Factories or supermarkets: post-pandemic banking

As we move into the inter-pandemic period, there is an interesting discussion to be had about whether the changes induced by the COVID-19 crisis are short- or long-term and to what extent those changes are an acceleration of existing trends (as I think they are, largely) or new directions for the sector. Ron Shevlin wrote an excellent piece in Forbes highlighting one element of strategic change, saying that “the new normal marks the end of fintech experimentation”. He went on to point out, somewhat harshly, that banks have used fintech partnerships as a way of convincing themselves that they are innovating rather than actually doing anything transformational.

I completely agree. I gave some seminars to bank management on the impact of technology on the business a couple of years ago, and to set up a narrative to help the executives frame my approach, I said that I thought the “fintech era” would run through to 2020 when it would be overtaken as the shared paradigm. My prediction, which I stand by, is that we are leaving the fintech era and entering the open banking era. The virus may have accelerated the transition between the eras, but it was coming anyway.

TGB Banking Eras gs

In the open banking era, fintechs will not vanish, but they will innovate and operate in a different way. They will not need to partner with incumbents, since they can use open banking infrastructure to get access to their customers’ data that the banks have, and their costs to market should be reduced through the use of standard interfaces. This means that the fintechs will be able to focus on the customer journey and user experience to bring new products and services into the market.

So what, then, should the banks focus on? At this year’s (sadly virtual) Paris Fintech Forum I hosted an interesting discussion with Simon Paris, the CEO of Finastra. Simon rather kindly reminded me of my predictions about what we now call open banking in the Centre for the Study of Financial Innovation (CSFI) report on “The Internet and Financial Services” back in 1997.

(As an aside, I remember that when the CSFI held a twenty year reunion to discuss this seminal report, it was interesting to see just how much of the report was spot on about the impact of the internet but I was spectacularly wrong about one particular point: I thought that digital TV as well as mobile would become a commerce channel. What actually happened, of course, was that the mobile became a permanent second stream for commerce.)

Anyway, Simon and I were discussing the split between the manufacturing and distribution of financial service, so I thought it might be useful to post my short and high-level recap of the strategies available to banks across this split.

Factory Reset

The techfins are the technology companies who embed financial services to make their own products more attractive but whose business model does not depend on margin in those financial services (as that Economist article noted “Amazon wants payments in-house so users never leave its app”.). The fintechs are companies who embed technology to make their own products more attractive and whose business model depends on margin in those financial services such as one of my favourite companies, Wise).

The techfins (as opposed to the fintechs) are more than happy to have banks, for example, do the boring, expensive and risky work with all of the compliance headaches that come with it. What Big Tech wants is the distribution side of the business, as shown in this old diagram of mine. They have no legacy infrastructure (eg, branches) so their costs are lower and the provision of financial services will keep customers within their low-cost ecosystems. If you use the Google checking account and Google pay then Google will have a very accurate picture of your finances. A very accurate picture indeed.

Open Banking Basic Options Updated Colour Picture

The business model here is very clear. What Big Tech wants isn’t your money (the margins on payments are going down) but your data and just as Big Tech has made ecosystems impervious to competition, so it could cross-subsidise (with data as well as with money) its financial services products to raise such a barrier to competition that no newcomer will be able to spend enough to gain traction. Hence the evolution of bank-as-a-platform for other financial services organisations to bank-as-a-service (BaaS) that Simon and I were discussing: it will be non-financial distributors who get the products into the hands of the people. Kids opening their Next bank accounts will neither know nor care that the actual account is provided by Barclays.

That’s why I have bored audience senseless repeatedly telling them that when people talk about “challengers”, they should be talking about Microsoft and Nike not Monzo and N16. If Big Tech takes over consumer relationships, banks will end up having to give away margin but, far more seriously and far more unrecoverably, data. As Andrei Brasoveanu of Accel said, if Big Tech gets hold of the distribution side of the financial services business, then the manufacturers of financial services products will be “utilities, providing low-margin financial plumbing”. Well, that’s the lucky ones. The unlucky ones will be wiped out in a wave of manufacturing supply-chain consolidation and factory closures.

[This is an edited version of an article that was first published on Forbes, 26th June 2020.]

The war on money laundering is going the way of the war on (some) drugs

In a study published last year by financial-crime expert Ronald Pol, he concluded that the global AML system could be “the world’s least effective policy experiment”. Personally, I would have guessed that that accolade belonged to the global war on (some) drugs, but perhaps Ronald has a point. He notes that the compliance costs for banks and other businesses could be more than 100 times higher than the amount of laundered loot seized.

Urine

Cash or charge? (CC-BY-ND 4.0)
NFT available direct from the artist at TheOfficeMuse (CC-BY-ND 4.0)

These comments remind me of those of Rob Wainwright, then Director of Europol, when talking about the great success of the continent’s $20 billion per annum anti-money laundering regime. He said that “professional money launderers are running billions of illegal drug and other criminal profits through the banking system with a 99 percent success rate”. This concurs with the figure given in The Economist. Although we are only intercepting a miserable one percent of the dirty money, the costs that the regime impose on the finance sector are staggering. Yet these enormous costs achieve nothing. The Money Laundering/Terrorist Financing (ML/TF) regime is, according to the Journal of Financial Crime 25(2), “almost completely ineffective in disrupting illicit finances and serious crime”. 

Direction of Travel

It’s going to get worse, of course. In the UK, many organisations are not yet compliant with the EU’s Fifth Anti-Money Laundering Directive (5MLD) and there is a Sixth Anti-Money Laundering Directive (6MLD) on the way. And the reach of the Financial Action Task Force (FATF) is being extended into cryptospace, so there’s no way to get round the bureaucracy. A couple of years ago FATF extended their recommendations to include cryptocurrency exchanges and wallet providers (together referred to as Virtual Asset Service Providers, or “VASPs”). This meant that all countries should apply anti-money laundering and anti-terrorist financing controls to these businesses: that is, customer due diligence (CDD), suspicious activity reports (SAR) and, importantly, the “Travel Rule” that aims to prevent money laundering by identifying the parties to a transaction when value over a certain amount are transferred. 

The decision to apply the same travel rule on VASPs as on traditional financial institutions was greeted with some dismay in the cryptocurrency world, because it meant that service providers must collect and exchange customer information during transactions. The technically non-binding guidance on how member jurisdictions should regulate their ‘virtual asset’ marketplace included the contentious detail that whenever a user of one exchange sends cryptocurrency worth more than 1,000 dollars or euros to a user of a different exchange, the originating exchange must send identifying information about both the sender and the intended recipient to the beneficiary exchange. The information must also be recorded and made available to “appropriate authorities on request”.

However, when speaking at the “V20 Virtual Asset Service Providers Summit” in 2020, Carole House from the Financial Crimes Enforcement Network (FinCEN) said that they want to see this threshold reduced to $250 for any transfers that go outside the US because their analysis of SARs filed from 2016 and 2019 showed the mean and median dollar values to be $509 and $255 respectively. Almost all the transactions began or ended outside the U.S.

Note that the information demand is quite extensive. According to the FATF Interpretive Note to Recommendation 16, the information should include name and account number of the originator and benefactor, the originator’s (physical) address, national identity number (or something similar) or date and place of birth. In essence, this means that counterparty’s personal information will sent around the web. Simon Lelieveldt, a former Head of Department on Banking Supervision at the Dutch Central Bank, is very well-informed and level-headed about such things, and even he called this a “disproportional silly measure by regulators who don’t understand blockchain technology”, which may be a little harsh even if not too far from the truth.

Surely the extension of the travel rule signals that it is time for a rethink. We need to begin with the fact that live in a world of data science, machine learning and artificial intelligence (AI) and understand that we cannot tackle crimes such as money laundering without machine brains to help us. This line of AI-centric thinking can be more disruptive than might seem at first glance because it suggests an alternative vision of regulation where we do away with a lot of the expensive barriers to entry to the financial system, those pot holes for criminals but chasms for legitimate users and instead use machine brains to police what is happening inside the system.

AML Isn’t Working

In other words, instead of trying to prevent criminals for getting in to the system, we should instead let them in and monitor what they are up to. If we force them to continue using cash, then we have no idea what they are up to! Whereas if we can persuade them to use electronic transactions of some kind, particularly those that leave an immutable record of criminality, then we would would actually be better off! Since cash cannot be tracked around the economy, we (society) have put in place a whole bunch of complicated and expensive rules about accounting for cash when it enters the financial system. But suppose there wasn’t any cash. Suppose there was only Bitcoin. In that case, as I pointed out some time ago, you wouldn’t need anti-money laundering (AML) regulations at all because you would be able to follow every coin around the blockchain!

Many observers, and Bitcoin fans in particular, say that this is nonsense because there are a variety of ways to jumble up and otherwise obfuscate the sources of value in transactions on the Bitcoin network. I never saw this as a realistic barrier to criminals though, and I noted that a simple rule that required banks to investigate any coins that had originated in anonymous wallets (or mixers) would be sufficient to stop the large-scale use. Also, you will remember that U.S. Department of Justice (DoJ) has already shown its intentions. You will remember they indicted Larry Harmon for creating the Bitcoin mixer “Helix” (in addition, Fincen fined him $60m last year) and have just arrested Roman Sterlingov, the alleged operator of Bitcoin Fog, a custodial bitcoin mixer that it says processed over 1.2 million BTC.

We erect (expensive) KYC barriers and then force institutions to conduct (expensive) AML operations, using computers and laser beams to emulate handwritten index cards and suspicious transaction reports (STRs). But as I have suggested before, suppose that KYC barriers were a lot lower so that more transactions entered the financial system. And suppose the transaction data was fed, perhaps in a pseudonymised form, to a central AML factory, where AI and big data, rather than clerks and STR forms, formed the front line rather than the (duplicated) ranks of footsoldiers in every institution. In this approach, the more data fed in then the more effective the factory would be at learning and spotting the bad boys at work. Network analysis, pattern analysis and other techniques would be very effective because of analysis of transactions occurring over time and involving a set of (not obviously) related real-world entities.

They have already taken a step towards this is in the Netherlands, where ABN Amro, ING, Rabobank, Triodos Bank and de Volksbank formed a consortium (Transaction Monitoring Netherlands, TMNL) to share data and identify unusual patterns in payments traffic that the individual banks cannot spot for themselves. Let’s hope they are successful, because estimates suggest that €16 billion of criminal money is laundered in the Netherlands each year from activities including drugs, human trafficking, child pornography and extortion.

British Opportunity

Michael Harris, director of financial crime compliance at LexisNexis Risk Solutions, commented that the release of the FinCEN files highlighted the “myriad issues” with the UK Anti-money laundering (AML) system – an ineffective suspicious activity report (SAR) regime, the poor use of data and technology and a legal system that inhibits information sharing and a culture that allows companies to hide their beneficial owners through offshore registered entities. There are other related negative impacts too: I remember a discussion with the then-Treasury minister Andrea Leadsom at techUK back in 2015, during which she noted that CDD is itself a friction against a more competitive financial services sector because it serves to create a moat around the larger incumbents.

I think that UKplc should rethink compliance for competitive advantage. As part of a post Brexit project to boost British invisibles, we should take jurisdictional competition seriously and create a compliance regime built on new technology not and industrial age mishmash of shaky identification documentation and millions of suspicious transaction reports. It is time for some new thinking. Omar Magana wrote a very good piece of this for the Chartwell “Compass” magazine. He asked whether “the enforcement of a regulation that was created over 20 years ago for a fast-evolving industry, may not be the best approach”. Note that he is not arguing against regulation, he is arguing (as I do) for a form of regulation more appropriate for our age (for which I use the umbrella term “Digital Due Diligence”, or DDD) using artificial intelligence and machine learning to track, trace and connect the dots to find the bad actors. If you look at the work of Chainalysis and others

The benefits to the wider economy are obvious – more access to financial services as well as more interdiction of actual money launderers, terrorists, corrupt politicians and tax evaders. We all know that COVID-19 is accelerating the evolution of digital onboarding, and that’s great. But we need to move to the next level: DDD! Now that we live in a world where digital identity is becoming a thing (both for people and for organisations) it’s time to plan for a faster, more cost-effective and more transparent approach that is based on the world we are actually living in.

(This is an edited version of an article first published on Forbes, 3rd May 2021.)

Separating the sheepcoins from the goatcoins

Some people mine Bitcoin for profits but some some people mine it for politics. The operator of a Bitcoin mining pool (a group of miners who work together to share the profits) quoted in CoinDesk recently said that some are investing not to convert electricity into cash but for other reasons “such as to avoid capital controls or avoid sanctions”. Indeed. And this has some serious implications. The Foundation for Defense of Democracies (FDD), a Washington think tank, summarised the emerging situation rather well in their position paper “Crypto Rogues“. They noted that “blockchain technology may be the innovation that enables U.S. adversaries for the first time to operate entire economies outside the U.S.-led financial system”. Now, while this may be technically slightly inaccurate (there are ways to create anonymous transactions without a blockchain and, indeed, the Swiss central bank has just published a working paper describing how to do so) it again flags up that the widespread availability of decentralised financial services threatens to bypass the existing infrastructure.

Iran provides an obvious example. They have every incentive to want to try new approaches to skirt the long arm of American law. The country already published a new set of regulations designed to funnel Bitcoin mined by Iranians to the state so that the country can use them to pay for imports. When the Iranian regime, for example, set up a venture to explore Bitcoin payments with a Swedish startup, the Swedish banks refused it a bank account because they themselves did not want to become subject to secondary sanctions. As America’s Treasury Secretary Mnuchin said at the time (talking about Iran), “If you want to participate in the dollar system you abide by US sanctions”.

On the other side of the world, North Korea has been developing a digital currency of its own. According to Alejandro Cao de Benós, President of the Korean Friendship Association, the Democratic People’s Republic of Korea intends to go down the Facebook route by creating an asset-backed digital currency rather than a digital fiat currency and then use some sort of blockchain with “Ethereum-style smart contracts” to do business and avoid sanctions. The regime sees this as a way to enforce deals it makes with foreign counterparties by developing a “token based on something with physical value” (eg, gold) in order to create a stable mechanism for payments in international trade between the regime and “other companies/individuals” (although it will not be available to individuals in the DPRK, who will be stuck with the Korean Won).

Across the Pacific in Venezuela, a country often mentioned by Bitcoin enthusiasts as a living case study of the benefits of decentralised cryptocurrency in the fight against tyranny, we find more mining going on: a video posted on Instagram by the 61st Battalion of the 6th Corps of Engineers of the Venezuelan Army shows military buildings converted into giant cryptocurrency mining centres and a warehouse that appears to be full of specialist Bitcoin mining equipment is labelled the “Center for the Production of Digital Assets”.

(I noted with interest that they do not appear to be mining “The Petro”, the digital currency of the revolution which according to the Bolivarian Council of Mayors’ recent “National Tax Harmonization Agreement” may soon be required for the payment of taxes.)

What… Whatible?

It seems to me that Bitcoin is a pretty poor choice for sanction-busting shenanigans though. Not only is the record of transactions public, but the Bitcoin value is not fungible. This matters. Remember that 2014 IRS Ruling about Bitcoins being a commodity, so that traders would have to track the buying and selling price of each individual Bitcoin in order to assess their tax liability? No? Here’s a reminder : “the real lesson from the IRS Bitcoin ruling is that for a currency-or any payment system-to work, its units must be completely fungible”.

Fungible (from the Latin “to enjoy” via Medieval Latin phrases such as “fungi vice”, meaning “to take the place of”) is one of my favourite adjectives. It means that all tokens are the same and can be substituted one for another. You owe me a quarter. It doesn’t matter _which_ quarter that you give me. Any will do. Any quarter can substitute for any other quarter because they are all the same. The same is true of the Pounds in my bank account, but it isn’t true of bitcoins. They are all different and their history can be tracked through the blockchain which is, as we are often reminded, and immutable public record of all transactions.

As my good friend Marc Hochstein observed about this some time ago, blockchain’s openness could turn out to be a bug for law-abiding citizens. Click To Tweet

The lack of fungibility has major implications for criminals, but also for the rest of us.  In England, the High Court (in the decision of AA v Persons Unknown & Ors, Re Bitcoin [2019]) has already ruled that crypto assets such as bitcoins are a form of property capable of being the subject of injunction. You can see what is going to happen: cryptographic exchanges will be required to identity who owns stolen coins and the owner will then be the subject of legal action to recover them. This owner might be entirely innocent about the origin of the coins and will say that they didn’t know that the bitcoins they bought are the proceeds of a ransonware attack and may ask to the keep them. But, J.P. Koning points out, that’s not how property law works. Even if you accidentally come into possession of stolen property then a judge can still force you to give it back to the rightful owner.

Launderette

You can own these cartoons!
NFTs available from the artist Helen Holmes from at
TheOfficeMuse (CC-BY-ND 4.0)

The UK has been experimenting with the “Unexplained Wealth Order” as a way to combat crime and corruption through the traditional money and finance system, but how would this translate to the world of cryptocurrency? Well, perhaps it doesn’t need to. In the world of Bitcoin, smart criminals may well try to use “mixers” or “tumblrs” that jumble together bitcoins to obfuscate their origin but I don’t think this will help in the long run. Apart from anything else, future consumers might want to know the provenance of their money, an idea explored by the artist Nitipak Samsen a decade ago in the Future of Money Design Awards. Check out the brilliant video he made here.

Have you ever wondered where the money in your pocket had come from? Who was the previous owner? Who was the owner before that? Might it be a famous celebrity?… Smart banknotes work by presenting a readable history of ownership on the note itself, an innovation designed to prevent money laundering

This might work in some interesting ways. People might pay a premium for coins that have an interesting past! Maybe coins that were used by a celebrity to buy drugs or were used to bribe a politician, coins that belonged to a murderer, that kind of thing, might be worth more than coins that belonged to boring people like me.

Clean Money

In the mundane world of dollar, dollar bills we have the concept of “money laundering” to describe what happens when dirty money is mixed with clean money (surely every one of us has touched banknotes that have been involved in some criminal activity!). But this doesn’t work for bitcoins. The “tainted” money stays tainted. Ross Anderson, Ilia Shumailov and Mansoor Ahmed from the Cambridge University Computer Laboratory wrote a terrific paper on this theme a couple of years ago. In “Making Bitcoin Legal” they pose some interesting questions about what to do with tainted cryptocurrency asking, for example, “If an identified customer says ‘Hi, what will you give me for UTXO x?’ and the exchange replies, ‘Sorry, 22% of that was stolen in a robbery last Tuesday, so we’ll only give you 78%’ does the customer then have to turn over the crime proceeds?”. Their idea of a public “taintchain” is an interesting way forward.  This would be a mechanism to make stolen coins visible, in which case they might display a futuristic Gresham’s Law dynamic as good coins drive out bad ones!

Whether by taintchain or some other mechanism, it’s actually pretty each to track dirty bitcoins. You can see where this might lead: if law enforcement agencies go to the biggest miners in the world and tell them that if they continue to confirm easily identifiable mixing transaction outputs, they will be accused of money laundering? This is not difficult to imagine, which suggests to me that Bitcoin’s lack of fungibility has far-reaching implications.

These implications have not gone unnoticed in the United States. Two of the largest Bitcoin mining companies there, Marathon Patent Inc. and DMG Blockchain Solutions Inc. (which together account for about a one-twelfth the power of the Bitcoin networks), recently joined forces to create the Digital Currency Miners of North America (DCMNA). This not-for-profit trade association has come up with pretty interesting idea: their miners will only process transactions that comply with American laws, thus extending the benevolent embrace of the U.S. Government into cryptocurrency. The idea (known as “clean mining“) is that instead of selecting transactions on the basis of which ones will bring the biggest fees, they will mine transactions based on the wallets that they come from.

Along the same lines, the “celebrity investor” (as described by CNBC) Kevin O’Leary announced that he will only buy bitcoins mined sustainably in countries that use clean energy. What’s more, he also said that he will not buy “blood coin” mined in China. Mr. O’Leary was quoted as saying that he sees “two kinds of coin”, which reinforces the point about fungibility and money and suggests to me, at least, that we could well see a strange and interesting twist in the world of cryptocurrency that has no analog in the analogue world of notes and coins: black and white money, or clean and dirty money, or light and dark money (an idea that goes back to the earliest days of cryptocurrency) in which some bitcoins will be worth more than others! Maybe a year or two from now, exchanges will be quoted two BTC-USD pairs: clean BTC at $100,000 and dirty BTC at $75,000. This doesn’t happen for GBP-USD or JPY-GBP, which confirms my feeling that whatever Bitcoin is, it isn’t currency.

[An edited version of this article first appeared on Forbes, 28th February 2021.]

Challenger banks or challenger monies?

When Jamie Dimon, the CEO of JP Morgan Chase, said that his bank should be “scared s***less” about fintech competitors, he identified the fintechs PayPal, Square, Stripe, Ant Financial and the techfins Amazon, Apple and Google as companies that the bank would need to compete with. Since he’s already forgotten more about banking than I will ever learn, I am certain that he is correct. What was interesting to me about this list was, though, that none of the organisations listed as keeping him awake at night began as banks or bank spin-offs.

As I wrote in my first ever column on Forbes, when people talked about “challengers” they should be talking about Microsoft not Monzo. The “challenger banks” are just banks and as my good friend Alessandro Hatami wrote at the time, neither the challengers nor the incumbent banks, despite spending heavily on their own technology, have transformed the financial services sector. But perhaps the real challengers will.

Where are the real challengers then? Mr. Dimon singled out payments as a specific hill for banks to die on. This is because the business models of the future depend on data, and payments are the overwhelming majority of interactions between a bank and its customers. When storming this redoubt (and the walls were breached this week with the news that ChasePay is being shut down) the techfins don’t care about the money, because the margins on payments are going down, but the data. I was quoted in The Economist talking about this impending reshaping of the retail financial services sector a couple of years ago, pointing out that financial products are heavily regulated, as they should be, which is why Big Tech is uninterested are in them. They are more than happy to have banks, for example, do this boring, expensive and risky work with all of the compliance headaches that come with it.

The techfins want the banks to do the manufacturing while they take over the distribution. Click To Tweet

This is an obvious strategy with major implications because if the techfins get between the consumers and their banks, then the banks will end up having to give away margin but, far more seriously, data. BofA Securities, amongst others, have pointed out that there is a “huge and valuable prize for private-sector players” from outside the banking sector if they can get in this business: the “treasure trove” of customer data that is not being fully exploited by the banks.

Plumbers

You might argue that the banks deserve nothing more than being turned into low margin plumbing to support more innovative and efficient techfin plays on top. Nydia Remolina at the Singapore Management University wrote an interesting paper on this last year (saying “financial institutions have access to enormous amounts of data, but due to multiple constraints this data is not yet sufficiently converted into useful insights”) putting forward a “data operating model” to link open banking, cloud computing, machine learning and AI to support digital transformation. I think this model is interesting because the ability for machines obtain insight and take action makes for a very different kind of fully-digital financial services sector based on the movement of data, not money.

Similarly, Dara Hizveren of Garanti BBVA, writing in the most recent Journal of Digital Banking, notes the opportunity for banks to try and build new business on such a model. The idea of “data banks” that manage personal information (and the consents associated with it) is hardly new, but as Dara highlights, the pressures of open banking and competition from Big Tech means that for commercial banks the natural extension of asset management businesses into personal data (the most valuable asset of all) is a priority.

I think we can already see how fintech firms, and particularly data-driven lenders, are demonstrating that this new business model, using payment data (in the form of transaction histories obtained through open banking) as a substitute for conventional credit scores, might be important not only to the sector but to economic recovery itself.

The UK actually looks pretty good in this regard. With a competitive fintech sector and open banking already in place, access to the transaction data has become energy for innovation. I know this at first hand because I was fortunate to be asked to be one of the judges for the Open Banking Innovation Awards for SMEs and I have to say I was pretty impressed by the businesses already taking advantage of this combination of new regulation and new technology. A couple of good examples are Fluidly, which plugs into accounting packages and bank accounts and uses machine learning to intelligently manage SME cashflow, and Swoop which integrates through open banking to simplify access to all kinds of SME finance. More recently Liberis, which provides cash advances to SMEs secure against their payment card transactions and repayments set as an agreed fraction of those transactions struck me as a good idea or all involved, and as I sat down to write these paragraphs I noted that another new player Fintern (with a team from Bank of America and HSBC, among others) opening for business using open banking-led affordability testing to make lending decisions.

Challengers

These are great businesses, but are they keeping Jamie tossing and turning in the small hours? I’m not sure. If they get big enough, he can buy them. We need to look further afield to find the non-banks that are his real nightmares and I think India might give us an indication of which way the wind is blowing. Ram Rastogi, who I always listen to on such matters, notes that Amazon in India is not only launching a digital banking platform to compete with the incumbent banks but is also applying for a licence to run a payments system as well. The Reserve Bank of India has invited companies to create new umbrella entities (NUEs) to build payments networks that offer an alternative to the bank-owned not-for-profit National Payments Council of India (NPCI) and Amazon are doing so in a consortium with Axis Bank and ICICI Bank. Amazon are not the only ones in this game, of course. Facebook and Google are linking with local players Infibeam and Reliance Industries to set up a competing network.

Bezos buck

You can own these cartoons!
NFTs available from the artist Helen Holmes from at
TheOfficeMuse (CC-BY-ND 4.0)

With the bank and the payment network, Amazon will be able offer their sellers a full service, ranging from current accounts and deposits to business loans and payments management, all through their own interface. The customers will never have to go near a conventional bank, a payments application or anything else. Not only are they launching their own banking system in India, they are apparently looking to launch their own money in Mexico. One of the behemoth’s job postings described the product as enabling customers to “convert their cash in to digital currency using which customers can enjoy online services including shopping for goods and/or services like Prime Video”.

It’s one thing to have your own bank. It’s another thing to have your own payment network. It’s another thing still to have your own money. I know nothing about running a bank, but if I was in charge of one then the thing to keep me awake at night is Jeff Bezos’ face on money!

(An edited version of this article first appeared in Forbes, 16th March 2021.)

Monet laundering and a new kind of market

You’ve probably read something about the latest crypto-craze. My good friend Lawrence Wintermeyer wrote a great piece about it here, describing how an anonymous guild of “art digitalists” bought an original Bansky and then set fire to it after digitizing the piece into a non-fungible token (NFT) they sold for $400,000.

NFTs really hit the headlines when the artist Mike Winkelmann (“Beeple”) sold an NFT of a JPEG he had created for $69m at Christies. It’s a lot to pay for nothing since, as my good friend David Gerard eloquently notes, Christie’s 33 page conditions of sale make it clear that the buyer did not obtain copyright or indeed any other rights to the file. The $69m is for nothing more than an albeit uncloneable receipt for the artwork. Not that the buyer minded, because he runs a crypto fund that invests in NFTs and issues tokens that are shares in the portfolio. Beeple owned 2% of these tokens, which went up in value from $0.36 per token to $23 after the Christie’s sale. Nice.

Now, you may think (as I did) that this is more interesting as a piece of performance art about the manipulation of cryptomarkets than a window into a new world that decentralises auction houses out of existence, but it is undeniably interesting. That’s because, trivially-copyable artworks to one side, NFTs could deliver radically more efficient markets.

Slugsy

Slugsy (CC-BY-ND 4.0)
NFT available direct from the artist at TheOfficeMuse (CC-BY-ND 4.0)

To see why, let’s first remind ourselves of what tokens are. Tokens are a cryptographically-secured digital asset (that is, they cannot be counterfeited or duplicated). As I explained in my book Before Babylon, Beyond Bitcoin a few years ago, although tokens are not specific to Ethereum they took off with the development of the ERC-20 standard back in 2015. ERC-20 defined a way to create a standard form of token using consensus applications on the Ethereum blockchain. Such tokens are a simply structured data exchanged between these applications, a practical implementation of digital bearer claims on assets with no clearing or settlement involved in their exchange (and hence a more efficient marketplace for their trading), thus creating a means to make the transfer of fungible value secure without a central authority.

I have written before that fungibility is a critical defining characteristic of money and one of the reasons why Bitcoin isn’t. Click To Tweet

All of the dollars in the world are the same, and any dollar can substitute for any other dollar. But all of the Bitcoins in the world are not the same. Similarly, my excellent stalls ticket to see the mighty Hawkwind play at the London Palladium is unique. So… how do you know that that ticket belongs to me? Right now there are event promoters, and ticketing agencies and credit card acquirers and databases and barcodes to try to figure that out. However, if I am a bad boy and sell a ticket that is nothing more than an e-mailed barcode to two other people and they both show up to watch a band, neither the venue nor the band nor other fans nor anyone else can tell which barcode is authentic and which is a copy.  But what if the ticket isn’t a barcode, but a non-fungible digital asset stored in my digital wallet? An NFT?

Now, non-fungible digital assets are fun and markets for them existed before Bitcoin, the blockchain and Enterprise Shared Ledgers (ESLs). Consider the obvious example of people playing massively-multiplayer games (MMGs) such as World of Warcraft and the like. People buy sell digital assets all the time (one of the first blog posts that I ever wrote was about the mining of digital gold in these games, and that was back in 2006!). If I want a magic sword or a laser cannon or a nicer hat for my avatar, I can buy it with real money. If you could copy magic swords to infinity, then they would have no value. So the number of magic swords is limited, and thus a market arises. So who says who the magic sword belongs to? If I pay you some real dollars for a non-existent virtual sword, who transfers title? Well, in the case of the games, it is obvious: it’s Blizzard or CCP Games or whoever else is in the middle, running the game.

New technology means that I can sell you the magic sword without having anyone in the middle. On Ethereum, for example, there are now a number of different ERC token standards, most notably ERC-721 that defines non-fungible digital assets. ERC-721 hit the headlines (well, for people like me anyway) back in 2017 when CryptoKitties took off. This is game on Ethereum that allows players to purchase, collect, breed and sell virtual cats and it became so popular that caused such congestion on the Ethereum network that is slowed in down significantly. The point is though that we can now exchange unique digital assets in a fully decentralised manner.

I remain unconvinced that buying digital receipts for trivially-cloneable artworks is a sound long-term investment strategy, although I am given to understand that much of the art market is more about money-laundering than Monet (Monet laundering! Why didn’t I think of this headline before!). However, that is not to say that there is no future for NFTs. On the contrary, some of these art market experiments are breaking ground for a new way of working that I think will indeed transform some markets.

Real Connections

These digital assets will very often be a means to control of things in the real world without having anyone in the middle either. Some years ago I asked if shared ledgers and such like might be a way to tackle the issue of “ID for the Internet of Things” (#IDIoT). I said at the time that I had a suspicion that there might be something there. My reason for thinking that was that there is a relationship between digital assets and things, because blockchains and tokens deliver a virtual representations of things in the mundane that, as with their physical counterparts, cannot be duplicated. If we can link the digital asset of a Rolex watch to a physical Rolex watch, we can do some very interesting things.

(As it happens, I am the non-executive Chairman of Digiseq, a UK startup that does this using tamper-resistant microchips).

What all of this means is that we can use the new technologies of cryptoasset trading (the world of decentralised finance, or “defi”) to develop efficient markets in scarce resources, markets that will hinge on the ability to maintain and prove the provenance of real-world objects, whether these are magic swords or designer handbags.

The opportunities for new and disruptive businesses here are real and substantial. Here’s an example, continuing the music theme. A band is going to play a concert. There are 10,000 seats in the venue and 100,000 members of their fan club. So the band randomly distribute the tickets to the members of the fan club who pay $50 each for them (this is all managed through smart contracts). And that’s it. Now, the members of the fan club can decide whether to go to the concert, whether to buy some more tickets for friends, whether to give their ticket to charity or whatever. They can put their tickets onto eBay and the market will clear itself. The tickets cannot be counterfeited or copied for the same reason that a Bitcoin cannot be counterfeited or copies: each of these cryptographic assets belongs to only one cryptographic key (“wallet”) at one time, and whoever has control of that key has control of the ticket.

Not your keys, not your Kings of Leon, as the kids might say.

(An edited version of this piece was first posted on Forbes, 7th March 2021.)

Bitcoins stay dirty, no matter how much you launder them

Some people mine Bitcoin for profits but some some people mine it for politics. The operator of a Bitcoin mining pool (a group of miners who work together to share the profits) quoted in CoinDesk recently says that some are investing not to convert electricity into cash but for other reasons “such as to avoid capital controls or avoid sanctions”. Indeed. And this has some serious implications. The Foundation for Defense of Democracies (FDD), a Washington think tank, summarised the emerging situation rather well in their position paper “Crypto Rogues“. They noted that “blockchain technology may be the innovation that enables U.S. adversaries for the first time to operate entire economies outside the U.S.-led financial system”. Now, while this may be technically slightly inaccurate (there are ways to create anonymous transactions without a blockchain and, indeed, the Swiss central bank has just published a working paper describing how to do so) it again flags up that the widespread availability of decentralised financial services threatens to bypass the existing infrastructure.

Iran provides an obvious example. They have every incentive to want to try new approaches to skirt the long arm of American law. The country already published a new set of regulations designed to funnel Bitcoin mined by Iranians to the state so that the country can use them to pay for imports. When the Iranian regime, for example, set up a venture to explore Bitcoin payments with a Swedish startup, the Swedish banks refused it a bank account because they themselves did not want to become subject to secondary sanctions. As America’s Treasury Secretary Mnuchin said at the time (talking about Iran), “If you want to participate in the dollar system you abide by US sanctions”.

On the other side of the world, North Korea has been developing a digital currency of its own. According to Alejandro Cao de Benós, President of the Korean Friendship Association, the Democratic People’s Republic of Korea intends to go down the Facebook route by creating an asset-backed digital currency rather than a digital fiat currency and then use some sort of blockchain with “Ethereum-style smart contracts” to do business and avoid sanctions. The regime sees this as a way to enforce deals it makes with foreign counterparties by developing a “token based on something with physical value” (eg, gold) in order to create a stable mechanism for payments in international trade between the regime and “other companies/individuals” (although it will not be available to individuals in the DPRK, who will be stuck with the Korean Won).

Across the Pacific in Venezuela, a country often mentioned by Bitcoin enthusiasts as a living case study of the benefits of decentralised cryptocurrency in the fight against tyranny, we find more mining going on: a video posted on Instagram by the 61st Battalion of the 6th Corps of Engineers of the Venezuelan Army shows military buildings converted into giant cryptocurrency mining centres and a warehouse that appears to be full of specialist Bitcoin mining equipment is labelled the “Center for the Production of Digital Assets”.

(I noted with interest that they do not appear to be mining “The Petro”, the digital currency of the revolution which according to the Bolivarian Council of Mayors’ recent “National Tax Harmonization Agreement” may soon be required for the payment of taxes.)

What… Whatible?

It seems to me that Bitcoin is a pretty poor choice for sanction-busting shenanigans though. Not only is the record of transactions public, but the Bitcoin value is not fungible. This matters. Remember that 2014 IRS Ruling about Bitcoins being a commodity, so that traders would have to track the buying and selling price of each individual Bitcoin in order to assess their tax liability? No? Here’s a reminder : “the real lesson from the IRS Bitcoin ruling is that for a currency-or any payment system-to work, its units must be completely fungible”.

Fungible (from the Latin “to enjoy” via Medieval Latin phrases such as “fungi vice”, meaning “to take the place of”) is one of my favourite adjectives. It means that all tokens are the same and can be substituted one for another. You owe me a quarter. It doesn’t matter _which_ quarter that you give me. Any will do. Any quarter can substitute for any other quarter because they are all the same. The same is true of the Pounds in my bank account, but it isn’t true of bitcoins. They are all different and their history can be tracked through the blockchain which is, as we are often reminded, and immutable public record of all transactions. 

The lack of fungibility has major implications for criminals, but also for the rest of us. As my good friend Marc Hochstein observed about this some time ago, blockchain’s openness could turn out to be a bug for law-abiding citizens. In England, the High Court (in the decision of AA v Persons Unknown & Ors, Re Bitcoin [2019]) has already ruled that crypto assets such as bitcoins are a form of property capable of being the subject of injunction. You can see what is going to happen: cryptographic exchanges will be required to identity who owns stolen coins and the owner will then be the subject of legal action to recover them. This owner might be entirely innocent about the origin of the coins and will say that they didn’t know that the bitcoins they bought are the proceeds of a ransonware attack and may ask to the keep them. But, J.P. Koning points out, that’s not how property law works. Even if you accidentally come into possession of stolen property then a judge can still force you to give it back to the rightful owner.

Launderette

with kind permission of TheOfficeMuse (CC-BY-ND 4.0)

The UK has been experimenting with the “Unexplained Wealth Order” as a way to combat crime and corruption through the traditional money and finance system, but how would this translate to the world of cryptocurrency? Well, perhaps it doesn’t need to. In the world of Bitcoin, smart criminals may well try to use “mixers” or “tumblrs” that jumble together bitcoins to obfuscate their origin but I don’t think this will help in the long run. Apart from anything else, future consumers might want to know the provenance of their money, an idea explored by the artist Nitipak Samsen a decade ago in the Future of Money Design Awards. Check out the brilliant video he made here.

Have you ever wondered where the money in your pocket had come from? Who was the previous owner? Who was the owner before that? Might it be a famous celebrity?… Smart banknotes work by presenting a readable history of ownership on the note itself, an innovation designed to prevent money laundering

This might work in some interesting ways. People might pay a premium for coins that have an interesting past! Maybe coins that were used by a celebrity to buy drugs or were used to bribe a politician, coins that belonged to a murderer, that kind of thing, might be worth more than coins that belonged to boring people like me.

Clean Money

In the mundane world of dollar, dollar bills we have the concept of “money laundering” to describe what happens when dirty money is mixed with clean money (surely every one of us has touched banknotes that have been involved in some criminal activity!). But this doesn’t work for bitcoins. The “tainted” money stays tainted. Ross Anderson, Ilia Shumailov and Mansoor Ahmed from the Cambridge University Computer Laboratory wrote a terrific paper on this theme a couple of years ago. In “Making Bitcoin Legal” they pose some interesting questions about what to do with tainted cryptocurrency asking, for example, “If an identified customer says ‘Hi, what will you give me for UTXO x?’ and the exchange replies, ‘Sorry, 22% of that was stolen in a robbery last Tuesday, so we’ll only give you 78%’ does the customer then have to turn over the crime proceeds?”. Their idea of a public “taintchain” is an interesting way forward.  This would be a mechanism to make stolen coins visible, in which case they might display a futuristic Gresham’s Law dynamic as good coins drive out bad ones!

Whether by taintchain or some other mechanism, it’s actually pretty each to track dirty bitcoins. You can see where this might lead: if law enforcement agencies go to the biggest miners in the world and tell them that if they continue to confirm easily identifiable mixing transaction outputs, they will be accused of money laundering? This is not difficult to imagine, which suggests to me that Bitcoin’s lack of fungibility has far-reaching implications.

These implications have not gone unnoticed in the United States. Two of the largest Bitcoin mining companies there, Marathon Patent Inc. and DMG Blockchain Solutions Inc. (which together account for about a one-twelfth the power of the Bitcoin networks), recently joined forces to create the Digital Currency Miners of North America (DCMNA). This not-for-profit trade association has come up with pretty interesting idea: their miners will only process transactions that comply with American laws, thus extending the benevolent embrace of the U.S. Government into cryptocurrency. The idea (known as “clean mining“) is that instead of selecting transactions on the basis of which ones will bring the biggest fees, they will mine transactions based on the wallets that they come from.

We could well see a strange and interesting twist in the world of cryptocurrency that has no analog in the analogue world of notes and coins: black and white money, or clean and dirty money, or light and dark money (an idea that goes back to the earliest days of cryptocurrency) in which some bitcoins will be worth more than others! Maybe a year or two from now, exchanges will be quoted two BTC-USD pairs: clean BTC at $100,000 and dirty BTC at $75,000. This doesn’t happen for GBP-USD or JPY-GBP, which confirms my feeling that whatever Bitcoin is, it isn’t currency.

[An edited version of this article first appeared on Forbes, 28th February 2021.]

QR Q.E.D.

As I recall, some of the delegates at the 2016 cryptocurrency conference Consensus were sceptical when I shared my preferred strategy for securing my digital dosh, which was to convert the security key into a QR code and have it tattooed onto my scrotum. You could see them wondering about my grasp of the relevant risk models and questioning my confidence in the technology. I was not dismayed by their negative reaction. In fact, I had suggested this approach to managing privates keys (sic) before and had even toyed with the idea of patenting this breakthrough in cyber defence, on the grounds that you can patent anything no matter how trivial and obvious there days, but sadly I never got round to it. Now I am kicking myself about it, because I was delighted to read in the New York Times that numerous people of an innovative bent have indeed had QR code tattoos and… guess what, they work.

Www dgwbirch code

Everyone uses QR codes now. They are on advertisements, face masks, business cards and Zoom backgrounds. There are two reasons for this: COVID-19 and Apple. A couple of years ago, Apple changed the iPhone software so that you could scan QR codes with your iPhone camera and not have to run a separate app. At a stroke, gazillions of people gained the ability to automagically engage in contact-free transactions, while shortly afterwards along came the pandemic and the demand for contact-free transactions for everything, not only shopping, went into overdrive.

Everyone uses QR codes now. There are two reasons for this: COVID-19 and Apple. Click To Tweet

(It’s not all down to Apple, of course. The cameras in mobile phones have improved across the board so that QR codes can be scanned clearly from a safe distance so that consumers can stand a couple of metres away from the point of sale and buy without using cash. )

Supermarket codewith kind permission of TheOfficeMuse (CC-BY-ND 4.0)

Just look around and see how quickly the technology has accelerated in coffee shops and cafes, pubs and clubs, fast food and just about everywhere else. At the cafe near me, the transformation was overnight. Now you sit down, scan a QR code and order on your phone, then a server brings you your food and drink. And when you’ve finished, you just get up and walk out. And that last point, the ability to pay and go instead of waiting for and then paying a bill, is a delight for customers and premises alike. One US technology provider has measured that this saves saves 21 minutes of table time on average and, as they note, that’s great for a restaurant “because they have the ability to increase their revenue per hour per seat” as well as removing the need to touch devices and keypads (which is why so much of the restaurant industry’s investments in in-store tech has gone toward contactless payment solutions through QR codes).

At the Women in Payments Symposium this month, Rebecca Speck from Discover gave a very good presentation on the dynamics in contactless payments. She showed figures for Quick Service Restaurants (QSR) in the USA, where half of all payments are already contact-free, that gave a pretty even split between cards, apps and xPays. My guess is that in time the restaurant chains will continue to incentivise customers into their apps and we will see the use of both chip and PIN and contactless cards fall, fulfilling the prediction that Anthony Jenkins made (when he was head of Barclaycard, before he was the CEO of Barclays) when he said, as memory serves, that mobile phones would get rid of cards long before they get rid of cash.

Check In

I’ve been very interested to see the emerging dynamics at retail point of sale (POS) across sectors. A few years ago, I was of the general opinion that QR code for payments would fade away because tapping with cards or phones was quicker and more secure. But one retailer after another began to start using QR instead of NFC, partly because they didn’t want consumers to have to understand how to turn on and use NFC in smartphones and partly because Apple wouldn’t let them access payment interfaces in iPhones anyway. When the biggest retailers decided to go QR instead of contactless, you could see which way the wind was blowing. Walmart, to take the obvious example, introduced QR into Walmart Pay. Instead of selecting Walmart Pay at checkout, customers can now scan a QR code and Walmart Pay is connected so that customers can pay contact-free.

In strategic terms, my strawman assumption going back five years was that retailers were going to get rid of payments at POS and shift to payments inside their own apps, apps that they use to deliver better customer services. Or, in the bumper-sticker version, “we’re going from check-out to check-in”. This is where the supermarket chains went in the UK, where Tesco became “the latest grocer to develop its own technology to bypass the costly Android and Apple systems” and Sainsbury’s was trialling its SmartShop app which allows users to create their own shopping lists, navigate stores and make payments at dedicated kiosks. In the UK, Tesco has just announced that their mobile payment app Pay+ has now taken its first billion in payments.

As with other retailers, one of the attractions for supermarket chains is that their app can combine payments, loyalty and spend tracking in one and a simple quick QR scan is all that is needed to get everything done. I’m sure this combination (and, if I remember correctly, prescriptions) is what attracts consumers to using the CVS app, where shoppers will be able to scan a QR code on their phones to pay using stored debit or credit cards, bank accounts, PayPal balance, PayPal Credit, Venmo balance or Venmo Rewards. This focus on apps at POS was an obvious strategic focus long before Tim Cook stood up on stage to explains “the benefits of Apple Pay in apps“.

So customers will end up with hundreds of apps on their phones? I do not think so. I remember a Comscore survey that found thatover half of American consumers would be happy to have four or more retailer apps on their phone and I remember something I looked at for a UK client a around that same time. From memory, the overwhelming majority of household disposable income in the UK goes to a handful retailers per household. Put these approximations together and consumers will not have hundreds of apps on their phones to deal with every retailer. For the retailers they visit frequently (e.g., Starbucks) they will have the retailer app and use it. In other cases they will just use some third-party payment app (e.g., their bank) or a convenient wearable like a bracelet or key fob that is controlled by a third-party app. This will give retailers new opportunities to add value and new control over identity and payments.

(An edited version of this piece appeared on Forbes, 5th February 2021.)

The Transparency Machine

Most blockchain ideas that I hear about make no sense. In general, they do not involve blockchains (just some sort of shared database) and where they do actually involve blockchains they are used to emulate shared databases to deliver a slower and more expensive service. How is it then that even a blockchain grouch such as me thinks that the technology has something to offer?

Well, first of all, let’s stop talking about blockchains and use the more general terms shared ledgers to cover the spectrum of relevant technologies and enterprise shared ledgers to cover the particular use case of sharing data between organisations (and regulators etc) in a permissioned manner. I think that the use of enterprise shared ledger (ESL) software will transform business more than enterprise resource planning (ERP) did a generation ago because it will go beyond automating existing process and will instead create new ways to do business.

Transparency is a route to trust. Click To Tweet

Consider the recent case study of Wirecard. The auditors reported that the company was solvent because they thought that there were bank accounts with billions of euros in them. It turns out that there were not. What a simple problem to solve! If only there was some form of immutable record of transactions that companies could use to store account balances digitally-signed by their banks and that investors, customers, suppliers and regulators could use instead of auditors to determine that the assets of companies exceed their liabilities! Transparency is a route to trust.

Transparency

with kind permission of TheOfficeMuse (CC-BY-ND 4.0)

Put the transactions on a blockchain and no more fraud then? It’s not that easy. Some of the information in the ledger is confidential: it should only be accessed by the customers, the banks involved in the transactions and perhaps the market where the transactions take place. There are many applications where the transactions must be private. Therefore we need mechanisms to exploit the beneficial transparency of the shared ledger in such a way as to preserve necessary privacy.

What sort of mechanisms? Well, many years ago Eric Hughes, the author of the “cypherpunk manifesto” in the early 1980s, wrote about “encrypted open books”, a topic that now seems fantastically prescient. His idea was to develop cryptographic techniques so that you could perform certain kinds of public operations on private data: in other words, you could build “glass organisations” where anyone could run software to check your accounts without actually being able to read every item of data in them.

It sounds completely crazy and in fact it is a perfect example of what I’ve previously labelled counterintuitive cryptography. The idea of open book accounting is to use homomorphic encryption to store records in a form where they can only be read by authorised parties but can nonetheless be subject to some basic computation while still encoded. In other words you can determine that (encrypted 2) + (encrypted 2) = (encrypted 4) without ever being able to read the “2” or “4” .

This means that you can prove certain assertions about data without ever revealing what the data actually is. One obvious use of this, and as far as I can remember this was central to Eric’s discussion of the topic, is to take a list of the encrypted assets of the company together with a list of the encrypted liabilities of the company and compute that the company’s assets exceeds liabilities. Thus you can, essentially, audit that the company is solvent without being able to read what any of the assets and liabilities actually are.

(In practice, for this to work, the assets and liabilities have to be encrypted by some trusted third party. If I show you my encrypted Barclays bank statement then you have to know it is authentic so it would need to be digitally signed by Barclays, but that’s a topic for another day.)

When you combine the idea of open book accounting with Ian Griggs’ idea about triple entry accounting that dates from around the same time, you can see the basis for a new and more efficient financial infrastructure that is simultaneously the doom of auditors everywhere. If you are interested, there is a very comprehensive review of the origins and taxonomy of the intersection between open book, triple-entry and shared ledgers in a paper from Juan Ignacio Ibañez, Chris Bayer, Paolo Tasca and Jiahua Xu.

Remember in a triple entry system each of the parties to a transaction has a record of the transaction but there is a corresponding entry in a shared ledger that is computationally infeasible to falsify. The entries in my ledger are private to me and the entries in your ledger are private to you but the entries in the shared ledger are available to a much wider range of stakeholders but encrypted so that anyone can use calculations to determine that our assets exceed our liabilities, crucially without being able to read either. Pretty cool.

Transparency and Translucency

The impact of encrypted open books and triple entry working together in this way could be huge, because the transparency and automation means that we will no longer need to wait until the end of the reporting period to conduct an audit and produce results with the help of skilled financial professionals. Instead we will find ourselves in an era of ambient accountability, where the technological architecture means constant verification and validation. If you want to check whether a bank is solvent before you deposit your life savings there you will do it using an app on your smart phone not by looking at a year old auditor’s report covering some figures from a year before filtered through levels of management.

(Ambient accountability is a term that I borrowed from architecture to describe this infrastructure. It describes perfectly how transparency can transform the financial services industry and serves as a rallying cry for the next generation of financial services technology innovators, giving it a focus and raison d’être beyond shifting private profits from banks to technology companies and other third parties.)

Since the regulators will be able to use the technology, they will be able to spot unusual or inappropriate activity. What’s more, the information stored in the ledgers in encrypted form has been put there by regulated institutions so should there be a need to investigate particular transactions because of, for example, criminal activity then law enforcement agencies will be able to ask the relevant institutions to provide the keys necessary to decrypt the specific transactions. In this way the shared ledger can bring the technology of open book accounting to bear to exploit the beneficial transparency of the shared ledger in such a way as to preserve necessary privacy.

In a paper I co-wrote a few years ago with Richard Brown, then at IBM, and Consult Hyperion colleague Salome Parulava [published as “Towards ambient accountability in financial services: shared ledgers, translucent transactions and the legacy of the great financial crisis.” Payment Strategy and Systems 10(2): 118-131 (2016).], we borrowed the term “translucent” from Peter Wayner to mean transactions that are transparent for the purposes of consensus (in other words, we can all agree that the transaction took place and the order of transactions) but opaque to those not party to the trade or the appropriate regulators under the relevant circumstances.

I gave this talk introducing these concepts at NextBank Barcelona back in 2015 (building on the talk about “The Glass Bank” that I first delivered back in 2011) and I’m very interested to see the continuing developments in the field. To give just one example, Richard Brown is now the CTO at leading Enterprise Shared Ledger (ESL) software provider R3. R3 recently released their Conclave product that takes an interesting step in this direction, allowing organisations to exploit Intel SGX secure hardware to remotely verify what other organisations can and cannot do with shared data.

It seems clear that for financial markets this kind of controlled transparency will be a competitive advantage for both permissioned and permissionless ledgers: as an investor, as customer, as a citizen, I would trust these organisations far more than “closed” ones. Why wait for quarterly filings to see how a public company is doing when you could go on the web at any time to see their sales ledger? Why rely on management assurances of cost control when you can see how their purchase ledger is looking (without necessarily seeing what they’re buying or who they are buying it from)?

A market built up from “glass organisations” are trading with each other, serving their customers, working with regulators in entirely new ways, is a very attractive prospect and suggests to us that new financial market infrastructure may be on the horizon and that the lasting impact of shared ledger technology will not be to implement existing banking processes in a new way but to create new kinds of markets and therefore new kinds of institutions.

In this world, whether it is Wirecard, Enron, Tether or anyone else, nobody will be required to rely on the word of auditors because they can simply calculate for themselves whether the company is solvent or not. No more relying on tips and whispers to find out whether the money in some remote bank account is sufficient to cover the liabilities in other jurisdictions: cryptographic proofs will replace auditing and apps will replace auditors.

[An edited version of this piece first appeared on Forbes, 17th January 2021.]

China and America both need new fintech regulation

In a recent episode of Professor Scott Galloway’s podcast, he talked with one of my favourite writers: the eminent historian and Hoover Institution senior fellow Niall Ferguson. The subject of the conversation was the relationship between the United States and China. Their fascinating and informative discussion ranged across many fields, including financial services and fintech. Ferguson touched on a particular aspect of what he calls “Cold War 2” in context of finance, saying that American regulators “have allowed the fintech revolution to happen everywhere else” by which I think he meant that the nature of financial regulation in America has been to preserve the status quo and allow the promulgation of entrenched interests while the costs of financial intermediation have not be reduced by competition. He went on to say that “China has established an important lead in, for example, payments”, clearly referring to the dominance of mobile payments in China and the role of (in particular) Alipay in bringing financial services. He made this comment around the same time that the Chinese government pulled the plug on the Alipay IPO, what would have been the biggest IPO in history.

Weareno1

with kind permission of TheOfficeMuse (CC-BY-ND 4.0)

As an aside, if you want to understand some of the big picture around the coronavirus, currency (and what I call “The Currency Cold War” in my book of the same name), then you might want listen to this Coindesk podcast with Ferguson and the journalist and author Michael Casey. They talk about the current state of the world and what it could mean for money. As the author of one of the best books on the history of finance, The Ascent of Money, Ferguson has a very wide and well-informed perspective on the issues and, indeed I quote him more than once in my book!

At a time when America is finally beginning to at least think about opening up financial services to allow real competition, China is heading in the opposite direction by clamping down on fintechs. Click To Tweet

Ferguson’s point about payments is particularly interesting to me. One way to provide more fintech competition to the incumbents would be to provide a more relaxed environment for payments. America lacks a regulatory construct equivalent to the EU’s “Payment Institution” and it really needs one if it is to move forward. The EU regulatory framework has just been battle-tested with the collapse of Wirecard following massive fraud. No customer funds were lost in the collapse of the badly-regulated non-bank because the customer funds were ring fenced in well-regulated bank and, as I will suggest later, this might be the right regulatory balance for new US regulation.

One place to look for this new regulation might be the OCC, which has developed the concept of the Special Purpose National Bank (SPNB) charter. I don’t want to sidetrack into the controversy around these charters, except to note that the OCC expects a fintech company with such a charter to comply with capital and other requirements that seem unlikely to generate the innovation and competition that America wants. This was obvious from the comments on the original proposals, when fintechs made it clear they would be reluctant to invest in such an OCC license unless such a licence would require the Federal Reserve to give them access to the payments system (so they will not have to depend on banks to intermediate and route money for them). The fees associated with such intermediation are significant (ie, top five) operating cost for many fintechs.

I agree wholehearted with Prof. Dan Lawry of Cornell Law School, Lev Menard of Columbia Law School and James McAndrews of Wharton Financial Institutions Center who in their response to the OCC’s proposal labelled it “fundamentally flawed” and called for the organisation to instead look at strengthening the regime for non-bank financial institutions. The focus on banking regulation, though, seems entrenched. I notice that Congresswoman Rashida Tlaib (MI-13), along with Congressmen Jesús “Chuy” García (IL-04) and Chairman of Task Force on Financial Technology Rep. Stephen Lynch (MA-08), have just introduced the Stablecoin Tethering and Bank Licensing Enforcement (STABLE) Act, which similarly propagates this outdated (and inappropriate) regulatory perspective by requiring any prospective issuer of a “stablecoin” (let’s not even get into what is or is not a stablecoin) to obtain a banking charter.

There is an alternative. The idea of another kind of federal charter that would allow regulated institutions access to payment systems, but would not allow them to provide credit, seems much more appealing for not only stablecoin issuers but almost all other fintechs as well. Such a charter would separate the systemically risky provision of credit from the less risky provision of payment services, a very different concept to the SPNB charter. The economist George Selgin, Senior Fellow and Director of the Cato Institute’s Center for Monetary and Financial Alternatives, recently posted a similar point on Twitter, arguing for the Federal Reserve to give fintechs direct access to payment systems (instead of having to go through banks). This was the approach taken in the UK when the Bank of England decided to give settlement accounts to fintechs, where examples of fintechs who took advantage of this opportunity to deliver a better and cheaper service to customers range from the $5 billion+ Transferwise money transfer business to the open banking startup Modulr (which just recieved a $9 million investment from PayPal Ventures). Interestingly, Singapore has just announced that it will go this way as well, so that non-banks that are licenced as payment institutions will be allowed access to the instant payment infrastructure from February 2021.

My good friend Chris Skinner was right to say that many US fintechs will follow the likes of Varo, apply for new licenses and become more and more like traditional banks, but that’s because the traditional bank licence is all that is on offer to them. But this is an accident of history that jumbles together money creation, deposit taking and payments. It’s time to disentangle them and to stop, as Jack Ma (the billionaire behind Alibaba and Ant Group) recently said, regulating airports the way we regulate train stations. He said this was shortly before Chinese regulators halted Mr. Ma’s IPO, following his comments  questioning financial regulation, clearly signalling that their relaxed attitude toward the growth of China’s financial giants is coming to an end.

The Chinese regulatory environment is changing. Whereas China was happy to see its techfins grow in order to help them scale while American enterprises were kept at bay, it is now beginning to rein them in. The new players are now having to build up capital and review business structures as those regulators focus on issues such as data privacy, banking partnerships and lending. With respect to that latter point, note that the concerns around the Alipay IPO were related to lending and leverage, not payments. Although heading towards half of Ant’s revenues came from the lending, facilitated by their vast quantities of data, but they only came up with 2% themselves (if they were were a bank, they would be required to provide something like a third) passing the rest of the exposure onto banks.

Meanwhile, in September, the European Commission (EC) adopted an expansive new “Digital Finance Package” to improve the competitiveness of the fintech sector while ensuring financial stability. The proposed framework includes a legislative approach to the general issue of crypto-assets, called Markets in Crypto-assets (MiCA). I’ll spare you the whole 168 pages, but note that it introduces the concept of crypto-asset service providers (CASPs) and defines stablecoins as being either “asset-referenced tokens” that refer to money, commodities or crypto-assets (although how this can be called “stable”, I am not at all clear) or “e-money tokens” that refer to one single fiat currency only.  E-money tokens (eg, Diem) are a good way to bring innovation to financial services because they are a way to bring genuine competition.

I think the EU may be charting a reasonable course here. China needs to regulate lending more, the US needs to regulate payments less. America needs more competition in the core of financial services and now is a good time to start. With the Biden administration on the way, they can tackle this core issue that, as The Hill says, the U.S. government has “ignored and neglected” the need for a regulatory framework that will support American technological innovation around cryptocurrency, setting aside an embarrassing and “outdated regulatory approach to fintech”. Prof. Lawry suggest a simple and practical response for the US regulators, which is to amend the state-level regulatory frameworks around money services businesses (MSBs), which they say “are the product of a bygone age”, and learn from M-PESA and Alipay where a 100% reserve requirement seems to have proved very successful. There is no evidence that such a requirement stifles growth. Congress need only introduce a uniform requirement that MSB hold a 100% in insured deposits at a bank that holds account balances at the Federal Reserve, which is in essence the same as an EU Electronic Money License and therefore ought to lead to mutual acceptance.

In short, China needs tighter regulation of non-bank credit, America needs lighter regulation of non-bank payments. The way forward is to separate the regulation of payments from the regulation of credit from the regulation of investments. This is the way to get competition and innovation in financial services.

May I interest you in a credit card *bleep*

In August this year, eight teams gathered for the three-day final of DARPA’s AlphaDogfight trials. The teams had developed Artificial Intelligence (AI) pilots to control F-16 fighter aircraft in simulated dogfights. The winner beat the human USAF pilot in five dogfights out of five. I’m not really sure what this means for the defence of the free world, partly because I don’t know anything about air combat (other than endless games of Falcon on my iMac years ago) but largely because it seems to me that there is a context error in the framing of the problem. Surely the future of air warfare isn’t robo-Maverick dogfighting with North Korea’s top fighter ace but $100m Tempest fighters (which as Sebastian Robin pointed out in Forbes earlier this year, might make more sense as unmanned vehicles) trying to evade $1m AI-controlled intelligent drones and machine-learning (ML) swarms of $10,000 flying grenades that can accelerate and turn ten times quicker. The point about budget is important, by they way. Inexpensive Turkish drones have been observed in Syria and Libya destroying enemy armour that costs ten times as much.

As is often said then, we plan for the battles of the next war using the weapons of the last one. This is true in finance just as it is in defence. A couple of years ago, John Cryan (then CEO of Deutsche Bank) said that that the bank was going to shift from employing people to act like robots to employing robots to act like people. They put this plan in motion and earlier this year announced big staff reductions as part of a radical overhaul of operations. At the same time, the bank announced that it will spend €13bn on new technology over the next four years. These investments in infrastructure “are already making some humans at Deutsche unnecessary”. The bot takeover in banking is already happening.

It is not surprising to see this takeover happening so quickly, because there are many jobs in banks that are far simpler to automate than that of a fighter pilot. In India, YES Bank has a WhatsApp banking service that uses a chatbot (a conversational AI with extensive financial knowledge) to help customers to check balances, order cheque books, report unauthorised transactions, redeem reward points, connect with help desks and to apply for more than 60 banking products. And this is only the beginning. The Financial Brand reported on research from MIT Sloan Management Review and the Boston Consulting Group showing that only one in ten companies that deploy AI actually obtain much of a return on ROI. This is, as I understand it, because while bots are good at learning from people, people are not yet good at learning from bots. A robot bank clerk is like a robot fighter pilot, an artificial intelligence placed in the same environment as a human: when organisations are redesigned around the bots, then the ROI will accelerate.

Maverick

with kind permission of TheOfficeMuse (CC-BY-ND 4.0)

The robots will take over, in banking just as in manufacturing. So will you be served by a machine when you go to the bank five years from now? Of course not. That would be ridiculous. For one thing, you won’t be going to a bank five years from now under any circumstances. You’ll be explaining “going to” a bank to your baffled offspring just as you were explaining “dialling” a phone to them five years ago. But you won’t be going to your bank in cyberspace either. Your bot will. As I pointed out in Wired this time last year, the big change in financial services will come not when banks are using AI, but when customers are.

The big change in financial services will come not when banks are using AI, but when customers are. Click To Tweet

Think about it. Under current regulations, my bank is required to ask me to make decisions about investments while I am the least qualified entity in the loop. The bank knows more than I do, my financial advisor knows more than I do, the pension fund knows more than I do, the tax authorities know more than I do. Asking me to make a decision in these circumstances seems crazy. Much better for me to choose an approved and regulated bot to take care of this kind of thing. And if you are concerned that they may be legal issues around delegating these kinds of decisions to a bot, take a look at Ryan Abbott’s argument in MIT Technology Review that there should be a principle of AI legal neutrality asserting that the law should tend not to discriminate between AI and human behaviour. Sooner or later we will come to regard allowing people to make decisions about their financial health as dumb as letting people drive themselves around when bots are much safer drivers.

The battle for future customers will take place in landscape across which their bots will roam to negotiate with their counterparts – ie, other bots at regulated financial institutions – to obtain the best possible product for their “owners”. In this battle, the key question for customers will become a question of which bot they want to work with, not which bank. Consumers will choose bots whose moral and ethical frameworks are congruent with theirs. I might choose the AARP Automaton, you might choose the Buffett Bot or the Megatron Musk. Once customers have chosen their bots, then why would they risk making suboptimal choices around their financial health by interfering in the artificial brain’s decisions?

Imaging the world of the future as super-intelligent robots serving mass-customised credit cards and bank accounts to human customers is missing the point — just as imagining the world of the future as F-16s with robot pilots duelling M-29s with robot pilots is — because in the future the customers will be super-intelligent robots too.

[An edited version of this article first appeared on Forbes on 24th November 2020.]