Compliance in the Crypto-Fund Era Configure

In the early 90s the Cyberpunk movement has been striving to evolve the internet of information to the internet of value. Indeed, the capacity to freely publish and share information could be emulated to also transfer values, meaning assets, directly between parties without going through a centralizing agent. This is often named distributed asset transactions. This exploration has led to many failed attempts but also some successes in the digital payment space. The advent of blockchain technology has boosted the utilization of crypto-currencies and thereby also revived many initiatives in the fields of distributed asset transactions. While many names are given to assets founded on this technology, like blockchain, DLT, Crypto or Virtual assets, we will call them crypto-assets for sake of simplicity

With over EUR 4.6 TRN under administration, the impact that this technology could have on the Luxembourg Fund Industry is potentially highly relevant. One aspect being the compliance perspective. Crypto-assets add a layer of complexity to compliance but as investors push into this asset class and crypto-technology could potentially have a disruptive impact on Fund transaction processing, the industry must consider the potential impacts of this technology.

Various regulations require a Risk Based Approach (RBA) when dealing addressing Money Laundering (ML), Terrorist Financing (TF), Tax Evasion (TE: FATCA, BRP), Investor Protection (IP: MiFID, PRIIPS, Transparency), Market Efficiency (ME: MAD) and other subjects. Risk categories that are examined as part of the RBA encompass client/counterparts, distribution channels, products and transactions.

An essential question when looking at crypto-assets is to which extend existing compliance processes should be applied or specific processes need to be implemented. In view to determine this, we first need to identify the function crypto-technology plays within funds. The particularity of the fund industry is that the impact could happen at the level of the fund, the level of the assets within the fund and/or on the transaction-custody layer. Each layer could or could not use crypto technology, independently from each other.

A fund could for example be denominated in the Ethereum (ETH) crypto-currency or in fiat currency. Independently from the Fund denomination, the Assets of the Fund could be cryptos (or not). Finally, even if a Fund is denominated in fiat, it still could be transacted using crypto-technology. A Fund denominated in EUROS and investing in classic fixed income assets could for example be transacted using Hyperledger technology. Indeed, crypto-technologies like Hyperledger are just tokens that are not linked to any coin, meaning that they have no intrinsic value. They are mostly used because of perceived improvements in transaction efficiency.

These combinations allow for various scenarios that have an impact on compliance risk. Once the extend of crypto-technology used is clear, the impact can be determined.

If a Fund is denominated in crypto or invests into crypto Assets, this means that the investor is subject to a different risk. Cryptos are a younger asset class with a limited number of participants and market-makers. They are also partially being transacted on unregulated platforms. As such, cryptos are simply less transparent and operate under a lower level certainty. Regulatory changes, for example still have disproportioned impacts on this new ecosystem. While hedging instruments for a few major cryptos exist, like for example Bitcoin futures that are traded on the CME, their efficiency is still limited.

In a nutshell, crypto-denominated Funds tend to be more volatile, less predictable and less liquid, a fact that should be reflected in their classification. This would mean that some investors should not invest because this risk is not suitable for them. Fundamentally, this is not dissimilar to other risky asset classes and should be treated in the same manner from a compliance perspective. The primary tools in this context for Investor Protection are investor information as well as the enforcement of guidelines ensuring a fair market.

Transaction and custody with crypto-technology tends to operate on different infrastructure. Some will be operated by exchanges that would be subject to AMLD V or FATF guideline relative to VASPs (Virtual Asset Service Providers). Other transactions occur directly between investors controlling their own wallet.

Here, the type of crypto matters. If a Fund is transacted using a permissioned crypto-technology, like Hyperledger, this means that only identified and authorized parties can transact. This provides a satisfactory level of clarity.

With a pseudonymous public crypto, each individual participant could transact directly but the transaction addresses are visible and traceable. Consequently, while the name of the transacting person is not visible the address is. Once the link between an address and a person is done, a certain level of transparency is achieved. Bitcoin falls into this category.

Obfuscated crypto-technology hides the source, amount or destination of transactions. This makes if quite challenging to follow who is doing what.

Other technologies like the use of browser-based dark wallets, transactions over the dark web and mixers who obscure transactions by mixing them, make it even more difficult to trace what happens.

As we see, the transaction layer points towards ML/TF risks. Here, the channel mitigates this risk, as regulated entities must conduct their KYC duties. To be effective through, they have to use new tools. For example, crypto-address verifiers that score an address based on its history, reputation and other factors. That way, when an investor goes through the KYC process, the accuracy of the crypto-layer could be validated.

More generally, specific Know Your Transaction (KYT) AI-algorithms could be used that are designed and have learned to detect suspicious crypto transactions. The advantage of these tools is that they could raise flags even on completely anonymous transactions.

Now, notwithstanding the tools available, it may be advisable, in compliance with certain guidelines, to simply reject certain channels or crypto-assets.

Coming back to the risk categories we can now see that crypto-fund investors are not necessarily different and that the products denominated or invested into crypto-assets tend to be riskier but in a similar manner than other high-risk asset classes.

But the distribution channels and transactions using crypto-technologies trigger new types of risks, especially pertaining to ML/T. And these risks require the application of novel tools.

It is important to systematically analyzing the crypto-layers as well as the types of crypto-technologies applied in order to identify potential risks. That way the Fund industry can explore the development of new risk mitigation tools and contribute to the emergence opportunities founded on crypto-technology…