7 March 2023
Director – Crypto Policy Unit
Financial System Division
The Treasury
Langton Crescent
Parkes ACT 2600
Submitted by email: crypto@treasury.gov.au
Dear Director,
Token Mapping Consultation Paper
Thank you for the opportunity to provide a submission to the consultation questions contained within the Token Mapping Consultation paper released in February 2023.
Responses to each consultation question are set out in Annexure A.
Regulation of the ‘crypto ecosystem’, or more appropriately, ‘web3’ (the open internet), is one of the key policy challenges of this decade, and the way in which Australia responds will determine its prospects of prosperity relative to other jurisdictions.
Regulation by enforcement is not the answer. Guidance from regulators is also not the answer if they are forced to continue to give guidance on legislation introduced before borderless and permissionless blockchain technology was available. This is especially so if regulators do not have the resources to acquire a full understanding of the technology and its contexts, and without powers that are appropriate and adapted to guide the innovation rather than stifle or kill it, and without clear policy positions from Government on the various issues.
The Consultation Paper has focussed on token mapping to the Australian financial services framework but makes a key finding that many ‘network tokens’ and ‘public smart contracts’ do not map to existing legal and regulatory frameworks that rely on promises, intermediaries, and agents. As such, the mantra of ‘same activity, same risk, same regulation’, mostly used in the financial services regulation context, is inadequate and outdated because the promises, intermediaries and agents are either not the same, do not exist or have been replaced by autonomously functioning technology protocols that perform as coded. A more sensible approach for the fast-paced and borderless paradigm we are now in is ‘similar activity, similar risk, specialised regulation, same outcome’. This more sensible approach should be informed by an overriding principle and duty upon innovators using blockchain technology to strive for regulatory equivalence (i.e. the same outcomes that the laws were put in place to achieve even if the application of existing law is unclear).
In summary, this submission advocates as follows:
-
Clear defensive and strategic policy positions from Government on the various issues.
-
A policy approach informed by ‘similar activity, similar risk, specialised regulation, same outcome’ and a duty upon innovators to strive for regulatory equivalence.
-
A dedicated web3 agency to assist with more timely, dynamic, and sensible guidance, legislative amendments, industry codes and interventions that evolve as the web3 market evolves.
-
A safeguarding consolidated legislative package that is activities based and focussed on consumers and investors, but which is informed by the idiosyncratic features of permissionless blockchains, and which assumes that mainstream consumers and retail investors will likely engage with intermediated token custody, exchange and management arrangements.
-
Incentives to attract key skills that support the safety and security of permissionless blockchains and token activities possible on those blockchains such as experienced developers and code security auditors.
-
An actively supervised and resourced sandbox that results in an endorsement from one or more regulators as satisfying the regulatory requirements would encourage the allocation of capital for the development of smart contracts that implement a ‘regulated workflow’ of token activities. The European Union’s recently released blockchain sandbox should be leveraged and learned from.
-
Global market integrity concerns arise in respect of DAO tokens which could trickle into potential consumer and retail investor harms. Thus, Australia should be involved in international standard setting initiatives to manage the idiosyncratic risks and likely need for novel approaches to managing those risks in a coordinated international fashion with web3 participant support rather than by any one country.
The Government is responsible for policy leadership that enables Australia to thrive, not to merely survive. Businesses involved with permissionless blockchain technology and token activities in Australia are hardly surviving. Most of the talent has already moved offshore or are in the process of moving offshore. This needs to change quickly for Australian to participate in the economic upside of the global shifts towards permissionless blockchain innovation.
I welcome the opportunity to discuss this submission and assist the Treasury with their ongoing efforts.
Yours sincerely,
Joni Pirovich
Principal
Blockchain & Digital Assets – Services + Law (BADAS*L)
A web3 focussed firm providing legal, strategic and policy services.
Annexure A
-
What do you think the role of Government should be in the regulation of the crypto ecosystem?
The Government is responsible for setting policy that strategically positions Australia to defend itself from threats (including geopolitical competition) as well as to grow and prosper. In an emerging and maturing environment, policy principles are more helpful than proscriptive law. The Government is also responsible for appropriately defining the terms of regulatory bodies and ensuring they are adequately resourced to uphold their mandates in accordance with the Government’s strategic policy intent.
As such, there are important questions in dire need of a policy position from Government but which are beyond the scope of this submission. These include:
(a) Whether the Government seeks to limit use of blockchain technology to permissioned blockchains only, which could effectively silo Australia away from the innovation occurring with permissionless and borderless blockchain technology.
(b) What are the digital safety and national security considerations that should inform the Government’s approach to supporting web3 activities through sensible regulation?
(c) How can web3 innovation and skills strategically position Australia to harness economic growth in the web3 global and borderless economy?
(d) How could agencies like ASIC, the ACSC, the ACCC and the ATO be more responsive to issue timely and useful guidance for web3? What is holding them back?
The role of Government in the regulation of web3, and specifically in relation to token custody and regulation and/or licensing of businesses offering or facilitating token activities, should be to amend existing laws or introduce new laws that address harmful behaviour without stifling innovative approaches to addresses those harms. Since Government is a slow-moving institution, the case has become abundantly clear for a dedicated web3 agency to assist with more timely, dynamic, and sensible guidance, legislative amendments, industry codes and interventions that evolve as the web3 market evolves.
A central bank digital currency (CBDC) and privately issued Australian dollar pegged stablecoins will not be enough to defensively position Australia even in relation to financial stability including stability of the Australian dollar. Currency substitution is already occurring towards digital US dollars away from Australian dollars. There are millions if not trillions more online interactions that can be undertaken using blockchain technology and for which there is an increasing incentive to use blockchain technology as a trusted digital infrastructure. Despite an Australian CBDC or Australian dollar stablecoins, if the infrastructure and applications that support trusted transactions are trusted because of their level of decentralisation and autonomy from interference rather than any national licensing framework, then the value capture of consumer dollars and data and potential tax revenue from fees autonomously earned by those protocols will bypass Australia. An Australian CBDC and Australian dollar stablecoins would be most effective defensively and for growth when combined with an ability to use them with decentralised and autonomous protocols for trusted transactions.
Regulation of the ‘crypto ecosystem’ should be about protecting consumers but it should concurrently be about strategically positioning Australia from a growth and national security perspective. Without a policy environment that retains or attracts blockchain businesses in or to Australia – using permissioned and permissionless blockchains - Australia will be a net importer of trusted transactions and will have declining prospects of becoming a net exporter of trusted transactions.
To the extent that blockchain technology, and its networks of miners or validators, become the global infrastructure for trusted online transactions – not just payments, but trusted online transactions – Australia should defensively position itself in relation to each major blockchain network as critical global financial and security infrastructure. Bluntly, this means that miners and validators, and their supply chains which include silicon and crucial knowledge skills, need to be incentivised to do business from here. Australia’s ability to participate in web3 effectively and strategically will become increasingly important to preserve the integrity of our sovereignty, maintain national security, and to replace our existing tax base with new and structural sound forms of tax revenue from the decentralised digital economy.
2. What are your views on potential safeguards for consumers and investors?
One of the best safeguards is education and understanding. The web3 ecosystem and how it should be regulated should move away from ‘it is a duck if it looks and sounds like a duck’ and move towards a more fitting analogy that encompasses ‘fruit, tree, orchard (internal environment than can be controlled), and weather (external environment that cannot be controlled without international standards or coordination by either the web3 industry and /or governments)’.
An illustration is included below to show that the traditional financial services framework does not cater for ‘weather’ and thus is incomplete in its ability to protect consumers and retail investors dealing with tokens deployed on permissionless blockchains. If all or most tokens or arrangements involving intermediated token systems are treated as financial products, substantial work would still be required by the traditional financial services industry to understand the idiosyncrasies of tokens deployed on permissionless blockchains and token activities programmed to execute on permissionless blockchains and appropriately manage risk.
But for a few exceptions, the existing financial services framework should be appropriate to deal with tokens and smart contracts deployed on permissioned blockchains and token activities controlled by the authorities permitted to operate permissioned blockchains. One exception is the secondary market trading of shares in private companies. In addition, in some cases laws other than financial services laws need to be amended to permit use of permissioned blockchains for innovative activities using tokens such as amendments required to state based land and stamp duty regimes to facilitate the secondary market trading of tokenised real-world assets such as real property.
In contrast, the regulation of tokens and smart contracts deployed on permissionless blockchains and tokens native to permissionless blockchains should be informed by the suggested policy approach below.
A safeguarding consolidated legislative package that is activities based and focussed on consumers and investors, but which is informed by the idiosyncratic features of permissionless blockchains and which preserves their censorship resistance (and ability to be maximally decentralised), could comprise the policy approach as set out below. The policy areas are set out in order of sequential priority if a consolidated package cannot be presented and the sequence assumes that mainstream consumers and investors will likely seek out token custody, exchange and management services before other token activities, and engage with fiat-pegged stablecoins (and the consequential programmability).
(a) Token custody: The Government should announce a policy position that distinguishes between the harmful practices known or anticipated to arise from the separate categories of: intermediated custody arrangements, self-custody, or smart contract-custodial arrangements. Whilst resources may only be available to set out the harmful practices that would ordinarily be regulated by the financial services framework, a holistic token custody package well-equipped to protect consumers and retail investors should also consider harmful practices that would typically fall within the purview of AML/CTF, consumer, privacy, and tax laws.
Despite the separate and distinct categories of custody arrangements, legislation should stipulate the intended policy outcomes are that persons or protocols (with or without DAO-governance) involved in providing a token custody arrangement should strive for:
• clear and reliable segregation of each person’s token balance;
• non-use of a person’s token balance, including a prohibition on use for voting in DAO governance;
• clear expression of the terms of the custody arrangement, including how fees are charged and a person’s rights to withdraw tokens from a custody arrangement;
• real time assurance on their ‘proof of state’ which takes account of the custodied token balances and how fees may be deducted from those balances, and any other assets available to offset against liabilities of providing the token custody services;
• risk-flagging to enable warnings to the consumer such as where scam tokens are airdropped to the custody arrangement, either by disclosure on the official interface and/or reporting to a dedicated web3 agency;
• transparency of intermediaries that are relied upon to provide the custody arrangement;
• best security practices, which may include cold storage and/or distributed authorisations and/or a continuing and resourced model of governance for ongoing identification and prompt addressing of harms.
Intermediated custody arrangements should be clearly delineated between arrangements where one service provider can authorise a token activity without the client’s involvement versus arrangements where multiple independent providers are required to authorise a token activity with or without the client’s involvement. Japan’s existing legislation should be leveraged and learned from in this regard.
A dedicated web3 agency could be tasked with retaining expert knowledge of custodial arrangements and evolving best practices to ensure token custody arrangements offered or available to Australians and Australian businesses meet the stated policy principles or that Australians and Australian businesses are well-equipped to review the custody arrangement to determine if different custody arrangements should be used.
(b) Token exchange: The Government should announce a policy position that states the outcomes that centralised token exchanges and decentralised token exchanges (DEXs) should strive for when listing and permitting purchases and sales of ‘DAO tokens’ transferable on permissionless blockchains.
Jurisdictions like Switzerland have already introduced laws to permit the issue and transfer of ‘regulated tokens’ on permissionless blockchains with template disclosure documentation. However, DAO tokens are those tokens deployed to a permissionless blockchain without any person retaining control to stop or pause token circulation or destroy tokens or recover them if lost or stolen, and may not have an up to date white paper or single location for its important information. Global market integrity concerns arise in respect of DAO tokens which could trickle into potential consumer and retail investor harms. Thus, Australia should be involved in international standard setting initiatives to manage the idiosyncratic risks and likely need for novel approaches to managing those risks in a coordinated international fashion rather than by any one country.
Simply displaying the whitepaper, and even audit reports of the audited token contracts, is insufficient to protect consumers and retail investors. In addition, it is inappropriate for a web3 project to define and be responsible for global distribution mechanisms (and consumer protections related to those distribution mechanisms) of their token to consumers and retail investors.
Legislation should stipulate the intended policy outcomes are that centralised exchanges and DEXs (with or without DAO-governance) involved in providing token exchange services should strive for:
• clear and reliable recording of each person’s token balances transacted;
• clear expression of the terms of the exchange services, including how fees are charged;
• easily accessible official information about the tokens listed;
• risk-flagging to enable warnings to the exchange and/or consumer before a transaction is completed (whether it be a trade, deposit or withdrawal) including by disclosure on the official exchange interface and/or reporting to a dedicated web3 agency;
• data reporting standards that allow customers to keep or obtain appropriate records to comply with their tax and other reporting obligations;
• monitoring of tokens listed, or listing requirements, so that security or other treats are notified to consumers as quickly as possible;
• transparency of intermediaries that are relied upon to provide the exchange services; and
• best security practices, which may include compliance with standards like ISO27001, and listing tokens only where the token contract (and related protocols connected to that token) have been audited and no material or serious risks remain, and/or continuing and resourcing a model of governance for ongoing identification and prompt addressing of harms.
One outcome could be that exchanges strive to mitigate against a consumer or investor losing more value than they can afford to. For example, the exchange should have the discretion to implement innovative procedures to enable a person to limit their exposure to losses. In a similar way that centralised token exchanges have fiat currency daily withdrawal limits and processes to increase those limits (which is an AML/CTF law driven requirement), exchanges could be required to have, but have the flexibility to design, their own procedures to limit or phase a person’s purchasing and sales of DAO tokens (i.e. tokens deployed to a permissionless blockchain without any person retaining control to stop or pause token circulation or destroy tokens or recover them if lost or stolen).
(c) Token management arrangements (staking for yield, exposure to risk to produce yield such as lending and borrowing strategies, staking or other behaviours to receive newly emitted token rewards, to participate in governance): The Government should announce a policy position that distinguishes between the harmful practices known or anticipated to arise from the separate categories of: intermediated token management arrangements and smart contract-token management arrangements. Whilst resources may only be available to set out the harmful practices that would ordinarily be regulated by the financial services framework, a holistic token management package well-equipped to protect consumers and retail investors should also consider harmful practices that would typically fall within the purview of AML/CTF, consumer, privacy, and tax laws.
Despite the separate and distinct categories of token management arrangements, legislation should stipulate the intended policy outcomes are that persons or protocols (with or without DAO-governance) involved in providing a token management arrangement should strive for:
• clear and reliable recording or segregation of each person’s token balance;
• clear expression of the terms of the token management arrangement, including how fees are charged, how tokens will be managed and put at risk, and a person’s rights to withdraw tokens from the management arrangement;
• real time assurance on their ‘proof of state’ which takes account of the token balances being managed and how fees may be deducted from those balances, the gains, losses or rewards made from management of the tokens, and any other assets available to offset against liabilities of providing the token management arrangement;
• risk-flagging to enable warnings to the exchange and/or consumer before a management activity is undertaken or as soon as identified including by disclosure on the official interface and/or reporting to a dedicated web3 agency;
• transparency of intermediaries that are relied upon to provide the token management arrangements; and
• best security practices, which may include distributed authorisations, and allowing management of tokens only where the token contract (and related protocols connected to that token) have been audited and no material or serious risks remain, and/or a continuing and resourced model of governance for ongoing identification and prompt addressing of harms.
A dedicated web3 agency could be tasked with retaining expert knowledge of token management arrangements and evolving best practices to ensure token management arrangements offered or available to Australians and Australian businesses meet the stated policy principles or that Australians and Australian businesses are well-equipped to review the token management arrangement to determine if different management arrangements should be used.
(d) Fully collateralised fiat-pegged stablecoin arrangements
Legislation be introduced to set collateral/reserve requirements, including proof of state / auditing requirements, and currency or currency equivalent treatment for fully collateralised fiat-pegged stablecoin arrangements. The key amendments required have been set out in the previous submission made by BADAS*L to Treasury on 31 May 2022.
(e) Foundational policies
(i) Criteria for legal recognition of DAOs: A framework for legal recognition of DAOs that covers their distinct legal personhood and limited liability so that consumers and investors can participate safely and with confidence in the innovation occurring in web3 projects using DAO structures. Australia could leverage from the COALA DAO Model Law, including recent implementation of the Model Law by Utah and proposed implementation by New Hampshire, as well as learnings from the significant interest towards the Marshall Islands DAO, lack of uptake of the Vermont BBLLC and Wyoming DAO structures, and shortcomings of ‘DAO legal wrappers’. Absent legal recognition criteria, at least tax entity deeming should be considered to prevent uneconomic anomalies in the application of tax laws to DAOs and DAO tokens.
(ii) Regulation appropriate and adapted to the idiosyncrasies of DAOs: To the extent token activities offered by DAOs should be regulated similarly to a financial product, the legal construct of a DAO will enable a ‘person’ to be identified in order to comply with applicable laws. However, the idiosyncrasies of DAOs warrant a nuanced application of financial services laws to a ‘person’. For example, the law could be amended to state that a ‘responsible council’ of a DAO is the relevant person in respect of the obligation to govern open source software with programmed token activities and ensure the software upholds consumer and retail investor protections. Appropriate and adapted regulation should also be considered in respect of AML/CTF, privacy, consumer, insolvency, unfair contracts, ESG and tax laws.
(iii) Token activities: The Government should announce a policy position that is more nuanced than treating all tokens as financial products and that instead focuses on the policy outcome intended from anticipated increased mainstream consumer use of token activities. The policy should set out how web3 projects can issue a transferable token on a permissionless blockchain to raise capital (category 1) and to use that same token to align incentives between their different stakeholder classes (category 2) and permit speculation and secondary sale trading of the token (category 3).
The potential harms and regulatory considerations are different for each activity and regulators around the world appear to be treating the protections promised by compliance with securities laws as being sufficient to protect against harms from categories 2 and 3 when they are not. There are idiosyncrasies to each category when tokens are deployed on a permissionless blockchain that must be addressed in amended or new laws.
For example, in category 1, if a web3 project reserves an allocation of its tokens to be held in its treasury to liquidate those tokens for other tokens or fiat currency to fund the project’s efforts, then regulation could stipulate an outcome that ensures that reserve is not subject to ‘rug-pull’ risk or other risks such as misuse of tokens. By specifying the outcome to be achieved, the onus is then on the web3 project to disclose to its community and put measures in place to prevent ‘rug-pull’ risk and misuse of tokens. Some projects may automate the liquidation of treasury tokens to occur at regular but random intervals of only sufficient funds to pay for each month’s budgeted expenses. Other projects may have different means of achieving the same outcome of mitigating ‘rug-pull’ risk. Stepping back, the web3 project should be required to have had regard to, and continue to have regard to, key risks anticipated and put in place mitigating measures for those risks.
Another example relating to category 2 could be to specify that web3 projects should strive for the outcome of social cohesion, where a cohesive social group has been proven as a self-protecting measure to quickly and effectively address harms as they arise or are identified in a group in order to maintain the strong social cohesion. Token incentive alignment is an idiosyncratic feature of tokens and global communities which requires further policy thought before amending or making new laws, or inappropriately imposing financial services laws.
A final example relating to category 3 could be to specify that speculation and secondary sale trading are ancillary and not primary uses of a token issued by a web3 project and thus, draw a clearer line between what a web3 project is and is not responsible for in matters of integrity and stability of financial markets. If one or more DAO tokens accrue a systemically significant market capitalisation which poses systemic risks and contagion risk to the traditional financial sector, it is likely that remedial efforts would require international coordination – of either or both of the web3 industry and regulators.
Token transferability is a necessary incidence of operating in a web3 ecosystem that relies on composable technology with standardised transferable tokens that can be used in many different protocols. Token transferability is also necessary in order to attract new members to participate with a web3 project. However, policy thought should be given to introducing a default assumption that the mere fact that a person purchases a token to speculate or trade or use in protocols outside of the primary uses stated by the web3 project does not mean that person is a member or participant of the web3 project. A person must actively participate in a token activity governed by the web3 project in order to fall within the regulatory framework that applies to the web3 project.
(f) Tax policy
A simplified opt in tax framework for recording and reporting tax from token activities, at least in the period in which the existing tax laws are being reviewed to determine appropriate amendments that need be made. Tax uncertainty and confusion is a key contributor to consumer harm, particularly where unintended tax consequences arise from seemingly innocuous token activities. Please refer to BADAS*L’s detailed submissions regarding tax policy which are available at https://badasl.com/policy.
(g) Economic incentives
Economic incentives to attract key skills such as developers and code auditors to Australia as well as capital to invest in infrastructure required to support staking and mining for globally significant permissionless blockchain networks.
3. Scams can be difficult for some consumers to identify.
a) Are there solutions (e.g. disclosure, code auditing or other requirements) that could be applied to safeguard consumers that choose to use crypto assets?
First and foremost, scams should be distinguished from smart contract vulnerabilities where the risk of loss from the latter could be mitigated by requiring code auditing.
Yes, solutions are available but are constantly evolving to help safeguard consumers engaging in token activities. For example, a policy principle stated above is that exchanges (centralised and decentralised) should only be able to list tokens for which their contract has been audited and no material or serious risks remain. If a staking activity is made available by the web3 project, then that contract or contracts should also be audited (with no material or serious risks remaining).
It is critical to note that the reliance on the quality and availability of code security auditing skills means that policy incentives to attract these skills to Australia are of strategic importance and should form part of the Government’s policy position.
b) What policy or regulatory levers could be used to ensure crypto token exchanges do not offer scam tokens or more broadly, prevent consumers from being exposed to scams involving crypto assets?
A dedicated web3 agency could be tasked with retaining expert knowledge of latest scams and evolving best practices to disclose them publicly and thereby limit and prevent exposure to token scams offered to Australians and Australian businesses. Exchanges could be required to submit reports to the web3 agency within a short period of becoming aware of a crypto scam, in a similar way that centralised exchanges are required to provide suspicious matter reports to AUSTRAC within a stipulated time frame.
4. The concept of ‘exclusive use or control’ of public data is a key distinguishing feature between crypto tokens/crypto networks and other data records.
a) How do you think the concepts could be used in a general definition of crypto token and crypto network for the purposes of future legislation?
The concept of ‘exclusive use or control’ is flawed and is not appropriate in and of itself. Without a technology framework or legislated framework for digital identity and attestation and verification of the person’s identity at a particular time of ‘holding’ tokens or at the time of initiating a permissionless blockchain transaction, it cannot be proven that a person does have ‘exclusive use or control’ – e.g. they could have shared their private key with another person intentionally or inadvertently. Auditors of self-managed superannuation funds that ‘hold’ tokens are dealing with this very problem presently with some concerned that qualified audit opinions perhaps should have been issued in the absence of independent evidence of exclusive use or control.
Tokens are arguably at best a form of ‘semi-property’. Without a right of recovery of lost or stolen tokens (or the right to recover the ability to initiate token transactions if passwords and private keys are lost or stolen), tokens are imperfect forms of property because they represent neither a chose in action nor chose in possession. The ‘digital currency exchange’ amendments made to the AML/CTF Act were inserted on the basis that ‘digital currency’ was its own thing and was expressly excluded from the AML/CTF Act definition of property. Similarly, the ‘digital currency’ amendments made to the GST law carve out when tokens will be granted ‘digital currency’ status and thus currency equivalent treatment versus treatment akin to the supply of an intangible asset. On the contrary, the Commissioner of Taxation’s public guidance states that ‘holding rights’ amount to a proprietary interest in tokens such as bitcoin but this guidance continues to receive criticism. The Tulip Trading case being heard in the UK will be pivotal in understanding whether equitable rights are owed by a blockchain network’s core developers in relation to at least bitcoin tokens, which if they are then there are more secure grounds for the Commissioner’s view that tokens, or at least bitcoin tokens, give rise to an equitable right which is one of the ways in which a thing can be a CGT asset. Again, an equitable right is imperfect if no effective remedy can realistically be granted.
b) What are the benefits and disadvantages of adopting this approach to define crypto tokens and crypto networks?
Accounting and auditing standards define their own concepts of control, and international accounting and auditing standards bodies have not issued guidance on the matter. In some cases, the Corporations Act and the tax laws refer to internationally accepted accounting principles. To the extent that these pieces of legislation continue to or will refer to accounting concepts of control, then the above approach is flawed as it will not create the certainty intended by legislative amendment.
5. This paper sets out some reasons for why a bespoke ‘crypto asset’ taxonomy may have minimal regulatory value.
a) What are additional supporting reasons or alternative views on the value of a bespoke taxonomy?
A framework of token activities is more sensible than a taxonomy of tokens since tokens can be multifunctional.
b) What are your views on the creation of a standalone regulatory framework that relies on a bespoke taxonomy?
A standalone token activities framework is an appropriate and adapted approach to regulation for the fast-paced and global nature of token activities on permissionless blockchains.
The existing regulatory framework could arguably be applied, perhaps with minor amendments, to token activities on permissioned blockchains.
c) In the absence of a bespoke taxonomy, what are your views on how to provide regulatory certainty to individuals and businesses using crypto networks and crypto assets in a non-financial manner?
In the absence of a bespoke taxonomy, the Government should announce a clear policy position as to its support or not for a web3 project to:
• issue a transferable token on a permissionless blockchain to raise capital (category 1);
• use that same token to align incentives between their different stakeholder classes (category 2) – where category 2 most likely pertains to use of permissionless blockchains and tokens deployed on those blockchains in a non-financial manner; and
• permit speculation and secondary sale trading of the token (category 3).
To reiterate the points made above, the point of a clear policy position in relation to category 3 is to specify that speculation and secondary sale trading of tokens deployed on permissionless blockchains are ancillary and not primary uses of a token issued by a web3 project. This achieves a clearer line between what a web3 project is and is not responsible for in matters of integrity and stability of financial markets versus the internal and non-financial behaviours of its DAO community.
6. Some intermediated crypto assets are ‘backed’ by existing items, goods, or assets. These crypto assets can be broadly described as ‘wrapped’ real world assets.
a) Are reforms necessary to ensure a wrapped real-world asset gets the same regulatory treatment as that of the asset backing it? Why? What reforms are needed?
Where fiat pegged stablecoins are fully collateralised and are intended to be treated as money, the law does require amendment to treat such tokens as money or currency. Some of the key amendments required have been set out in the previous BADAS*L submission made to Treasury on 31 May 2022 regarding the consultation on crypto asset secondary service providers, available at https://badasl.com/policy.
To the extent other real world assets are wrapped and similarly ‘fully collateralised’, it is likely that laws applicable to the asset as well as the financial services and tax laws require amendment to treat such tokens the same as a transfer of the underlying asset. Further economic and policy thought is required to the extent real world assets can be intangibly fractionalised but not tangibly fractionalised, and whether application of existing stamp duty, land tax, GST and income tax laws inhibit the economic benefits that are anticipated from such innovation.
b) Are reforms necessary to ensure issuers of wrapped real-world assets can meet their obligations to redeem the relevant crypto tokens for the underlying good, product, or asset?
To the extent tangible assets are fractionalised through tokenisation, and traded on secondary and potentially global markets, then reforms are likely necessary to deal with the idiosyncrasies that arise in dealings with fractions of a whole tangible asset and to ensure appropriate application of existing provisions that regulate foreign ownership of Australian real property.
7. It can be difficult to identify the arrangements that constitute an intermediated token system.
a) Should crypto asset service providers be required to ensure their users are able to access information that allows them to identify arrangements underpinning crypto tokens? How might this be achieved?
To the extent that DAO tokens can be used in governance behaviours and those governance behaviours are predefined and programmed in code, then human involvement in that predefined manner for the governance of tokens and/or open-source smart contract protocols that are deployed on one or more permissionless blockchains should be excluded from constituting an intermediated token system. This is because the technology provides the ‘real-time regulation’ of input by humans such that the humans can only act in ways predefined by the governance model.
In this regard, web3 projects that issue tokens and open-source smart contract protocols should be required to publish information in plain language the describes the token activities that are:
• possible from the contract that deployed the tokens;
• possible with related contracts that the web3 project (as a traditional legal entity or a DAO); and
with respect to each of the above categories, that describes which of the activities are subject to programmed forms of human governance and input.
Where intermediaries are involved in a token activity, such as where hosting of data referenced by an NFT is managed by a centralised provider such as Amazon or Microsoft rather than a decentralised data storage system, then there should be transparency of those intermediaries (a form of ‘supply chain mapping’).
b) What are some other initiatives that crypto asset service providers could take to promote good consumer outcomes?
Each should strive to keep abreast of latest innovations and best practices concerned with good consumer outcomes.
8. In addition to the functional perimeter, the Corporations Act lists specific products that are financial products. The inclusion of specific financial products is intended to both: (i) provide guidance on the functional perimeter; (ii) add products that do not fall within the general financial functions.
a) Are there any kinds of intermediated crypto assets that ought to be specifically defined as financial products? Why?
Perhaps tokens that are issued and used on permissioned blockchains where there is a person that is appropriate to apply the financial services licensing framework to, and where that person can also predefine and control token recovery to ‘perfect’ property rights in relation to those tokens.
However, with respect to tokens and token activity protocols deployed on permissionless blockchains the financial product definitions and financial services framework is not appropriate or adapted. This is particularly so where tokens can be multifunctional depending on how they are used on a permissionless blockchain and which can freely circulate globally on permissionless blockchains beyond the control of the token issuer or network supporting the underlying permissionless blockchain.
Instead, a duty should be imposed upon web3 projects to faithfully implement the software having regard to regulatory equivalence achieved through the lens of ‘similar activity, similar risk, specialised regulation, same outcome’.
b) Are there any kinds of crypto asset services that ought to be specifically defined as financial products? Why?
To the extent that token activities based on token deployed to permissionless blockchains are being offered and facilitated through an intermediary to Australians and Australian businesses, then the principles stated above in the response to Question 2 are more appropriate and adapted than the existing financial product definitions and financial services licensing requirements.
9. Some regulatory frameworks in other jurisdictions have placed restrictions on the issuance of intermediated crypto assets to specific public crypto networks. What (if any) are appropriate measures for assessing the suitability of a specific public crypto network to host wrapped real world assets?
As stated in previous BADAS*L submissions, the policy goal worth protecting is decentralisation because of the security, integrity and trust that follows for ‘trusted transactions’ to occur on that global digital infrastructure.
Accordingly, the health of the network supporting a blockchain, including the sustainability of tokens emitted to incentivise the network participation, the geographic spread of the network, and the protocol and network’s resistance to censorship or interference from hostile state or non-state actors, are critical metrics that should feed into Australia’s defensive approach to understanding and supporting permissionless blockchain innovation and Australia’s participation in that innovation.
10. Intermediated crypto assets involve crypto tokens linked to intangible property or other arrangements. Should there be limits, restrictions or frictions on the investment by consumers in relation to any arrangements not covered already by the financial services framework? Why?
The harms arising to consumers from tokens linked to intangible property should be identified before regulation is introduced or clarified to limit or restrict investment by consumers into these arrangements.
Confusion around rights to use and commercially exploit intellectual property has been commonplace, and existing laws in place to protect consumers from misleading and deceptive conduct are still out of reach for consumers unable to afford legal advice or cross-border litigation. The policy principles and outcomes stated above in the response to Question 2, combined with a dedicated web3 agency, would greatly assist in identifying and warning consumers about particular arrangements.
11. Some jurisdictions have implemented regulatory frameworks that address the marketing and promotion of products within the crypto ecosystem (including network tokens and public smart contracts). Would a similar solution be suitable for Australia? If so, how might this be implemented?
Regulation targeted at marketing and promotion of tokens is a band aid solution to the greater problems that arise from:
• lack of appropriateness of defining tokens as securities or financial products such as where jurisdictions have adopted taxonomies comprising security, payment and utility token, so token marketing and promotion rules become necessary to re-introduce securities-like disclosure and registration requirements similar to financial services licensing;
• lack of resources available to a regulator to maintain a list of which tokens are securities or financial products, from which to enforce disclosure standards;
• lack of ability for consumers and retail investors to clearly identify scam tokens and scams related to or that use tokens; and
• lack of delineation between category 1, 2 and 3 tokens as set out in the above response to Question 2, and the idiosyncrasies for each category, which would serve to practically and usefully inform and protect consumers and retail investors.
12. Smart contracts are commonly developed as ‘free open-source software’. They are often published and republished by entities other than their original authors.
a) What are the regulatory and policy levers available to encourage the development of smart contracts that comply with existing regulatory frameworks?
b) What are the regulatory and policy levers available to ensure smart contract applications comply with existing regulatory frameworks?
An actively supervised and resourced sandbox that results in an endorsement from one or more regulators as satisfying the regulatory requirements would encourage the allocation of capital for the development of smart contracts that implement a ‘regulated workflow’ of token activities. The European Union’s recently released blockchain sandbox should be leveraged and learned from.
As stated above, it may be appropriate to amend the law to enable a ‘responsible council’ each with relevant skills and experience to be appointed and resourced on an ongoing basis to supervise the operation of an autonomous and open-source smart contract protocol. This would be an example of adopting a policy approach of ‘similar activity, similar risk, specialised regulation, same outcome’.
13. Some smart contract applications assist users to connect to smart contracts that implement a pawn-broker style of collateralised lending (i.e. only recourse in the event of default is the collateral).
a) What are the key risk differences between smart-contract and conventional pawn-broker lending?
One of the key risk differences is the propensity for perpetual loans to the extent the collateral increases or maintains a value sufficient not to trigger a liquidation. The propensity for perpetual loans causes issues from a tax treatment perspective as well as the true nature of the arrangement and economic consequences that may flow is one or more classes of collateral become economically significant and systemic.
b) Is there quantifiable data on the consumer outcomes in conventional pawn-broker lending compared with user outcomes for analogous services provided through smart contract applications?
Data could be retrieved and analysed with respect to permissionless token activities considered as ‘pawn-broker styles of collateralised lending’. However, conventional pawnbrokers operating as centralised entities likely each need to be approached for their business specific information.
14. Some smart contract applications assist users to connect to automated market makers (AMM).
a) What are the key differences in risk between using an AMM and using the services of a crypto asset exchange?
AMMs are criticised as not being as economically efficient as proprietary order books maintained by centralised token exchanges. However, reliable comparison data is not publicly available to verify the accuracy of this criticism. Further, innovation with AMMs, such as the developments seen in Uniswap v3, are enabling more tools for consumers and retail investors to be better informed about the risks involved in the allocation of capital (i.e. liquidity) to AMMs and using the tools to adjust exposure to those risks.
In addition, during a staking contract exploit investigation I have been involved with, chainalysis experts were able to analyse the AMM liquidity pool behaviour and identify indicators of a potential attack that if known to watch out for perhaps the exploit could have been prevented.
b) Is there quantifiable data on consumer outcomes in trading on conventional crypto asset exchanges compared with user outcomes in trading on AMMs?
Data could be retrieved and analysed with respect to permissionless token activities with AMM trading. BADAS*L would be pleased to bring its industry insight and experience to bear if Treasury would like assistance in this regard.