|
|
According to some commentators, in a context of cascading bankruptcies (i.e. Terra/Luna, Celsius, Three Arrows, Genesis, BlockFi, FTX), the crypto ecosystem may have entered a so-called "crypto-winter". I don't know if this winter is going to last but I believe that it should be seen as "spring time" by regulators and supervisors, whose initiatives should be burgeoning.
Recently, many countries have indeed sped up their regulatory work within their jurisdiction. However, we have also seen variances in combining three regulatory approaches: banning crypto-asset activities; containing and isolating them from traditional finance and the real economy, which implies banning certain specific aspects and practices (e.g. advertising); regulating the crypto-asset market, either by assimilating crypto-assets to traditional financial assets and applying the corresponding existing regulatory regime, or by adopting a dedicated regulation (e.g. on stablecoins).
With the exception of China, the world's major economies and currency zones have developed or are in the process of adopting a combination of the last two approaches, based on the principle of "same activities, same risks, same rules". As a blunt banning of crypto-asset activities is not seen as an option for most, for a number of reasons, starting for instance with the belief in France that it would most likely lead to regulatory arbitrages between jurisdictions, most of the attention at national and international level has been put on "what?" (what activities and what risks) and "how?" (by which means) to regulate.
In my short introductory remarks today, I would like to share with you my perspective, as the organisers of this Global Payments Week Conference have kindly suggested, speaking from the standpoint of a central bank in charge of ensuring financial stability, on the types of risks associated with crypto-activities that particularly need to be considered for regulation and supervision, and the importance of a convergent and coordinated regulatory approach on crypto-assets at the international level.
1) Traditional and new risks associated with the development of the crypto ecosystem
The bankruptcy of FTX in November 2022, one of the largest crypto exchanges, and the resulting knock-on effects on its users and other market participants, have spectacularly shown the instability of the crypto-assets ecosystem. Within the regulatory and supervisory community, a root cause of this instability is well recognised. At present, crypto-asset infrastructures and activities generate risks which are similar to those of mainstream finance services, and inherent to the provision of financial services, including credit, liquidity and market risks. However, they do not benefit from the same regulatory safeguards that aim to put a limit on those risks and to ensure that they are properly recognised, monitored and managed.
Moreover, crypto-asset infrastructures and activities, beyond expanding outside the regulatory perimeter, have done so by including products, services and practices that carry certain specificities. From a risk perspective, these specific features may either amplify traditional vulnerabilities or introduce new ones, and should fall within the scope of regulation and supervision. Let me illustrate this point with two examples.
The first concerns financial integrity risk. Attention should be paid to this risk for two reasons: first, because, as shown by our supervisory experience at the ACPR, AML-CFT controls by service providers appear to be difficult to grasp and master, and are sometimes not performed in the crypto ecosystem, and second, because investors have the possibility of using and holding crypto-assets pseudonymously.
The second concerns cyber risk. It is currently the number one operational risk for financial players, and it has the ability to jeopardise the stability of the entire financial system. The exposure of the crypto ecosystem to this risk could be exacerbated by its technical specificities, including the recourse to blockchains, and the introduction of new points of vulnerability such as bridges between blockchains and so-called oracles that feed data into blockchains. In my opinion, the repeatedly successful cyberattacks aimed at crypto players are a warning signal that should capture the attention of regulators and supervisors.
2) The specific case of "stablecoins"