Thursday, September 24, 2020

Facebook: a limited network exemption in the Netherlands?

Here is a brief post, to alert professionals in the field to the fact that Facebook Inc has in the Netherlands been registered as an exempt institution out of scope of the payments directive based on the article 3k/3l in the PSD2:


The filing occured in february 2020 but it is not the only entry in our registers. The same company holds an incoming EU-license, originating from Ireland, to do payments business as a cross-border service. So there is a generic incoming payments license (see the blog here), the discussion on Libra/Calibra (see here) but also a local exemption.

What is the exemption all about: origins

When we go back to the original legislation we see the PSD2 having an exemption for small scale payment methods. 

This exemption dates back to the e-money directive of 2000 which stipulated a waiver for small scale appearances of e-money. 


And this waiver was born out of the understanding of supervisors that it would not make sense to go about checking all kinds of sports events, local stadiums or situations where owners of closed loop ecosystems offered digital forms of money on cards. It specifically took out campus-money systems as too irrelevant to be concerned about. Although also those campus systems were bound to rules as to refunding on request, proper contractual arrangements and limits on the devices.

Exemption in practice for Facebook: for gaming

The register seems to outline in-gaming payments as the focus for the exemption: 

Facebook provides an in-gaming payment service which enables Facebook users to purchase digital content within online games.

Now, as I don't know the details of the mechanism at play, nor the considerations of the regulator, I do wonder how this works. Does this mean that if Facebook puts in place a closed loop payment environment for games, they steer away from all regulation? Regardless of their worldwide scope?

I don't think this was really the intention of that exemption, so I am a bit puzzled here. 

Or is it a crypto-asset?

The next question is: would it perhaps fall under the definition of crypto-asset of the recently proposed EU legislation:"

(b) ‘crypto-asset’ means a digital representation of value or rights, which may be transferred and stored electronically, using distributed ledger or similar technology;  

Technically I would say yes, because similar technoloy in terms of distributed ledgers is a wide concept, effectively encompassing all ICT-tooling available. But the jury is still out of course.


Where are we heading with Facebook in Europe?

While we can fuss about the small print, as above, I think the regulators would be well advised to look at the broader picture. Facebook has a bad track record in terms of supporting proper communication, democracy and being responsible to parliaments. It violates EU privacy laws and is taking the EU to court to push away that problem.

Meanwhile all the stablecoin reports have a huge red bulb flashing: watch out for worldwide bigtech platforms doing their own payment think and destabilising economies. Don't let them move. With the result that Facebook quickly rebranded its Libra initiative into a different name (separating profitable single wallet business from the dead-on-arrival Libra-long term identity play - see 3 blogs here).

Of course I might be missing something here in the picture. But if anyone can explain why it would make sense to exempt inpayment gaming payments on worldwide Facebook as a limited network, I am open to ideas.

 

Saturday, May 02, 2020

Contemplating 75 years of freedom: a dark story on three Dutch lessons never learnt

First of all I must warn all readers. This is not a happy blogpost. It is not funny. It is a dark and sobering tale of lessons that we should have learnt in the Netherlands. A tale about lessons that we never learnt. Lessons that still hold immense value today. Lessons that we owe it to be taken to heart when we reflect on the 75 years of freedom that we will celebrate next week.

From Rotterdam to Amsterdam: records and track records
This post connects two cities that I lived in for the longest time in my life. First of all; Rotterdam, the place of my birth. It was bombed to ashes early on in WorldWar 2. Except for one place: the city hall. Reason being? That's where the population records were. Cunning Germans, as my dad explained to me. 

Next up is Amsterdam, where the Anne Frank house and her statue form the background against which new children grow up in freedom. Where Stolpersteine remind us of those who lived here before us. Where the elder lady with her dog told us what is was like to grow up here. How the Germans were raiding the houses and pushing their bajonets into the ceilings to discover if people were hiding.

Amsterdam is the city of the 'dot-map'. It is the map that the Amsterdam city administration drew up on request of the occupying Germans, that wanted to know: where do the jewish people live?

It sounds like a simple question: an administrative thing, strange request perhaps, but why not just answer it? Let's cooperate collaborate. So the map says: One dot is 10 jews. Take it in and look history in the face.

The particular situation here in the Netherlands (J.H.Blom - source) was that our government had fled and the Germans put their officials in charge of the Dutch civil servants. This is a marked contrast with Denmark, where they let the Germans enter with the military but stayed in office and controlled their bureaucracy.

There is a lot more to read in the study of Blom but one of the very striking elements is the efficient bureaucracy in the Netherlands, in combination with a tendency to cooperate and answer properly to Authority. Whichever the source of Authority.

The very sad fact of the matter is that after the war we could learn that in Western Europe, the Netherlands turned out to be the country where 75% of its Jewish population died, as compared to 40% in Norway and Belgium, 25% in France and almost 0% in Denmark.

If we look history in the ugly eye, this is (literally) a track record that the Dutch must carry as a scar on and in their souls. A fact that obliges us to honour the deceased and make sure that we learnt something. But do we really?

History is distant and can be easily forgotten
This is all maps and statistics from earlier days. If we wish we can look away and forget. So let me warn you as I bring the lesson closer to home. To this end I draw on a pre-Corona visit that I paid to the excellent exposition covering 300 years of insurer Stad Rotterdam. now ASR. During the visit I stopped by and looked at the part on World War II, where I bumped into someone who turned out to have contributed to that part of the exposition.

He is a commited lawyer who until today still tries to resolve the administrative wrongdoings of the past. His story on what he found in archives, on what he did not find, was very sobering. He had seen files where a fanatic anti-semite employee hammered a J multiple times on the insurance policies of Jewish clients. And he explained how the Germans would start out with simple requests with more serious consequences kicking in later.

A typical example of this is the introduction of a generic duty to register and issue personal ID-s. This was formally introduced in October 1940 in the Netherlands and came info effect in April 1941. And then, one year later, all IDs of Jewish people needed to be stamped with a J. So we see bureaucratic evil of the end made possible by fairly innocent baby steps in the beginning.

Administrative witnesses of the insurance sector: during the World War 2
One of the most well known German tricks pulled in World War 2 in Amsterdam was the take over and manipulation of the Lippman Rosenthal brand by setting up a sort of second bank or branch-office with the same name. This second office was effectively German run and a 'robbery-bank' that sold off assets of Jewish clients. This bank plays a sinister role in the documents that I will be publishing here.

It started out with a request that Jewish people declare to their bank that they are Jewish, as via a specific Regulation, the only bank paying out the life insurances would be the Li-Ro-robbery bank. Here's the snapshot of the regulation and the form to be filled in.

Regulation outlining obligatioo to insurers to pay out
their clients only via the Li-Ro robbery bank

And here is the form and letter that people were sent. Please declare yourself to be Jewish.

Form with request to fill in if you are Jewish or not

Now the involved insurers didn't really all like this idea and they figured out: if we don't know for certain if someone is deceased, we can't really transfer all the money to Li-Ro bank. So the exposition shows a bank writing to the Li-Ro bank on this specific issue. 

Now beware of the answer which dates to January 1943.  I will translate it here:
Through the contact that we have with the relevant authorities we have been informed that Jewish people that have been deported by government order will be totally taken out of the society and nothing will be ever possibly heard of them. As a result they are, sort of automatically, also completely annihilated in respect to your administration but we note that, if no further measures are taken, their remaining insurances would continue to exist.
It will be clear to you that the circumstances in which the aforementioned Jewish people find themselves in society - but with respect to you as well - have lead to a situation that is equal to that where an insurance policy ends due to the death of the insured, which means that we need to find a way to bring those insurance to a pay-out.
We invite you, the pay to us the relevant reserves that you have amassed to this end, while deducting a considerable reward for the risks that you have taken.We look forward to your proposal.



Administrative witnesses: after the war
Imagine that you survived this World War 2. And that you want to claim the insurance funds that you are entitled to. And the response being: please can you prove that the person you are referring to is actually dead? Survivors of the war atrocities had to endure long and terrible administrative procedures to restore their rights.

Here is a witness that matters. It is a letter dating from 1950 and it is a declaration by a Red Cross official. It specifies the dates of deportation as well as the names of three survivors who have had to make a personal declaration to the Red Cross. It says that
... it is clear from the declaration of those three people (out of 33.000 deported to Sobibor), who stayed of a longer period in time in the camp, that almost all people that came to Sobibor were almost immediately being suffocated by gas and cremated afterwards. Given that nothing has ever been heard since the conclusion is that the person in question has died on 11-6-1943 of the consequence of suffocation.


No happy ending.... 
There is no happy ending to this story.

Survivors had to fight administrative wars and it took until 1999 before some sort of settlement was made between representatives of the Jewish community and the Dutch Insurance Industry. Part of the settlement is that a Foundation for individual claims SJOA has been set up. And until today the foundation is still actively assisting and doing research to do justice.

Which brings me full square back to my neighbourhood in Amsterdam. There are not just the silent physical reminders of history, the Stolpersteine in the streets. We also find reminders on the web, in this list of holders of insurance premiums. If I type in the names of the streets around me, their names come back to help me remember what happened.

Three lessons to heed...
We, society in general but the Dutch in particular, owe it to all of those who gave their lives during the war, hoping for true freedom, to heed three lessons we appear to have never really learnt:

1- we must better understand the mechanics, the workings of records, administrations and bureaucracies and the ease with which what looks like a legitimate government action can turn into an evil one that starts a persecution on illegitimate grounds,

2- we must remember that it is the atrocities of World War 2 that made us formulate the Human Rights Declaration, which formulates the fundamental rights that protect us,

3- we must cherish and protect our fundamental right to privacy as one of the most important defenses against bureaucracies turning evil.


Tuesday, February 04, 2020

Perspectives on (Ca-)Libra #3: Why the Libra is not e-money (on the history of e-money and stablecoins)

Quickly after the announcement of Libra, I, stated that Libra could not be viewed as e-money. Now has come the time to explain my earlier analysis (of June 2019) as to the organisational set up and regulatory qualification of Libra.
Libra is a privately issued and distributed digital  and virtual ‘currency’, that is intended to function as a means of payment. It is not a true currency because its actual composition/counter value is a basket of fiat-currencies and financial instruments. It is not e-money as the Libra is not ‘monetary value’. The digital value qualifies as a financial instrument (a mini-participation in an open ended investment fund) and is used in an open source payment instrument, to be used for payment and acquiring. Both payments and securities legislation apply, as well as the relevant competition and consumer protection rules. 
The Libra association is a manager of the governance and operational arrangements and activities that come with using the virtual currency Libra and participating in the Libra (payment) scheme. This Libra scheme is a private and commercial arrangement which:
- defines a unit of account for a new virtual currency: the Libra,
- defines the asset mix that backs one currency unit,
- lays out the distribution and management rules of the currency units and reserve funds,
- lays out commercial rules and does a private placement to further promote the use of the Libra by giving them away (for free or at a discount). 
Definitions of e-money and term: monetary value
The reason why Libra, as a basket of different currencies, cannot be considered e-money is that it doesn't qualify as such under the definition as it is not monetary value. And to comprehend the definition we must understand that the e-money directive has had a first version and that the European Central Bank was clear on its analysis. E-money is a fiat currency in a digital shape and must be treated as such in terms of: reporting requirements for monetary aggregates, redeemability (at par), assurance that customer fiat money equivalent was kept safe etcetera.

The definition and use of the term 'monetary value' in the first version reflects that all we could think of was digital tokens that one-on-one reflected the physical or existing scriptural account-money forms. This is particularly clear from the consideration 19 in the Opinion of the central bank on the first draft directives.


What we can see here is a central bank ensuring that redeemability against the fiat currency is obliged, in combination with a definition of e-money which does not allow offering e-money at a discount:
"electronic money" shall mean monetary value as represented by a claim on the issuer which is:
(i) stored on an electronic device;
(ii) issued on receipt of funds of an amount not less in value than the monetary value issued;
(iii) accepted as means of payment by undertakings other than the issuer.
Redeemability
1. A bearer of electronic money may, during the period of validity, ask the issuer to redeem it at par value in coins and bank notes or by a transfer to an account free of charges other than those strictly necessary to carry out that operation.
To me, the full analysis and reasoning behind the e-money rules, can only mean that e-money thus covers the 100% forms of convertible fiat currencies. The whole regulatory construct and monetary safeguards in the e-money directive wouldn't work for other constructs. Also, the idea of issuing anything else than a digital equivalent of fiat-currency would have been hypothetical.We are talking the days that each digital player would seek maximum acceptance of the public of any new forms of payments, by piggy-backing on the trust/security mechanisms of the fiat instruments. Introducing a non-fiat-related digital currency was just a step too far and it's not what the E-money directive was meant to support.

When the second e-money directive came in and was aligned with the EU payments directive, it changed some of the structure and definitions. The ECB opinion as to redeemability and monetary matters remained unchanged however, so in essence the rules are still of the same construct. E-money means a one-on-one converted form of existing fiat money and all kinds of monetary statistics, redeemability etc are still in place for the wide variety of mechanisms that now use this regulatory avenue.

We must also understand that at that time we were nowhere near the existence of worldwide consumer platforms with such inherent power to dictate an alternate currency alongside fiat currencies. But now we do have those, including one that tries to issue and launch a Libra. Given the EU e-money directive however, the only reason this Libra would qualify as e-money is when it would be a 100% EU currency backing the Libra. As this is not the case, the Libra will not qualify as e-money.

Should we adapt the EU definition for e-money then?
In theory one could argue that the e-money definition needs adjustment in order to allow the Libra basket of currencies to be regulated. But this doesn't make sense from a financial instruments/securities perspective.

Whenever you dilute a 100% currency basket in the users own currency towards a different asset base, you reform the token at hand into a investment basket. The user is exposed to an additional form of currency and counterparty risk, which does not exist when using the 100% e-money form. Of course the issuer of the financial instrument can proclaim the new asset base to be stable. Or almost stable, but the rules of the financial instrument game are different. If you issue such combinations of assets, you must warn the user of risks, assess whether he/she may be up to the investment/risks that they are taking and so on.

Not obliging Libra to have to do so would be creating an uneven playing field towards all kinds of other providers of financial instruments that equally seek to provide their financial services to customers via a similar asset package that can be bought in tiny portions. In addition, the monetary concerns involved in overissuance of the e-money product may go beyond the geography of the central banks involved as monetary authorities in the currency basket. Merely allowing a basket of currencies as backing for an e-money product would not be consistent with the ECB analysis on relevant monetary considerations and rules to ensure financial stability.

So, as stable as you may give your product a name or try to sell it to the public or regulators, all regulatory and market experts know that no currency basket will ever be stable. Effectively, suggesting the fact that it would be stable for the end-user would be mis-selling of the product, misleading the consumer and what have you. So name it stablecoin as you like, but it remains a risky participation in an investment fund/currency basket. And all rules under EU securities to such investments do apply. Meaning disclosure rules, but also rules as to who can trade/distribute this instrument. It will not at all be open to trade for everyone, without restrictions.

Does paying with Libra involve a payment instrument then?
Next up is the question what exactly qualifies as a payment instrument in the Libra setup. In my view the financial participation is a digital asset/financial instrument. And of course, if you wish, such an instrument could be used to pay. Rather than sending someone digital fiat currencies, the provision of the tradeable digital financial instrument would consist the payment. The payment with Libra would thereby be a payment in kind, as if I exchange a bread for a bottle of water.

So is there a payment instrument involved and where is it?

Next up is the question if we can see a payment instrument, a payment order and a payment transaction under the Payment Services Directive, leading to the placing, transferring or withdrawing of funds. I think the main idea in this respect is to take the intentions of Libra to serve as a worldwide payment system as a starting point. This means we will have to take a close look at the question if tools are provided to the user (yes) meaning those tools (wallets) may qualify as payment instruments, if they move funds, which are defined as:
banknotes and coins, scriptural money or electronic money as defined in point (2) of Article 2 of Directive 2009/110/EC;
If the Libra is not banknotes and coins nor eletronic money, we only have the wonder if it could qualify as scriptural money. But this is indeed where it becomes a bit complicated. As the ECB put it, when advising on the Payment Services Directive:
12.10 The term ‘scriptural money’ is used in the proposed directive without being defined, e.g. in Article 3(b), Article 4(8) of the proposed directive and paragraph 7 of the Annex to the proposed directive. It is suggested that a definition of scriptural money should be established (in the definitions article), bearing in mind that only central banks and credit institutions (which include e-money institutions) may hold such funds.
So we have two options. We could consider the Libra issued by Libra association to the Libra association members (who are all registered security companies, allowed to offer, trade and sell financial products to the public and each other) a form of scriptural money. This is not illogical, given the explicit intentions of the Libra association and it would require the regulatory flexibility to allow for a self issued unit of account / securities product to be viewed as a form of money.

The other option is of course to not view the Libra as scriptural money and not apply the Payment Services Directive to a payment instrument which has a worldwide scope and impact. Although this may sound illogical, it is not illogical at all. The apps and tools that are used to pass on the Libra to other consumers would still have to comply with all securities related regulations. Users would have to sign up, pass suitability tests, issuers, brokers and exchanges of the Libra would need to have their MIFID licenses and such, so the customer would still be protected.

The exercise does show however that the Libra association has had little consideration to the relevant EU requirements and definitions when choosing Switzerland as their jurisdiction. Their guess may have been that they might be able to convince the local regulator to bend the rules a little, but the choice of a currency basket (and financial instrument structure) effectively deters its worldwide inclusive use for cross-border payments. Alternatively, a choice for a single currency basket might work, which would make it regular e-money, to which the PSD and all kinds of KYC/AML rules apply. Yet, this would mean that there needs to be a single issuer in the business model, as the reselling of e-money is prohibited under the EU regulations.

It is this considerable ignorance of relevant EU rules that has made it clear to me that Libra and Facebook will at no point in time be able to make their business model work. A brief visit to any innovation hub at any central bank would have made the above inconsistencies clear, but they apparently chose to ignore this. And the reason may be that the Swiss policy papers on stablecoins may have provided them with the impression that there was some leeway here. But even the relevant local supervisor has explained to them that both securities and payments legislation applies and that their business model will not work.

Then again, this is Facebook, pushing and moving so why could they have been so wrong in their assessment?

My hunch is that Facebook have applied a US centric approach to the whole regulatory debate on issuance of stablecoins and forgot how the regulatory regimes between EU and US differ. But for that I refer to the PS.

The main conclusion for now is: Libra does not qualify as e-money and the transfer of Libra might constitute a payment transfer, depending on the view one has with respect to the application of the word scriptural money under todays context.

February 5, 2020


PS. Regulatory regimes for stablecoins (US) and e-money (EU)
To put this in perspective for US readers, I want to shed a regulatory light onto the difference between stablecoins and e-money and the relevance of 1990s legislative landscapes in the US en Europe with respect to payments. The background against which the e-money directive was being developed here in Europe, was one in which - just as now - all over the world, people were thinking about the best forms of regulation of a new phenomenom: e-cash: electronic cash or Internet cash.

At that point in time I worked for the Dutch central bank and I investigated the difference between the existing regulatory regimes in Europe and in the US payments (see the American Law Review article here). And the big thing to take away here is that:
- the US had both banking supervision laws and money transmission laws,
- Europe did not have money transmission laws and only bank supervision regulation (somewhat harmonized under EU rules).

The consequence of this difference is that the US regulators had a clear money transmission framework that they could use, to apply to new forms of Internet payments and digital coins. In essence they all proclaimed new internet payment stuff to be some fort of money transmission, either by their design or by their nature. And thus: the regulation of those new forms of payment was easily done. No change in laws was required.

In Europe, there was no uniform payment legislation on a European scale. Different member states had different local rules on payments. We had to have a euro in place and many years of deliberation before we even ended up with a harmonised Payment Services Directive in 2007. So we had no payments legislation but we did have some form of e-cash begging to be regulated somehow. As the ECB had clearly outlined its concerns in this respect.

So the fierce debate in Europe was: should e-money be considered the functional equivalent of banking?

The main reasoning was: upon issuance of an e-money token of 1 euro, the issuer receives one euro of the public. This means attracting deposits from the public, which is part of the banking definition. Whereas central banks and Ministries of Finance felt this way, the Ministries of Economic Affairs succeeded in convincing them that an intermediate, light-weight banking regime should be set up. So we got an E-money Directive, creating EU license regimes for organisations that issue electronic money to the public, upon receipt of regular fiat money, which electronic money is then used for all sorts of payments.

The digital e-money had to be issued and redeemed at a 1 on 1 level (at par) and the e-money organisation had to safeguard the full reserve in a separate financial vehicle (or insurance arrangement). No license would be given if the safeguards weren't in place, so this means that the European e-money regime boils down to a regulatory regime which safeguards e-money. Or, what most US people would view as stablecoins (digital tokens, to be issued, traded, sold and transacted on the basis of an at-par rule with the original fiat currency).

Now back to the US. Initially the US payments regulation thus seemed well suited to adapt to new technologies. The birth of the bitcoin and other currencies created an issue. In essence, the US regulators didn't care to define a separate token or form of e-money into their payments regulation. They just stated that virtual currencies were a form of currencies and hence the money transmission regulations should be in place somehow.

Therefore Tether and TrueUSD are registered with the Fincen, but without the legal European safeguards in place to guarantuee the peg. Then again the New York bitlicense regime does have those safeguards, but it is clear that no US regime for stablecoins exists. We can see that the US now lags in regulatory terms. It has fragmented state laws on payments, where EU caught up with harmonised payments legislation and harmonised e-money legislation. And the European e-money regime is essentially the unified EU stablecoin regime for tokens that seek a 1-1 peg with a fiat currency.