Major central banks are increasingly considering a digital currency available to general public. But what are the advantages of doing so in the light of generally well working private sector payment solutions?
This column discusses the range of proposed central bank digital
currency architectures, how they could complement existing payment
options, and what they imply for the financial system and central bank
of the future.
A retail central
bank digital currency (CBDC) is electronic central bank money that –
just like cash – is directly available to consumers and non-financial
corporations. The question of whether central banks should issue a
retail CBDC is attracting increasing attention. Surveys indicate that
80% of central banks are engaging in work on the topic (Barotini and
Holden 2019, Boar et al. 2020) and over 30 central banks have already
launched research or design reports (see a companion Vox column, as well
as Kiff et al. 2020 and Group of Central Banks 2020).
But what are the
specific problems that such a retail CBDC would address? What are the
designs that offer actual solutions? And what are the potential side
effects for the monetary and financial system in general, and central
banks in particular? In this column, after briefly revisiting the
motives for CBDC issuance, we examine which CBDC architectures can
complement existing payment options without adverse side effects for the
monetary and financial system. Our argument is based on the CBDC design
framework of Auer and Böhme (2020a) and an evaluation of current
approaches in the field of computer science (Auer and Böhme 2020b).
The key
consideration for issuing a retail CBDC is that current electronic
retail money represents a claim on an intermediary, rather than
functioning as the digital equivalent of cash (Figure 1). This raises
several issues, as the intermediary might run into insolvency, be
fraudulent, or suffer technical outages.
Figure 1 Cash vs electronic money in today’s two-tier monetary system
Notes:
Cash is a direct claim on the central bank, while deposit accounts are
claims on the commercial bank. Commercial banks back some of these
claims by holding reserves at the central bank, but such value backing
is never full. A CBDC that is unaffected by financial crisis must be a
cash-like direct claim on the central bank.
Source: adapted from Auer and Böhme (2020b).
CBDC design efforts
have to be viewed against the backdrop of central banks’ core mandate to
provide a resilient and universally accepted means of payment. For
centuries, this has been cash; but should cash no longer be generally
accepted, not everyone might have access to an easy payment means,1 and a severe financial crisis might disrupt day-to-day business.2 The
collapse of Wirecard and the ensuing impairment of some electronic
payment options foreshadows the importance of this concern.
Looking ahead, a
main concern is that in a cashless economy, a financial crisis could
create havoc by leading to situations in which some financial
institutions have to freeze their retail clients’ deposits, thus
impairing the ability of these clients to pay their bills. The Covid-19
pandemic raised concerns that cash can transmit pathogens, leading some
merchants not to accept it (Auer et al. 2020b).
At the same time, a
CBDC should by no means displace the private sector. One aspect –
discussed at length elsewhere (e.g. Brunnermeier and Niepelt 2019,
Fernández-Villaverde et al. 2020)3 – concerns balance sheet
concerns. The economic design of a CBDC should not lead to a massive
reallocation of funds away from commercial banks and to the central
bank.
A second – less
discussed, but maybe even more important – aspect is the operational
dimension and effectiveness of the payment system. The customer-facing
side of real-time payments – including clearing, onboarding, enforcement
of know-your-customer legislation, ongoing due diligence, dispute
resolution and related services – are a massive operational task. This
task is likely better handled by the private sector than the central
bank.
These considerations
bring to the fore the issue of how a CBDC can live up to central banks’
mandate to provide a universal means of payment for the digital era,
while at the same time giving the private sector the primary role in the
retail payment system. Only some of the numerous proposed CBDC
architectures can achieve this feat.
CBDC architectures and the payment system
Figure 2 gives an
overview of possible architectures for CBDCs and the alternative of a
narrow payments bank. These examples differ in terms of the structure of
legal claims and the record kept by the central bank.4
Consider first the
most radical departure from the existing system: a single-tier design
operated by the central bank, which we term the “direct CBDC” (top panel
of Figure 2). Here, the central bank operates the retail ledger. As a
result, the central bank server is involved in all payments. This
requires substantial technical infrastructure to offer headroom capacity
even during peak demand. On the upside, the system is very resilient as
the central bank’s complete knowledge of retail account balances allows
it to honour claims with ease – the information needed for verification
is readily available.
The most substantial
argument against this architecture is that it marginalises private
sector involvement. Intermediaries help to smooth the flow of payments
by taking on risk, for example during connectivity breaks or offline
payments.5 Also, an emerging fintech sector innovates with
value-added services, such as automated financial advice, integration
with consumer platforms and connection to other financial products like
consumer credit. It is unlikely that the central bank would wish to
substitute for the private sector in all these activities.
In contrast,
consider an alternative to issuing retail CBDC: the simple requirement
to fully back payment accounts with reserves at the central bank (bottom
panel of Figure 2). This proposal has been floated under many names;
here we follow Auer and Böhme (2020a) and term it the “indirect”
architecture.6 This model’s regulatory and supervisory
issues, as well as those pertaining to deposit insurance, are different
from those of a CBDC with direct claims. If the intermediary is under
financial stress and goes bankrupt, determining the legitimate owner
might involve lengthy and costly legal processes with uncertain
outcomes. Whereas full backing would likely mean that such episodes
occur infrequently, the recent example of Wirecard underlines that these
concerns have to be taken seriously.
Figure 2 Retail CBDC architectures and fully backed alternatives
Notes:
A retail CBDC allows consumers to hold a direct claim on the central
bank. In the “Direct CBDC” model (top panel), the central bank handles
all payments in real time and thus keeps a record of all retail
holdings. Hybrid CBDC architectures (middle panel) incorporate a
two-tier structure with direct claims on the central bank while
real-time payments are handled by intermediaries. Several variants of
the hybrid architecture can be envisioned. The central bank could either
retain a copy of all retail CBDC holdings (upper variant in the middle
panel), or only run a wholesale ledger (lower variant in the middle
panel). An alternative to retail CBDC architectures are fully backed
payment accounts that feature intermediaries who need to fully back
payment account holdings at the central bank (bottom panel).
Source: adapted from Auer and Böhme (2020a).
On balance, we thus
argue that the most interesting design space combines the credibility of
a direct claim on the central bank with the convenience of
private-sector payment services. This architecture is called “hybrid
CBDC” in Auer and Böhme (2020a). A key element is the legal framework
that underpins claims and keeps them segregated from the balance sheets
of the payment service providers (PSPs). This way, in the event of PSP
insolvency, consumers’ CBDC holdings would not be exposed to claims by
the PSP’s creditors.
This segregation is
the most important pillar for the credibility of the system. However, if
a PSP fails – financially or technically – there must be a way for the
central bank to unambiguously honour claims and, ideally, resume
payments for the failing PSP’s customers without much delay. This
capability depends on the information about retail accounts available to
the central bank in such an event.
We note that there
are several possible implementations of a hybrid architecture. These
offer a number of variants that trade off information needs of the
central bank against convenience and resilience considerations. This is
illustrated by two variants in Figure 2. In the first (upper variant in
the middle panel of Figure 2), the central bank does not operate retail
payments, but maintains a backup copy of balances which allows it to
restart payment should intermediaries run into insolvency or technical
outages.
Some central banks
might shy away from running a record of all retail data, for example due
to issues with privacy and data security (e.g. Powell 2019). Therefore,
the second variant of the hybrid CBDC (lower variant in the middle
panel of Figure 2) could be considered as “fully intermediated” in the
information structure as the central bank records wholesale balances
only.7 However, the downside of an intermediated CBDC
architecture is that the central bank needs to honour claims of which it
has no record. Consequently, to safeguard cash-like credibility, PSPs
would need close supervision to ensure at all times that the wholesale
holdings they communicate to the central bank indeed add up to the sum
of all retail accounts.
Stepping up: Payments and the central bank of the future
As central banks
play a key role in payment systems, both the declining use of cash and
related private sector developments may require them to step up and take
a more active role (Carstens 2020). If a central bank were to issue a
CBDC, it might opt to – but would not have to – operate any of the
communication and record-keeping infrastructure. However,
record-keeping, integrity protection and establishment of the necessary
level of consistency can also be delegated to the private sector, which
might either be allowed to use proprietary technology or be required to
run open protocols specified by a standardisation body.
The need for
technical supervision emerges as soon as the central bank is shielded
from some retail transactions, which a fraudulent or technically
compromised PSP could use to appropriate customer funds. Maximum
supervision is required when the central bank has the conceivable
minimum information set. Payment supervision must happen at a high
frequency – perhaps even in real time. It must put aspects like data
consistency, cyber security and privacy at centre stage.8
All this pinpoints a
novel trade-off for central banks in the digital era: they can operate
either complex technical infrastructures or complex supervisory regimes.
There are many ways to do so, but all will require the central bank to
develop substantial technological expertise.
Authors’ note:
The views expressed in this column are those of the authors and do not
necessarily reflect those of the Bank for International Settlements. We
thank Stijn Claessens, Giulio Cornelli, Jon Frost, Antonio Fatas, and
Leonardo Gambacorta for comments and suggestions.
References
Armelius, H, G Guibourg, S Johansson and J Schmalholz (2020), “E-krona design models: pros, cons and trade-offs”, Sveriges Riksbank Economic Review, June: 80–
96.
Auer, R and R Boehme (2020a), “The technology of retail central bank digital currency”, BIS Quarterly Review, March: 85-100.
Auer, R and R Boehme
(2020b), “Central bank digital currency: the quest for minimally
invasive technology”, BIS working papers, forthcoming.
Auer, R, G Cornelli and J Frost (2020a), “Rise of the central bank digital currencies: drivers, approaches and technologies”, CEPR Discussion Paper 15363.
Auer, R, G Cornelli and J Frost (2020b), “Covid-19, cash and the future of payments”, BIS Bulletin No. 3, April.
Vox
© VoxEU.org