Cryptocurrencies are by now widely known as electronically generated and stored currencies that enable users to trade tokens. The tokens are exchanged anonymously through a decentralized payment system: the blockchain. To further anonymity, the parties to cryptocurrency transactions are identified by a unique string of random numbers rather than by a name or other personal information.

There is however a dark side to this anonymity. It makes it easier for criminals and terrorists to launder money and otherwise transact illegal business. For example, anonymous tokens provide terrorists with access to cash that is essential to organizing attacks without dependency on financial intermediaries such as banks that could block the transfer of money.

This challenge of anonymity has prompted the U.S. Congress to move toward expanding the obligation of cryptocurrency exchanges to identify their customers. The Anti-Money Laundering Act of 2020 broadens the Bank Secrecy Act (BSA) definition of financial institution to cover businesses that exchange cryptocurrencies. Exchanges must now verify the identity of their consumers, develop customer risk profiles, and monitor transactions to submit suspicious activity reports. In Europe, amendments to the Anti-Money Laundering Directive require cryptocurrency exchanges and custodian crypto-wallet providers to follow the same regulatory requirements as banks and other financial institutions.

In a new paper, we propose a legal framework for targeting the anonymity of cryptocurrency users. We advocate requiring corporations that issue cryptocurrency to verify the identity of users on the blockchain by complying with a Know Your Client (KYC) rule for anyone entering their blockchain and using their tokens. We further recommend that, where there is probable cause to suspect that a cryptocurrency user’s activities support terrorism, courts should order cryptocurrency issuers to disclose the identity of users on the blockchain. Our aim is to help stop the use of crypto to finance terror attacks and terrorist operations.

Although our proposal would involve the courts in an effort to balance national security concerns with the Fourth Amendment rights of users against illegal searches and seizures, we recognize that there would be other legitimate concerns. They might include First Amendment issues, given that limiting the ability of users to remain anonymous could chill their speech and inhibit their use of cryptocurrencies and also chill the speech of issuers by impairing their right to shape code. Our proposal would also involve administrative costs, could create the risk that personal and financial data would be misused, perhaps as the result of a data breach, and would present challenges for global enforcement officials. We believe, however, that the risks of preserving anonymity – especially its role in facilitating terrorist activities – are high enough that the benefits of implementing our proposal would exceed the costs.

This post comes to us from Hadar Y. Jabotinsky, and Michal Lavi, research fellows at the Hadar Jabotinsky Center for Interdisciplinary Research of Financial Markets, Crises and Technology.  It is based on their recent article, “Speak Out: Verifying and Unmasking Cryptocurrency User Identity,” available here.