KYC All The Things: Is Market Structure Blowing Up?
A leaked proposal by Senate Democrats would give Treasury sweeping powers to ban non-custodial services, establishing authority over what code can be deployed, and what code can't.
Last month, Senate Republicans published a draft for digital asset market structure known as the Responsible Financial Innovation Act (RIFA), that proposes to retroactively amend money transmission laws to protect developers and exempt non-custodial services from the Bank Secrecy Act (BSA), which governs the application of Know Your Customer (KYC) procedures.
Democrats and Republicans now need to agree on the text, but a leaked counter proposal suggests that finding common ground is not going to be easy: Democrats are proposing for the Treasury to be able to designate effectively any non-custodial software developer a digital assets intermediary, suggest introducing blacklists for DeFi software used for illicit activity, and applying KYC to non-custodial services.
Industry responses have since made clear: the Democrats' proposal is unworkable, but it may not yet be grounds to panic.
L0la L33tz
Introducing A Blacklist for DeFi Software
According to the text, published in full by Eleanor Terrett of Crypto in America, Democrats would like to enable the Treasury to "designate any DeFi protocol, front-end application or other access point—whether sufficiently decentralized or not—or any class of these entities onto a 'Restricted List'" if the protocol has been used for or by "sanctions evasion, illicit finance, money laundering, or terrorist financing, including entities incorporated, headquartered, or primarily operating in jurisdictions subject to U.S. sanctions, or entities owned or controlled by persons in such jurisdiction."
"U.S. persons and financial institutions subject to U.S. jurisdiction shall be prohibited from transacting with or providing access to entities on the Restricted List, subject to general or specific licenses Treasury may issue, including for wind-down, victim remediation, investigative cooperation, or other activities in the public interest," Democrats add.
As CoinCenter's Peter Valkenburgh explains on X, the proposal would "overrule the Van Loon Tornado Cash sanctions decision, creating a black list of software that Americans can't use."
L0la L33tz
Turning Developers into Intermediaries
According to the text, Democrats would like to designate anyone a "digital asset intermediary" who designs, deploys, operates, or profits from a DeFi front-end that facilitates "covered activites," which Democrats describe as "trading, custody, settlement, lending, etc." Under the proposal, intermediaries would be liable under the BSA as well as under the International Emergency Economic Powers Act (IEEPA), which governs sanctions application.
The Democrats' proposal appears to echo a recent proposal made by the White House Digital Asset Working Group, calling on Congress to consider applying the BSA to DeFi services, as well as guidance published by the Financial Action Task Force, which argues that even a front-end could be defined as a Virtual Asset Service Provider.
The classification as an intermediary would additionally be tied to new risk management standards, which would include, among other things, "ongoing monitoring for fraud, manipulation, sanctions evasion, money laundering, or other illicit finance activity, [...] periodic reporting and record keeping sufficient to permit supervisory examination and enforcement," and impose "independent audits" on non-custodial code.
The decision over what protocols would be classified as an intermediary and which can be deemed "sufficiently decentralized" should lie with the Treasury, Democrats propose, but "writing or publishing open-source code is not a violation, absent deployment, control, or profit from the protocol," the text adds.
Democrats had previously hinted at holding intermediaries accountable for illicit activity, as opposed to the Senate's RFIA, which specifically exempts developers from both criminal liability as well as from the application of the BSA.
L0la L33tz
An Anti-Innovation Takeover
The Democrats' proposal "doesn't regulate crypto, it bans crypto," writes Variant Fund's Chief Legal Officer Jake Chervinsky on X. "This proposal is less a regulatory framework and more an unprecedented, unconstitutional government takeover of an entire industry [...] It’s not just anti-crypto, it’s anti-innovation, and a dangerous precedent for the entire tech sector."
The bill forces front-end and non-custodial software developers to KYC users, gives agencies unchecked power for selective regulation by letting the Treasury define “sufficient influence” over a protocol however it pleases, and authorizes Treasury to ban anything in DeFi, Chervinsky adds.
Zack Shapiro of Bitcoin Policy Institute (BPI) has since published an open letter to Democratic Senate offices, urging law makers to reject the proposed DeFi framework and preserve developer protections. "Code is speech," Shapiro writes on X, and "publishing software is not a crime."
As written, the Democrats' proposal "would functionally amount to a ban on open, peer-to-peer financial technology in the United States," the letter reads. The proposal would further "treat software contributors, governance participants, or even website operators as if they were custodians," a suggestion which the BPI describes as "arbitrary, impossible to apply consistently, and completely out of step with how existing law distinguishes between infrastructure and financial actors."
"Once you accept that premise," the letter further states, "the Bank Secrecy Act has no limiting principle. Anything that facilitates a transaction, however indirectly, can be captured: the server hosting the code, the wallet manufacturer, or in the extreme, the hardware that connects a person to the network."
L0la L33tz
The Problem With Free Speech
In the US, computer code has long been considered an expression of free speech, and any attempt to limit it must be narrowly tailored to not impede on the concept of free expression as a whole.
As Shapiro points out, the proposed framework "undermines the very values that have historically animated US leadership in finance and technology: free expression, permissionless innovation, and broad inclusion in markets," effectively telling "every developer and entrepreneur that building true peer-to-peer infrastructure is off limits."
The defense for Tornado Cash developer Roman Storm, who is currently fighting a conviction for conspiracy to operate an unlicensed money transmitting business, makes similar arguments in his recent motion for acquittal: finding developers of non-custodial software liable for the criminal conduct of their users, and expecting them to combat said activity with the imposition of regulated frameworks, imposes a direct restriction on what code can be written, and what code can't.
While the Democrats' leaked proposal sent many into outright panic, CoinCenter's Peter Valkenburgh points out that "grilling members by association to an internal memo that is part of the process and not intended to be a final public proposal" is "likely premature," highlighting that "there's still room to work with folks."
Independent journalism does not finance itself. If you enjoyed this article, please consider making a donation. If you would like to note a correction to this article, please email corrections@therage.co
