Upcoming hearings must build consensus on crypto regulations

In the wake of FTX’s collapse and the loss of billions of dollars in customer deposits, it is urgent to build consensus now on how to regulate cryptocurrencies.

With Congressional hearings scheduled for next week, open questions remain about how commodity-like digital assets should be regulated while simultaneously encouraging and enabling responsible financial innovation. Regulatory approaches should ensure the fundamental principles of self-custody where people hold their own digital assets outside of exchanges and take into consideration the role of smart contracts and decentralized autonomous organizations that cannot be regulated in the same way as traditional companies. 

Let’s start with stablecoins and custodial exchanges, as they represent the most risk and are singularly responsible for the current crisis. 

Stablecoins

On May 7, 2022, someone sold $2 billion USD worth of the Terra stablecoin. Such a large transaction disrupted the algorithm underpinning Terra that sought to ensure one Terra token always traded for $1 USD. Terra unraveled within days and so too did decentralized finance (DeFi) institutions with significant Terra holdings, starting the crypto plunge we’ve been experiencing over the past seven months.

Stablecoins are supposed to be a low-risk intermediary between traditional finance and DeFi, with a value pegged to a fiat currency. Regulations can help reduce risk by imposing resilience requirements and offering certain federal backstops.

Regulatory options include imposing cybersecurity requirements on the stablecoin and its infrastructure; requiring systematic disclosures and reporting; and requiring dedicated matching fiat asset holdings as collateral. If a stablecoin meets regulatory thresholds, then the organizations managing them could get access to Federal Reserve programs to help assure liquidity, such as advances and loans. Rep. Patrick McHenry’s (R-N.C.) stablecoin bill predominately addresses these topics, and the bipartisan bill sponsored by Sens. Cynthia Lummis (R-Wyo.) and Kirsten Gillibrand (D-N.Y.) partially addresses the cybersecurity issues.

Another option is for the U.S. to launch a central-bank digital currency (CBDC), also known as a “digital dollar.” A wholesale CBDC could enable bank-to-bank type transactions, while a retail CBDC could compete with stablecoins. 

Custodial exchanges

The FTX collapse is an example of a custodial exchange — a crypto exchange that takes deposits from customers like a traditional bank — that did not adequately manage its customers’ risk. It essentially gambled away its customer assets and balanced these liabilities with mark-to-market asset accounting which did not factor in liquidity discounts estimated to be over 90 percent. Once people realized how much the assets FTX held were worth on the open market relative to customer deposits on the books, it became clear they were insolvent, which led to a rapid unraveling of FTX along with those entities tightly coupled to the FTX complex.

Custodial exchanges should be the low-risk option for those interested in owning and trading crypto — those who don’t want the complexity of managing their own wallets and executing trades directly on chain. Regulations here would protect retail investors.

Options include codifying counter-illicit finance requirements (know your customer, anti-money laundering, and combatting financing of terrorism); limiting comingling of customer funds; requiring disclosures and reporting to regulators and customers; and better delineating their banking and investing services. In return, the banking side of such exchanges could receive FDIC insurance for stablecoin holdings. The Lummis-Gillibrand bill addresses most of these requirements, but so far, no legislation has yet been clear about extending FDIC insurance to regulated stablecoins held by custodial exchanges.

Some additional questions:

• The general theme of legislative proposals to date indicate that we should regulate stablecoins like currencies, other digital assets like commodities, and custodial exchanges like banks. Such succinct clarity can help reduce regulatory arbitrage. Is this the consensus?
• What is the potential role of a CBDC versus access to Federal Reserve programs in providing liquidity to stablecoin markets? What is the right way to examine the possibilities and alternative options for providing a digital interface for fiat dollars into cryptocurrency markets?
• Like many critical infrastructure sectors, blockchain infrastructure is privately operated and is the shared substrate for DeFi services. How can we adopt lessons learned from other sectors and up our game in the cybersecurity for DeFi infrastructure?
• Information Sharing and Analysis Centers (ISACs) serve as forums to coordinate cyber response across critical infrastructure sectors. Do you think federal agencies could benefit from establishing a new ISAC for the new class of cyber actors and cyber threats faced by digital assets?
• Industry standard economic modeling tools lack the sophistication to model the macro- and micro-economic interplay between this emerging class of digital assets and their derivatives. Should the federal government invest in the development of new modeling and simulation capabilities to understand the interplay between regulatory regimes and new digital asset classes in this rapidly evolving field?
• How can we preserve the underlying decentralized and democratic values of permissionless finance as we seek to increase the resilience of DeFi through increased regulation?

As decisionmakers approach regulations for commodity-like assets, it would be appropriate to use the upcoming hearings as an opportunity to think ahead as to how regulations can simultaneously encourage and enable responsible innovation in the broader field of web3. 

T. Charles Clancy is a senior vice president at MITRE where he leads science, technology and engineering for the non-profit research institution. MITRE is an apolitical, conflict-free operator of six federally funded research and development centers (FFRDCs). Clancy previously was the Bradley Distinguished Professor of Cybersecurity at Virginia Tech and a researcher at the National Security Agency. He is a fellow of the IEEE.