Wednesday, February 29, 2012

Bitcoins and Prepaid Access Rules: Headed for a Collision

One of the challenges of the Web is making a business plan while wondering if it will stay legal. Technical adaptations outpace the glacial process of legal evolution. A program can be written and distributed in hours, but legal updates require either legislation or a precedential decision. This can be particularly befuddling when a new technical tool comes along. The options can be to make an investment now and risk spending money on something that may not be legal, or wait and miss an opportunity to get in on the ground floor.

The Financial Crimes Enforcement Network (FinCEN) within the Treasury Department took a large step towards closing a legal gap in issuing their new prepaid access rules, handily summarized in this excellent guide prepared by Pillsbury Winthrop Shaw Pittman LLP. All of the requirements detailed therein came into effect in late September of 2011, and the registration requirement goes into effect at the end of this March. To boil it down, the Treasury Department doesn’t like people using prepaid access (gift cards, e-wallets, virtual currency, etc.) to launder money or facilitate other crimes. Without this regulation, FinCEN is concerned people supporting illegal activities could continue to use these systems to ”clean” thousands of dollars a month. To slow down the flow, the new regulations require anyone who is providing prepaid access to register with the Federal government, maintain records of all transactions (including indentifying information of anybody participating), and put procedures in place to verify customers. There are exemptions to these requirements, primarily in limiting transaction values and/or keeping systems entirely “closed loop,” which would generally be more like a store-based gift card system.

The downside of this is easy to see: nobody in business is a huge fan of extra government involvement or additional administrative burden. This will require anyone in the business of prepaid access to register with the government, and keep robust records on their customers, including name, date of birth, address, and any identification numbers. Possibly even more onerous is the requirement to verify the identity of anyone participating in the prepaid access; that’s not necessarily an easy thing to do. Some businesses might argue that their very appeal to customers is the fact that their use is anonymous and outside the more typical, public financial systems.

Despite this burden, these regulations are, to some degree, a healthy measure for anyone providing prepaid access. Keeping records transactions and who is participating is generally not a bad idea, even if it does involve more work. For example, if a dispute arose, that information could be quite handy. However, not every potential customer may view these regulations in the same light. You might be annoying a customer who started using your prepaid debit card because he wanted a financial tool a bit more off the grid or for more limited places that he thought were less secure, like an ewallet. But (hopefully) nobody is choosing to offer that kind of tool specifically because it appeals to terrorists, drug cartels, and other bad people. There is always a fine line between prudent regulation to prevent bad things and Person of Interest/1984 surveillance.

Any regulatory scheme is not going to work all of the time. Criminals will use fake identities to make prepaid access work for them, but a five year transaction record creates the paper trail that will help law enforcement track illicit behavior. It makes sense to explicitly obligate people marketing prepaid access to build up infrastructure and policies preventing too-easy international transfers, or high volume swaps in a short period of time. Without a ramp up, there would never be usable data to track. The regulations also contain practical exceptions for health care flex-spending accounts, and “closed loop” programs like campus dining dollar accounts, defined-store gift cards, and transportation cards. These regulations have been, in many ways, sensibly written to limit the more obvious problems, while trimming the burden on things that are not inherently problematic.

One key detail is a pathway within the regulations left open to some of the potential regulatory burden is that you can make it impossible to be used before verification of customer identification information. So, if you created procedures and policies making it impossible for anyone to use your system without you first verifying their identity, you would be in compliance (though compliance is more complex than just this factor). The verification of that identity means that you would be, in a practical sense, cooperating with a lot of the regulation anyway: you would agree that you could verify who was participating. So if anything seemed fishy, law enforcement would again, be coming to you.

An interesting undercurrent to these issues is the odd case of Bitcoins. While frequently volatile, they made a solid push to some more stability at the end of the year. Of course, it shouldn’t be too surprising that Bitcoins are in legal limbo as Senator Charles Schumer discussed them along with online drug hub Silk Road last June. It is up for debate whether or not Silk Road actually does what it claims. But, it is unfortunate to see a cleverly engineered development like Bitcoins be publicly associated with something that exists to be shut down by government regulators. Many have speculated since the beginning that it was a matter of time before authorities dropped the hammer on the online currency. Any technical development that grew out of a distrust of regulation and central control ironically places itself in line for regulation and central control.

The argument ready for any Bitcoin advocate against applying the new regulations to the currency is that it’s not prepaid access at all: it’s a currency unto itself. The fluctuations in value could be interpreted to mean it is wholly unlike a system that depends on cash infusions and goes back to being cash, eventually. Bitcoins could stay Bitcoins forever. But it would be foolish to think that any government would consider Bitcoins a valid currency, especially since the anonymity built into Bitcoin makes it ripe for the money laundering concerns that prompted the Treasury to get serious on these issues. These are similar to the concerns we have seen with Linden Dollars in Second Life over the years. The challenge is first, that Bitcoins are de-centralized, unlike any other virtual currency presently in circulation. There is no one business entity propping this system up, meaning the way for regulators to try to wipe them out of existence won’t be as obvious. Most entities that accept Bitcoins as a valid form of payment are tiny web-only retailers that often use them to monetize web-services. Bitcoin users seem not the type to ever accept the reporting and registration requirements, so it would be reasonable to assume that any interaction of the government with the system would be try to wipe them out. But of equal concern is whom to apply the regulations to, since it is arguable there is no provider of prepaid access or seller or prepaid access under the Bitcoin system.

The group that should be most wary of Bitcoins is any retailer considering accepting them. A restaurant in Manhattan famously experimented with the idea last summer. (We called, and they do not take Bitcoins anymore.) While it could be a great way to get some geeks in your store and drum up some press about your business, it is frankly more trouble than it is worth. Bitcoins may be more stable than they have been in the past, but, as the article points out, you take a big risk on taking a hit if the value drops.

But Bitcoins are unlikely to be a majority of anyone’s balance sheet. The bigger problem is being associated with a currency that seems bound not to last much longer, at least in its current state. This issue is yet unsettled, but the government has made clear they’re in no mood to tolerate electronic tools that can be exploited for money laundering. Outside of these regulatory challenges, recent events indicate even more instability in the market. Bitcoin supporters suffered a heavy setback when exchange site Tradehill suspended trading after e-wallet service Paxum departed the Bitcoin market. For Paxum, the final straw was that their banking partners were deeply uneasy about who was pouring money into the currency and why. Paxum’s exit hurt Tradehill, and being defrauded for $100,000 by a payment processor did not help either. Who would be eager to dive into a market so fraught with instability?

Regulation takes time, but Bitcoins seem bound for the chopping block. Bitcoins aside, the progress in money transmission and prepaid access is not likely to stop, especially since it appears Facebook may be laying some groundwork in the payments space. Law of the Game will continue to follow these issues and keep you updated.

Zack Bastian is an official contributor to Law of the Game. A third year student at George Washington University Law, Zack works at the Woodrow Wilson Center's Science and Technology Innovation Program and is a member of the American Intellectual Property Law Association. The opinions expressed in his columns are his own. Reach him at: zack[dawt]bastian[aat]gmail[dawt]com.

Edited 3/3/2012 - Fixed Broken Links

1 comment:

gwern said...

"It is up for debate whether or not Silk Road actually does what it claims."

It is? Something like 3 journalists have ordered off it without issue. How many journalists (to say nothing of all the regular users) have to write articles on it before it is no longer up for debate?