Welcome
Bloomberg Law Analysis

ANALYSIS: Facebook Hints at New AML/CFT Paradigm For Libra

July 15, 2019, 9:15 AM

Facebook’s announcement of its Libra cryptocurrency has started a flurry of reporting on the regulatory formalities of the newly launched subsidiary Calibra, but so far there has been little coverage of what Calibra intends to do to comply with the substance of U.S. and foreign regulations in areas of significant risk, including securities laws, privacy laws, and anti-money laundering/combating the financing of terrorism (AML/CFT).

In the AML/CFT compliance field, Calibra has registered with the Financial Crimes Enforcement Network (FinCEN) as a money services business (MSB), applied for a New York Bitlicense, and recently dropped a little-noticed hint that it intends to upend the field as it currently exists. Its intent appears to be that it will conform its use of blockchain technology to existing laws, but it will conform the specific requirements in the regulations implementing those laws to blockchain technology.

The result would be a new paradigm for AML/CFT compliance.

Calibrated Compliance

Calibra head David Marcus has been issuing statements explaining the Libra cryptocurrency and the actions of Facebook and Calibra, and in a Facebook blog post published on July 3 he wrote in a declaration about Facebook/Calibra’s plans to engage with regulators and lawmakers:

At the core, we believe that a network that helps move more cash transactions – where a lot of illicit activities happen – to a digital network that features regulated on and off ramps with proper know-your-customer (KYC) practices, combined with the ability for law enforcement and regulators to conduct their own analysis of on-chain activity, will be a big opportunity to increase the efficacy of financial crimes monitoring and enforcement … Libra should improve detection and enforcement, not set these back.

This brief statement appears to imply that Calibra is banking on a new paradigm of AML/CFT compliance for the Libra cryptocurrency’s planned entry into the international money transmitter business.

Emphasizing “the ability for law enforcement and regulators to conduct their own analysis of on-chain activity” highlights a significant fundamental feature of cryptocurrencies. Cash retains no data (aside from serial numbers, fingerprints, and other physical evidence), and conventional electronic transfers contain information only about individual transactions. A blockchain-based cryptocurrency maintains and distributes a ledger with data on every transaction ever made using every unit of the cryptocurrency. This (distributed) concentration of data creates a potential gold mine of financial intelligence, as long as the data mining and analytical tools to use the mass of data are available and also as long as the real-world identities of transactors behind their pseudonyms are known. Calibra’s “regulated on and off ramps with proper KYC practices” would ensure knowledge of the latter.

The foundation of Calibra’s position turns the original view of cryptocurrencies as anonymous and useful for avoiding government regulation on its head. Libra and comparably handled cryptocurrencies would instead make transactions less anonymous and more difficult to hide from law enforcement investigators and intelligence analysts.

Having government agencies “conduct their own analysis of on-chain activity,” which makes the unstated implication that they will relieve Calibra of some or all of the obligation to do so, indicates an intent to turn AML/CFT compliance on its head. The key requirement to file suspicious activity reports (SARs), authorized by Congress in the Annunzio-Wylie Anti-Money Laundering Act amendments of the BSA in 1992 and required by regulation for banks since 1996 and for money transmitters and other MSBs since 2000, receives no mention at all. The SAR filing requirement has imposed significant costs on financial institutions, which have had to invest in personnel and technology to monitor and analyze transactions for suspicious activity. Moreover, failures to file SARs have been the basis for most BSA enforcement actions. Shifting the task of monitoring and analyzing Libra transactions to the government agencies interested in them could relieve Calibra of SAR filing obligations imposed by regulation, without violating the statutory requirements of the BSA or requiring BSA amendments.

Such regulatory relief would remove significant costs and risks for Calibra. Calibra’s new paradigm would of course benefit it considerably, as well as possibly benefiting U.S. and international AML/CFT efforts as Calibra asserts.

A July 8 letter to the chairman and ranking member of the Senate Committee on Banking, Housing, and Urban Affairs continues to describe Calibra’s role as merely providing information to law enforcement and regulators for them to use:

Regulators of Calibra and other digital wallet services can require them to collect information about the identity and activities of their users and make such information available to law enforcement and regulatory agencies, such as for AML, CFT, and sanctions purposes.

Observant readers may have noticed that this statement oddly refers to “AML” and “CFT” as if they are separate legal and regulatory fields. This misstatement appears five times in the letter, and it is a curious departure from convention in a high-level communication to Congress from a chief executive with considerable relevant experience, leading regulatory compliance initiatives for an array of industry-leading strategic partners. (David Marcus formerly served as president of PayPal, a registered MSB, and as vice president of Facebook responsible for Facebook Messenger during the 2015 rollout of its money transfer service.)

Erroneous statements on AML/CFT and a narrow focus on KYC – a term that appears nowhere in the BSA and its implementing regulations – are common from unsophisticated cryptocurrency businesses. In this case, they are more likely to be signs of differences between the existing AML/CFT regulatory scheme and a new paradigm from Calibra.

AML/CFT—Mainly KYC?

The AML/CFT regulatory burden of a cryptocurrency-based money transmitter becoming mainly KYC, shedding the existing SAR filing requirement and possibly other obligations created by the BSA and its implementing regulations over the course of several decades, at first glance may appear to be so Mickey Mouse that it belongs in his club’s theme song. The concept is not unprecedented, however, and neither is it extreme or crypto-anarchist. Many of the creators of the current AML/CFT regime have endorsed the view that the existing SAR filing requirements are outdated and an inefficient use of resources, and new technology can and should be used to create a more effective system that places less burden on financial institutions.

Calibra’s paradigm has an obvious precedent in a report published by The Clearing House in February 2017, A New Paradigm: Redesigning the U.S. AML/CFT Framework to Protect National Security and Aid Law Enforcement. This report, which reflects the conclusions of a blue-ribbon panel of AML/CFT experts that included a former Assistant Secretary of the Treasury for Terrorist Financing and Financial Crimes, a former FinCEN Director, and a former Chief of the Money Laundering and Asset Forfeiture Unit of the U.S. Attorney’s Office for the Southern District of New York, stated the following:

Outdated Nature of the SAR Regime. When it was first established in the 1990s, the goal of the SAR regime was for financial institutions to provide leads to law enforcement agencies; those agencies had little insight into the financial system, and no technical ability to mine data. Today, government agencies could develop resources to mine financial data, and rely less on financial institutions to provide robust, individual reports on suspicious activities or transactions.

[F]inancial institutions generally provide underlying raw data only at law enforcement request following a SAR filing, but a better approach would facilitate realtime information flow and analysis using modern data capabilities, while adhering to privacy and civil liberty concerns as well as managing for other risks. The provision of raw data has been considered before – though in a limited capacity.

[T]he best outcome would be to have bulk data deposited at FinCEN and analyzed by law enforcement and intelligence community professionals, with a mechanism for regular feedback to be provided to institutions to enable them to target their internal monitoring and tracking mechanisms to better serve the goals of law enforcement and intelligence officials.

Benefits. Providing such data in bulk, directly to FinCEN upon the filing of a SAR, would modernize the SAR regime from one built for the 20th century, where financial institutions were comparatively better equipped to filter data, to one appropriate for the 21st century, where big data analytics could enable law enforcement to effectively sift through large quantities of data without requiring as much assistance from financial institutions in investigating illicit activity. Financial institutions could then reallocate associated resources to FIUs or other higher value activities.

A reasonable reading of Calibra’s statements indicates that their goal is to put these ideas into effect in the money transmitter context using the Libra cryptocurrency. Details of what Calibra wants to do are not apparent yet, so it is unclear whether the goal is to create the hybrid system recommended in the Clearing House report that combines SAR filing with bulk sharing of blockchain data, or to completely replace SAR filing with blockchain data sharing.

Either approach would depart from long-standing requirements dating back almost a quarter of a century, so before either can be implemented, detailed discussions with regulators and lawmakers will be necessary. Discussions may already be ongoing out of public view between Calibra and relevant regulatory authorities such as FinCEN, the Federal Reserve Board, and the New York Department of Financial Services. Fed Chairman Jerome Powell recently stated that a meeting with Facebook representatives occurred a couple of months before the announcement of Libra and that the Fed had formed a working group on Libra; as working groups are usually interagency affairs, it is likely that this one already involves numerous regulatory and law enforcement agencies with stakes in money laundering issues.

Facebook and Calibra executives, including Mr. Marcus, testify publicly before the Senate Banking Committee on July 16 and the House Financial Services Committee on July 17. If committee members ask the right questions, they and the public should get a glimpse of the signposts leading down the path Facebook and Calibra have chosen to navigate in this increasingly controversial field.

To read more articles log in. To learn more about a subscription click here.