Tomorrow’s yesterday: financial regulation and technological change - Gerry Cross, Director of Policy & Risk

20 March 2018 Speech
Central Bank of Ireland

Speech at Joint Session: Banknotes / Identity High Meeting 2018 Security Printers, International Conference & Exhibition Hosted by Intergraf

Good morning. It is a great pleasure for me to be here this morning representing the Central Bank of Ireland at the start of this Banknotes High Meeting and ahead of the Security Printers International Conference over the coming days. I would like to thank Intergraf for the invitation to speak to you today. I realise that I am a little bit of an outlier in the line-up, coming from a regulatory policy perspective rather than currency or printing. However, there are a number of topics that, because they related so much to technological change and development, I believe will be of interest to all of us.

I would like to address the question of technological innovation in the area of financial services, often referred to as FinTech, and to consider how we as a financial regulatory community are responding to the important opportunities and challenges presented by such developments. I will also say something about the question of virtual currencies from a financial regulators perspective and also about initial coin offerings (or ICOs) which, although conceptually different from virtual currencies, nonetheless share common features. All of these topics are bound together by one thing: they all comprise of new activities, new products, or new ways of doing things driven directly by advances in information technology.

FinReg and FinTech

Turning first to the question of innovation in financial service generally: financial innovation will be a key focus of regulatory attention during the coming period. It would be so in any event. But the publication of the European Commission's Action Plan on FinTech last week means that it will be clearly embedded in regulatory agendas at every level across the EU.

This is very welcome. Financial regulation is for the most part focused on identifying and addressing the risks that can arise - whether they be to financial stability, prudential soundness, orderly markets, or consumer and investor protection. But financial services and markets are dynamic and fast moving. Innovation is a key feature of how they function. And with technology being at the heart of financial services and a technological revolution ongoing, it is clear that the relevance of this topic for financial regulators is enormous.

Innovation has the capacity to bring great benefits for consumers, the economy and society in general. And it is essential to the effective functioning of a competitive economy. And here is where a challenge lies for financial regulators. For one might summarise the situation as follows: innovation is good, but not all innovations are good, and not all good innovations are done well. So for regulators the challenge is to facilitate good innovation, to seek to prevent or limit innovations that are detrimental to the goal of well-functioning financial services and markets, and to ensure that the associated risks are well managed.

In order to protect against the risks raised by innovation while still allowing it to develop for the benefit of consumers, it is vital that we, as regulators, understand the technologies and business models being developed. Without that knowledge, we risk not being as effective in our supervision as we could be. Moreover, an uninformed policy maker risks regulating for yesterday’s problems, rather than designing a regulatory framework that remains fit for purpose as technology continues to develop. These are risks that regulators simply cannot afford to take in a world where the financial services are increasingly reliant on new technologies and the speed of change continues to accelerate. 

And we cannot limit our engagement and understanding to activities within our regulatory perimeter either. A significant number of new technologies will be developed by firms that are not, and will never require to be, regulated. However, many of these technologies will ultimately find their way into the regulated financial services space if and when they are used by authorised firms. Regulators should seek to understand these technologies before they enter our regulatory perimeter to know what questions to ask and what risks are presented; rather than after they have been widely deployed and those risks potentially materialise.

Over the period ahead we will see a great deal of discussion of the best ways of achieving this challenging set of objectives. We will see discussion of the mandates of financial regulators and how they reflect the benefits of innovation and competition amongst financial services providers. We will see consideration of innovation hubs and facilitators, sandboxes and soundboxes, and the various approaches that regulators might adopt to respond effectively to the opportunities and challenges of technological innovation.

All of this consideration is very much to be welcomed. At the Central Bank, these questions about FinTech and how financial regulation should respond to it and regulators best engage, are ones we have been focused on for some time now. As have many other regulators. We are very pleased that this discussion will now also be taking place at a coordinated European level.

Virtual Currencies and Initial Coin Offerings

Turning now to the question of virtual currencies and Initial Coin Offerings or ICOs. Let me start with this basic question: "What is a virtual currency". This is a question that has been answered in different ways. I like the definition used in the recent European Supervisory Authorities’ warning to consumers: "a virtual currency is a digital representation of value that is neither issued nor guaranteed by a central bank or public authority and does not have the legal status of currency or money". They are digital assets created by software developers. They are designed to be used to purchase goods or services, generally in an online environment. While they do not have to be, in general it is their exchangeability for real, or fiat, currency that gives rise to policymakers’ interest in them.

Initial Coin Offerings (ICOs) are different to virtual currencies in that they are events or bundles of transactions rather than being a "thing" (if a virtual coin can be called a "thing"). ICOs are capital- or finance-raising events, whereby a business or an individual raises money from the public by issuing so-called coins or tokens in exchange for something, generally either real or virtual currencies.

The growth of activity in this area has been dramatic in the past year. Headlines announcing significant price fluctuations in popular virtual currencies such as Bitcoin, Etherium and Ripple, are almost a daily occurrence. The siren lure of quick and impressive gains, accompanied by the fear, rational or irrational, of "missing out", have driven significant numbers of investors the world over to speculate on virtual currencies and in ICOs. While the buzz surrounding these products has led to a proliferation of new virtual currencies and ICOS. One of the lessons that was hard learned during the financial crisis - if it seems too good to be true, then it probably is - seems to have been forgotten by many, if the current spate of frenzied speculative activity is anything to go by. It is for this reason that the European Supervisory Authorities have recently published consumer warnings about both virtual currencies and ICOs. Warnings that we here at the Central Bank have participated in, supported and promulgated. I will say more about this shortly.

Analysing virtual currencies and ICOs

There are currently over 1,000 virtual currencies in operation, with varying levels of market impact and usage. They are commonly advertised as a means of payment or exchange, but given recent price volatility, increasing costs for their usage and slowness in processing times, their usability as a means of payment could be described as diminished. Instead, they are increasingly treated as a speculative asset.

Beyond the clear need for consumer warnings in the case of virtual currencies and ICOs, as discussed further below, it can be easy, when faced with a new and challenging issue or activity, for a regulator to say that A or B is very risky, or that X or Y can have harmful effects and to start in straightaway to consider how to restrict them, regulate them or even ban them. This is an approach that Andrea Enria, the Chair of the European Banking Authority has recently described as a “regulate and restrict approach”.

However it is important, in whatever we are looking at, that we take a considered approach; that we think about the potential benefits, including longer term benefits, as well as risks. We need to be clear and precise about what it is we are trying to achieve. We need to reflect on approaches to accomplishing those objectives which retain as much as possible of the potential benefits while addressing the harms, approaches that are in other words proportionate. We also need to think about the potential unforeseen consequence of regulation, including the desirability of giving a “regulatory imprimatur to the activity in question”. And it also needs to be considered whether an issue is something for financial regulators to address or for others, for example for the legislative authorities, if there is a potential need for regulation but an aspect is found to fall outside the current mandate of regulators. All of this applies in the case of virtual currencies and ICOs as much as anywhere else.

One piece of analysis that we have been doing at the Central Bank has been to try to understand the different features of virtual currencies and which of those features might make them more or less risky, in particular from a consumer perspective.

Virtual currencies can take different approaches as to whether or not there is a central controlling authority. Some do have such a central controlling authority and some do not. In the latter case, from an investor/consumer perspective, questions arise as to their governance. Who is responsible if something goes wrong with the virtual currency? To whom do consumers turn for recourse or protection? What is its legal personality and what is the relationship between the virtual currency and the existing legal framework?

Different approaches can also be taken as to limitation of supply of the units in question. In some cases virtual currencies were created with a limit on their number, for example, Bitcoin is limited to 21 million coins. This is a feature which can contribute to significant volatility. Instead of using the virtual currency as a means of payment, for which many virtual currencies are purported to have been created, their owners purchase and/or store them as speculative assets, which can result in price volatility.

Virtual currencies are mined via complex cryptographic computations, requiring increasingly significant computational power that can use vast quantities of electricity. As the computational power required increases so too do the cost to mine virtual currencies and the time necessary to do so, raising concerns about the environmental impact of virtual currency mining. You might think this not a topic for a financial regulator to worry about; but bear in mind the recent publication by the European Commission of its Sustainable Finance Action Plan.

Some virtual currencies use blockchains that have no restriction on who can join the blockchain network, who validates the block transactions, or who has permission to approve smart contracts. As such, those who join, validate or approve are not required to identify themselves in the traditional sense, raising concerns about the potential for use in money laundering and terrorist financing transactions. The development of legislation is underway to mitigate these risks: the Fifth Anti Money Laundering Directive, for example, will bring Virtual Currency Exchanges and Custodian Wallet Providers within the scope of European Anti Money Laundering (AML) rules.

Virtual currency exchanges provide exchange services between virtual currencies and fiat currencies. An exchange operates very similarly to a bureau de change: fiat currency can be “exchanged” for a virtual currency (and vice versa) based upon an agreed exchange rate. Custodian Wallet Providers provide services to store and transfer virtual currencies on behalf of its owners. Both act as gateways between the virtual currency “ecosystem” and the traditional financial system. These virtual currency exchanges occupy a particular space and raise questions about the regulatory perimeter. This is an area that is attracting increased attention from regulators, including recent statements or actions by the U.S. SEC and Japanese FSA (see further below).

At the same time, however, there is broad recognition that the underlying distributed ledger technology of virtual currencies has very significant potential benefits and will surely have very useful applications in the future. The challenge here is how to harness the power of the technology for the benefit of firms, and more importantly, consumers while mitigating the risks. 

Consumer warnings

As I have mentioned already, given the heightened consumer protection concerns, regulators have stepped up our efforts to warn consumers about the potential risks associated with both virtual currencies and ICOs. The three European Supervisory Authorities (ESAs) issued a joint warning on virtual currencies back in February, which the Central Bank reiterated on the Consumer Hub of our website. As investment assets, these products pose a real risk to consumers; something that the Central Bank, along with other European authorities, is taking very seriously. This warning cautions consumers that virtual currencies pose a high risk of losing significant amounts of money, showing clear signs of a pricing bubble. It highlights the lack of investor protections because these are not regulated activities and the operational problems at many virtual currency exchanges. Indeed, nearly as frequent as headlines regarding erratic price fluctuations are stories about hacks on popular exchanges.

Similarly, in late 2017, the Central Bank, on foot of action by the European Securities and Markets Authority (ESMA), warned consumers of the risks associated with investing in initial coin offerings. These risks include a heightened vulnerability to fraud, a high risk of losing all invested capital, lack of exit options and extreme price volatility and inadequate disclosure.

The need for further regulation?

Given these risks, virtual currencies and ICOs are areas of regulatory focus in Ireland, the EU and internationally, and there are a number of questions that need to be considered, including the following.

The first question is whether existing regulations may already apply, at least in certain circumstances. One of the key questions about ICOs is how they should be classified under the regulatory framework. If the token issued in an ICO is deemed to be a “transferable security,” then a range of financial services legislation— including MiFID, the Prospectus Directive, etc., - will apply. However that question needs to be considered on a case by case basis. And this gives rise to significant uncertainty and risks for potential investors. To be clear about this: where the features of any given ICO match those of financial instrument issuance, then financial regulation applies, as of this moment, and issuers and others must, subject to legal penalty, ensure that they comply with the relevant rules.

To the extent that virtual currencies, ICOs, or those involved in their issuance or trading, are not subject to existing regulation, then the question arises: has the regulation fallen behind developments and needs updating. Or is it the case that these activities are just new examples of old types of activity and there is no need for further regulatory intervention, beyond making consumers properly aware of the significant risks through consumer warnings? Or might it simply be too early to say?

One aspect of this matter has been well explained by Andrea Enria, the Chair of the EBA in his speech at the Copenhagen Business School on the 9th March. Andrea noted it is not currently clear that bringing virtual currencies firmly within the regulatory perimeter would be the best approach. An alternative strategy would be not to do so on the basis that such a strategy “would avoid granting any official recognition to a sector that is still very heterogeneous, changing fast and, as such, difficult to regulate and supervise. It would also convey a clear and credible message to users and investors, that there is no form of public protection to investment in these often highly speculative assets.”

Virtual Currencies and Initial Coin Offerings—The Case for Global Cooperation

These questions are not only relevant to Ireland, of course. Indeed, the past several weeks have seen a good deal of activity from regulators around the world in response to global growth of virtual currencies and ICOs. As a few examples, the French AMF announced that CFDs and binary options with virtual currencies as the underlying asset will be treated as derivatives, regardless of the legal classification of the virtual currency, making European derivatives regulation applicable to these products. The Swiss authority FINMA, for its part, published guidelines that describes how it intends to apply financial market legislation to ICOs and sets out three categories of tokens: payment, utility and security.

Over in the United States, the U.S. Securities and Exchange Commission announced that online platforms that allow customers to trade virtual currencies and ICO tokens that would be considered securities will have to register as an Exchange or Alternative Trading System. While the Japan FSA took significant enforcement actions against individual exchanges, requiring several to temporarily cease operations. And although less recent, last year China banned ICOs outright. 

These examples demonstrate the spectrum of different regulatory responses. This raises one of the key challenges that we are facing with these products: the cross-border—more accurately, borderless—nature of the market. Perhaps more than in any other sector of the financial services, the potential for regulatory arbitrage is at its greatest, making this area particularly ripe for pro-active international cooperation.

At the Central Bank, we are actively engaged with other European and international policy makers as we all try to figure out a way forward, including for example, work at the ESAs. Given the cross-jurisdictional nature of virtual currencies and ICOs, we at the Central Bank welcome these efforts by the ESAs.

The European Commission, for its part, is also focused on these issues. Earlier this month, the Commission released its FinTech Action Plan, which sets out a broad spectrum of over 20 FinTech-related action items for the coming year, touching on cybersecurity, crowdfunding, Innovation Hubs, applications of blockchain, and of course, virtual currencies and ICOs. Here, the Commission commits to monitor the development of virtual currencies and ICOs and assess whether regulatory action at the EU-level is required. 

At the global level, the Financial Stability Board (FSB) and the International Organisation of Securities Commissions (IOSCO) are looking into virtual currencies and ICOs and assessing what work needs to be done. The G20 itself is taking up the issue at its meetings this month. Again, this is something that we at the Central Bank welcome.

Conclusion

I will conclude here. I would like to thank Intergraf again for the invitation to speak today and the audience for your attention. And I wish you much success in your deliberations today and over the days ahead.

* * * *

My thanks to Scott Hanson and Denise Delaney for their contributions to this speech.