After attending a crypto-currency conference in September 2014 I immediately became an enthusiast. I had of course read about Bitcoin and the Blockchain in the press but my understanding of the concept was very basic. At the conference itself and in conversation with several crypto-currency business operators, I understood the huge potential and the significant impact this could have on the future of payments.
Given that crypto-currency generally was not on Gibraltar’s radar two or three years ago, it is encouraging to see that Gibraltar has, over the last 18 months or so, been exploring a regulatory regime for crypto-currency businesses that is flexible enough to enable businesses to thrive yet robust enough for consumers and partners (e-commerce merchants, banking partners or insurers for example) to feel comfortable engaging with them.
It is well known that Gibraltar did this very successfully in the e-gaming sector and it has been suggested that a similar regulatory model can be applied to crypto-currency. Gibraltar also boasts a dynamic and reputable financial services industry regulated by the Gibraltar Financial Services Commission (FSC) and given the obvious links to payments services, it would make sense that the FSC be involved in any proposed regulation of crypto-currency businesses in Gibraltar.
There have been attempts at regulation in other jurisdictions but most regimes have been highly criticised for either being too onerous or not going far enough to address the key issues such as anti-money laundering, banking and security. It is important for Gibraltar, therefore, that the right balance is struck.
One of the greatest threats to crypto-currency businesses is theft. We have seen over the years several crypto-currency exchanges getting hacked. The most recent was suffered by Bitfinex last week, where one of crypto-currency’s leading exchanges lost in the region of 120,000 bitcoins valued at approximately $70 million USD and this issue will certainly have to be tackled in Gibraltar’s proposed regulatory framework. Will regulation impose “Multisig” – a script containing instructions as to how many signatures are required and what public keys correspond to private keys that are authorised to sign – which effectively means that more than one person must authorise a transaction before it is valid? Will wallet providers and exchanges be obliged to keep a certain percentage of the crypto-currency they hold for their customers in reserve and in “Deep Cold Storage” – in servers that are stored inside bunkered vaults for example with multiple access controls and surveillance systems – so that essentially they can repay their customers in the event of theft? Perhaps a combination of both Multisig and Deep Cold Storage is the best solution but these are all options which are available to businesses seeking to provide added security to their customers.
Following the consultation paper, it appears that the scope of regulated activities in Gibraltar would likely capture – crypto-currency exchanges; wallet providers; payments systems; ATM providers; and people who advise on the sale and purchase of crypto-currency; and it is probable that regulated entities will have to have some form of physical presence in Gibraltar. All these matters, however, are currently in the process of consideration.
In my view, the industry is crying out for regulation. When I first started talking to people in Gibraltar about crypto-currency in 2014 there were only a handful of people who had even heard about it, but the level of understanding and enthusiasm seems to have spread dramatically since then. Given the closeness of the various financial services related professions with the relevant competent authorities and the success Gibraltar has had implementing effective regulation, whether it be in e-gaming or financial services sectors, I don’t think it will be long before we see the regulation of crypto-currency related businesses in Gibraltar. I for one am excited to see how this all develops.
30 September 2016