3) I think really the place to start is in the Request for Comment section.
It's easy to think of regulators as unfeeling, faceless harbingers of doom. They're not.
In general, they try to be reasonable.
There are a number of requests, but all sound like this:
4) "Has FinCEN struck a reasonable balance between financial inclusion and consumer
privacy and the importance of preventing terrorism financing, money laundering, and other illicit
financial activity? If not, what would be a more appropriate way to balance these objectives?"
5) Which means, above all: they're _trying_ to be reasonable.
That's what's most important.
6) So, did they succeed?
I'm not sure, because I'm not sure on some of the details.
Here are the biggest open questions. Can others tell what the intention is?
7) As far as I can tell, this would only apply to a US financial institution sending to a self-custodied wallet.
However, offshore ones would need to have some reasonable AML system or sending to them would require this too.
Is that true?
8) Second, how does a relevant institution know whether a person is sending to an MSB, or metamask?
And if it is metamask, how does the MSB verify that it's the user's?
It says KYC is needed--but is that KYC of the sender? How do you KYC a metamask wallet?
9) There's one reading of this where really nothing is new: it's just saying that if you're sending > $3k-$10k from an exchange, the exchange needs to KYC you (but maybe not if you're sending to another whitelisted business).
10) There's another, though, where you would need to verify the identity of the self-hosted wallet. Is that just asking the user if it's theirs, and making them check a box confirming? If not how would you do it?
11) Also, does this mean that even if Coinbase knows that a transfer is to someone's cold wallet and has fully KYCed them, they have to file a gov't report with every single transfer above $10k? That's a lot!
12) The actual record requirement is much less onerous: any exchange with KYC already has records of all customer information, deposits, withdrawals, etc. The reporting requirement, though, is new.
13) So, overall, my suggestions to FinCEN here would be:
a) clarify the above!
b) I don't think the gov't report part of this makes sense in context: it'll be totally spammed by people moving between metamask and coinbase. Save that for suspicious transactions.
14)
c) I *do* think that the requirements for centralized exchanges to keep records of deposits/withdrawals are reasonable.
d) Make the requirement for sending to a self-hosted wallet that the customer records the address as one of their self-hosted ones
15) Overall I still feel pretty uncertain about some pieces of this, but I'm heartened by the tone that FinCEN is taking here.
16) And, finally, I'd recommend a trial phase-in period so that businesses and regulators can both get used to the system and iron out the details in a way that makes sense; 2 weeks isn't very much time for a system this detailed and complex.
• • •
Missing some Tweet in this thread? You can try to
force a refresh
1) I’m honored and excited to be chatting with @VitalikButerin and @hosseeb about effective altruism, giving, and how you can maximize your positive impact on the world!
3) The core thesis of Better is Bigger is basically math: that the scale of the world's problems is huge, and so you should be much less risk averse if your goal is to donate.
This post is not about that math. This post is about people, and the world, and some history.