The CBDC privacy paradox

It seems to meet that there is something of a paradox around cash, digital cash and anonymity. The average consumer wants anonymity for their own payments because they are not crooks (and their purchasing decisions are no-one’s business except theirs and the merchant’s). On the other hand, the average consumer (not to mention the average law enforcement agent) doesn’t want anonymity for terrorists, lobbyists or fraudsters.

The Bank of England’s fintech director Tom Mutton said in a speech that privacy was “a non-negotiable” for a retail CBDC. Meanwhile, the Bank of Canada (just to pick one recent example) published a a staff analytical note on the risks associated with CBDCs stating that central banks should mitigate risks such as anonymity present in digital currencies. Note the formulation of anonymity as a “risk”. With stricter rules on the holding and exchange of cryptocurrencies coming into place around the globe. Just to give one example, South Korea’s Financial Services Commission has announced new rules to come into force in 2022, banning all anonymous digital currencies “that possess a high-risk of money laundering” (which, as far as I can see, is all anonymous digital currencies).

There is a payments privacy paradox, and cryptocurrency brings it into sharp relief. Good people should be allowed anonymous cash, but bad people should not. Click To Tweet

How can we resolve this? Well, I think that we can, if we spend a little time to think about what anonymity and privacy actually mean.

The Clinton Paradox

This is a special case of a more general paradox. Let me explain and illustrate. A few years ago, I was invited me along to “an event” in London to enjoy a morning of serious thinking about some key issues in information security. They had some pretty impressive speakers as I recall: Mike Lynch, the founder of Autonomy, was one of them. Alec Ross, who was Senior Advisor for Innovation and Technology to the Secretary of State Hilary Clinton, gave the keynote address on “ The promise and peril of our networked world ”. Alec was a good speaker, as you’d expect from someone with a background in diplomacy, and he gave some entertaining and illustrative examples of using security to help defeat Mexican drug cartels and Syrian assassins. He also spent part of the talk warning against an over-reaction to “Snowden” leading to a web Balakanisation that helps no-one.

A decade back, I wrote about what I called the  “Clinton Paradox”. This came about because I read a piece by Bob Gourley. the former CTO of the U.S. Defense Intelligence Agency, who framed a fundamental and important question about the future identity infrastructure when analysing Hillary Clinton’s noted speech on Internet freedom.

We must have ways to protect anonymity of good people, but not allow anonymity of bad people.

Mrs. Clinton had said that we need an infrastructure that stops crime but allows free assembly. I have no idea how to square that circle, except to say that prevention and detection of crime ought to be feasible even with anonymity, which is the most obvious and basic way to protect free speech, free assembly and whistleblowers: it means doing more police work, naturally, but it can be done. By comparison, “knee jerk” reactions, attempting to force the physical world’s limited and simplistic identity model into cyberspace, will certainly have unintended consequences. Hence, I had suggested, it might be better to develop an infrastructure that uses a persistent pseudonymous identity. I was looking to mobile operators to do this, because they had a mechanism to interact face-t0-face (they had retail shops at the time) and remotely, as well as access to tamper-resistant secure hardware (ie, the SIM) for key storage and authentication. It never happened, of course.

Why am I remembering this. Well, I challenged Alec about the Clinton Paradox —slightly mischievously, to be honest, because I suspected he may have had a hand in the speech that I referred to in that blog post—and he said that people should be free to access the internet but not free to break the law, which is a politician’s non-answer (if “the law” could be written out in predicate calculus, he might have had a point, but until then…). He said that he thought that citizens should be able to communicate in private even if that means that they can send each other unauthorised copies of “Game of Thrones” as well as battle plans for Syrian insurgents.

I think I probably agree, but the key here is the use of the phrase “in private”. I wonder if he meant “anonymously”? I’m a technologist, so “anonymous” and “private” mean entirely different things and each can be implemented in a variety of ways.

The Payments Paradox

How will the Bank of Canada mitigate the risk of anonymity and South Korea maintain a ban on “privacy coins” when faced with a Bank of England digital currency that has non-negotiable privacy? Well, the way to resolve this apparent paradox is to note the distinction above between privacy and anonymity.

In the world of cryptography and cryptocurrency, anonymity is unconditional: it means that it is computationally infeasible to discover the link between a person in the real world and value online. Privacy is conditional: it means that the link is hidden by some third party (eg, a bank) and not disclosed unless certain criteria are met.


You can own these cartoons!
NFTs available from the artist Helen Holmes at
(CC-BY-ND 4.0)

Surveying the landscape as of now, I think we can see these concepts bounding an expanding privacy spectrum. There will undoubtedly be anonymous cryptocurrencies out there, but I think it is fair to observe that they will incur high transaction costs. At the other end of the spectrum, the drive for techfins and embedded finance will mean even less privacy (for the obvious reason, as discussed before, that their payment business models around around data). One might argue, with some justification I think, that central banks are better positioned than banks or other intermediaries when it comes to safeguarding data, because a central bank has no profit motive to exploit payments data.

(I could go further and argue that if the central bank were to place transaction data into some form of data trust that would facilitate data sharing to the benefit of citizens, we might see some real disruption in the retail payments space. In a data trust, structure, data stewards and guardians would look after the data or data rights of groups of individuals with a legal duty to act in the interest of the data subjects or their representatives. In 2017, the UK government first proposed them as a way to make larger data sets available for training artificial intelligence and a European Commission proposal in early 2020 floated data trusts as a way to make more data available for research and innovation. And in July 2020, India’s government came out with a plan that prominently featured them as a mechanism to give communities greater control over their data.)

Digital Currency, Digital Privacy

As The Economist once noted on the topic of central bank digital currency, people might well be “uncomfortable with accounts that give governments detailed information about transactions, particularly if they hasten the decline of good old anonymous cash”. And, indeed, I am. But the corollary, that anonymous digital currency should be allowed because anonymous physical cash is allowed, is plain wrong.

No-one, not the Bank of England nor any other regulator, central bank, financial institution, law enforcement agency, legislator or, for that matter, sane citizen of any democracy, wants anonymous digital currency whether from the central bank or anyone else. The idea of giving criminals and corrupt politicians, child pornographers and conmen a free pass with payments is throughly unappealing. On the other hand, the Bank of England and all responsible legislators should demand privacy.

I think the way forward is obvious, and relies on distinguishing between the currency and the wallets that it is stored in. Some years ago, when head of the IMF, Christine Lagarde spoke about CBDCs, noting that digital currencies “could be issued one-for-one for dollars, or a stable basket of currencies”. Why that speech was reported in some outlets as being somewhat supportive of cryptocurrencies was puzzling, especially since in this speech she specifically said she remained unconvinced about the “trust = technology” (“code is law”) view of cryptocurrencies. But the key point of that speech about digital fiat that I want to highlight is that she said

Central banks might design digital currency so that users’ identities would be authenticated through customer due diligence procedures and transactions recorded. But identities would not be disclosed to third parties or governments unless required by law.

As a fan of practical pseudonymity as a means to raise the bar on both privacy and security, I am very much in favour of exploring this line of thinking. Technology gives us ways to deliver appropriate levels of privacy into this kind of transactional system and to do it securely and efficiently within a democratic framework. In particular, new cryptographic technology gives us the apparently paradoxical ability to keep private data on a shared or public ledger, which I think will form the basis on new financial institutions (the “glass bank” that I am fond of using as the key image) that work in new kinds of markets.

So, if I send ten digital dollars from my digital wallet to your digital wallet, that’s no-one business but ours. If, however, law enforcement agencies obtain a warrant to require the wallet providers to disclose the identity of the owners, then that information should be readily available. There is no paradox around privacy in payments, but there is an imperative for practical pseudonymity.

[An edited version of this article first appeared on Forbes, 6th April 2021.]

Stablecoins and Soft Power

The Libra Association has rebranded as the Diem Association and plans to launch its first digital currency, a USD dollar “stablecoin”, early this year so it’s time to think again about the implications of stablecoins. But first of all… here’s wishing you Happy Holidays and all the best for 2021 from all at 15Mb Ltd!

Stable small

with kind permission of TheOfficeMuse (CC-BY-ND 4.0)

You’ll remember Libra, the global currency proposed by Facebook. It met with some pretty negative reactions from central banks, regulators and many other stakeholders. Visa, MasterCard and PayPal dropped out of the initial group of Libra Network members and things went a bit quiet. Then the Libra Association produced a revised version of their White Paper, adding “stablecoins” in national currencies to the original plan for a single Libra currency based on a basket of currencies and making an interesting offer from the consortium to the world’s central banks. It says that the consortium hopes that “as central banks develop central bank digital currencies (CBDCs), these CBDCs could be directly integrated with the Libra network, removing the need for Libra Networks to manage the associated Reserves”.

There’s no need to waste resources of your own on CBDC, Diem is telling central bankers. If a couple of billion people around the world are going to store digital currency in Facebook, Instagram and WhatsApp wallets, then why build an alternative? Use us. You set the policies on inclusion and so on, we’ll do the heavy lifting.

You can be the NASA of money, Diem is telling the Fed, and we'll be the Space-X. Click To Tweet

The Bank of England’s December 2020 Financial Stability Report devotes a section to stablecoins and says the bank is considering the potential effects on financial stability if stablecoins were to be adopted widely. It notes that if stablecoins were backed with central bank money in one form or another it would be “economically similar” to a CBDC. A member of the European Central Bank (ECB) board, Fabio Panetta, referred to this issue of at a recent Bundesbank-convened event about the future of payments noting that allowing something like Diem would be “tantamount to outsourcing the provision of central bank money”. But why is that such a bad idea? After all, as Simon Lelieveldt pointed out to me, while we might assume that the ECB would be the issuer of an electronic euro it is not currently in their mandate.

The truth is that stablecoins are coming. Whether provided by private companies or as a public good, the DC/EP cat is out of the bag, the USDC genie is out of the bottle, the Libra horse has bolted and the question for the world’s central banks is not whether there should be digital currencies or not but what is the best way to deliver them. In which context, outsourcing is a viable option. Recall the Mondex experiment of the 1990s: it was the Bank of England that controlled the issuing of the digital currency, but the Mondex system itself and the Mondex cards issued to consumers were provided by commercial banks.

Personally, I can see the attraction of using such an outsourced stablecoin such as Diem. The ability for me to send money to a cousin in Australia by sending a few Facebucks directly from my Facebook Novi wallet to her Instagram Novi wallet would be useful and convenient. The ability for me to buy shareware from a Swedish software developer and pay instantly by transferring Facebucks by WhatsApp would stimulate trade and the economy. Joking aside, with a good user interface, a good customer experience and a good API to satisfy regulators, Novi and Diem together could indeed provide a viable global alternative to SWIFT.

Dollars and Dominance

Perhaps more importantly, though, US dollar stablecoins — whether provided by central banks themselves as in China, by banks or mobile operators, or by other organisations such as the Diem Assocation — would also reinforce the global dominance of the US dollar ahead of digital competitors (including everyone’s favourite unstablecoin, Bitcoin) in the post-pandemic world where online transactions are the new normal.

The German Minister of Finance calls Diem “a wolf in sheep’s clothing”. If you look at it though, what Diem propose to do is basically that same as is already allowed under European electronic money regulation. Provided that Diem segregate the customer deposits and hold them in the form of bank deposits and other appropriate asset classes, then issuing a digital dollar (or euro or or pound) is no big deal. What the Minister and others are presumably concerned about is the loss of monetary sovereignty if European citizens opt to shift their cash holdings from euros to dollars whether intermediated by Diem, Circle or anyone else.

If you want to understand some of the bigger picture around currencies, competition and what the eminent historian and Hoover Institution senior fellow Niall Ferguson refers to as “Cold War 2”, then you should take the time to listen to this conversation between Ferguson and CoinDesk’s Michael Casey. As the author of one of the best books on the history of finance, The Ascent of Money, Ferguson has a very wide and well-informed perspective on the issues and I have quoted him more than once in my book on the topic.

In this conversation, Ferguson observes that one of the lessons of history is that with globalisation comes a tendency for a particular currency to become the dominant currency, the Prime Currency, for transactions for trade. In the 19th century it was the British Pound, in the 20th century it became the US Dollar, and in the 21st century it will be… well, who knows but as globalisation moves into a period of obvious crisis it is being talked about as it wasn’t before. Ruchir Sharma, Morgan Stanley Investment Management’s chief global strategist, recently wrote in the Financial Times that only five currencies had been top dog in post-medieval times: those of Portugal, Spain, the Netherlands, France and our United Kingdom. Those reigns lasted 94 years on average, by which measure the Dollar is overdue for overthrow.

Public or Private? Local or Global?

Many people think that the only thing keeping the Dollar in place is the lack of a successor. Ferguson points toward China as the place where the new world may be forged, saying that “if I’m right and that trend continues and they become more dominant in not just domestic consumer payments in China but increasingly in payments around the world” then we may start to see a shift in the “tectonic plates of the international monetary system” and I couldn’t agree more.

Ferguson also refers to former Bank of England governor Mark Carney’s call for a synthetic hegemonic currency (SHC), which he rates as more plausible than Diem as the future of the international financial system. It would be a victory for John Maynard Keynes from beyond the grave. Keynes, as you will recall, was in favour of an SHC (the “bancor”) from the very beginning of the current international monetary regime and (correctly) reasoned at the time of Bretton Woods that the lack of such an international reserve currency would deliver control to the United States (at the expense of the United Kingdom).

In Ed Conway’s excellent book on Bretton Woods “The Summit” he talks about how the dollar becoming top dog gave America what the recently-deceased former French President Valery Giscard d’Estaing called the “exorbitant privilege” of borrowing in its own currency. But finance is not the only reason why the coming currency Cold War is of vital importance to the US (and to the West as whole) and control over currency is important.

Currency competition is about politics, because the use of the dollar to settle global transactions gives the US unparalleled lever of “soft power”. As Ferguson puts it, “I think we probably mostly underestimate how extraordinarily effective this lever has been, it’s actually been a much more effective weapon of US foreign policy than the boots on the ground of the U.S. Army and Marine Corps”. Hence a digital dollar (whether a NASA Digital Dollar or a Space-X Facebuck) should be an important policy discussion in the United States right now. Should a future US administration with a global perspective accept the compromise of an SHC as a means to retain some control or can they launch a digital dollar into global orbit first?

[An edited version of this piece first appeared on Forbes, 14th December 2020.]

China’s digital currency may set the benchmark, not Libra

As I wrote a while ago, the Chinese were first with the great transition from commodity money to paper money. They had the necessary technologies (you can’t have paper money without paper and you can’t do it at scale without printing) and, more importantly, they had the bureaucracy. In 1260, Kublai Khan became Emporer and determined that it was a burden to commerce and taxation to have all sorts of currencies in use, ranging from copper ‘cash’ to iron bars, to pearls to salt to specie, so he decided to implement a new currency. Then, as now, a new and growing economy needed a new kind of money to support trade and therefore prosperity. The Khan decided to replace copper, iron, commodity and specie cash with a paper currency. A paper currency! Imagine how crazy that must have sounded! Replacing physical, valuable stuff with bits of paper!


Just as Marco Polo and other medieval travellers returned along the Silk Road breathless with astonishing tales of paper money, so commentators (e.g., me) began tumbling off of flights from Beijing and Shanghai with equally astonishing tales of a land of mobile payments, where paper money is vanishing and consumers pay for everything with smartphones. China is well on the way to becoming a cashless society, with the end of its thousand year experiment with paper money in sight. Already a significant proportion of the population rely wholly on mobile payments and carry no cash at all, much as I do when heading into London.

The natural step from here is to create digital currency so that settlement is in central bank money and there are no credit risks. Now, the People’s Bank of China (PBoC) is run by smart people and as you might imagine they have been looking at this strategy since back in 2014. It now looks as if Facebook’s Libra initiative has stimulated or accelerated their tactics. I read in Central Banking [PBoC sounds alarm over Facebook’s Libra] that PBoC officials had “voiced worries” that [Libra] could have destabilising effects on the financial system and further stated that the bank would step up its own efforts to create an e-currency.

This is no knee-jerk reaction. Way back in 2016, the then-Governor of PBoC, Zhou Xiaochuan, very clearly set out their thinking about digital currency, saying that “it is an irresistible trend that paper money will be replaced by new products and new technologies”. He went on to say that as a legal tender, digital currency should be issued by the central bank (my emphasis) and after noting that he thought it would take a decade or so for digital currency to completely replace cash in cash went to state clearly that “he has plans how to gradually phase out paper money”.

(As I have written before, I don’t think a “cashless society” means a society in which notes and coins are outlawed, but a society in which they are irrelevant. Under this definition the PBoC could easily achieve this goal for China.)

What would be the impact of phasing out paper money? Yao Qian, from the PBOC technology department wrote on this subject back in 2017, noting (as I have done) that a central bank digital currency (CBDC) would have some consequences for commercial banks, so that it might be better to keep those banks as part of the new monetary arrangement. He described what has been called the “two tier” approach, noting that to offset the shock to the current banking system imposed by an independent digital currency system (and to protect the investment made by commercial banks on infrastructure), it is possible to incorporate digital currency wallet attributes into the existing commercial bank account system “so that electronic currency and digital currency are managed under the same account“.

I understand the rationale completely. The Chinese central bank wants the efficiencies that come from having a digital currency but also understands the implications of removing the exorbitant privilege of money creation from the commercial banks. If the commercial banks cannot create money by creating credit, then they can only provide loans from their deposits. Imagine if Bitcoin were the only currency in the world: I’d still need to borrow a few of them to buy a new car, but since Barclays can’t create Bitcoins they can only lend me Bitcoins that they have taken in deposit from other people. Fair enough. But here, as in so many other things, China is a window into the future.

Whether you think CBDC is a good idea or not, you can see that it’s a big step to take and therefore understand the PBoC position. There is a significant potential problem with digital currency created by the central bank. If commercial banks lose deposits and the privilege of creating money, then their functionality and role in the economy is much reduced. We already see this happening because “Alipay, WeChat Wallet, and other Chinese third party payment platforms use financial incentives to encourage users to take money out of their bank accounts and temporarily store it on the platform itself” [China’s Future is Definitely Cashless].

In summary, then, a couple of year ago I wrote that the PBoC were not going to issue cryptocurrencies and they were not going to issue digital currencies either (at least in the foreseeable future). What I said was that what they might do is to allow commercial banks to create digital currency under central bank control. And this indeed what seems to be happening. According to the South China Morning Post, the new Chinese digital currency “would be centrally controlled by the PBoC, with commercial banks having to hold reserves at the central bank for assets valued in the digital yuan“.

How will this work? Well, you could have the central bank provide commercial banks with some sort of cryptographic doodah that would allow them swap electronic money for digital currency under the control of the central bank. Wait a moment, that reminds me of something…

Yep, that’s how Mondex was structured 25 years ago. (If you don’t know what Mondex was, here’s something I wrote about it 20 years on.) There was one big different between Mondex and other electronic money schemes of the time, which was that Mondex would allow offline transfers, chip to chip, without bank (or central bank) intermediation. Would a central bank go for this today? Some form of digital cash that can be passed directly from person to person like Bitcoin rather than some form of electronic money like M-PESA, using hardware rather than proof of work to prevent double spending? Well, it was being tried in Uruguay, but I’m not sure how that pilot is going, although is was not quite the same thing as Mondex because the phones would not be exchanging fungible value but tokens that could ultimately be traced and tracked and monitored, but it’s interesting nonetheless.

 Mondex Paraphanalia

When I wrote about this back in 2018, I said that I thought it was unlikely that the PBoC would allow anonymous peer-to-peer transfers, so I was very surprised to see a Reuters report [6th September 2019] quoting Mu Changchun, deputy director of the PBoC’s payments department, saying about the proposed Chinese digital currency that “its ability to be used without an internet connection would also allow transactions to continue in situations in which communications have broken down, such as an earthquake”.

This would seem to mean that the system will allow offline transactions, which means that value can be transferred from one phone to another via local interfaces such as NFC or Bluetooth. If so, this would be truly radical. I wondered if something was mistranslated in the Reuter’s piece so I went to the source speech (albeit via Google Translate!) and I discovered that this is in fact precisely what he said. Talking about the project, which is called the DC/EP (digital currency and electronic payment) tool, he said that it is functionally “exactly the same as paper money, but it is just a digital form” and went on to confirm that

DC/EP can realize value transfer without an account. In the specific scenario, as long as there is a DC/EP digital wallet on the mobile phone, no network is needed, and as long as the two mobile phones touch each other, the transfer function can be realized… “Even Libra can’t do this,” Mu Changchun said”.

Wow. That’s huge. Libra can’t do it, and never will be able to. To understand why, note that there are basically two ways to transfer value between devices and keep the system secure against double-spending. You can do it in hardware (ie, Mondex or the Bank of Canada’s Mintchip) or you can do it in software. If you do it in software you either need a central databse (eg DigiCash) or a decentralised alternative (eg, blockchain). But if you use either of these, you need to be online. I don’t see how to get the offline functionality without hardware security.

If you do have hardware security and can go offline, then we are back to the question of fungibility again. Here the PBoCs principle is both clear and very surprising.

Mu Changchun said that the public has the need for anonymous payment, but today’s payment tools are closely tied to the traditional bank account system, can not meet the consumer’s anonymous payment needs, and can not completely replace the cash payment. The central bank’s digital currency can solve these problems. It can maintain the attributes and main value characteristics of cash and meet the demands of portability and anonymity.

Wow. They are serious. He goes on to say DC/EP will work the same way as banknotes.

Commercial banks open accounts at the central bank, paying 100% of the total amount, and individuals and businesses open digital wallets through commercial banks or commercial organizations. DC/EP is still replaced by M0 and is legally compensated. For users, just download an app to register, you can use a digital wallet, and recharge cash withdrawals need to dock traditional bank accounts.

I wonder if this will bring interoperability? If DC/EP is really to work as banknotes do then the e-RMB in my bank app and my Alipay app and my WeChat app much be interoperable. I must be able to transfer value from my Alipay app to your WeChat app. If PBoC crack that they will be on the way to one of the world’s most efficient electronic payment infrastructures.

There was a final part to the speech which I did not understand at all, so perhaps a Chinese correspondent more familiar with DC/EP can clarify the meaning. The speech covers “smart” “contract” by which I assume PBoC means apps that use the DC/EP to execute on the handset (since there is no blockchain), but this is my assumption.

Mu Changchun said on several occasions that the central bank’s digital currency can load smart contracts. However, if a smart contract that exceeds its monetary function is loaded, it will be degraded into a value-for-money ticket, reducing its usable level, which will adversely affect the internationalization of the RMB. Therefore, digital currencies will load smart contracts that favor the monetary function, but remain cautious about smart contracts that exceed the monetary function.

I am baffled by this, which I am sure reflects my ignorace of advanced electronic money technologies, but I don’t think that this deflects from my overall observation that if the PBoC goes ahead and launches a person-to-person offline capable CBDC then that will be not only a nail in the coffin of cash but an event as significant and momentous in monetary history as the paper notes of the Khan a millennium ago.

Friday thought experiment: Mac-PESA

I”m very wary of promulgating the “political correctness gone mad” meme, as it is so often a lazy reactionary knee-jerk response to changing times, but I could not resist tweeting about the news that a British police force launched an investigation after a man claimed he had been the victim of a “hate crime” when… a branch of the Post Office refused to accept his Scottish banknote. This incident has now indeed entered our official statistics as a hate crime.

Frankly, this is mental. Scottish banknotes are not legal tender, even in Scotland, as I have explained before. The Post Office is no more obliged to accept a Scottish Fiver than it is to accept Euros, gold or cowrie shells. The story did, however, cause me to reflect on what will happen when, post-Brexit, Scotland votes to leave the UK. Will Scotland then join the euro or create its own currency?

As supporters of Scottish independence insist, once Scotland becomes an independent country, it will be responsible for managing its currency in the same way that every other country that has its own currency is responsible for managing. But how should the Scots go about creating this currency? Surely messing around with notes and coins, other than for post-functional symbolic purposes, is a total waste of time and money.

A much better idea would be to go straight to the modern age and create Mac-PESA, which would be a digital money system rather like Kenya’s M-PESA with with a few crucial enhancements to take advantage of new technology. M-PESA, as a post on the Harvard Business School blog says, is “the protagonist in a tale of global prosperity to which we all can look for lessons on the impact of market-creating innovations”, going on to say that its “roots are far more humble”. They are indeed, and if you are interested in learning more about them, I wrote a detailed post about the origins of M-PESA (and Consult Hyperion’s role in the shaping of this amazing scheme) and the success factors.

The most important of these was the role of regulator: the Central Bank of Kenya (CBK) didn’t ban it. Conversely, one of the reason for the slow take-up of mobile payments (and the related slow improvement in financial inclusion) in other countries was the regulators’ insistence that banks be involved in the development and delivery of mobile payment schemes. The results were predictable. (Here’s a post from a few years ago looking at the situation in India, for example).

Anyway, back to M-PESA. It is an amazing success. But it is not perfect. In recent times it has gone down, leaving millions of customers unable to receive or send money. These failures cost the economy significant sums (billions of shillings), which not not surprising when you remember that M-PESA moves around 16 billion Kenyan shillings per day. So when it drops out, it leaves customers hanging, it leaves agents losing revenue and it leaves the banks unable to transact.

It is now vital national infrastructure, just as Mac-PESA would be.

So what if there were no system in the middle to go down any more? What if the telco, regulator and banks were to co-operate on a Enterprise Shared Ledger (ESL) solution where the nodes all have a copy of the ledger and take part in a consensus process to commit transactions to that ledger?

Do the math, as our American cousins say. Suppose there are 10,000 agents across Scotland with 100 “super agents” (network aggregators) managing 100 agents each. Suppose there are 10m customers (there are currently around 20m in Kenya, which has ten times the population of Scotland). Suppose a customer’s Mac-PESA balance and associated flags/status are 100 bytes.

So that’s 10^2 bytes * 10^6 customers, which is 10^8 bytes, or 10^5 kilobytes or 10^2 megabytes. In computer terms, this is nothing. 100Mbytes? My phone can store multiples of this, no problem.

In other other words, you could imagine a distributed Mac-PESA where every agent could store every balance. You could even imagine, thanks to the miracles of homomorphic encryption, that every agent’s node could store every customers’ balance without actually being able to read those balances. So when Alice sends Bob 10 Thistles (the currency of the independent Scotland), Alice connect to any agent node (the phone would have a random list of agents – if it can’t connect to one, it just connects to another) which then decrements her encrypted balance by 10 and increments Bob’s encrypted balance by 10, then sends the transaction off into the network so that everyone’s ledger gets updated.

You can have a 24/7 365 scheme without having a Mac-PESA system in the middle. When you make a transaction with your handset, it gets routed to a superagent who decrements your balance, increments your payee’s balance, and then transmits the new balances (all digitally-signed of course) to the other superagents.


It would be a bit like making an ATM network where every ATM knows the balance of every debit card. No switch or authorisation server to go down. And if an ATM goes down, so what? When it comes back up, it can resynch itself.

So please, someone challenge me on this. As a thought experiment, why not have Scotland grab a world-leading position by shifting to a Central Bank Digital Currency (CBDC) based on a shared ledger. I very much agree with the Bank of England’s view of such a thing, which is that the real innovation might come from the programmability of such a currency. This would be money with apps and an API, and I would hope that innovators across Scotland and beyond would use it create great new products and services.

Central banks, tokens and privacy

Christine Lagarde, the Managing Director of the International Monetary Fund (IMF) and therefore to a first approximation the person in charge of money, gave a speech in Singapore on 14th November 2018 in which she asked…

Should central banks issue a new digital form of money? A state-backed token, or perhaps an account held directly at the central bank, available to people and firms for retail payments?

This is a question that, of course, interests me greatly. The IMF Staff Discussion Note (18/08) on which her speech is based sets out these two options clearly:

  1. Token-based CBDC—with payments that involve the transfer of an object (namely, a digital token)—could extend some of the attributes of cash to the digital world. CBDC could provide varying degrees of anonymity and immediate settlement. It could thus curtail the development of private forms of anonymous payment but could increase risks to financial integrity. Design features such as size limits on payments in, and holdings of, CBDC would reduce but not eliminate these concerns.

  2. Account-based CBDC—with payments through the transfer of claims recorded on an account— could increase risks to financial intermediation. It would raise funding costs for deposit-taking institutions and facilitate bank runs during periods of distress. Again, careful design and accompanying policies should reduce, but not eliminate, these risks. 

 Or, as I said a few years ago, should the Bank of England create BritCoin or BritPESA?

I’ve written before about the advantages and disadvantages of moving to digital currencies and don’t want to go over these arguments again here. Ms. Lagarde has also spoken about them before, specifically noting that digital currencies “could be issued one-for-one for dollars, or a stable basket of currencies”. Why her new speech was reported in some outlets as being somewhat supportive of cryptocurrencies is puzzling, especially since in this speech she specifically said she remained unconvinced about the “trust = technology” (“code is law”) view of cryptocurrencies. But the key point of her speech is that the IMF is taking digital currency seriously and treating it as something that might actually happen.

(Note that the IMF position seems different to the position of European Central Bank, where President Mario Draghi recently said that they have “no plan to issue a digital currency because the underlying technology is still fragile and the use of physical cash still high in the euro zone”.)

The reason for this comment on her speech is to re-iterate my view on the BritCoin approach. I think Ms. Lagarde is right to mention a state-backed token as an option. The idea of using token technology to implement cryptoassets of any kind, which I have labelled digital bearer instruments, is feasible and deserves detailed exploration. What we might call “digital fiat”* is simply a particular kind of cryptoasset, as shown in the diagram below, a particular kind that happens to be create digital money based on an institutional binding (where the institution is central bank) to national currency.

Cryptomarket Model


Now, nothing in this formulation makes the use of cryptoassets (rather than a central database) inevitable. There are, however, other arguments in favour of using there newer and potentially more radical technologies to implement digital money. One of them is privacy.

(As The Economist noted on this topic, people might well be “uncomfortable with accounts that give governments detailed information about transactions, particularly if they hasten the decline of good old anonymous cash”.)

In her speech, Ms. Lagarde said that…

Central banks might design digital currency so that users’ identities would be authenticated through customer due diligence procedures and transactions recorded. But identities would not be disclosed to third parties or governments unless required by law.

As a fan of practical pseudonymity as a means to raise the bar on both privacy and security, I am very much in favour of exploring this line of thinking. Technology gives us ways to deliver appropriate levels of privacy into this kind of transactional system and to do it securely and efficiently within a democratic framework. In particular, new cryptographic technology gives us the apparently paradoxical ability to keep private data on a public leader, which I think will form the basis on new financial institutions (the “glass bank” that I am fond of using as the key image) that work in new kinds of markets.

* I happened to sit in on the panel discussion on digital fiat at Money2020 China. The discussion was chaired by Carolyn MacMahon from the San Francisco-based Digital Fiat Institute, which I must confess I’d not heard of until today, but intend to visit next time I’m over on the West Coast. In the Q&A I was going to ask about the anonymity issue but go sidetracked with the impact on commercial banks. Next time.