In an attempt to prevent private cryptocurrency wallets from being used for ransomware attacks and terrorist financing, FinCEN proposed a new set of regulations in late December.
The proposal requires counterparty KYC for customer transactions and has been met with major opposition from the Crypto industry's largest players including Coinbase, Kraken, Square, Andreessen Horowitz, and Fidelity citing some of the following reasons:
- Unduly burdensome standard that isn't applied in any financial services today.
- Privacy concerns around revealing the underlying identities of wallet owners
- Requirements unspecified (what is considered an "unhosted" crypto wallet?).
- Rules would drive people to unregulated exchanges and off-exchange activity.
- Could create a “walled garden” in the US, stifling innovation and trade.
From an investigative standpoint, some additional points to consider:
- What will the new documentation requests look like (IP address, physical address, wallet address, etc.)?
- Will smart contracts be considered in-scope? If so, it could be near impossible to determine counterparties within a specified contract where parties may be unknown.
- What evasion techniques may be used (such as breaking transactions up into multiple wallets)?
- Will there be additional requirements for the source of funds (in contrast to counterparties that a wallet sends funds to)?
With major opposition and a new administration on the way, these potential requirements are rapidly developing, so stay tuned.
The new FinCEN rules are calling for holders of custodial accounts (hosted wallets) to identify themselves and their trading partner if they engage in a single transaction of over $3,000, or if they have cumulative transactions of over $10,000 to a private crypto wallet in one day. Any transaction of over $10,000 would also have to be reported directly to FinCEN. While the personal information would not go out to the general public, the exchange would then be required to store it and turn it over to law enforcement agencies on request.