New legislation has been submitted by Senator Jack Reed, co-sponsored by Senators Mark Warner, Mike Rounds, and Mitt Romney. The Crypto Council for Innovation has slammed the legislation as “arbitrary and ill-defined.”
The bill (S.2355) is described as “a bill to clarify the applicability of sanctions and anti-money laundering compliance obligations to United States persons in the decentralized finance technology sector and virtual currency kiosk operators, and for other purposes.”
Entitled the “Crypto-Asset National Security Enhancement and Enforcement Act of 2023” counters legislation submitted by Senators Cynthia Lummis and Kirsten Gillibrand by giving the Securities and Exchange Commission greater authority and as well as the Secretary of the Treasury regarding oversight. The legislation also aims to control DeFi or decentralized operations.
Yaya J. Fanusie, Director of Anti-money Laundering and Cyber at the Crypto Council for Innovation, shared her thoughts with CI. Fanusie said:
“Most of the requirements in the bill are arbitrary and ill-defined. As an initial matter, the bill requires anyone who “controls” a DeFi protocol, or makes available an application to use such protocol, to meet Bank Secrecy Act (BSA) and sanctions compliance requirements. A person’s “control” of a digital asset protocol, however, is to be determined by The Secretary of the Treasury, with no objective criteria or any reference to current legal guidelines regarding money transmission.
In addition, “making available an application designed to facilitate digital asset protocol transactions” is quite vague and can be interpreted broadly. For example, a literal interpretation of the language means that even a mobile app store would be required to meet BSA obligations. It is also unclear what the criteria or rationale was in determining the $25 million valuation threshold. In fact, targeting a specific amount would seem to be aiming for projects already in existence, is easy to structure around for future projects, and does not appear to be based on any objective criteria.”
Fanusie criticized the legal obligations placed on persons who cannot influence autonomous DeFi protocols, adding that the legislation fails to offer actual guidance on technical ways for decentralized protocols to comply with BSA reporting requirements.
“DeFi protocols are permissionless and can be accessed via self-custodied wallets that are available to anyone on the internet. It is not feasible to collect personal identification information from such protocols, and the bill neither tackles this technical complexity nor provides solutions on how to address this limitation,” said Fanusie.
She said that requiring identification verification for any transaction amount as unduly onerous, stating the legislation goes beyond what is currently required in the Bank Secrecy Act (BSA).
“While it is important to deter illicit finance activity, including in the DeFi ecosystem, this proposal fails to provide a practical way to do so. CCI is currently working on a framework for appropriate regulation of DeFi. We are consulting closely with industry experts as well as with financial regulators in the U.S. and other leading jurisdictions to develop a technologically sound approach to mitigating illicit finance in DeFi,” stated Fanusie. “This approach requires distinguishing various elements within the DeFi technology stack. It also involves leveraging the transparency and programmability inherent in blockchain systems to derive appropriate compliance measures unique to the crypto ecosystem.”