The recent news

In what it presents as a set of guidelines designed by a risk-driven approach, the FATF published on 21 June 2019 recommendating to fight the use of crypto-assets and cryptocurrency platforms for launderind money and financing terrorism.

This fight against money laundering is (with the fight against corruption) often presented as the core of the Compliance Law. The FATF takes a large part of it. Even if this new branch of Law aims to crystallize other ambitions, such as the fight against tax fraud or climate change, or even the promotion of diversity or education and the preservation of democratie, the legislation of Compliance Law are mature in the matter of money laundering and the terrorism financing, as they are in the fight against corruption.

The news comes then not from the new legal mechanisms but rather from the new technological tools that could allow the realization of the behaviors against which these obligations of compliance have been inserted in the legal system. It is then to these technologies that the law must adapt. This is the case with crypto-assets and cryptocurrency platforms. Because these are rapidly evolving technologies, with the exercise of written guidelines in 2019 to inform the meaning of the provisions adopted in 2018, the FATF is taking the opportunity to change the definition it provides of crypto-assets and cryptocurrencies. So that a too narrow definition by the texts does not allow the operators to escape the supervision (phenomenon of "hole in the racket" - loophole)..  

___

In fact, in October 2018, the FATC (Financial Action Task Force) developed 15 principles applying to these platforms, to allow this intergovernmental organization to carry out its general mission to combat money laundering and the financing of terrorism. These June 2019 recommendations are to interpret them.

In this very important document, where it is expressly stated that it is a matter of fixing the obligations of those who propose crypto-assets and crypto-currencies, the notion of self-regulation is rejected. Il est writter : "Regarding VASP (virtual assets services providers) supervision, the Guidance makes clear that only competent authorities can act as VASP supervisory or monitoring bodies!footnote-119, and not self-regulatory bodies. They should conduct risk-based supervision or monitoring, with adequate powers, including the power to conduct inspections, compel the production of information and impose sanctions. There is a specific focus on the importance of international co-operation between supervisors, given the cross-border nature of VASPs’ activities and provision of services."

On the contrary, it is a matter of elaborating the control obligations that these service providers must exercise over products and their customers (Due Diligences), which must be supervised by public authorities. 

In order to exercise this supervision and monitoring, the national authorities themselves must ensure that they work together : "As the Virtual Assets Services Providers (VASP) sector evolves, countries should consider examining the relationship between AML/CF (Anti-Money Laundering and Counter Terrorist Financint) measures for covered VA activities and other regulatory and supervisory measures (e.g., consumer protection, prudential safety and soundness, network IT security, tax, etc.), as the measures taken in other fields may affect the ML/TF risks. In this regard, countries should consider undertaking short- and longer-term policy work to develop comprehensive regulatory and supervisory frameworks for covered VA activities and VASPs (as well as other obliged entities operating in the VA space) as widespread adoption of VAs continues".

After particularly interesting comparative law information on Italy, the Scandinavian countries and the United States, the report concludes: "International Co-operation is Key", because of the global nature of this activity.

Since the issue is not the global Regulation of these platforms and types of products, but only the possible modes of money laundering and terrorist financing to which they may give rise, the FATF recalls that neither crypto-products nor product suppliers are not referred to as such. As the guidance's title recalls, common to the 2018 document adopting the 15 principles and this interpretive document, these are "risk-based" rules. Thus, it is according to the situations that these - products and suppliers - that they may or may not present risks of laundering and financing of terrorism: depending on the type of transaction, the type of client, the type of country, etc. For example, from the moment that the transaction is anonymous, that is impossible to know the "beneficiary", or that it is transnational and instantaneous, which makes it difficult to supervise because of the heterogeneity of national supervisions little articulated between them.

In reports that public supervisors must have with crypto-product suppliers, they must adjust according to the level of risk presented by them, higher or lower: "Adjusting the type of AML/CFT supervision or monitoring: supervisors should employ both offsite and onsite access to all relevant risk and compliance information.However, to the extent permitted by their regime, supervisors can determine the correct mix of offsite and onsite supervision or monitoring of Virtual Assets Services Providers (VASPs). Offsite supervision alone may not be appropriate in higher risk situations. However, where supervisory findings in previous examinations (either offsite or onsite) suggest a low risk for ML/TF, resources can be allocated to focus on higher risk VASPs. In that case, lower risk VASPs could be supervised offsite, for example through transaction analysis and questionnaires".

This "adjustment" required does not prevent a very broad conception of the power of supervision. So, for nothing escapes the recommendations (and in particular the obligations that ensue for the suppliers of these products), the definition of the crypo-assets and crypo-currencies is this one: “Virtual asset” as a digital representation of value that can be digitally traded or transferred and can be used for payment or investment purposes. Virtual assets do not include digital representations of fiat currencies, securities, and other financial assets that are already covered elsewhere in the FATF Recommendations."

And for the same reason of effectiveness is posited the principle of technological neutrality: "Whether a natural or legal person engaged in Virtual Assets (VA) activities is a Virtual Asset Services Provider (VASP) depends on how the person uses the VA and for whose benefit. As emphasized above, ...  then they are a VASP, regardless of what technology they use to conduct the covered VA activities. Moreover, they are a VASP, whether they use a decentralized or centralized platform, smart contract, or some other mechanism.".

The interpretative guidelines then formulate the obligations that these platforms have with regard to the supervisors they obey(question of the "jurisdiction", ratione loci ; ratione materiae): " The Guidance explains how these obligations should be fulfilled in a VA context and provides clarifications regarding the specific requirements applicable regarding the USD/EUR 1 000 threshold for virtual assets occasional transactions, above which VASPs must conduct customer due diligence (Recommendation 10); and the obligation to obtain, hold, and transmit required originator and beneficiary information, immediately and securely, when conducting VA transfers (Recommendation 16). As the guidance makes clear, relevant authorities should co-ordinate to ensure this can be done in a way that is compatible with national data protection and privacy rules. ".

These platforms are not uniformly defined due to the diversity of their activities. Because it is their activity that makes them responsible for this or that regulator. For example from the Central Bank or the Financial Regulator: "For example, a number of online platforms that provide a mechanism for trading assets, including VAs offered and sold in ICOs, may meet the definition of an exchange and/or a security-related entity dealing in VAs that are “securities” under various jurisdictions’ national legal frameworks. Other jurisdictions may have a different approach which may include payment tokens. The relevant competent authorities in jurisdictions should therefore strive to apply a functional approach that takes into account the relevant facts and circumstances of the platform, assets, and activity involved, among other factors, in determining whether the entity meets the definition of an “exchange”!footnote-121 or other obliged entity (such as a securities-related entity) under their national legal framework and whether an entity falls within a particular definition. In reaching a determination, countries and competent authorities should consider the activities and functions that the entity in question performs, regardless of the technology associated with the activity or used by the entity".

____

Reading this very important document, it is possible to make 6 observations: 

1. Interpretative documents are often more important than rules interpretated themselves. En these guidances, first and foremost, these are major obligations that are stated, not only for platforms but also for national laws, and well beyond the issue of money laundering. So, it is laid: "Countries should designate one or more authorities that have responsibility for licensing and/or registering VASPs. ...  at a minimum, VASPs should be required to be licensed or registered in the jurisdiction(s) where they are created. ".This is a general prescription, involving a general regulation of these platform, which registered in a general way, will probably be supervised in a general way.

Secondly, it is a series of binding measures that is required of the National legal systems, for example the possibility of seizing crypto-values.

It shows that the soft Law illustrates the continuum of the texts, and allows their evolution. Here the evolution of the definition of the object itself: the definition of crypto-assets and crypto-currencies is widened, so that the techniques of money laundering and terrorist financing are always countered, without it being necessary to adopt new binding rules. We are beyond mere interpretation. And even more of the principle of restrictive interpretation, classically attached to the Repressive Law ...

2. Fort the effectiveness of the Compliance Law, definition become extremely broad. Thus, to follow the FATF, the definititon off a financial institution is as follows: "“Financial institution” as any natural or legal person who conducts as a business one or more of several specified activities or operations for or on behalf of a customer". This is more the definition of a company in Competition Law!footnote-120....Why ? Because otherwise, an operator finds a status allowing him to escape the category and obligations listed. The principle of efficiency implies it. The principle of "legality", derived from criminal law, has hardly any existence. But this also corresponds to the general evolution of the financial world, in which one no longer stars from the organ (for example to be a"bank") but of activity, but from an activity or a fonction whose metamorphoses are so rapid that it is almost impossible to define them ....

3. In the same way, the definition of crypto-assets or crypto-currencies: "“Virtual asset” as a digital representation of value that can be digitally traded or transferred and can be used for payment or investment purposes. Virtual assets do not include digital representations of fiat currencies, securities, and other financial assets that are already covered elsewhere in the FATF Recommendations". This definition is purely operational because nothing can escape the FATF: all that is financial or monetary, whatever its form or support, its traditional form or a form that will be invented tomorrow, is within its competence and, through a such definition, is under national supervisors. In Compliance Law, and since everything is based on risk analysis, the idea is simple: nothing must escape obligations and supervision.

4. Platform apprehension is done by the criterion of activity, according to the "functional" method. Thus, its supervision, or even its regulation, and its obligations of compliance, will apply, depending on what it does, to the Financial Regulator (if it does ICO) or to others if it only uses tokens as an instrument of exchange. If it makes several uses, then it would fall under several Regulators (criterion ratione materiae).

5. The principle of "technological neutrality" is a classic principle in Telecommunications Law. Here we measure the interference between the principles of Telecommunications Law and Financial Law, which is logical because crypto-financial objects are born of digital technology. This neutrality allows both technological innovation to develop and supervision to be unhindered for not having foreseen an innovative technology appearing after the adoption of the legal text. Here again, the effectiveness of Compliance and risk management are served, without the innovation being thwarted, which is often opposed.

6. What is expected of national public authorities is a very wide "interregulation". This is both "positive". Indeed, this includes financial matters but also the security of networks, or the protection of consumers. It can be called equilibrium interregulation in that all goals converge. But this is also an "interregulation" that can be described as balance. Indeed, the FATF is concerned about the protection of personal data. However, it emphasizes that the effectiveness of the Compliance system must stop. But the protection of personal data is also a part of Compliance Law.... This is one of the major challenges in the future: the balance between security and the fight against global evils(here the fight against money laundering and terrorism) and the protection of the privacy of individuals, as both fall under Compliance, but both have opposite legal effects: one the transmission of information, and the other the secret of the information. 

____

The European Banking Union is based on supervision as much as on regulation: it concerns the operators as much as the structures of the sector, because the operators "hold" the sector.

This is why the "regulator - supervisor" holds the operators by the supervision and is close to them.

He meets them officially and in "soft law" relations. This is all the more necessary since the distinction between the Ex Ante and the Ex Post must be nuanced, in that its application is too rigid, in that it involves a long time (first of all the rules, then to apply them, then to notice a gap between rules and behaviors, then to repair it) is not appropriate if the system aims at the prevention of systemic crises, whose source is inside the operators.

This is why the body in charge of solving the difficulties of the systemic banks for the salvation of the systeme meets the banking sector itself, to ensure that they are permanently "resolvable", so that the hypothesis of their resolution never arises. This is the challenge of this system: that it is always ready, for never be applying.

____

In the European Banking Union, the Single Resolution Board (SRB) is in charge of "resolve" the difficulties of European systemic banks in difficulty. It is the public body of the second pillar of the Banking Union. The first pillar is the prevention of these difficulties and the third is the guarantee of deposits. The resolution is therefore more like an Ex Post mechanism.

But in this continuum through these three pillars between the Ex Ante and the Ex Post, the SRB does not wait passively - as would a traditional judge do - that the file of the troubled bank reaches it. Like a supervisor - which brings it closer to the first public in the system (Single Supervisory Board -SSB), which supervises all the banks, it is in direct contact with all the banks, and it approaches the hypothesis of a bank in trouble by a systemic perspective: it is therefore to the entire banking system that the SRB addresses itself.

As such, it organizes meetings, where he is located: in Brussels.

Thus, on June 18, 2019, all banks came to discuss with the Single Resolution Board to know what it wants from the banks and for the banks, in what is called a "dialogue meeting".

To resolve in Ex Post the difficulties of a bank, it has to present a quality (a little known concept in Bankruptcy Law): "resolvability". How build it? Who build it ? In its very design and in its application, bank by bank.

For the resolution body vis-à-vis all players in the banking and financial sector, it's clear: "Working together" is crucial in building resolvability ".

In the projection that is made, it is affirmed that there can be a successful resolution only if the operator in difficulty is not deprived of access to what makes to stay it alive, that is to say the banking and financial system itself, and more specifically the "Financial Market Infrastructures", for example payment services.

Does the Single Resolution Board expect spontaneous commitments from the FMIs for such a "right of access"? In this case, as the Single Resolution Board says, this right of access corresponds to "critical functions" for a bank, the resolution situation can not justify the closure of the service.

By nature, these crucial operators are entities that report to regulators who oversee them. Who enforces - and immediately - this right of access? When one can think that it is everyone, it risks being nobody .... That is why the resolution body, relaying in this a concern of the Financial Stability Board, underlines that it is necessary to articulate the supervisors, regulators and "resolvers" between them.

_____

To read this program, since it is a proposed program of work for the banking sector, four observations can be made:

1. We are moving more and more towards a general "intermaillage" (which will perhaps replace the absence of a global State, but it is an similar nature because it is always to public authorities that it refers and not to self-regulation);

2. But as there is no political authority to keep these guardians, the entities that articulate all these various public structures, with different functions, located in different countries, acting according to different temporalities, these are the companies themselves that internalize the concern that animates those who built the system: here the prevention of systemic risk. This is the definition of Compliance, which brings back to companies, here more clearly those those which manage the Market Infrastructures, the obligations of Compliance (here the management of systemic risk through the obligation of giving access).

3. Even without a  single systemic guard, there is always a recourse. That will be the judge. There are already many, there will probably be more in a system of this type, more and more complex, the articulation of disputes is sometimes called "dialogue". And it is undoubtedly "decisions of principle" that will set the principles common to all of these particular organisms.

4. We then see the emergence of Ex Ante mechanisms for the solidity of the systems, and the solidity of the players in the systems, and then the Ex Post resolution of the difficulties of the actors according to access to the solidity of the infrastructures of these systems, which ultimately depend on judges (throughout the West) facing areas where all of this depends much less on the judge: the rest of the world.

____