Crypto regulation should take risk-based approach

Six things policy-makers may need to consider

Over the past few years, regulators and policy-makers have grown increasingly focused on ensuring cryptoassets are adequately regulated. Acknowledging that the crypto economy is here to stay means crypto products, services and activities must be brought into the regulatory fold to ensure risks are adequately addressed and to avoid harm.

Cryptoassets and their service providers tend not to fall neatly within existing regulations because of their distinctive characteristics, including how the underlying blockchain technology performs differently than traditional financial technologies. The greatest potential benefits of cryptoasset and blockchain technology may also be exactly what introduces new complexities in how to regulate financial services using them. Regulation typically looks to assign responsibility and accountability to an identifiable party; how does that work if the service is provided through software code alone and supported across a distributed network of unaffiliated computers?

These challenges have resulted in gaps, ambiguities and uncertainty about which set of rules apply under what conditions and which regulators have jurisdiction to enforce them. As a result, regulators and policy-makers around the globe are looking to update their frameworks appropriately.

But each country is approaching crypto regulation differently. Some are amending existing regulations, while others are introducing entirely new pieces of legislation. Some countries are focusing more narrowly on regulating specific types of cryptoassets and activities (such as stablecoins for payments) whereas others are looking to capture the entire crypto sector within one all-encompassing regulation. Even within individual countries, regulators and policy-makers sometimes take different views on how to regulate the same cryptoasset or crypto-related activity and who has authority to regulate them.

Given the need to update crypto regulation, overcome regulatory fragmentation and foster innovation, it’s important that policy-makers and regulators engage with industry to design workable regulatory solutions. The most effective rule-making usually happens when the public sector collaborates with the private sector. The private sector can help policy-makers and regulators better understand the industry, technology and ecosystem and work directly with them to craft rules and standards that achieve regulatory objectives without hampering innovation or resulting in unintended impacts.

As an initial starting point to drive such public-private collaboration, we’re proposing a set of six key considerations that we believe are critical when evaluating and designing new rules for cryptoassets:

  1. Establish regulatory clarity for payments

Above all, it’s necessary that there is clarity around what rules apply to cryptoassets, particularly when they are used for payments. Clear definitions with sufficient guidance as to when and how these rules will be applied will be key. Regulatory frameworks for cryptoassets should set out clear standards and expectations for financial institutions, crypto service providers and other players that look to support crypto-related payments. Crypto-based payments should not be subject to overlapping, duplicative or conflicting rulesets.

  1. Focus on risk

Rules and safeguards should be designed to correspond with the risk introduced by the payment mechanism and activity performed. As such, crypto regulation should take a risk-based approach to establishing rules for crypto-related payments. Establishing principles-based rules that allow controls to be tailored to the specific risks created by crypto-based payments will be most effective in achieving regulatory objectives. And by focusing on regulating risk, rather than specific technologies, the rules will be more flexible, adaptable and resilient to ensure continued technological advancement.

  1. Incorporate strong consumer protections

Regulations should establish standards aimed at protecting consumers who choose to make payments that involve cryptoassets. Consumers need to be empowered to make informed decisions around how they pay for goods and services. As such, consumers will need to be adequately informed of the differences between different crypto-based payment mechanisms, as well as between crypto-based and traditional forms of payments, especially when they could be exposed to harm.

Depending on the nature of the legal claim a cryptoasset represents and the set of rights it provides to the holder to redeem or convert it, regulations should consider whether deposit insurance is available. They should set standards around the composition and liquidity of the reserve assets. Rules should establish the legal nature of crypto-based payment mechanisms to define the rights that holders of tokens have and how they are able to enforce those rights. This is important not only to distinguish it from existing forms of money, but to ensure that individuals can easily redeem or convert their tokens for other forms of money, like cash or traditional commercial deposit money.

  1. Promote fair competition

Given the borderless nature of cryptoassets and distributed ledger technology, regulations should be technology-neutral and as consistent as possible across markets, business models and borders. At a minimum, it would be useful if policy-makers and regulators were able to define a global standard for the legal nature of fiat-backed stablecoins used for payments. Such uniformity across jurisdictions can help avoid regulatory conflicts and help minimise arbitrage opportunities to promote fair competition.

  1. Foster responsible innovation

Crypto regulations should balance the fostering of responsible innovation against other policy interests, such as fighting money laundering and terrorist financing, protecting consumers and preserving stability. Law-makers and regulators should work with the private sector to design rules that achieve regulatory objectives without impeding technological advancement and economic growth. The public sector should consider whether voluntary risk frameworks or safe harbours can be used to incentivise responsible innovation. Regulators also can encourage innovation by creating regulatory sandboxes, or programmes to test and pilot innovative solutions under the supervision of the regulator, but without imposing the burden of complying with the full set of regulatory requirements until the solution is set to be commercialised.

  1. Support robust operational resiliency and security

Cryptoasset regulation, at its core, should support the resiliency and trust of payments. This means designing standards around implementing strong technological, physical and organisation safeguards to secure networks or applications that rely on cryptoassets and DLT. Decentralised networks and self-executing software applications may require different methods to achieve the same level of security and resiliency expected of traditional payment mechanisms, which is again where a risk- and principles-based approach will be most effective. Given the rapid acceleration of technology and the tactics used by bad actors to exploit these advances, regulation should allow for enough flexibility for security safeguards to adapt as vulnerabilities, exploits and attack vectors evolve.

The past year has seen incredible momentum in the world of cryptoassets, from the explosion of non-fungible tokens and the launch of central bank digital currencies to the growing collaboration between traditional financial services providers and crypto natives to explore how crypto and its underlying technology can improve services like payments.

What’s next? If the previous 18 months have shown us anything, it’s just how tough it is to predict the future of crypto. However, what we can be certain of is that crypto’s role in the digital economy will depend on making smart decisions that value innovation while preserving safety, security, consumer protection and financial stability.

Jennifer Lorentz is Vice-President of Regulatory Affairs, Crypto, Blockchain and Digital at Mastercard.

Join Today

Connect with our membership team

Scroll to Top