Compliant Initial Coin Offerings
How are different countries treating blockchain?
Blockchain digital currencies are tightly regulated in the US.
The issuance of a digital currency in the US requires registration. Ripple was fined for selling XRP without being registered.
The Isle of Man added a registration provision for digital currency issuers and exchanges.
In Europe, the EU will capture exchanges and custodians under the 4th Anti-Money Laundering directive (4AMLD).
All exchange activity will be captured under anti-money laundering (AML) rules.
In Asia, Japan has already started to regulate digital currency. Businesses are required to have a payments license to operate an exchange, or pre-sell tokens in Japan.
Initial Coin Offering Havens
Where are the majority of the Initial Coin Offerings (ICOs)? They are generally from Singapore or Switzerland-based entities.
The typical Swiss route is a non-profit foundation that issues all the tokens. This is modelled on the ICO approach, pioneered by the Ethereum Foundation. In Singapore, the structure is less important as capital gains are non-taxable. In Singapore more interest is the perceived pragmatism of Monetary Authority of Singapore (MAS).
A critical part of the ICO process is ensuring the proceeds of tokens sales are not taxable as income or a capital gain. This is managed through a foundation or structuring in tax-efficient jurisdictions.
However, the tokens are often issued without any AML, or counter terrorist financing, controls in place.
ICOs without AML compliance is a completely unsustainable position as regulations are moving against anonymous crowdsales.
Looking at only the EU market from June 2017, exchanges and custodians will be subject to the 4th Anti-Money Laundering directive.
This will capture ICO activity as it is essentially an exchange service.
Importantly, the integration of exchange and custodian activity by the EU into 4AMLD may likely be a prohibitive exercise with huge unintended consequences. The application of these regulations to exchanges and custodians have complete disregard of proportionality. The infamous intervention by the European Banking Authority (EBA) was to suggest that exchanges and custodians must register in every EU state where they have customers. The EBA have never run a startup before and bluntly has no interest in fintech.
Unfortunately, most digital currency activity will shift away from the EU if the application of 4AMLD to exchanges or custodians becomes draconian.
However, Switzerland and Singapore are not in the EU. But that is not to say that Switzerland and Singapore are simply going to give a free hand to anonymous ICOs.
Singapore and Evolutionary Compliance
Singapore prides itself on its clean reputation as a hotbed for innovation. Its Sandbox environment is by far the most pragmatic and effective in operation.
In other words, Singapore has a lot to lose if an anonymous ICO ends up creating a taint on its reputation.
In view of this, what we are seeing in Singapore is an engagement strategy between ICO projects and the authorities. This engagement seems to lead to incremental steps towards basic compliance.
DigixDAO is an example of a continual engagement strategy. An article published in September 2016 states: “Whenever there is an update to our business model, we make sure to inform the relevant governing bodies”.
After an anonymous funding round, DigixDAO then introduced Know your customer (KYC) to their platform. This is an evolutionary form of compliance for startups.
However, a zero to one hundred per cent compliance evolution will no longer be appropriate. Certain basic guidelines will be established we suspect in the near-term.
Switzerland – Stepping Towards Regulation
It is important to note that the current announced fintech regime in Switzerland runs counter to anonymous ICOs. The current proposed fintech framework is for crowdfunding intermediaries to allow for the raising of capital subject, to limited number of investors and a threshold amount of CHF1m. The Swiss regulator has already directed digital currency intermediaries to enter a Self-Regulatory organisation for AML compliance.
These principles will port across to anonymous ICOs.
In time, it will be a simple requirement to ensure that an ICO campaign achieves some basic level of compliance.
ICOs Subject to Standard AML
It is expected that in a year from now it will be the norm to register as a coin issuer and perform KYC on investors.
But who likes KYC? Everyone hates KYC. The users hate KYC and the service providers hate KYC as it increases acquisition costs.
However, many solutions are being conceived of that will give a blockchain compatible compliant identity to users.
In time, it will be possible to do one registration and access one hundres ICOs without having to repeats the compliance process.
At Diacle, we’re working on building such an identity system. There will be many that exist.
But we need to take the pain out of compliance or compliance will continue to be a hindrance to innovation and business rather than an enabler of innovation.
It is my view that the more regtech we have the more startups will be set free to innovate safely. A basic compliant identity solution is one regtech solution needed.
Let's take a look at how a purely decentralised blockchain service can achieve compliance.
On the Isle of Man, we have set up what will be the first regulated blockchain lottery in the world. Ninety-nine per cent of the lottery processes run on-chain. It is a fully blockchain integrated solution. Yet it is useless if it isn't compliant.
One way we are achieving compliance is by registering the Ethereum addresses of users and creating a closed-loop between pay and withdraw. This is just a small step.
Of course, in time that ETH address registration won't be necessary as we become compatible with an integrated identity solution.
Compliance by Design
It is imperative not to re-centralise a decentralised service.
Controlling other people's private keys and access to their assets is an anathema of blockchain as a concept. Therefore, blockchain design must stay true to opening access global peer to peer markets and user control.
Joseph Lubin famously quoted that 'decentralisation is a phenomenon’. With blockchain we are re-thinking the basis of relationships between user, objects and governments.
This is a world where users own and control their assets. This must be the future.
Injecting trust back into a trustless system is simply missing the point of blockchain and shows a design failure, or is simply a reactive business decision to try and own as much as possible.
In my view, the design decisions of a blockchain product must align with the mission of user control.
But user control does not mean the system cannot be compliant. Quite the contrary. It is just a question of willingness to be compliant.
Towards Compliant ICO Contracts
If you look at the design of the current ICO smart contract code out there, there is no provision for compliance.
It completely disingenuous to say that compliance is too complicated to add to the ICO smart contract. Since the decentralized autonomous organization (DAO) hack, a freeze function is now commonplace in ICO smart contracts. We have improved the design of the ICO smart contracts by that bad experience.
Let's look at how a compliant ICO might look like. Keep the decentralised design of the ICO Smart Contract but ensure that it is compliant.
The basic process of an ICO smart contract is to start an ICO, receive funds and mint tokens to the addresses of contributors.
Based on that logic, it is simple to you add an additional feature. This feature would be a 'whitelist' function for the funding addresses.
Investors sign up on a webform, enter their details and registers their ETH address with the smart contract.
The smart contract then recognises the user when the ICO goes live and only accepts a donation from the registered ETH address.
This simple feature only marginally encumbers the ICO process but achieves a base line of compliance.
'Whitelist' ICO Smart Contract Business Rationale
From a business point of view there are many complaints regarding missing out on an ICO. They say, "it was over in minutes".
The pre-registration process increases the chances of a person getting into the ICO as pre-registration and can be from of allocation for users that is guaranteed for them in the ICO for a fixed period, say one hour after ICO goes live.
This also gives better certainty to the ICO project founders that they will sell out when the ICO starts which is a huge concern for the founders.