Dr. Joshua Ellul, the Chairman of Malta Digital Innovation Authority and Director of Centre for DLTs, University of Malta, has published an open letter to European Union (EU) regulators focused on cryptocurrencies. The letter is also meant to inform relevant policy advisors and makers in the blockchain sector.
Dr. Ellul notes that he has some serious concerns regarding crypto-related regulations. He points out that, across Europe, regulators have been adopting “similar approaches to those used in traditional financial services.” However, he believes that these guidelines “lack adequate levels of technology-based assurances,” because of the “inherent” high risks associated with “specifically decentralized technology” that’s used by existing blockchains, smart contracts and crypto-assets.
Dr. Ellul notes:
“Cryptocurrencies, other similar forms of tokens and related activities have inherent technological risks which could be detrimental to European regulatory frameworks and the EU’s reputation in this sector.”
He goes on to mention that in June of this year, a European country suffered a major “blow to its reputation” (and maybe indirectly even Europe) with respect to “regulatory oversight of financial and operational due diligence” of the blockchain and crypto sector. He adds that “let us not let it take another potentially more serious blow from lack of technological due diligence and technology assurances.”
“Cryptocurrencies, tokens, virtual financial assets, utility tokens, ICOs, STOs, IEOs, or any other financial operation and technology built on or making use of blockchain and smart contracts are inherently high risk.”
Dr. Ellul further notes that regulators are now familiar, for the most part, with the associated risks in “the operational and financial aspects” of cryptographic technologies and assets. However, this risk is intensified due to the technical nature and the dependence of cryptos on blockchain or similar types of distributed ledger technologies (DLT), Ellul states.
He also mentions that “unlike traditional technology and systems, where a mistake in a transaction or bug in the data or code can be fixed, on a DLT, such errors frequently cannot be fixed, and the data cannot be reverted or manipulated to compensate for losses resulting from the unexpected behavior.”
These complex technical issues could potentially lead to billions of euros worth of losses. And if such an issue arises on an EU-regulated platform, then it would damage the reputation of the jurisdiction’s regulatory system, Ellul claims.
“Not only will this be a blow to EU crypto-based licensed activity, but aggrieved parties may decide to initiate class-action lawsuits against the Regulator for not having had in place sufficient technology assurances that could have minimised such occurrences.”
Dr. Ellul recommends performing independent third-party system audits and establishing an appropriate set of regulatory guidelines, so that it’s possible to give technology-based assurances. He believes that this must become “mandatory within the cryptocurrency space.”
He also mentions that as part of Malta’s regulatory guidelines, the Malta Digital Innovation Authority aims to address these types of technology-based assurances.
He also notes:
“[The Malta Digital Innovation Authority] would like to reach out to the EU and other member states to initiate a forum for taking such assurances to an EU-level. If the EU does not implement adequate technology assurances, then it may only be a matter of time until it will have to face another blow to the credibility of its regulated services due to lack of technology-based assurances.”
Dr. Ellul concludes his letter by sharing a list of reported losses, which may have resulted from various software bugs. Additional information about the regulatory guidelines are presented in this paper.