Unlikely Senate Alliance Proposes Cryptocurrency Surveillance
Nicholas Anthony
Senators Cynthia Lummis (R‑WY) and Kirsten Gillibrand (D‑NY) introduced an updated version of their Responsible Financial Innovation Act. The bulk of the bill addresses issues around market structure and cryptocurrency exchanges—issues my colleagues Jack Solowey and Jennifer Schulp have discussed at length. Yet, within the bill also lies an interesting section on combatting illicit finance within the cryptocurrency market.
What makes this section so interesting is that Senators Lummis and Gillibrand appear to have largely adopted this section from a separate bill introduced by Senators Elizabeth Warren (D‑MA) and Roger Marshall (R‑KS). In fact, all four senators just joined hands to introduce this section as a standalone amendment to this year’s National Defense Authorization Act (NDAA). As many might remember, the Warren‐Marshall bill received a nearly instant wave of criticism from Cato, Coin Center, Bitcoin Policy Institute, Bitcoin Magazine, Filecoin Foundation, and many others when it was first introduced.
Coin Center’s Peter Van Valkenburgh wrote, “The bipartisan Digital Asset Anti‐Money Laundering Act, introduced today by Sens. Warren and Marshall, is the most direct attack on the personal freedom and privacy of cryptocurrency users and developers we’ve yet seen.” Filecoin’s Marta Belcher wrote, “The bill would also effectively ban privacy‐enhancing technologies in blockchain networks. The bill is a disaster for digital privacy and civil liberties.”
A cursory look at the bill makes it easy to see why everyone was so concerned. The Warren‐Marshall bill proposed expanding anti‐money laundering (AML) and know‐your‐customer (KYC) surveillance to self‐hosted wallets and cryptocurrency ATMs as well as effectively setting a prohibition on the use of cryptocurrency mixers. The bill also proposed having the Treasury, Securities and Exchange Commission (SEC), and Commodity Futures Trading Commission (CFTC) levy new examination and review processes on the companies they oversee. Finally, the bill proposed a requirement for Americans to report to the Financial Crimes Enforcement Network (FinCEN) if they transact more than $10,000 in cryptocurrency if at least one party in the transaction is outside the United States. As Valkenburgh and Belcher said at the time, it was a direct attack on digital privacy and civil liberties.
How the Two Bills Stack Up
The good news is that the new Lummis‐Gillibrand bill did not copy the Warren‐Marshall bill entirely. The Lummis‐Gillibrand bill would not necessarily expand surveillance to self‐hosted wallets, prohibit the use of cryptocurrency mixers, or force Americans to report cross‐border transactions over $10,000. The bad news is that the Lummis‐Gillibrand bill did pick up other pieces of the Warren‐Marshall bill (see Figure 1).
Like the Warren‐Marshall bill, the Lummis‐Gillibrand bill would require cryptocurrency ATMs to “verify the identity of each customer using a valid form of government‐issued identification or other documentary method, as determined by the Secretary of the Treasury.” The bill would also require owners of cryptocurrency ATMs to report the physical location of ATMs to FinCEN every four months. Targeting ATMs may not be as severe as surveilling self‐hosted wallets and effectively prohibiting mixers, but it’s important to recognize that requiring cryptocurrency users to have their identities verified is still taking a stance against financial privacy.
The Lummis‐Gillibrand bill also adopted the Warren‐Marshall proposal to have the Treasury, SEC, and CFTC create new “risk‐focused examination and review” processes for the companies they oversee. These examinations would be intended to monitor how companies are complying with anti‐money laundering requirements. Considering compliance is already estimated to cost financial institutions $46 billion a year in the United States to stop an unknown amount of crime, it’s unclear what exactly this added burden will contribute, especially since the specifics are left for the agencies to determine.
Where the Warren‐Marshall bill would have prohibited the use of cryptocurrency mixers, the Lummis‐Gillibrand bill takes a more nuanced approach by instead requiring FinCEN to issue a report to Congress that explains how mixers are used in markets currently and to make recommendations on possible future legislation. This approach is better than the prohibition proposed by the Warren‐Marshall bill. However, this approach will require watchful eyes on the part of the public. On the one hand, the report could easily give FinCEN another tool to argue for further expanding its authority over financial transactions. On the other hand, the report could result in essentially kicking a prohibition to a later date.
Beyond Warren and Marshall
The Lummis‐Gillibrand bill also makes a few unique additions of its own outside of what was adopted from the Warren‐Marshall bill.
Notably, the section on combatting illicit finance opens with an amendment on penalties for cryptocurrency related crimes. By amending 12 U.S.C. Section 1957, the Lummis‐Gillibrand bill would make it so violations of financial recordkeeping laws (12 U.S.C. Chapter 21) where cryptocurrency is involved can lead to additional punishments with up to $10,000 in fines and up to five years in prison. It’s possible this provision is partly a response to the fall of FTX given it raises the stakes for keeping proper accounting standards.
The Lummis‐Gillibrand bill would also see to the creation of a working group dedicated to crafting proposals to combat illicit finance. The group would include officials from both law enforcement and regulatory agencies as well as businesses working on cryptocurrency technology, financial institutions, and research organizations. Within this theme, the bill would also require the President to issue a separate, public report. Although exchanging ideas in an open manner is commendable, it’s unfortunate that legislation is required to make that happen. (Though, perhaps that’s more so a commentary on politics at large.)
Continuing the theme of opening new dialogues, the Lummis‐Gillibrand bill would create an “Innovation Laboratory” within FinCEN. The laboratory would be dedicated to promoting “regulatory dialogue, data sharing between the FinCEN and financial companies, and an assessment of potential changes in law, rules, or policies to facilitate the appropriate supervision.” This idea might sound nice to some, but FinCEN’s history of repeatedly refusing to provide data to prove the effectiveness of anti‐money laundering surveillance in general makes it hard to have faith in the agency’s ability to live up to what the senators have in mind. One may be comforted because it’s a statutory requirement, but events earlier this year have shown that statutory requirements have still not been enough to get real answers about the effectiveness of anti‐money laundering requirements.
Finally, although it was not in the section on combatting illicit finance, it’s worth mentioning that the Lummis‐Gillibrand bill does address self‐hosted wallets elsewhere in the bill. When discussing risk management, the bill says that the CFTC and the SEC must create standards regarding money laundering, customer identification, and sanctions compliance for exchanges dealing with self‐hosted wallets. This move is not the same assault levied by the Warren‐Marshall bill. Yet, at the same time, it is concerning that these rules are being left open for regulators to decide and will require watchful eyes if it comes to fruition.
Conclusion
Taken together, the Lummis‐Gillibrand approach may not be as concerning as the Warren‐Marshall bill, but that is not to say it is not concerning at all. Although Senators Warren and Marshall sought to take a leap forward for expanding financial surveillance, Senators Lummis and Gillibrand are still creeping forward by pushing forth these proposals. It’s for that reason that the Lummis‐Gillibrand and Warren‐Marshall alliance should be concerning for advocates of privacy and freedom.
It was only a few months ago that Senator Warren was described as “building an anti‐crypto army.” The fact that her proposals spreading, even in limited form, should give people pause to ask if that army isn’t growing. The new bill is not the full assault from last year, but it also isn’t a retreat.
As debates move forward on both this bill and the recent NDAA amendment, it will be important for the public to keep a watchful eye.