DRAFT at 19 May 2022
Director – Crypto Policy Unit
Financial System Division
The Treasury
Langton Crescent
PARKES ACT 2600
By email only: crypto@treasury.gov.au
Dear Director,
Crypto asset secondary service providers: Licensing and custody requirements
Thank you for the opportunity to provide feedback on the proposed regulation of crypto asset secondary service providers (CASSPrs).
Some observations and recommendations are set out below for your consideration.
Focus on foundational policy issues before a CASSPr regime
The proposed CASSPr regime is not the right place to start. Policy effort and resources should be directed at the economic opportunities and foundational policy gaps that will result in the maximum amount of medium- and long-term net benefit to Australia and Australians.
The pipeline of innovation from DAOs, tokens, and the token activities that are possible with autonomous protocols are key economic priorities. Without this innovation, or confidence of innovators to continue this innovation, the risk increases that CASSPrs have less tokens, or lesser tokens of good quality, to list, exchange, arrange, deal in and custody on behalf of users.
There are foundational policy priorities (set out below) that should be considered before a CASSPr regime is deemed necessary and can be properly developed or scrutinised. If the policy effort does not commence by tackling the foundational policy issues, the CASSPr regime and other attempts to regulate and tax tokens would perpetuate the confusion that stems from the foundational issues and would introduce further regulatory confusion and arbitrage.
Greater, sustainable economic impact would flow from solving the foundational policy issues at the heart of this innovation: clarifying ‘money’ and ‘currency’ status for fully fiat-collateralised fiat currency pegged stablecoins, characterisation of DAOs and what constitutes a ’sufficiently globally decentralised organisation’ for legal and tax purposes, and a legal and tax regime that regulates and taxes token activities instead of relying on characterisation of the token at the time of issue by an issuer. New or amended law around privacy enhancing standards and requirements for identification and verification of identity and customer due diligence, in the context of managing anti-money laundering and counter-terrorism financing risk, would flow from the nature of token activities.
The economic opportunity for Australia is to strategically prioritise policy resources
The speed and priority in which policy resources are directed will have a significant impact on Australia’s ability to attract and retain the best kind of blockchain and digital assets innovation in the next five years – where the next five years are the critical years to form Australia’s footing to participate in the decentralised digital economy.
Australia has this opportunity now but is also at risk of falling behind amidst accelerated efforts internationally to amend or introduce law to attract the best kind of blockchain and digital asset innovation. Neither the world, nor developed economies, can move quickly enough or in step to keep pace with innovation in blockchain and digital assets (or artificial intelligence or quantum technology). Jurisdictional and regulatory arbitrage opportunities will only increase in the next five years, strengthening the case for Australia to take great care in strategically prioritising policy resources.
Foundational policy issues
The foundational policy focus areas in order of priority should be:
Provide ‘currency’ or ‘currency equivalent’ status to fiat currency pegged stablecoins that are fully fiat collateralised, for Australian legal and tax purposes.
Assumption: The use and adoption of ‘fully fiat-collateralised’, fiat currency pegged stablecoins by the ‘mainstream’ (i.e. retail investors and consumers, small, medium and large businesses) will occur rapidly once they are offered by well-known financial institutions which is anticipated in 2022 and 2023. The term ‘fully fiat-collateralised’ will need to be defined.
Clear labelling of ‘fully fiat-collateralised’ stablecoins will assist in informing the market of risky and riskier stablecoins such as crypto-collateralised and algorithmically-collateralised stablecoins.
By 1 November 2022, with retrospective effect from ~ September 2018 (launch of USDC and GUSD).
Legal recognition to DAOs, where legal recognition grants limited liability and introduces a definition of ‘sufficiently globally decentralised organisation’.
Assumption: The adoption and use of DAOs to coordinate capital and people around the world will only increase.
The term ‘sufficiently globally decentralised’ (SGD) will need to be defined. If the SGD test is met, the Digital Activities Act applies and existing laws (e.g. Corporations Act, AML/CTF Act, Income Tax Assessment Acts) do not apply to the token activities but a team can have non-binding reference back to the requirements of existing laws and guidance in relation to the application of those laws if the DAO was centralised and managed in and from Australia.
By 31 December 2023, with retrospective effect from either ~ June 2020 (launch of COMP token) or January 2009 (launch of BTC and Bitcoin protocol).
Introduction of a Digital Activities Act, which defines ‘data structures’ and ‘data activities’, where cryptographically secured tokens may be one subset of a data structure.
Assumption: Standardisation of tokens, such as the ERC-20 fungible token standard and ERC-721 non-fungible token standard, will continue. Without specifying control rights over token transfers or activities, the activities that are possible from having a token exceed what an issuer or market operator is capable of supervising or controlling.
Using the ‘standardised’ token is at the heart of building ‘open-source’ and allows token holders to access global network effects of a token that can ‘plug in’ to global blockchain innovation. Whilst a standardised token may be used, a project team ‘adds rights’ by representations in documentation, website or social media rather than changing the ‘source code’ (or data structure). Teams try to avoid any departure from a standardised token so as to allow token holders the benefit of composability of the token with other protocols built on the blockchain network.
For example, a standard ERC-20 token may be airdropped to provide holders with access to discounts of a business. The standardised nature of an ERC-20 token is such that the ‘access rights’ only attach to the token if the token is used to claim the discount from the business that offers it. Otherwise, the token has no other rights and functions as a standardised fungible token. By its standardised nature the token could be used with other protocols for token activities such as lending, borrowing, investing, access, identification and verification activities.
By 31 December 2023, with retrospective effect from the same date that is determined for legal recognition of DAOs.
Provide ‘currency’ or ‘currency equivalent’ status to fiat currency pegged stablecoins that are fully fiat collateralised, for Australian legal and tax purposes.
Mainstream will increasingly adopt and use fiat currency pegged stablecoins (before CBDCs are issued), whether the stablecoin is pegged to the Australian dollar or not.
Stablecoin issuers are not captured in the CASSPr regime. Accordingly, issuers and CASSPrs dealing in fiat currency pegged stablecoins would continue to be confused and/or overladen with the need for multiple licences across financial services, markets, banking and credit, and possibly inappropriate taxation outcomes if ‘currency’ or ‘currency equivalent’ status isn’t available. The scattering of potentially applicable legislation and licensing is a disincentive to consumer protection oriented stablecoin innovation and development.
Minimal law reform is achievable in the next 6 months to support the issue of fully fiat collateralised fiat currency pegged stablecoins that can be treated as ‘money’ or ‘currency’ for legal and tax purposes. Such reform would support innovation in payments, tax, digital government and supply chain management and financing. Suggested law reform is set out at Attachment A.
Critically, Australian currency pegged stablecoins will accelerate learning by our government, policy makers, central bank and other regulators, as well as business and individuals, ahead of any serious design and launch of an Australian CBDC. Such learning is critical to inform a CBDC design that is trustworthy, reliable, resilient, internationally competitive, and privacy-enhancing. In addition, the ‘mainstream’ (i.e. retail investors and consumers) will largely be introduced to blockchain and digital assets via a stable not volatile form of crypto-asset.
Legal recognition to DAOs, where legal recognition grants limited liability and introduces a definition of ‘sufficiently globally decentralised’ organisation
If a token is issued by a ‘sufficiently globally decentralised’ organisation (not necessarily a decentralised autonomous organisation), is an ‘issuer’ identifiable upon which to impose regulatory obligations? Similarly, if a protocol that can function autonomously is launched by a ‘sufficiently globally decentralised’ organisation, is an operator identifiable upon which to impose regulatory obligations?
Typically, the obligations associated with raising capital via a token issue, or an autonomous protocol accepting token contributions that are pooled to produce a financial benefit, are imposed upon the ‘issuer’ at the time of ‘issue’. Disclosure with respect to the instrument issued or protocol launched is not an ongoing obligation. Accordingly, when subsequent representations are made by the issuer or an unrelated party about what the token grants access to and there is not another ‘issue’ of those tokens, disclosure to the market does not occur nor is it clear who is responsible for that disclosure.
Based on the example above, the policy gap based on existing law appears to be missing disclosure. One of the conditions of eligibility for registration as a limited liability DAO in Australia could be the allocation of funds in the DAO treasury wallet, from funds that are raised from a token issue, to secure a core contributor role or team responsible for continuous disclosure to the market. This person or persons should not have to register with a government registry. The legislation or regulations could propose a template format for the continuous disclosure to ensure minimum standards of timeliness and quality of information to the market.
Again, based on the example above, a policy gap to solve is the potential introduction of protocol (i.e. smart contract) audits prior to the protocol being deployed to the blockchain (from which point the protocol lives forever). Existing protocol audits, ‘security audits’, focus on code vulnerabilities that could be exploited by an attacker which prevent the protocol from functioning as intended, or that could result in loss of tokens or value. Some of the conditions for eligibility for registration as a limited liability DAO in Australia could be the requirement for a security audit as well as a ‘financial market audit’ before the protocol is deployed to the blockchain. Where a standardised token can operate globally and without any control rights or ‘trading halt’ rights, a minimum responsibility imposed upon the issuer should be a requirement to obtain advice and a report from a person experienced in financial markets and web3 token behaviours. This expert’s report should be open to the public and set out aspects of the tokenomics design that could be arbitraged or manipulated to such an extent that the token value could decrease to zero quickly and what mitigation measures are recommended. If the DAO decides to proceed to issue the token and /or deploy the protocol, the market must be strongly and prominently warned of the risks specific to this particular token and protocol.
Obligations to ensure fair, orderly and transparent markets are largely imposed on a market operator. However, where an ERC-20 fungible token contract is deployed to the Ethereum blockchain without control rights there is no ability for the token ‘issuer’ or any market operator to intervene in a token transaction or pause trading of that token. Depending on the blockchain consensus mechanism, there may be an ability to communicate with miners or validators to ask that they not verify particular transactions but this method is untested.
4. Clarity to the market could be provided by regulators and/or government articulating how broadly or narrowly the existing legislation is to be interpreted.
The CASSPr regime’s focus on licensing and custody requirements for ‘secondary service providers’ rather than primary service providers or issuers, often which are DAOs – sometimes in substance ‘sufficiently globally decentralised’ and often decentralised by name only – means that the foundational policy issues are not being dealt with. The existing financial services regime in the Corporations Act 2001 (Cth) already captures ‘secondary service providers’ that are dealing, arranging, or making or operating a market in tokens that can be characterised as securities and financial products. However, the existing regime is not being consistently applied across industry or enforced by Australian regulators.
The ‘policy gaps’ that the proposed CASSPr regime is seeking to solve can be addressed by more active involvement in and contribution to the space by regulators such as the Australian Securities and Investments Commission (ASIC). Continued reference is made by regulators to the ‘regulatory perimeter’ (around the world, not just Australia) but there has not been sufficient information provided to the public about what falls in versus what falls out of the regulatory perimeter. The exercise of clarifying what is ‘in’ and ‘out’ first needs to be undertaken by reference to Australia’s existing laws before a meaningful policy consultation exercise can or should commence.
Greater involvement in the space by regulators requires dedicated resourcing and could span across meaningful industry engagement, reviews/investigations, enforcement action, timely consultation as outlier issues are identified and the release of guidance. Effective regulation and supervision of the blockchain and digital assets industry is a welcome initiative to improve minimum standards. However, dedicated and meaningful resourcing of regulators such as ASIC, the ACCC, APRA and AUSTRAC and targeted enforcement action by those regulators using existing law could assist in lifting minimum standards and identifying the true policy gaps worthy of amended or new law. Such resourcing and effort would also assist with speedier identification and response by regulators to behaviour that is harmful to consumers and/or markets.
5. The word ‘crypto asset’ and the definition of ‘crypto asset’ will not lay the appropriate foundation if used across multiple laws
This submission uses the words crypto-asset, digital asset and token interchangeably but with a preference for the word token. This is because the inclusion of ‘asset’ is limiting and not always accurate and will be less accurate as tokens are developed to do more and varied things.
In addition, if Australia and other countries move toward the introduction of a Digital Activities Act, then in order to maintain clear separation from the existing financial services, banking, AML/CTF and tax regimes, different language from those regimes needs to be used.
A proposed definition and mental model to understand the paradigm shift required for regulatory and tax principles fit for web3 is set out below. This is a working definition for discussion purposes.
Proposed definition of ‘data structures’:
A representation of rights or obligations or both in source code, where the 'ability to direct' the performance of rights or obligations is 'sufficiently linked' to an 'identifier' and where the rights or obligations or both 'may change or be multi characteristic' while the data structure is 'at rest' and the 'purpose of interaction with the data structure becomes apparent when the data structure is 'in transit' once a transaction is initiated.
Key mental model components to understand in critiquing the definition:
• No reference to digital in the definition – it is likely more appropriate to define 'data activities' and then how our activities with data should be regulated and taxed
• No reference to person, which allows for organisations with decentralised models of governance
• No reference to value
• No reference to blockchain or cryptographically secured
• No reference to control - this is highly controversial but concepts of ownership and control could be dealt with separately to the definition of ‘data structures’
• Introduction of 'data structure' concept - this provides the foundation upon which data structure and source code standards can be developed where regulatory protections and tax concepts can be built
• Introduction of concepts of: 'at rest' and 'in transit’, ‘sufficiently linked’, ‘ability to direct’
• Introduction of concept of identifier which is not linked to human person or known legal structure – digital identity management will be its own ‘data activity’
• Introduction of concept of 'purpose of interaction with the data structure becomes apparent when the data structure is 'in transit' once a transaction is initiated' to move away from transaction by transaction analysis when the bundle of transactions should be looked at to inform the regulatory and tax approach
• Assumes a human or artificial person will have multiple digital identities
• Assumes there may be a need to regulate from the perspective of data activities rather than the issue, exchange and dealing with 'digital assets’ because not all digital activity will necessarily be a 'digital representation of value or rights’, particularly if the value goes to nil and the source code doesn’t embody any rights (only the surrounding representations create the rights)
6. Introduce a simplified digital asset tax regime that covers historical years and at least the next 2 years
With respect to the taxation of digital asset transactions and of DAOs, and in the absence of timely binding guidance from the ATO, a simplified digital asset tax regime should be introduced to cover historical years and at least the next 2 years. This is a realistic assessment of time that it will take the Board of Taxation to properly review and report on the appropriate bases of taxation of digital asset transactions, DAOs and whether tax restructure relief should be afforded where existing structures move to a DAO structure (in order for Australian businesses to remain globally competitive).
The regime could introduce a ‘best efforts’ requirement where the taxpayer is required to document how they have used best efforts to determine their tax obligations. Alongside this, there could be an obligation to adopt a tax position that makes ‘economic sense’. Often, it is unclear at what point of a digital asset transaction (which involves a bundle of transactions and rights) a taxing event or events occur, and the taxpayer can be taxed two or more times on effectively the same transaction which does not make economic sense. It is too costly for retail consumers and investors to pay upwards of $10,000 per protocol and token for tax advice written to the level of a reasonably arguable standard.
7. Industry should codify minimum and best practice token custody standards
Before new legislation is introduced, Treasury should work with industry to codify the minimum and best practice token custody standards into a Code of Conduct. Such a process will assist in greater awareness by policymakers and regulators as to the practical constraints of the existing financial services regime. For example, the requirement to have professional indemnity insurance when the insurance market is not mature enough to provide affordable offerings.
Direction of policy resources to legislating the proposed CASSPr regime would be a suboptimal allocation of resources. As is proposed, the CASSPr regime is too similar to the existing financial services regime, seeks to regulate for the same risks (where we place trust in humans to hold, invest or manage our assets) but does not reduce the actual risk of holding or dealing with tokens nor does the CASSPr regime foster a pipeline of safe or safer tokens.
The proposed CASSPr regime is meant to be one aspect of a broader policy effort to introduce ‘light-touch’ regulation that gives greater protection to consumers, and that promotes financial stability and fair, orderly and transparent financial markets in crypto-assets. Whilst the proposed licensing and custody requirements might assist with greater protection to consumers, that protection is superficial because a “safe shop front” won’t contribute to financial stability and fair, orderly and transparent markets.
From January 2020, to January 2021, to January 2022 the market capitalisation of the 10 biggest USD-pegged stablecoins has gone from US$5 billion, to US$36 billion, to US$167 billion, respectively. Institutional and consumer adoption, and the pace of that adoption, is expected to hasten, particularly as more fiat currency pegged stablecoins are launched around the world which feel “easier” and “less risky” for retail consumers, businesses and governments to use and experiment with.
Over the same period, the market capitalisation of all tokens has gone from US$191 billion, to US$934 billion, to US$2.3 trillion. Total token value locked in decentralised finance (DeFi) applications increased from US$601 million at the start of 2020 to US$239 billion so far in 2022.
The industry is not slowing down.
I thank the global web3 community for their conversations and insights shared with me as I have discussed ideas and concepts with them, and for those that have approved the publication of their votes and comments on each proposal in this submission.
I welcome the opportunity to discuss the suggestions and recommendations and look forward to seeing the exposure draft legislation progress.
Yours sincerely,
Joni Pirovich
Principal
Blockchain & Digital Assets – Services + Law
Author: Joni Pirovich, Blockchain & Digital Assets Pty Ltd. Email: info@badasl.com.
This work is licensed under a Creative Commons Attribution 4.0 International License. You are free to share, copy and redistribute the material in any medium or format, and adapt remix, transform and build upon the material for any purpose, even commercially on the condition that you must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use. You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits. You do not have to comply with the license for elements of the material in the public domain or where your use is permitted by an applicable exception or limitation. No warranties are given. The license may not give you all of the permissions necessary for your intended use. For example, other rights such as publicity, privacy, or moral rights may limit how you use the material.
Attachment A
As set out in the recent National Blockchain Roadmap Report to the Department of Industry, Science, Energy and Resources by Convergence.tech Australia (Aus) Pty Ltd:
a) APRA and the RBA should consider providing guidance to clarify whether a ‘tokenised Australian dollar deposit’ issued by an ADI can be interpreted as ‘currency’ or ‘Australian currency’ under the Currency Act and Reserve Bank Act, which may include specifying at least equal fiat currency must be held in reserve by the ADI to support this characterisation.
b) The Treasurer should consider signing an instrument under the Currency Act to specify a variation from the standard weight applicable to coins, that ‘coins’ issued as fiat currency pegged crypto-assets on a blockchain are a type of composition of coins, or stablecoins, accepted for circulation and that have the status of ‘currency’, which may include specifying at least equal fiat currency must be held in reserve by the ADI to support this characterisation.
c) The ATO should consider providing guidance regarding whether a tokenised Australian dollar deposit can be treated as ‘currency’ for income tax purposes when it represents the unit of account of each Australian dollar, which may include guidance regarding when a fiat currency pegged stablecoin should be treated as a CGT asset, trading stock or a TOFA financial arrangement for income tax purposes.
d) The ATO should consider providing guidance to clarify whether payment of a tax-related liability with a tokenised Australian dollar deposit may be acceptable as ‘currency’ if the private-permission blockchain or control rights specified for the token contract deployed on a public blockchain is considered an ‘electronic funds transfer system’ under subparagraph 3(a) of Regulation 21(a) of the Taxation Administration Regulations 2017.
e) The Governor-General should consider amending Regulation 21(a) of the Taxation Administration Regulations 2017 to allow for tax-related liabilities to be paid in stablecoins that are designated as ‘currency’ or ‘currency equivalent’ would enable innovation in digital government to keep pace with innovation in the payments system.
f) The Government should consider amending the GST definition of ‘digital currency’ to permit characterisation as a ‘digital currency’ if a fiat currency pegged stablecoin is restricted but still intended to operate as digital currency by a platform or application.
g) The Government should consider amending the definition of an NFP facility to clearly exclude arrangements involving Australian currency pegged stablecoins and could use this amendment to specify the conditions of that exclusion. This could be done by way of regulations under the Government’s regulatory modification powers under Chapter 7 of the Corporations Act.
h) The Government should consider amending the definition of a financial market to clearly exclude arrangements involving Australian currency pegged stablecoins and could use this amendment to specify the conditions of that exclusion. This could also be done by way of regulations under the Government’s regulatory modification powers under Chapter 7 of the Corporations Act.
i) The Council of Financial Regulators, the ATO and the ACCC should consider defining the parameters in which a fiat currency pegged stablecoin can and should be given ‘currency’ status or ‘currency equivalent’ status, as well as the extent of existing licensing obligations that should apply to stablecoin issuers as well as platforms that integrate use of stablecoins until the SVF framework is finalised.
j) The Council of Financial Regulators should consider the issues raised in this report regarding the regulation of fiat currency pegged stablecoins under the proposed SVF framework, particularly those stablecoins that may be issued on public blockchains without control rights which allow use of the stablecoin beyond the anticipated use and jurisdiction of the issuer.