“Even $1 of funding to Hamas is too much,” I was told, in a private meeting with a good friend at a major US regulator, to explain the antipathy of some US politicians towards crypto.
This was after my tweet taking apart the Treasury request for additional authority, and was in the context of trying to understand why I opposed the majority of those proposals and, it was implied, stopping terrorism financing. When I explained that I opposed the majority of the Treasury proposal because my goal was stopping terrorism financing, they got very, very confused, as this was not the rejoinder they expected.
To understand this view, we have to look deeply into the differences between public blockchain rails and private banking rails. The easiest way to do this is to consider the path of a transaction between each. A typical sort of pathway for such financing would be a transaction moving from an American (A) to a Relative (R) in another jurisdiction, who spends the money at a Business (B), which pays the money to an Owner (O), who sends the money to Hamas (H). Therefore, the pathway is A to R to B to O to H. Usually, it is unclear if R knowingly facilitated the money getting to Hamas, and often the business itself is a mix of legitimate and illegitimate activity, making it particularly difficult to untangle.
First, let us consider this transaction through traditional rails. Unless the same bank is involved at each step, most participants only have visibility to the narrow segment they see (e.g. if a bank like BofA or HSBC sent the initial wire from A to R, they know about that, but nothing beyond that). Depending on how the payment was made to the business, it could be that only the payment processor knows the details (if a mobile payment) or even only the direct participants (if cash). Often a payment to an owner may be a transfer inside the same bank, and in this case, it’s likely to be a local bank with poor controls or in a jurisdiction with poor sanctions compliance. On the last transfer, it’s all but certain nobody knows of that outside of the parties involved, otherwise the whole chain would have been stopped. In short: highly fragmented, limited visibility despite our efforts with things like the travel rule, and hard to piece together.
Second, let us consider this same transaction on public blockchain rails. Now, the identity of the initial wallet will be known through some KYC process (e.g. the American got their crypto somewhere, often from an exchange like Coinbase with extensive KYC procedures), but it’s entirely possible as an outside observer that none of the other entities are known. More so, let us assume each of those transfers is just private wallet sends on a blockchain, rather than using some payments platform (which would expose the identity of more of the wallets). In this starting point, we only know the identity of American A, but can see that the funds went through R, B, O, and H, even if we don’t know who they are yet.
That “yet” is the key point: a public blockchain is a public, complete, forever record of the transactions. The moment those wallets become known in the future, the chain of transactions can often be unravelled and wrongdoing detected. Additionally, more wallets are already known than is generally understood. All of the complaints about data leakage from social media and the amount you can learn about a person on the internet attach to public blockchains, because people often share their wallet addresses online. Just a few known addresses are enough to begin mapping an entire chain.
Public blockchains then become a tool for finding and stopping illicit finance. The bad actors can be identified, the addresses can be sanctioned, and the entire system can be observed effectively, unlike the fragmented, piecemeal mess of the traditional system. More so, with freeze and seize capabilities of stablecoins and the ability to freeze coins on exchanges (where they are often converted to fiat currency), the ability to actually interdict these bad actors is often greater than in the traditional system. Wells Fargo does not have the ability to reach into an Iranian bank account and remove dollars, but PayPal does have the ability to reach into an Iranian-sanctioned wallet and remove PYUSD.
This leads us to the great irony of this debate: public blockchains are being flogged for the crime of actually stopping crime. In a system that is opaque where the bad actions are not effectively detected, there is no crime to be observed. That doesn’t mean it’s not there! It just means it is not visible. Crypto, by being more visible and having a system where the funds can be identified and interdicted, is actually drawing fire.
If our policy goal is effectively interdicting illicit finance, the imperative should actually be building a clear regulatory framework in the United States, sweeping as many stablecoin providers and exchanges into the US as possible so that we have a wealth of customer information to tag wallets when needed, licensing US dollar stablecoins onshore with freeze and seize capabilities, and then monitoring the ecosystem for bad actors given we have the capability to freeze, seize, or block their ability to transact using the funds on chain.
Done correctly, the final step would be to have banks move their anachronistic, fragmented systems onto blockchains in order to facilitate effective monitoring of the ecosystem. After all, if Hamas is funding roughly 1% of their operations through crypto, that means the other 99% is coming through the traditional system. Perhaps we should focus on improving that using transparent, public, distributed technology?
1. Note that my commentary here does not cover chains which do not make transactions public, like Zcash
2. https://www.congress.gov/118/meeting/house/116509/witnesses/HHRG-118-BA10-Wstate-ZarazinskiA-20231025.pdf