While there has, to date, been little formal feedback or regulatory guidance on the use of blockchain technology by banks and other financial institutions, there are a number of key questions that law- and policy-makers need to consider in developing their regulatory responses to blockchain technology. These include (but there are many more):
- what exactly is it that should be regulated?
- which activities related to the operation of blockchain technology should be regulated?should they be regulated only where they relate to the delivery of financial services in respect of regulated instruments or products (like shares, for example)?
- should the category of “regulated instruments” be extended, to include digital currencies (for instance)?
- where regulation is applied, who is it that should be subject to and responsible for compliance with the relevant obligations?
- how should regulatory responses be pitched so as to avoid stifling innovation?
- how will banks manage the records they have stored on the blockchain to the satisfaction of their regulator?
Some of the key areas of concern from a regulatory perspective include the application of consumer protection measures and prevention crime legislation, particularly in the anti-money laundering and anti-bribery and corruption arenas.
Consumer protection measures
Legislatures in many countries acted to regulate in favour of consumer protection when it became clear that business-to-consumer (B2C) contracting (and other commercial interactions with consumers) would become a significant feature of the Internet. Prescribed requirements for website terms and conditions for online sales, online privacy policies, cookie use transparency, and distance selling consumer cancellation rights are all examples of legislative initiatives implemented in a number of jurisdictions to protect consumers.
If, therefore, blockchain technology and, more specifically, smart contracts (which is an increasingly common feature of use cases looking at the technology) are likely to become ubiquitous on a B2C basis, it would not be surprising if legislatures were similarly to act to implement or extend specific consumer protection measures in relation to them.
The legal systems of many developed economies already include laws providing for a range of consumer protection measures that give consumers enhanced redress in relation to the provision of goods and services. Depending on the jurisdiction, and what is being supplied, these might include one or more of the following:
- rights in respect of the provision of pre-contractual information;
- cooling off periods (that is, the right of a consumer to get out of a contract for a short period after having entered into it);
- standards of performance, such as warranties; and
- other rights that must be included in the terms and conditions of a consumer contract (for example, rights to require re-supply or repair of defective content and refund rights).
In addition, in many jurisdictions the regulatory or licensing requirements specific to the banking industry, prescribe contractual provisions that must be included in consumer contracts. It may be difficult for banks to demonstrate that an encoded smart contract includes such information, and encoding such information may not satisfy applicable transparency obligations.
Moreover, banks will need to consider whether operating a smart contracting form could, in and of itself, prevent a consumer from being able to exercise consumer rights.
Accordingly it will be necessary for banks to take appropriate legal advice on a jurisdiction-by-jurisdiction basis before deploying blockchain technology and smart contracts.
Prevention of crime
It remains unclear how anti-money laundering and know-your-customer regulatory obligations may be credibly performed in the context of a pseudonymised blockchain transaction, where the ability to identify the other participants can be obscured. Regulatory advice on a jurisdiction-by-jurisdiction basis will be required to ascertain:
- whether private blockchains (within closed communities of identified counterparties) might deliver sufficient information to enable a regulated bank or financial institution to discharge its anti-money laundering and know-your-customer obligations; and
- how such obligations could be performed in the context of blockchain solutions and smart contracting more generally.
Compliance with anti-bribery and corruption legislation generally requires a business to have an understanding of (and an ability to control) its supply chain participants. That may be impossible if the counterparty is not identifiable. Legal advice will be necessary to determine whether private blockchains within closed communities of identified counterparties might enable a bank to assert control over, and have sufficient transparency in respect of, its supply chain.