Security Experts Praise Desire to Regulate Market, Cite Complexity
Sen. Pat Toomey, R-Pa., the ranking member of the U.S. Senate Banking Committee, is requesting input from the cryptocurrency and blockchain community to inform future legislation on its security, data privacy and other investor protections, according to the committee. Industry and security experts alike praise efforts to regulate the space, but warn of its complexities and inherent anonymity.
See Also: IT Visibility Gap Study: How Vulnerable is Your IT Estate?
Toomey is soliciting ideas and legislative proposals “to ensure federal law supports the development of emerging cryptocurrency and open blockchain network technologies,” he said Thursday, adding that the goal is “to protect crypto investors” while addressing “ambiguity” in existing laws that apply to cryptocurrency.
The committee seeks input in the following areas: privacy, due process, investor and consumer protection, payments and money transmission, custody regulation, banking authorities, decentralized finance, and existing regulatory “ambiguities,” among others. It will review proposals through Sept. 27.
“Rather than trying to ignore or suppress cryptocurrency and related technologies, regulators and legislators alike need to recognize that open, public networks are here to stay,” Toomey says. “Our laws and regulations must adapt to these developments.”
Legislation around cryptocurrency could help provide a “legitimizing lens to the affiliated tender(s) and increase adoption,” says Frank Downs, a former offensive analyst for the National Security Agency and current director of proactive services for security firm Blue Voyant. “[But] it is important that the congressional participants implement smart legislation and not sweeping legislation, as seen in other countries,” including China, which has instituted multiple cryptocurrency restrictions.
Nevertheless, Toomey notes these efforts could “ensure the U.S. remains at the forefront of cryptocurrency and fintech innovation.”
Other Experts Weigh In
Lawmakers and regulators face challenges in their regulatory approach, adds Mike Hamilton, former vice chair for the Department of Homeland Security State, Local, Tribal, and Territorial Government Coordinating Council.
“While ‘privacy’ is listed as one of [Sen. Toomey’s focus areas], maintaining privacy may be counter to efforts to ‘de-anonymize’ cryptocurrency transactions for the purpose of limiting the ability of cybercriminals to operate in the shadows,” adds Hamilton, currently the CISO for the firm CI Security.
Michael Fasanello, who has served in various roles within the U.S. Justice and Treasury departments, including for Treasury’s Financial Crimes Enforcement Network, or FinCEN, adds, “Rushed legislation will have adverse effects, causing splintering in a worldwide community that currently collaborates with great success.”
Fasanello, currently the director of training and regulatory affairs for the firm Blockchain Intelligence Group, adds, “We offer our support to Congress in achieving a regulatory framework that protects investors, deters and roots out abuse of the financial system, and fosters innovation in financial technology.”
Blockchain expert David Gerard, author of the book “Attack of the 50 Foot Blockchain,” says, however, “The problem is that evading regulation is cryptocurrency’s main use case – it is literally why bitcoin was invented and designed the way it was, to make money that was immune from government control … [which is a] recipe for abuse.”
Regulatory Efforts
Cryptocurrency no doubt continues to hold lawmakers’ attention. A bill introduced in the Senate earlier this month, the Sanction and Stop Ransomware Act, calls for developing regulatory actions around cryptocurrency – including suspicious transaction monitoring and adhering to know-your-customer standards (see: Countering Cyberthreats: 2 Legislative Proposals Introduced).
Meanwhile, the $1 trillion U.S. infrastructure bill – due for a vote in the House by late September – would impose expanded tax obligations on crypto operators. A proposed amendment to soften the requirements failed to pass the Senate (see: Financial Execs Say Security a Top Cryptocurrency Barrier).
In a recent Senate Judiciary Committee hearing on ways to combat ransomware, several senators also raised the issue of changing laws to strengthen regulations for cryptocurrencies, including bitcoin, the preferred payment method in ransomware incidents (see: Congress Urged to Update Federal Laws to Combat Ransomware).
In the hearing, Richard Downing, deputy assistant attorney general of the Justice Department’s Criminal Division, testified that federal prosecutors are looking at ways to apply current laws, such as the Bank Secrecy Act.
“We’re looking to the laws that we already have on the books … to enforce the rules and regulations that are already applying to cryptocurrency exchanges and other actors in this space,” Downing said.
Earlier this month, the Securities and Exchange Commission also weighed in on the volatile cryptocurrency markets – addressing several risk management and security concerns (see: PayPal to Hire Dozens of Cryptocurrency Security Experts).
SEC Chairman Gary Gensler called the cryptocurrency market “rife with fraud, scams and abuse.” He added: “It’s often [used] to skirt our laws with respect to anti-money laundering, sanctions and tax collection. It also can enable extortion via ransomware, as we recently saw with Colonial Pipeline.”
He called on lawmakers to provide the SEC additional authority to regulate crypto markets.
In its new Global Blockchain Survey for 2021, auditing firm Deloitte highlighted this ambiguity, noting, “In the U.S., it remains unclear as to whether regulators will continue a piecemeal guidance effort [around cryptocurrency], or whether [regulatory bodies] will join forces and coordinate.”