Virtual currencies are once again at the forefront of discussion about top issues facing community banks and the financial industry as a whole. The Independent Community Bankers of America (“ICBA”), a trade association representing more than 6,500 community banks, recently published its list of top issues for the fourth quarter of 2015. Among them were the risks associated with virtual currencies. These risks have been the subject of ongoing efforts by the ICBA to educate state and federal regulators and agencies about these currencies. Given the lack of understanding and the lack of agreement among regulators on how to govern these currencies, it isn’t hard to see why the ICBA identifies them as a top issue facing the financial industry.
To most people, the concept of virtual currencies is synonymous with the name Bitcoin. However, hundreds of virtual currencies exist. Up to now, the terms used to describe the characteristics of virtual currencies have been fluid. However, the term “virtual currency” generally is accepted to encompass a range of products and services that allow for the storing of value digitally and the exchanging of that value for goods and services. What used to be known primarily in the online gaming community now has spread to many walks of life. The rubric of virtual currencies covers everything from rewards programs offered by credit card issuers to credits on social media platforms (such as Facebook’s failed “Credits” program) to Apple Pay, Google Wallet and Android Pay.
If all virtual currencies were converted to U.S. dollars, their total value would be about $10 billion. Of that, Bitcoin is the largest, with an estimated value of approximately $3 billion (Bitcoin’s value changes rapidly; for example, its value at one point in 2014 was $6.3 billion). As a result, other virtual currencies have sprung up to follow its lead, borrowing from Bitcoin’s protocol and giving rise to even more currencies in the marketplace. As the virtual currency landscape grows, more opportunities will arise for community banks to provide services to the different entities engaged in activities related to virtual currencies. In fact, it’s possible that community banks ultimately may hold virtual currencies on their balance sheets.
The Financial Crimes Enforcement Network (“FinCEN”) became the first federal regulator in the United States to issue guidance on virtual currencies. Its March 2013 publication, “Virtual Currency Guidance,” classified the different types of virtual currencies and highlighted the nomenclature that some commentators and regulators use to gauge the risks associated with them.
FinCEN classified virtual currencies by two concepts:
A Peer-to-Peer Electronic Currency
On November 1, 2008, a person or persons using the pseudonym Satoshi Nakamoto published a paper online proposing what the paper called a peer-to-peer electronic currency. The paper discussed the rise in commerce over the Internet and the fact that this commerce almost always relies on trust being placed in financial institutions. Such an arrangement has an inherent weakness. A financial institution usually seeks to maintain goodwill with customers and has obligations to take action on disputes between the parties to a transaction. Thus, it cannot avoid resolving disputes. Disputes often arise over many things, such as the quality of goods purchased or the claim that the purchaser was a victim of fraud. The paper argued that the unavoidability of disputes means that trust is the lynchpin of the entire network and the possibility of disputes in some transactions increases the costs of all transactions. While these problems can be avoided in face-to-face transactions involving currency, these problems cannot be avoided in electronic commerce.
In response, the paper suggested the creation of an electronic payment system based not on trust in a third-party institution, but rather on electronic proof between the parties to the transaction. Broadly speaking, under this model, an electronic coin is created that consists of an alphanumeric sequence. An individual who wishes to own or use the coin in electronic commerce has two alphanumeric sequences, each made up of 64 letters and numbers. One is a publicly known sequence, referred to as the individual’s “key,” and the second is the individual’s private sequence, referred to as the individual’s “signature.” The electronic coin is owned by the individual when his or her public key is placed at the end of the coin’s alphanumeric sequence. The individual then can transfer the coin, or “spend” it, by adding his or her private signature to the end of the sequence and also adding the public key of the person to whom he or she transferred the coin (the new owner).
A coin’s entire history of transfers is publicly available on a public ledger known as the blockchain. As the Consumer Finanical Protection Bureau (“CFPB”) explained, think of the blockchain as a massive public spreadsheet run by “vast networks of unidentified, private computers around the world.” The alphanumeric sequence that signifies the transfer of a coin is batched with those of other coins and made publicly available on the blockchain with a date and time stamp. Thus, a record is created that shows, as of a certain date and time, who owns which coins. This feature, Nakamoto argued, guards against the problem of an owner double-spending a coin (attempting to use the same coin more than once). It also displays the entire ownership and transfer history for a coin. Thus, it makes possible the tracking of a coin from inception to the present through all owners, although those owners are identified only with their alphanumeric sequences and not any of the biographical information that typically used in commerce.
The Risks of Virtual Currencies and the Attempts to Regulate Them
Nakamoto’s paper and the virtual currencies that followed have led to an ongoing nightmare for regulators both in the United States and abroad. The fact that these currencies do not rely on a central administrator (at least in the case of decentralized currencies) and the fact that they can be transferred anonymously and later converted to legal tender has caused an outcry by regulators and commentators on the risks inherent with these currencies. For example, they are subject to being lost through security breaches and theft. The CFPB warns consumers that the blockchain is run by unidentified computer networks in many countries all over the world. The fact that they are anonymous and are not even susceptible of having their location pinpointed means that their security is not really known. They may be subject to attack from outsiders or may use their power over the blockchain to transfer currencies for their own gain.
Further, an individual’s virtual currencies may be lost if the electronic device on which his or her private signature is mistakenly discarded. The CFPB tells the story of an individual who discarded a computer hard drive without remembering that it contained his private signature. He had not created a copy of that signature, and he was unable to find the hard drive at his local landfill. The result was that he lost several million dollars’ worth of Bitcoin.
Another risk is that, because virtual currency transactions are not reversible and not based on trust, they are more susceptible to loss by fraud or processing errors. A typical credit card transaction that occurs because of fraud or a processing error usually can be easily reversed. Not so with virtual currencies.
Further, even aside from actual transactions, regulators worry that virtual currencies inherently involve more risk because of the lack of any required disclosures and because of the possibility for volatility in their prices. For example, in 2013, Bitcoin’s price fell as much as 61 percent in one day, and in 2014, there was a one-day drop of 80 percent.
Finally, the use of virtual currencies represents a compliance risk for community banks and other institutions that deal with the users of these currencies. Many individuals use them because of the perception that their use is anonymous. This aspect of virtual currencies makes it harder for banks to understand the activities of their customers and whether those activities are legal, which ultimately may make it more difficult to comply with any Bank Secrecy and Anti-Money Laundering obligations.
The ICBA recognized as early as 2014 that, in the face of these risks, regulators both in the United States and abroad need to act. But, those regulators generally have been unsure exactly how to do so. The biggest problem associated with virtual currencies thus far is the inability of regulators to agree on how these currencies should be classified under existing financial regulations. Some commentators note that virtual currencies appear to function like “reloadable general-use prepaid cards,” which have been the subject of ongoing attempts at regulation for the several years. However, the Internal Revenue Service has advised that virtual currencies should be considered property for federal income tax purposes. On the other hand, the Securities and Exchange Commission already has taken steps to regulate entities that are based on Bitcoin, such as Bitcoin Savings & Trust, but has refused to pronounce whether it views virtual currencies as any type of security (such as an investment contract under the Securities Exchange Act of 1934). Still others note that virtual currencies might be properly classified as a commodity under the Commodity Exchange Act.
The uncertainty on how to regulate virtual currencies is not limited to the United States. The Chinese central bank has prohibited merchants from accepting Bitcoin as payment. Canadian authorities have undertaken efforts to expand existing regulations to explicitly cover virtual currencies. In Finland, virtual currencies are treated the same as commodities. Sweden disagrees, classifying virtual currencies the same way it classifies fine art.
In the face of this uncertainty, one point appears clear: virtual currencies are on the rise. They appear in many shapes and sizes, from the benign (such as a credit card’s reward program) to the inherently risky (the so-called decentralized convertible virtual currencies). Regulators both in the United States and abroad have a challenging task to either agree on an existing regulatory structure that will govern these currencies or else create one anew. The risks identified with these currencies will demand that they not be permitted to continue to operate virtually unchecked. The ICBA’s efforts to bring this discussion to the forefront likely will be needed for years to come.