

The FINCEN-files leak shows that you will be unable to prevent this data from being safe. It also shows that FINCEN is unable to do its job properly. You are going after the crumbs on the table and leave the big money laundering industries and players untouched. Case in point: at present the US still has a President that may better be labelled the money launderer in chief. No FINCEN authority, no AML/KYC rules have been able to prevent this from happening. 

US from inspiration to dystopian example?

Each moment in life encompasses all its previous moments as well as its future moments. That is the meaning of NOW is the PAST is the PRESENT is the FUTURE. 

The FINCEN proposal is clearly born out of a tradition of illegitimate government action, spurred by overactive intelligence desires of the US. It is the second biggest intelligence coup in progress which may deter a whole innovative open source blockchain technology from maturing into beneficial society solutions. Because with these rules you are making virtual assets, distributed ledgers and digital tokens into data drones, to be automatically sent to government. 

I find it quite ironic that the US, that saved the Dutch population from a dictatorial regime, that taught us about the importance of human rights, true democracies, freedom of speech, privacy and the importance of the presumption of innocence, is now the country that violates the values it has inspired into others. 

Ir. S.L. Lelieveldt, CCP

Thursday, September 24, 2020

Facebook: a limited network exemption in the Netherlands?

Here is a brief post, to alert professionals in the field to the fact that Facebook Inc has in the Netherlands been registered as an exempt institution out of scope of the payments directive based on the article 3k/3l in the PSD2:


The filing occured in february 2020 but it is not the only entry in our registers. The same company holds an incoming EU-license, originating from Ireland, to do payments business as a cross-border service. So there is a generic incoming payments license (see the blog here), the discussion on Libra/Calibra (see here) but also a local exemption.

What is the exemption all about: origins

When we go back to the original legislation we see the PSD2 having an exemption for small scale payment methods. 

This exemption dates back to the e-money directive of 2000 which stipulated a waiver for small scale appearances of e-money. 


And this waiver was born out of the understanding of supervisors that it would not make sense to go about checking all kinds of sports events, local stadiums or situations where owners of closed loop ecosystems offered digital forms of money on cards. It specifically took out campus-money systems as too irrelevant to be concerned about. Although also those campus systems were bound to rules as to refunding on request, proper contractual arrangements and limits on the devices.

Exemption in practice for Facebook: for gaming

The register seems to outline in-gaming payments as the focus for the exemption: 

Facebook provides an in-gaming payment service which enables Facebook users to purchase digital content within online games.

Now, as I don't know the details of the mechanism at play, nor the considerations of the regulator, I do wonder how this works. Does this mean that if Facebook puts in place a closed loop payment environment for games, they steer away from all regulation? Regardless of their worldwide scope?

I don't think this was really the intention of that exemption, so I am a bit puzzled here. 

Or is it a crypto-asset?

The next question is: would it perhaps fall under the definition of crypto-asset of the recently proposed EU legislation:"

(b) ‘crypto-asset’ means a digital representation of value or rights, which may be transferred and stored electronically, using distributed ledger or similar technology;  

Technically I would say yes, because similar technoloy in terms of distributed ledgers is a wide concept, effectively encompassing all ICT-tooling available. But the jury is still out of course.


Where are we heading with Facebook in Europe?

While we can fuss about the small print, as above, I think the regulators would be well advised to look at the broader picture. Facebook has a bad track record in terms of supporting proper communication, democracy and being responsible to parliaments. It violates EU privacy laws and is taking the EU to court to push away that problem.

Meanwhile all the stablecoin reports have a huge red bulb flashing: watch out for worldwide bigtech platforms doing their own payment think and destabilising economies. Don't let them move. With the result that Facebook quickly rebranded its Libra initiative into a different name (separating profitable single wallet business from the dead-on-arrival Libra-long term identity play - see 3 blogs here).

Of course I might be missing something here in the picture. But if anyone can explain why it would make sense to exempt inpayment gaming payments on worldwide Facebook as a limited network, I am open to ideas.

 

Saturday, May 02, 2020

Contemplating 75 years of freedom: a dark story on three Dutch lessons never learnt

First of all I must warn all readers. This is not a happy blogpost. It is not funny. It is a dark and sobering tale of lessons that we should have learnt in the Netherlands. A tale about lessons that we never learnt. Lessons that still hold immense value today. Lessons that we owe it to be taken to heart when we reflect on the 75 years of freedom that we will celebrate next week.

From Rotterdam to Amsterdam: records and track records
This post connects two cities that I lived in for the longest time in my life. First of all; Rotterdam, the place of my birth. It was bombed to ashes early on in WorldWar 2. Except for one place: the city hall. Reason being? That's where the population records were. Cunning Germans, as my dad explained to me. 

Next up is Amsterdam, where the Anne Frank house and her statue form the background against which new children grow up in freedom. Where Stolpersteine remind us of those who lived here before us. Where the elder lady with her dog told us what is was like to grow up here. How the Germans were raiding the houses and pushing their bajonets into the ceilings to discover if people were hiding.

Amsterdam is the city of the 'dot-map'. It is the map that the Amsterdam city administration drew up on request of the occupying Germans, that wanted to know: where do the jewish people live?

It sounds like a simple question: an administrative thing, strange request perhaps, but why not just answer it? Let's cooperate collaborate. So the map says: One dot is 10 jews. Take it in and look history in the face.

The particular situation here in the Netherlands (J.H.Blom - source) was that our government had fled and the Germans put their officials in charge of the Dutch civil servants. This is a marked contrast with Denmark, where they let the Germans enter with the military but stayed in office and controlled their bureaucracy.

There is a lot more to read in the study of Blom but one of the very striking elements is the efficient bureaucracy in the Netherlands, in combination with a tendency to cooperate and answer properly to Authority. Whichever the source of Authority.

The very sad fact of the matter is that after the war we could learn that in Western Europe, the Netherlands turned out to be the country where 75% of its Jewish population died, as compared to 40% in Norway and Belgium, 25% in France and almost 0% in Denmark.

If we look history in the ugly eye, this is (literally) a track record that the Dutch must carry as a scar on and in their souls. A fact that obliges us to honour the deceased and make sure that we learnt something. But do we really?

History is distant and can be easily forgotten
This is all maps and statistics from earlier days. If we wish we can look away and forget. So let me warn you as I bring the lesson closer to home. To this end I draw on a pre-Corona visit that I paid to the excellent exposition covering 300 years of insurer Stad Rotterdam. now ASR. During the visit I stopped by and looked at the part on World War II, where I bumped into someone who turned out to have contributed to that part of the exposition.

He is a commited lawyer who until today still tries to resolve the administrative wrongdoings of the past. His story on what he found in archives, on what he did not find, was very sobering. He had seen files where a fanatic anti-semite employee hammered a J multiple times on the insurance policies of Jewish clients. And he explained how the Germans would start out with simple requests with more serious consequences kicking in later.

A typical example of this is the introduction of a generic duty to register and issue personal ID-s. This was formally introduced in October 1940 in the Netherlands and came info effect in April 1941. And then, one year later, all IDs of Jewish people needed to be stamped with a J. So we see bureaucratic evil of the end made possible by fairly innocent baby steps in the beginning.

Administrative witnesses of the insurance sector: during the World War 2
One of the most well known German tricks pulled in World War 2 in Amsterdam was the take over and manipulation of the Lippman Rosenthal brand by setting up a sort of second bank or branch-office with the same name. This second office was effectively German run and a 'robbery-bank' that sold off assets of Jewish clients. This bank plays a sinister role in the documents that I will be publishing here.

It started out with a request that Jewish people declare to their bank that they are Jewish, as via a specific Regulation, the only bank paying out the life insurances would be the Li-Ro-robbery bank. Here's the snapshot of the regulation and the form to be filled in.

Regulation outlining obligatioo to insurers to pay out
their clients only via the Li-Ro robbery bank

And here is the form and letter that people were sent. Please declare yourself to be Jewish.

Form with request to fill in if you are Jewish or not

Now the involved insurers didn't really all like this idea and they figured out: if we don't know for certain if someone is deceased, we can't really transfer all the money to Li-Ro bank. So the exposition shows a bank writing to the Li-Ro bank on this specific issue. 

Now beware of the answer which dates to January 1943.  I will translate it here:
Through the contact that we have with the relevant authorities we have been informed that Jewish people that have been deported by government order will be totally taken out of the society and nothing will be ever possibly heard of them. As a result they are, sort of automatically, also completely annihilated in respect to your administration but we note that, if no further measures are taken, their remaining insurances would continue to exist.
It will be clear to you that the circumstances in which the aforementioned Jewish people find themselves in society - but with respect to you as well - have lead to a situation that is equal to that where an insurance policy ends due to the death of the insured, which means that we need to find a way to bring those insurance to a pay-out.
We invite you, the pay to us the relevant reserves that you have amassed to this end, while deducting a considerable reward for the risks that you have taken.We look forward to your proposal.



Administrative witnesses: after the war
Imagine that you survived this World War 2. And that you want to claim the insurance funds that you are entitled to. And the response being: please can you prove that the person you are referring to is actually dead? Survivors of the war atrocities had to endure long and terrible administrative procedures to restore their rights.

Here is a witness that matters. It is a letter dating from 1950 and it is a declaration by a Red Cross official. It specifies the dates of deportation as well as the names of three survivors who have had to make a personal declaration to the Red Cross. It says that
... it is clear from the declaration of those three people (out of 33.000 deported to Sobibor), who stayed of a longer period in time in the camp, that almost all people that came to Sobibor were almost immediately being suffocated by gas and cremated afterwards. Given that nothing has ever been heard since the conclusion is that the person in question has died on 11-6-1943 of the consequence of suffocation.


No happy ending.... 
There is no happy ending to this story.

Survivors had to fight administrative wars and it took until 1999 before some sort of settlement was made between representatives of the Jewish community and the Dutch Insurance Industry. Part of the settlement is that a Foundation for individual claims SJOA has been set up. And until today the foundation is still actively assisting and doing research to do justice.

Which brings me full square back to my neighbourhood in Amsterdam. There are not just the silent physical reminders of history, the Stolpersteine in the streets. We also find reminders on the web, in this list of holders of insurance premiums. If I type in the names of the streets around me, their names come back to help me remember what happened.

Three lessons to heed...
We, society in general but the Dutch in particular, owe it to all of those who gave their lives during the war, hoping for true freedom, to heed three lessons we appear to have never really learnt:

1- we must better understand the mechanics, the workings of records, administrations and bureaucracies and the ease with which what looks like a legitimate government action can turn into an evil one that starts a persecution on illegitimate grounds,

2- we must remember that it is the atrocities of World War 2 that made us formulate the Human Rights Declaration, which formulates the fundamental rights that protect us,

3- we must cherish and protect our fundamental right to privacy as one of the most important defenses against bureaucracies turning evil.


Tuesday, February 04, 2020

Perspectives on (Ca-)Libra #3: Why the Libra is not e-money (on the history of e-money and stablecoins)

Quickly after the announcement of Libra, I, stated that Libra could not be viewed as e-money. Now has come the time to explain my earlier analysis (of June 2019) as to the organisational set up and regulatory qualification of Libra.
Libra is a privately issued and distributed digital  and virtual ‘currency’, that is intended to function as a means of payment. It is not a true currency because its actual composition/counter value is a basket of fiat-currencies and financial instruments. It is not e-money as the Libra is not ‘monetary value’. The digital value qualifies as a financial instrument (a mini-participation in an open ended investment fund) and is used in an open source payment instrument, to be used for payment and acquiring. Both payments and securities legislation apply, as well as the relevant competition and consumer protection rules. 
The Libra association is a manager of the governance and operational arrangements and activities that come with using the virtual currency Libra and participating in the Libra (payment) scheme. This Libra scheme is a private and commercial arrangement which:
- defines a unit of account for a new virtual currency: the Libra,
- defines the asset mix that backs one currency unit,
- lays out the distribution and management rules of the currency units and reserve funds,
- lays out commercial rules and does a private placement to further promote the use of the Libra by giving them away (for free or at a discount). 
Definitions of e-money and term: monetary value
The reason why Libra, as a basket of different currencies, cannot be considered e-money is that it doesn't qualify as such under the definition as it is not monetary value. And to comprehend the definition we must understand that the e-money directive has had a first version and that the European Central Bank was clear on its analysis. E-money is a fiat currency in a digital shape and must be treated as such in terms of: reporting requirements for monetary aggregates, redeemability (at par), assurance that customer fiat money equivalent was kept safe etcetera.

The definition and use of the term 'monetary value' in the first version reflects that all we could think of was digital tokens that one-on-one reflected the physical or existing scriptural account-money forms. This is particularly clear from the consideration 19 in the Opinion of the central bank on the first draft directives.


What we can see here is a central bank ensuring that redeemability against the fiat currency is obliged, in combination with a definition of e-money which does not allow offering e-money at a discount:
"electronic money" shall mean monetary value as represented by a claim on the issuer which is:
(i) stored on an electronic device;
(ii) issued on receipt of funds of an amount not less in value than the monetary value issued;
(iii) accepted as means of payment by undertakings other than the issuer.
Redeemability
1. A bearer of electronic money may, during the period of validity, ask the issuer to redeem it at par value in coins and bank notes or by a transfer to an account free of charges other than those strictly necessary to carry out that operation.
To me, the full analysis and reasoning behind the e-money rules, can only mean that e-money thus covers the 100% forms of convertible fiat currencies. The whole regulatory construct and monetary safeguards in the e-money directive wouldn't work for other constructs. Also, the idea of issuing anything else than a digital equivalent of fiat-currency would have been hypothetical.We are talking the days that each digital player would seek maximum acceptance of the public of any new forms of payments, by piggy-backing on the trust/security mechanisms of the fiat instruments. Introducing a non-fiat-related digital currency was just a step too far and it's not what the E-money directive was meant to support.

When the second e-money directive came in and was aligned with the EU payments directive, it changed some of the structure and definitions. The ECB opinion as to redeemability and monetary matters remained unchanged however, so in essence the rules are still of the same construct. E-money means a one-on-one converted form of existing fiat money and all kinds of monetary statistics, redeemability etc are still in place for the wide variety of mechanisms that now use this regulatory avenue.

We must also understand that at that time we were nowhere near the existence of worldwide consumer platforms with such inherent power to dictate an alternate currency alongside fiat currencies. But now we do have those, including one that tries to issue and launch a Libra. Given the EU e-money directive however, the only reason this Libra would qualify as e-money is when it would be a 100% EU currency backing the Libra. As this is not the case, the Libra will not qualify as e-money.

Should we adapt the EU definition for e-money then?
In theory one could argue that the e-money definition needs adjustment in order to allow the Libra basket of currencies to be regulated. But this doesn't make sense from a financial instruments/securities perspective.

Whenever you dilute a 100% currency basket in the users own currency towards a different asset base, you reform the token at hand into a investment basket. The user is exposed to an additional form of currency and counterparty risk, which does not exist when using the 100% e-money form. Of course the issuer of the financial instrument can proclaim the new asset base to be stable. Or almost stable, but the rules of the financial instrument game are different. If you issue such combinations of assets, you must warn the user of risks, assess whether he/she may be up to the investment/risks that they are taking and so on.

Not obliging Libra to have to do so would be creating an uneven playing field towards all kinds of other providers of financial instruments that equally seek to provide their financial services to customers via a similar asset package that can be bought in tiny portions. In addition, the monetary concerns involved in overissuance of the e-money product may go beyond the geography of the central banks involved as monetary authorities in the currency basket. Merely allowing a basket of currencies as backing for an e-money product would not be consistent with the ECB analysis on relevant monetary considerations and rules to ensure financial stability.

So, as stable as you may give your product a name or try to sell it to the public or regulators, all regulatory and market experts know that no currency basket will ever be stable. Effectively, suggesting the fact that it would be stable for the end-user would be mis-selling of the product, misleading the consumer and what have you. So name it stablecoin as you like, but it remains a risky participation in an investment fund/currency basket. And all rules under EU securities to such investments do apply. Meaning disclosure rules, but also rules as to who can trade/distribute this instrument. It will not at all be open to trade for everyone, without restrictions.

Does paying with Libra involve a payment instrument then?
Next up is the question what exactly qualifies as a payment instrument in the Libra setup. In my view the financial participation is a digital asset/financial instrument. And of course, if you wish, such an instrument could be used to pay. Rather than sending someone digital fiat currencies, the provision of the tradeable digital financial instrument would consist the payment. The payment with Libra would thereby be a payment in kind, as if I exchange a bread for a bottle of water.

So is there a payment instrument involved and where is it?

Next up is the question if we can see a payment instrument, a payment order and a payment transaction under the Payment Services Directive, leading to the placing, transferring or withdrawing of funds. I think the main idea in this respect is to take the intentions of Libra to serve as a worldwide payment system as a starting point. This means we will have to take a close look at the question if tools are provided to the user (yes) meaning those tools (wallets) may qualify as payment instruments, if they move funds, which are defined as:
banknotes and coins, scriptural money or electronic money as defined in point (2) of Article 2 of Directive 2009/110/EC;
If the Libra is not banknotes and coins nor eletronic money, we only have the wonder if it could qualify as scriptural money. But this is indeed where it becomes a bit complicated. As the ECB put it, when advising on the Payment Services Directive:
12.10 The term ‘scriptural money’ is used in the proposed directive without being defined, e.g. in Article 3(b), Article 4(8) of the proposed directive and paragraph 7 of the Annex to the proposed directive. It is suggested that a definition of scriptural money should be established (in the definitions article), bearing in mind that only central banks and credit institutions (which include e-money institutions) may hold such funds.
So we have two options. We could consider the Libra issued by Libra association to the Libra association members (who are all registered security companies, allowed to offer, trade and sell financial products to the public and each other) a form of scriptural money. This is not illogical, given the explicit intentions of the Libra association and it would require the regulatory flexibility to allow for a self issued unit of account / securities product to be viewed as a form of money.

The other option is of course to not view the Libra as scriptural money and not apply the Payment Services Directive to a payment instrument which has a worldwide scope and impact. Although this may sound illogical, it is not illogical at all. The apps and tools that are used to pass on the Libra to other consumers would still have to comply with all securities related regulations. Users would have to sign up, pass suitability tests, issuers, brokers and exchanges of the Libra would need to have their MIFID licenses and such, so the customer would still be protected.

The exercise does show however that the Libra association has had little consideration to the relevant EU requirements and definitions when choosing Switzerland as their jurisdiction. Their guess may have been that they might be able to convince the local regulator to bend the rules a little, but the choice of a currency basket (and financial instrument structure) effectively deters its worldwide inclusive use for cross-border payments. Alternatively, a choice for a single currency basket might work, which would make it regular e-money, to which the PSD and all kinds of KYC/AML rules apply. Yet, this would mean that there needs to be a single issuer in the business model, as the reselling of e-money is prohibited under the EU regulations.

It is this considerable ignorance of relevant EU rules that has made it clear to me that Libra and Facebook will at no point in time be able to make their business model work. A brief visit to any innovation hub at any central bank would have made the above inconsistencies clear, but they apparently chose to ignore this. And the reason may be that the Swiss policy papers on stablecoins may have provided them with the impression that there was some leeway here. But even the relevant local supervisor has explained to them that both securities and payments legislation applies and that their business model will not work.

Then again, this is Facebook, pushing and moving so why could they have been so wrong in their assessment?

My hunch is that Facebook have applied a US centric approach to the whole regulatory debate on issuance of stablecoins and forgot how the regulatory regimes between EU and US differ. But for that I refer to the PS.

The main conclusion for now is: Libra does not qualify as e-money and the transfer of Libra might constitute a payment transfer, depending on the view one has with respect to the application of the word scriptural money under todays context.

February 5, 2020


PS. Regulatory regimes for stablecoins (US) and e-money (EU)
To put this in perspective for US readers, I want to shed a regulatory light onto the difference between stablecoins and e-money and the relevance of 1990s legislative landscapes in the US en Europe with respect to payments. The background against which the e-money directive was being developed here in Europe, was one in which - just as now - all over the world, people were thinking about the best forms of regulation of a new phenomenom: e-cash: electronic cash or Internet cash.

At that point in time I worked for the Dutch central bank and I investigated the difference between the existing regulatory regimes in Europe and in the US payments (see the American Law Review article here). And the big thing to take away here is that:
- the US had both banking supervision laws and money transmission laws,
- Europe did not have money transmission laws and only bank supervision regulation (somewhat harmonized under EU rules).

The consequence of this difference is that the US regulators had a clear money transmission framework that they could use, to apply to new forms of Internet payments and digital coins. In essence they all proclaimed new internet payment stuff to be some fort of money transmission, either by their design or by their nature. And thus: the regulation of those new forms of payment was easily done. No change in laws was required.

In Europe, there was no uniform payment legislation on a European scale. Different member states had different local rules on payments. We had to have a euro in place and many years of deliberation before we even ended up with a harmonised Payment Services Directive in 2007. So we had no payments legislation but we did have some form of e-cash begging to be regulated somehow. As the ECB had clearly outlined its concerns in this respect.

So the fierce debate in Europe was: should e-money be considered the functional equivalent of banking?

The main reasoning was: upon issuance of an e-money token of 1 euro, the issuer receives one euro of the public. This means attracting deposits from the public, which is part of the banking definition. Whereas central banks and Ministries of Finance felt this way, the Ministries of Economic Affairs succeeded in convincing them that an intermediate, light-weight banking regime should be set up. So we got an E-money Directive, creating EU license regimes for organisations that issue electronic money to the public, upon receipt of regular fiat money, which electronic money is then used for all sorts of payments.

The digital e-money had to be issued and redeemed at a 1 on 1 level (at par) and the e-money organisation had to safeguard the full reserve in a separate financial vehicle (or insurance arrangement). No license would be given if the safeguards weren't in place, so this means that the European e-money regime boils down to a regulatory regime which safeguards e-money. Or, what most US people would view as stablecoins (digital tokens, to be issued, traded, sold and transacted on the basis of an at-par rule with the original fiat currency).

Now back to the US. Initially the US payments regulation thus seemed well suited to adapt to new technologies. The birth of the bitcoin and other currencies created an issue. In essence, the US regulators didn't care to define a separate token or form of e-money into their payments regulation. They just stated that virtual currencies were a form of currencies and hence the money transmission regulations should be in place somehow.

Therefore Tether and TrueUSD are registered with the Fincen, but without the legal European safeguards in place to guarantuee the peg. Then again the New York bitlicense regime does have those safeguards, but it is clear that no US regime for stablecoins exists. We can see that the US now lags in regulatory terms. It has fragmented state laws on payments, where EU caught up with harmonised payments legislation and harmonised e-money legislation. And the European e-money regime is essentially the unified EU stablecoin regime for tokens that seek a 1-1 peg with a fiat currency.

Wednesday, October 16, 2019

Perspectives on (Ca-)Libra #2: On the Libra association (board) and business drivers

First of all apologies to many of you: I promised a blog on the reason why Libra would not qualify as e-money, but please accept my rain check for that. Right now, it is the day after constitution day for Libra. An event coloured by the absence of many payment industry players, that indeed felt the pressure of competition law too big to be able to join.

So yesterday, the Swiss association was set up, and we got a glimpse of more information on the organisation. I will discuss the ramifications and conclusion that we can draw later this afternoon in the Dutch radio-broadcast BNR Digital News. And this blog contains a brief analysis, which builds on my first blog that identified a couple of smokescreens by Libra.

My brief summary is basically:
- it is still a Facebook/David Marcus show, disguised as an independent association: the governance is still substandard in terms of industry best practices,
- Facebook has the fear of losing Africa to the Chinese and Libra is instrumental in helping them establish the foothold,
- Kiva and Payu are seeking actual microcredit expansion with practical product offers and Libra will be their vehicle,
- PayU, Andreesen and Xapo are regular VCs, in it for the money. If you're daring enough to step into bitcoin early, why not do the same with Libra? Worst case you lose a little money, best case, you're more on top of the world than ever.

The longread is below, but note that it is still only scratching the surface. Readers and other journalist may further research and draw additional conclusions.

Governance: still shaky
As it stands, the board that is now chosen has released info on its charter which is still very brief. It shows five board members which appointed three staff members of the Libra association. Interestingly, the head of the association is also the chair of the board and the PR role acts as the deputy chair. This is atypical, but my guess is that this is done to avoid the impression that David Marcus effectively pulls the strings.

If we compare the setting that has been now created with the one that the Dutch Payment Association has set up (after long deliberations and scrutiny by many lawyers to make a well developed governance structure) we can see some differences.
- Libra has no independent board directors
- Libra's chair of the board is also the head of the working payment organisation
- Libra has no formal Board of Appeal to deal with questions of acceptance as members, certification with respect to services/complying with rules and regulations.

The Dutch rules state:
An independent Board of Appeal makes it possible to appeal against decisions on acceptance and certification when parties are unable to reach agreement with the Executive Board, the Board and finally with the Appeals Committee of the Board.

And then an observation on what is missing. The association now has a director, a business development person, a policy/communication person. But not.... a legal council/compliance expert. As if the past months with all the varying regulatory discussions haven't happened at all. This is a very telling ommission; the organisation is all about commerce and not about compliance (but we knew that already...).

There is a lot more to say here, but I stand with my former analysis: the governance is ill conceived and not up to standard for a normal payment scheme/provider that Libra wants to be (as they announced in September to go for at least a payment license in Switzerland.

Libra members: three payment institutions remaining, not one
Reuters incorrectly informs the public in their article that the only founding member that is into payments is PayU. They missed out on the fact that Uber and Coinbase are e-money institutions which also act as payment institutions.

Of those, Uber is the youngest kid on the block. It ay either be too new to payments to understand the ramifications of the proposed governance or the underbidding and breaking of regulation may be part of the business strategy and it sees no risk here. Coinbase interestingly only has a UK license as e-money institutions and where most EMIs have their backup Brexit-license in place I don't seem to find it for them. I expect them to have a workaround or whitelabel agreement at hand however.

We should be paying more attention to Coinbase, as it is the linking pin that connects the five current board members. Also Vodafone (exempt under EU payments legislation) should not be forgotten (see PS1) as it has long standing unchallenged experience in avoiding proper banklike regulation of its payments processes.

The Board Members; interesting incrowd
Now what is Libra really up to?
For that we need to do a deep dive into the people and relationships.
I'll make a start below, but this is only scratching the surface.

The idea behind is that recruitment of board members always has a certain dynamics. In the Netherlands it is a well know fact that through charities (like the board of the Concertgebouw) top level executives meet and do networking. It also serves as a recruiting platform for next board members.

With this in mind we can see that Coinbase, Paypal and Kivi are the entities that connect the dots between the board members. And in essence, we can see that it is David Marcus who is at the center, having received what appears to be a blanc cheque from Zuckerberg to make this happen.

Therefore, let's start with David Marcus of Calibra (a Facebook tech subsidiary in US; interesting choice given the fact that Facebook Payments also holds e-money licenses in Ireland). Marcus is a serial entrepreneur, coming out of telco environments, with one of the companies being bought by Paypal and thus ending up at Paypal. He then moved to Coinbase and shortly thereafter Zuckerberg scouted him for the Facebook/Libra plan.

Marcus via Paypal to Ellis
He has worked together at Paypal with Laurent le Moal, who heads PayU. So there we have connection number one. Do note that the PayU representative Patrick Ellis is primarily a lawyer, but not with payments background. He is more a securities regulation guy with African and South African experience.

Haun via Coinbase/Cesares to Horowitz
Connection two is with Katie Haun from Andreessen Horowitz. She is a former prosecutor who was firmly into all kinds of legal cases and bitcoin dark markets. As such she undoubtedly also came in contact with the Winklevoss twins and most likely may have met Wences Cesares as well. Her work in crypto-land led Coinbase to invite her to their board: a classic defence mechanism to ensure good contacts with legal prosecutors/supervisory community. This board role at Coinbase resulted in an invitation to work at Andreessen Horowitz, where she manages a huge VC fund that invests in crypto. The people hiring her said: 'She is a credible face for crypto'.

Cesares via VC world and Paypal
Connection three is Wencles Casares of Xapo Holdings He set up on online financial firm early on, which was subsequently bought. Onwards he setup Wanako Games (with exit), Lemoncard (with exit). The he was smart to set up a safe storage facility for bitcoin for the super rich that invested early in bitcoin. So he is a serial entrepreneur, now well taken care of due to all the bitcoins in his possession (we can assume he is a whale and sometimes see him retweeting large bitcoin movements on the blockchain). Xapo itself was funded by the VC Community involving.

His involvement in charity can be tracked into his participation in Viva trust, aiming at financial inclusion in Latin America. Later on he also served as a board member at Kiva (which accidentally also holds a seat on the board of Libra). And then of course, he is still a board member of Paypal, so there we have some dots connecting. So he is smart, rich and you may want to see how in 2006 he bought a nice real estate venue to live back home but returned to California later. The house is now part of a charity foundation and acts as a meeting point/venue for businesses and such.

Davie via Kiva/Paypal (Prenmal Sha) and Cesares (Kiva-board)
Connection four is the connection to Kiva Microfunds. Matthew Davie is s serial entrepreneur, pretty much involved in the strategy area of this longtime charity. Do read this article on how Kiva was set up as peer to peer crowdfunding and further developed into a lending platform. This has inclusion written all over it. And Kive, by the way, since the start did all its payments via Paypal. This was due to their contact with Premal Shah, who had also been experimenting with his own microfinance project while working at PayPal. So again, dots are connecting to the Paypal line, with a crossover to the VC community via Cesares.

Again, there is a lot more to say, but I leave it up to the crowd to further investigate.

Business proposition and drivers
As for the business drivers, you may want to look into what Kiva is doing recently. It is setting up a Kiva Protocol in Sierra Leone, to do microcredits based on reputation. My good friend Dave Birch has been very keen on identifying early on that this was one of the future points for Libra already mentioned in their plans. So Kiva is basically doing the proof of concept for phase 2 of Libra.


Next up to PayU. They are not just a payment processing company, but also a VC company owning reddot payments. And that is a company that brings Wechat and Alipay to Africa. Even more notable is that they own a large share in Tencent (Wechat) and their role as a big investor in the payments game. What is interesting here is that PayU thus seems to be introducing the Libra competitors into Africa. At the same time they join the initiative that seems to be set up to counter this development.


Because this much is more clear to me now. Facebook has the fear of losing Africa to the Chinese and Libra is instrumental in helping them establish the foothold. Kiva and Payu in the meantime are seeking microcredit expansion and Andreesen and Xapo are regular VCs, in it for the money. If you're daring enough to step into bitcoin early, why not do the same with Libra? Worst case you lose a little money, best case, you're more on top of the world than ever.

Further blogs: on definition and e-money and securities regulation in Eu
I promise, the blog #3 will come. But first I hope this blog inspires many people to do some further digging.


PS 1. On Vodafone, mpesa and payments
John Maynard pointed out to me that Vodafone and Mpesa also come into play here. Which is true for two reasons. First of all as part of the business opportunity in Africa and the desire to seek solutions that go beyond the one country. Cryptically speaking one could say that Mpesa itself may be the result of incidental local stakeholder constellations rather than the logic of business and regulation.

But the second reason is that effectively, the mobile operators have a great record of ducking relevant e-money legislation in the EU. If you would browse many pages of history of the e-money directive and a number of mobile phone payment initiatives (feel free to do so here) you will see that At some point in time the EU mobile operators succeeded in getting an exemption in the PSD2 and the e-money directive of the net-effect that funds on mobile phone accounts will not be considered e-money or funds under the payment services directive, even though they can be used to make sms-payments or added-service payments.

The trade off in those days was that mobile operators had just paid huge sums for 3G licenses and lobbied the Ministries of Finance via their Ministries of Transport/Telecommunications to call for a specific exempted regime for electronic money when residing on a mobile phone account. I still see this as one of the best executed bank-lobbies by non-bank institutions, which prevented the whole e-money directive being applicable to them. See also this website 11a2.nl  or read this consultation feedback that tries to provide this adhoc idea with a reasoned basis.

Therefore, when we look at the EBA payments institutions register you will thus see Vodafone being exempted for their payment business. They have a long standing experience in being able to duck e-money regulation and avoid the rational interpretation of regulation and may well be thinking that with the power of Facebook behind the initiative, this may also work now. This holds particularly true if your aim is not the developed market, but to capture the underdeveloped market in societies which have less robust regulators and supervisors.

PS 2. The team doing the association work: David Marcus reassembles colleagues
- Managing director of Libra. Betrand Perez has had some tenure with Paypal and also worked at Zong (the David Marcus company that Paypal bought). The same goes for Business Development person . Kurt Hemecker. So we can see the classic recruiting movement of having a soccer trainer taking along some of his trusted players to the new club.

- Head of Policy and Communication is Dante Disparte, a profiled professional with Harvard Business School and NY Stern education and diverse work experience. I sense a flavour of business and geopolitical work experience, related to national security. This can also be seen in repeated statements from Marcus outlining that for the US to keep its role/position, Libra is a necessity (in order not to let Chinese take over everything).

PS 3. What's the rush: the Chinese central bank on its heels
In response to the Libra initiative, central banks are now reconsidering the relevance of issuing central bank based digital currencies. The Chinese central bank is actually moving forward very fast in this respect. It appears to use similar concepts as Libra and thus develop a state-owned issuer of e-currency. See the Coindesk article here.

My personal take is that it may not have to be the central banks, but could be the Ministries of Finance that take up the issuance of digital coins (just as they usually mint the physical coins). But that is a whole different discussion, laid out in this article: The Full Reserve Bank is up for grabs.

PS 4. And of course the VR/AR angle
I almost forgot. Introducing a new currency into a real world does not make a lot of sense, as existing currencies and e-money may be more efficient. But imagine that there is a virtual agumented reality world / economy. You convert fiat money, step in and then use the game money. Like the Second Life Linden Dollars. But it's not a game and game money any more. It's IOUs of central bank Libra (aka Facebook). That may well be the end game (and first mover advantage) that Zuckerberg is seeking.



Saturday, June 22, 2019

Perspectives on Ca-Libra # 1. Getting rid of three smokescreens

This week the world has witnessed the announcement by Facebook of Calibra, a digital currency wallet and company. The wallet holds Libra, a virtual currency, with the idea to be used globally. Its distribution and use will be further promoted, organised and executed via an association of partners, called the Libra-association. The information pack (download here) also outlines more technical details on programming languages, future plans and committment to regulatory compliance.

Immediately thereafter, a storm of analysis emerged in order to understand the initiative. Quite some politicians and regulators are eager to quickly respond and that is completely understandable.

Facebook is not just the grocery shop around the corner, dabbling about with some new technology. It has allocated significant resources to the development of Libra. With a customer base of at least 2 billion (close to 25% of the worlds population) it is an entity that in itself acts as a world-wide platform and does not need others to achieve a network effect.

Perspectives as the approach for this series of blogs
As the Libra-initiative can be viewed from many angles, I plan to write this series of blogs and label them as perspectives. It's always helpful to view things from a couple of angles and that is precisely what I intend to do. This means we will be looking into definitions, regulatory regimes, business case and previous historical analogies. And as we go along I will take stock of developments and responses.

As you may notice, I will be judging Facebook by a very high standard. The reason for that is simple. If an organisation has so many resources available, I expect them to come up with careful, consistent and accurate thinking, wording and technology. And as a sneak preview: this is not what we got over the last week.

While the maturity of the exercise may look impressive to some observers, the huge inconsistencies and home-brewed interpretations of what a blockchain is cannot be a coincidence. We can see an announcement that Calibra will become available in 2020, while the state of thinking mid 2019 is 'early in the process'. This is accompanied by a PR-smokescreen on cryptocurrencies, that doesn't help our understanding the effort.

So the very first challenge that exists, when discussing the Ca-Libra virtual currency initiative, is to separate fact from fiction and to be precise in terminology. That is why this first blog seeks to get rid of the three biggest smokescreens that we were facing this week.

Smokescreen #1: libra association is not an ecosytem but a payment association with added functionalities
If we start with the source of payments revenue for Facebook, this originally all boiled down to payments related to Flash games (in 2015). But technical problems in Flash would hit their revenue. So they quickly understood the need to be more flexible and to be able to operate different business propositions and solutions. Therefore they moved towards licenses in the US (cash via messenger) and in Europe. They also moved the US e-cash system to France and UK, but announced 2 months ago that they would drop it in Europe per June 15, 2019.

And now, per June 18, 2019 Facebook essentially announce to re-up their game, but not with electronic euro's but with a self-invented world currency, backed by other currencies and liquid financial instruments. To blow away the first smokescreen, let's analyse the difference between the old Facebook e-cash or e-money with fiat currencies and the new Facebook libra, as distributed by Libra Association.

What we can see is that Facebook seeks to move the fiat-currency of its e-money system out of its direct control and responsibility as an issuer. Facebook Payments Inc is currenlty the entity that is responsible and guards all the relevant rules with respect to working with the e-currency. But in the new construct Facebook Calibra is merely one validator that can use the Libra-system under open source rules. So we see the fiat-e-currency companies of Facebook stepping aside and a new Libra association entering the playing field. At the same time, the technology shifts from in-house proprietary systems to an open-source codebase in the hands of no one in particular.

Top organisation
Facebook Inc
Facebook Inc
Type of asset
Virtual Currency
E-money
Denomination
Libra (self-invented)
Pound, Dollar
Issuer / Currency creation
Libra ‘association’
Facebook Ireland
Nature of issuing
No direct issuance to customers.
Direct issuance to validators.
Direct issuance to customers
Direct redemption at issuer
Secondary market
Secondary/tertiary market with reselling - disbursement via
exchanges/other institutions
No reselling of e-money.
Fee structure for
Reselling
Unknown, but most likely the price for validators is unequal to that for exchanges or customers.
Issuance at par and redemption
Of full amount minus some cost
Issuing without
Customer demand
Currency base may change
without actual demand of customers.
Issuance as part of buy-transaction of the customer
Reserve pool
100% reserve in
basket of currencies
100 % reserve in
Denominated fiat currency
Technology
Open Source community
Proprietary
Control and use of technology
Unknown contractual arrangements and safeguards for entities in the value chain
All usage governed by contract with issuer and financial law

Bringing the currency to the public or ducking the issuance responsibilities?
Of course one could frame the above shift of roles as bringing a currency to the public. Facebook is however dumping its core-responsibilities with respect to shaping and operating a currency-system and moving a lot of activities to an ill-equipped new Libra association with no track record at all.

While Calibra states that it will comply with all relevant legislation, we can see that the actual information of the Libra Association in this respect is pretty thin. They issue a currency-like digital token/record but do not explain which legal regimes would apply. Also their actual claim as whether they are a not-for-profit organisation does not align fully with this twitter thread outlines that it is a regular company with wider statutes.

If it looks/talks/qucks like a payments scheme, it is a ...?
In payment terms - which is what Facebook says to be aiming for - the Libra Association is essentially a payment scheme. Such a scheme defines the rules for an ecosystem that wishes to transact electronically. Examples are Visa and Mastercard, organisations that need to abide with a lot of rules in order to avoid them becoming a place of illegal cartel-agreements on price and illegitimate contract terms to end users.

With payment schemes we have huge and long discussions and deliberations of price levels. There is the obligation to ensure that there is no obligation to buy processing power from the scheme itself. There are policy views and obligations that schemes should be interoperable and open. And then there is a mountain of rules that specifies how to use the brand and which technical criteria must be complied with in order to be allowed to connect to the system.We find very little of this in the current papers on the association.

What makes this payment scheme special, a payment-scheme-plus ?
What sets Libra apart from Visa and Mastercard is that the association is effectively an issuer of the currency. This means a blurring of operational roles and scheme responsibilities, which is generally considered as a bad practice in governance terms. But what is most striking is that the membership rules are not geared towards controlling/monitoring and creating a safe and sound currency. We find no mention of specific prudential licenses or governance/quality certifications required for different roles under the scheme and as a member (or shareholder).

The only thing we read is: we seek to expand, we want to incentivise the use of the token and for this we don't want the small players in the market. We aim for the big players with market power. We separate the wholesale participants from the retail participants (allowing for price upticks). And then - the devil is in the details - the customer pricing format is based on a FOMO-principle (do you want your transaction processed: please throw in some more gas).

I am curious what reasoning Facebook and its founding members have had in this respect. The whole association setup is ostensibly aimed at market dominance, without proper governance safeguards and without any guarantees as to operational security and safety and soundness of the system. If I were a competition regulator I would jump at the opportunity to wait for the founders to sign the participation agreement and deliver a letter to their doorstep, next day, to start investigating the market abuse that might be at play here.

Governance claims and reality: a scheme is a supertanker without effective governance
I have been reading all the statements on the public structure of the association with a lot of amusement. Facebook is claiming that it will bring the intellectual property into the public domain and of course all the members of the association have a voice. So this seems to be well arranged with room for consultation, discussion and changing course.

The reality is completely different, as everybody in the banking sector knows. There is sufficient experience with clearing houses and associations (even with a relatively small number of shareholders) that are unable to essentially change course, once set up. Large associations like EPC, Visa, Mastercard, are effectively orphans without parents. Stakeholders are always irritated about the fact that these associations set their own course and associations always claim their shareholders have no vision. Bottom line: if you transfer your Libra-currency design into this domain, it is quite likely to be persistent. So don't expect any radical changes after this one is live; it will be gradual evolution from here onwards.

Not just a scheme for the payment instrument, but the unit of account (and a security as well)
There is another difference between Libra and Mastercard and Visa that I would like to highlight. The regular payment schemes seek to transact efficiently, taking existing currencies/structures as a basis. But this scheme introduces a new currency itself and regulates this currency via the management of reserve assets. It demonstrates that the aim of Facebook is to design its own Facebook buck, push it into the public domain and then profit from the benefits of having their own unit of account in place, while hiding behind the members and the open source philosophy when things go wrong.

A specific element in the scheme is that the unit of account is backed by a basket of currencies and financial instruments. Effectively this means that if you buy one Libra, you buy a couple of foreign currencies. Or put differently: you participate in an open ended money market / investment fund. And you use the digital representation of your participation in this fund as a means of payment.

This is a bit of double work as this means the association and the scheme are not just subject to payments legislation but also to investments/securities legislation. But it is legally possible: the payment would legally not be a discharge of obligations via a financial payment, but via a payment in kind (currency basket).

So what do we see here?

The Libra association is a mere manager of the governance and operational arrangements and activities that come with using the virtual currency Libra and participating in the Libra scheme. This Libra scheme is a private and commercial arrangement which:
- defines a unit of account for a new virtual currency: the Libra,
- defines the asset mix that backs one currency unit,
- lays out the distribution and management rules of the currency units and reserve funds,
- lays out commercial rules and does a private placement to further promote the use of the Libra by giving them away (for free or at a discount).

The Libra association itself will be steering future technical development and is charged with the project goal to move the whole infrastructure towards a permissionless setup. This is completely impossible (as these associations act with oil-tanker dynamics) but that brings us to the next smokescreen.

Smokescreen #2: Libra is not a blockchain, not a cryptocurrency but a digital virtual currency /financial instrument
It was fascinating to see that the carefully crafted and prepared introduction of the Libra sought to position it as blockchain and as a cryptocurrency. This creates a lot of noise. Also, the use of similar words for different concepts and organisations is confusing.

We should distinguish between:
1- Calibra, the organisation, a 100 % subsidiary of Facebook, acting as a validator node,
2- Calibra, the branded digital wallet developed by Calibra to carry the Libra virtual currency,
3- Libra, the digital currency that will be in the Calibra wallet
4- Libra, the reserve pool of assets that backs the digital currency,
5- Libra Core, the Network or 'blockchain' that forms the core operating technology for clients and validators,
6- Move, the programming language developed for the Libra Network.
7- Libra, the association governing, promoting and executing the virtual currency system,
8- Libra members, big commercial players that may join the Libra association, provided that they are a validator.

What struck me in the communication is the flagrant re-definitioning by Facebook of the concepts blockchain and cryptocurrency. Facebook really wants to be seen as doing some cryptocurrency stuff. But they don't. Just for fun I will be comparing the Facebook FAQ with the wisdom of the Wiki-crowd.

Libra is not a blockchain
Facebook succeeds in not mentioning the facts that blockchains are, by definition and terminology, a chain of blocks, linked together. Wiki has it right.


What is a cryptocurrency exactly: native currency of an open blockchain
Wiki states, that the decentralized control of cryptocurrencies works through distributed ledger technologies, typically a blockchain. Personally I would not have mentioned those ledgers as the blockchain is not so much a ledger as a journal (log roll of transaction entries). And apps are creating the ledger feeling for blockchains. But let's look at the wording in the image.


The wording of Facebook is interesting. It speaks of using cryptocurrency due to the use of strong crypto. This leaves out the issue that cryptocurrencies may be native to blockchains (as in chains of blocks). And then Facebook moves on to cryptocurrencies being built on blockchain technologies.

Which is true of course, but if I use all the parts of an air plane to build a firmly grounded restaurant, this doesn't mean that my restaurant is still an operational air plane. It is built on air plane technology, but the wording matters. Facebook puts up a smoke screen here to position itself in the blockchain community.

Libra is not a cryptocurrency
The funniest part of the Facebook FAQ was the mere statement that the Libra is a new cryptocurrency designed to have a stable and reliable value. Coming from a perspective where cryptocurrencies are inherent elements of open, truly decentralised permissionless blockchains, this is an interesting statement. It demonstrates that Facebook wishes to be a cryptocurrency but it isn't.


The text above also shows that Facebook has its eyes on the stablecoins that are around. These stablecoin are, in my view, privately issued currencies, with the goal of a fiat peg. The stable-'coin' is used a lot in the cryptoworld to facilitate fiat/crypto exchanges in times when the financial system is not online. The fact that this currency is used a lot in the cryptoworld, does however not make it a cryptocurrency in the terms of an inherent currency of an open permissionless blockchain.

Libra, what is it then, in regulatory terms?
My conclusion, after quite some pondering and tweeting is the following.
Libra is a privately issued and distributed digital  and virtual ‘currency’, that is intended to function as a means of payment. It is not a true currency because its actual composition/counter value is a basket of fiat-currencies and financial instruments. It is not e-money as the Libra is not ‘monetary value’. The digital value qualifies as a financial instrument (a mini-participation in an open ended investment fund) and is used in an open source payment instrument, to be used for payment and acquiring. Both payments and securities legislation apply, as well as the relevant competition and consumer protection rules. 
The Libra association is the scheme owner and scheme operator of the Libra virtual currency. This currency/investment can only be bought directly by members of the Libra association. Other entities or customers must revert to second tier players, exchanges or peer-2-peer applications. Technical development of applications is encouraged and rules to secure the application by contract or licensing seem to be absent.

Due to the blending of scheme and operations, the Libra association cannot really be viewed as the beginning of a proper payment scheme. Functionality, pricing and membership rules make Libra and the Libra association an easy target for consumer/data protection and competition supervisors, bank supervisors and securities supervisors.

Smokescreen #3: Libra is not a charity exercise that seeks to operate a public good but a commercial enterprise
A huge amount of effort has gone into convincing the public this week that Libra is all about helping the rest of the world. Getting more inclusive finance. Making payments faster, easier and such. It is striking that these statements mirror the claims that originally come from the Bitcoin community or from the Fintech community.

Of course those claims strike a chord. People may well be fed up with their banks and the perception of banks with slow procedures and expensive fees for foreign payments are an easy target for PR-people who want to position their initiative in a friendly way to the public. Who doesn't want to take on the banks and improve the world.

Commercially, the thinking of Facebook is most likely to be that it needs to counter the We-chat Pay dangers and all other Fintech movements that lead to easy in-app payments. Payments will increasingly be an afterthought and harvesting the data in those payments will allow for even higher ad revenues, as Facebook will see what works and what doesn't. Interestingly Facebook did not increase the speed of its current developments; it chose to move up the value chain, towards setting up its own currency and hoping that it will work as a unit of account (and may stay in the system for long).

Of course, the move by Facebook is a big signal. But we must note that there are still also other players that could make the same move. Which would lead to some form of a duopoly (as with Mastercard and Visa) and the need to agree on interoperability or on open access to infrastructures of the big techs involved. I did not come across this notion a lot, so far.

The public good narrative: unbelievable coming from Facebook
What struck me most, coming from Facebook as a centralised company that is not interested in respecting democracies and laws written by those democracies, is the sketch of opportunities in the White Paper. And do have a look at the phrasing on public good.
Given that by now I hope to have convinced you that the design of the Libra association and its constituency is far below the usual standards to be expected from payment schemes, you can imagine that I was unable to reconcile these laudable beliefs with the actual proposition.

If you truly wish to create a new public good, a new worldwide currency, it is not impossible to deliver this with private sector entities. There is a whole range of public policy theories (delivery of universal services or service of general interest) that can help out here. But putting the richest, biggest enterprises of the world in one room, to distribute a world currency/investment proposition without proper safeguards or recognition and qualification of the activities of the issuing association is not the way I would go about.

Facebook cloaking its plans in cryptoterms,but why? 
Let's face it. This whole complex open source, cryptocurrency story that Facebook has published is not necessary. If Facebook Payments Inc or Facebook Ireland wishes to change its currency mechanism towards a different setup it could do so itself. Why is there a need to involve other stakeholders with a trendy and hip storyboard on decentralisation, blockchains, cryptocurrencies and such?

It can't be a money issue. Facebook has sufficient resources to fund the whole exercise itself. And the quality of the exercise could then convince other commercial partners to join. So why the need to step out of its digital currency issuing role itself?

To me it is pretty clear that Facebook seeks to move up in our lives. Doing our financial business is not enough. It is all about entering our mind at a deep level. At the fiat currency level. We should think prices in terms of Libra, not in terms of fiat currency. And there is a good power reason for it. Because as long as Facebook uses digital fiat currencies it can be under the rule of the government that issues it. Now, by having a basket of currencies, Facebook can kick out currencies/countries if need be. State regulators and supervisors lose their power.

In addition, Facebook chooses to limit its own role and hide behind am Swiss association, to cover the fact that they don't want to take the responsibilities that come with issuing a worldwide association. They are suckering/forcing partners into joining this programme, without alerting them to the obvious violations of competition rules that may arise. They leave out all mentions of safeguards and contractual arrangements that can aid in ensuring operational integrity for this worldwide currency. Rather they throw the technology in the public domain, knowing well that this means that it's use cannot be fully controlled.

It is no surprise why politicians and regulators were keen to act. Their immediate response was that this was a further extension of an a-moral company that stops at nothing. As Maxine Walters outlined in the US, when asking Facebook to stop further development:

Reversing the statements to see what's hidden in plain sight: ruthless selfishness
As a thought exercise I was wondering. If they claim that it is a blockchain and cryptocurrency, while essentially it isn't, shouldn't we also reverse the other statements to see what is truly happening here.

I leave the result for you to ponder and thank you for bearing with me in this ultralong blog.
Up next I expect blog 2 to be about EU-definitions and legislation.

THE THREAT
As we, as Facebook are in it strictly for our own goals, we intend to hide our true intentions and motivations so we can fool the community and our partners in the ecosystem to go along. 
We believe that many more people should buy financial and identity services from our company specifically, even when doing so will come at a higher cost than the available alternatives. 
We don't believe that people have an inherent right to control the fruit of their legal labour. 
We believe that global, open, instant, and low-cost movement of money will create immense economic opportunity and more commerce for us in particular. 
We believe that people will increasingly trust centralized forms of governance. 
We believe that a global currency and financial infrastructure should not be designed and governed as a public good. 
We believe that we don't bear a final responsibility ourselves to help advance financial inclusion, support ethical actors, and continuously uphold the integrity of the ecosystem.


PS. I have changed the definition on June-24, to reflect that the currency is a mini-investment fund which is used in an app/ecosystem that would qualify as a payment instrument. Definition blog will follow.