How Should We Regulate Crypto/Web3 Cybersecurity?

As seen in The International Journal of Blockchain Law (2024) by the GBBC.

In February 2024, the U.S. Office of the Comptroller of the Currency (OCC) hosted its Symposium on the Tokenization of Real-World Assets and Liabilities. The OCC is one of three prudential banking regulators in the United States, overseeing national banks and federal savings associations. Its role in ensuring the safety, soundness, and fairness of the banking system means it is imperative for the regulator to assess how the entities it supervises are planning to leverage distributed ledger technology (DLT) to provide new and enhance existing products and services. The tokenization of real-world assets and liabilities, such as commercial deposits, real estate, commodities, or art, involves converting the ownership rights of these assets and expressing them as digital tokens that can be traced on DLT. This process has the potential to revolutionize the way assets are bought, sold, and managed, offering increased liquidity, transparency, and accessibility. However, it also presents new regulatory queries, particularly in terms of ensuring compliance with existing financial regulations, safeguarding against money laundering and fraud, and protecting investor rights. As tokenization of real-world assets and liabilities becomes further integrated in the financial system, the OCC's role and regulations will likely influence how other regulatory bodies, both domestically and internationally, approach tokenized assets’ oversight. Importantly, and excitingly, many of the themes discussed during the event fall under the five branches of the Tree of Web3 Wisdom.  The Tokenization Symposium began with remarks from Acting Comptroller Michael Hsu, where he defined tokenization as “process of digitally representing an asset’s liability, ownership, or both, on a programmable platform,” and called on event attendees to understand the technology. He set as the “north star” for the event, identifying problems and proposing solutions accordingly, as opposed to developing solutions in search of a problem.  Panel 1: Legal Foundations for Digital Asset Tokens consisted of members of the Uniform Commercial Code (UCC) drafting committee and others who were supportive of the UCC, a comprehensive set of laws governing commercial transactions in the United States, including sales, leases, negotiable instruments, and secured transactions. The panel argued that amending the UCC to include digital assets benefits token holders because it provides statutory protection compared to enforcing rights through suing over contract rights, and this is particularly important in situations such as bankruptcy, where there is a legal process for asserting claims to recover funds. The panel discussed how the United States has the most advanced body of rules for commercial law, given efforts to amend the UCC to recognize use of DLT, as opposed to other jurisdictions where the common law is still developing. During the discussion, the panelists discussed how it is important to take into consideration the sensible classification of tokens, comparing the concept of tokenization to using paper as a medium for recording rights and liabilities.   Panel 2: Academic Papers on Tokenization explored three academic papers: 1) how the acceptance and usage of digital payments leads to increased financial inclusion; 2) the use of payment stablecoins for real-time gross settlement; and 3) a study on the economics of NFTs. The panelists in their presentations discussed thinking globally with respect to how tokenization is occurring across the world and how it can facilitate cross-border payments and support financial inclusion objectives.   Panel 3: Regulator Panel featured staff of the innovation offices from the OCC, Federal Reserve (the Fed), Federal Deposit Insurance Corporation (FDIC), Commodity Futures Trading Commission (CFTC), and the Securities and Exchange Commission (SEC). Each office discussed how they are seeing tokenization of real-world assets and how they interact with other aspects of DLT such as smart contracts. The regulators discussed opportunities for tokenization within the banking sector, such as tokenization of deposits, tokenized money market fund shares, and the benefits they can provide in areas such as correspondent banking, repo transactions, and post-trade processes. One area they flagged as an opportunity is increasing the accuracy of systems under the Bank Secrecy Act to monitor for money laundering, terrorist financing, and sanctions screening more efficiently. Interoperability is one challenge they are seeing with respect to tokenization. The panelists discussed throughout how regulation of digital assets should be context-appropriate.  Panel 4: Tokenization Use Cases featured representatives from the Depository Trust & Clearing Corporation (DTCC), Mastercard, and the Massachusetts Institute of Technology (MIT). The panelists discussed exciting use cases that tokenization and DLT are enabling such as T+1 settlement and tokenization for private markets, multi-rail payments that support complex types of payments that enable increased coordination, reduce counterparty risk, and enable greater fraud controls. The panelists also touched on how policymakers and innovators should beware of misconceptions when assessing the various use cases. Some themes that echoed from previous panels included challenges around interoperability, developing solutions based on need, and carefully developing regulations based on the use cases.   Panel 5: Risk Management and Control Considerations also explored various tokenization use cases and areas where tokenization can make a big difference, such as markets where capital is freed up and markets become more liquid. The panelists discussed the perspective regulators should use when approaching risk management and developing standards to minimize risk. They also discussed the role of intermediaries in tokenization and how industries have evolved and become more "dis-intermediated" over time. In their closing statements, the panelists called for regulators and policymakers to understand the technology and experiment more with it to better understand its implications.     The Symposium ended with a keynote speech featuring Hyun Song Shin (Economic Advisor and Head of Research at the Bank for International Settlements) regarding how tokenization can help propel innovations in the monetary system similar to money and paper ledgers. He discussed various concepts involving tokenization such as improved delivery versus payment, central bank digital currency, the “singleness of money” with respect to tokenized deposits and stablecoins, and the "tokenisation continuum" that maps out different use cases ranging from wholesale payments to land registries.  In conclusion, the OCC Symposium on the Tokenization of Real-World Assets and Liabilities underscored the need for careful consideration, collaboration, and continuous innovation. The diverse perspectives shared across legal foundations, academic research, regulatory insights, use cases, and risk management considerations have collectively woven a narrative of both promise and challenge. Moving forward, it is clear that embracing the digital evolution calls for a harmonious blend of regulatory adaptability, technological exploration, and a shared commitment to understanding the profound impact tokenization can have on the global financial ecosystem. 

Definition: The process of inspecting, identifying, clustering, modeling and visually representing data on a blockchain. Blockchain analytics can involve the use of software tools and open source information (OSINT) to analyze data on blockchain networks. These tools scrutinize transaction patterns, wallet addresses, and other data points on a blockchain to provide insights into the activities occurring on the network. Blockchain analysis is done for a variety of reasons from market analysis to investigating illicit activity. Blockchain investigations are commonly conducted to uncover illicit activities such as money laundering, fraud, and the use of cryptocurrency in criminal enterprises. Investigations leverage analytics tools to track and identify this activity on-chain. The transparent nature of the blockchain allows for investigators to follow the flow of funds on the public ledger. How it Works: Data Aggregation: collecting, compiling and summarizing information from various sources across blockchain networks Pattern Recognition: identifying and interpreting behaviors and trends within the aggregated data Forensic Analysis: systematically interpreting the aggregated data and recognized patterns to come to investigative conclusions Purposes (not an exhaustive list): AML compliance and regulatory reporting Fraud detection Security analysis Market analysis Enhance security and trust in blockchain networks Aiding law enforcement to catch 'bad actors'