LAS VEGAS, Nev. — Regulators have traditionally responded to bad actors in financial innovation by attacking the underlying technology versus those wielding it as a weapon.
That key theme emerged from the opening-day session at Money 20/20 in Las Vegas Sunday in the Web2.5 Summit track.
Jai Ramaswamy is chief legal officer for Andreesen Horowitz, and he’s been a leading compliance officer for many top traditional financial companies in the U.S. He was interviewed by Eric Golden, host of the Web3Breakdowns podcast.
“As with all new technologies, criminals will be the first early adopters,” Ramaswamy said.
“An important part of this conversation is something broader, which is the development of an additional protocol near the internet — which has very profound implications for financial services — built on the current internet backbone.”
Golden asked Ramaswamy to expand on that eternal battle between innovation and regulation.
“I think the most important thing to recognize is that the tension arises because we’re talking about a multi-tiered technology stack,” Ramaswamy said.
“At base, part of what we’re struggling with is that that technology stack is starting to merge with the financial stack. That’s because the original insight of the bitcoin paper is a novel computer science concept, but it’s a concept that has much broader implications than just finance. You can create a programmable, distributed layer on the internet. You can create an internet-based operating system, or several.”
He added that the average person likely views regulation as a concept through a two-dimensional lens.
“The problem is when people think about regulation, they think about it in a very static way when it’s a dynamic concept,” Ramaswamy noted.
Union of standards
He said the technology stack tends to be regulated by a kind of union of standards, a quasi-governmental or quasi-private sector with a lot of input from both sides.
“As you move up the technology stack into specific activities, self-regulatory organizations like NACHA, FINRA, or others that are more closely associated with regulators but set industry standards for financial services. And then you have the regulators we think of: the CFTC, SEC, FinCEN, etc.” Ramaswamy detailed.
He said regulators typically address the application layer of what the industry is actioning in the real world.
“Part of the issue is financial regulators are starting to regulate the base protocol layers, which is a mistake because regulators are not competent to make design decisions,” Ramaswamy said.
Self-regulation, best practices
The industry needs to think carefully about how that base layer can be regulated through self-regulation, standard-setting bodies, and best practices, Ramaswamy added.
But Ramaswamy cautioned that the government will always notice and react when international fintech bad actors ruin it for the altruistic players.
“When you have a big national security threat like North Korea using crypto, using cybercrime more broadly, to fund their weapons proliferation program… the government, when it sees something like that, will act,” he said.
“With that in mind, I think that part of what went on was a lack of clarity. There was not a full understanding of the difference between sanctioning a smart contract and sanctioning a wallet with an identical private key owner, which is what happened with some of the previous sanctions actions that have taken place.”
It was a confluence of needing to do something and not fully understanding the technology that led to the sanctioning of software, Ramaswamy said.
“This was an attempt to go after bad actors that are linked to protocols that are being manipulated. But the way they did it raised many novel legal issues, which we’ll see worked out subsequently. We need to regulate the conduct rather than the technology.”
Can you sue software?
That observation led to Golden asking the obvious follow-up: Do you hold software responsible for how people use it?
“It’s why financial regulators haven’t directly regulated technology. It’s tended to be standard-setting bodies, and it’s tended to be a combination of engineers and companies building these things because they can react more quickly to it,” Ramaswamy said.
“That’s inevitably what’s going to happen is some set of standards emerges from that debate from that dialogue. If you think about it, that’s what happened in the early days of the internet. At first, it was individuals creating different protocols to emerge one sort of dominant non-opinionated protocol. Then it had standards and bodies that built things around it, and I think we’re still in the early days of that [in fintech].”
We can agree that if some of the original proposals to have the FCC regulate the internet had taken place, we would have a very different architecture, Ramaswamy suggested.
“You don’t know what the risk is until it emerges. You typically talked about regulating existing risks and monitoring emerging risks. I think what we probably didn’t do well enough was not the former because the risks weren’t known at the time,” he said.
“The promise of Web3, if it’s done properly, is to potentially find a new architecture of the internet, and this is incredibly early days. No engineers will question whether it’s even possible, but it’s a bit of a moonshot. But that’s what innovation is all about.”
No time to sit back
Ramaswamy used that top-level view to issue a dire warning against complacency in the face of a difficult task, lest we let others eat our fintech breakfasts.
“The question is, will we cede the playing field to countries invested in creating a very different model? People like to say that China is against cryptocurrency. Yes, but it’s not against the blockchain,” he said.
“The development of the BSN is an attempt for China, for example, to take control of the development of this third generation of the internet because they realized they lost out on the first generation, and they’re not going to do it a second time.”
Related: The promise and pitfalls of financial institutions’ Web3 Integration
He said if the U.S. doesn’t muster its strengths as a democratic society to create an open, privacy-preserving, and compliant version of the internet where we can police bad actors and go after bad actors with due process, we’re going to be ceding the playing field to a very different model, which is not conducive to our values to our economic values or social values.
“That’s an enormous field to be ceded. That should be something that causes us a lot of pause to give up that competitive advantage in such a critical technology,” Ramaswamy said.
Stepping up to challenge
It was not all fear and loathing. Golden looked for a hopeful finale by asking: “What advice do you have for young people that see this as a tremendous opportunity that want to work in this space, and the risks versus the rewards of doing so in the U.S.?”
“In any technology area, there will be good and bad actors. And I don’t think that should dissuade people from doing meaningful things in these spaces,” Ramaswamy said.
“It’s probably an exaggeration. But, when fire was first invented, it was probably used to cook food or warm people, and the second use was probably to commit arson. Criminality and technology go hand in hand. That shouldn’t be enough to dissuade us from having bright minds develop these things.”