A national-security approach to regulating crypto

By Ben Schreckinger

With help from Derek Robertson

A sandstorm covers Tehran, Iran, Tuesday, May 17, 2022. | Vahid Salemi/AP Photo

Crypto executives love to complain about ill-defined rules — of "regulation by enforcement," of living through another version of "Operation Choke Point."

They have a point. There’s widespread consensus the U.S. needs a more comprehensive approach to regulating a trillion-dollar asset class whose backers harbor an expansive vision of its role in the world. There's just not much agreement about what that approach should look like.

Now the Foundation for Defense of Democracies is wading into the fray with a set of proposals meant, in part, to prevent "regulation by enforcement" from becoming the norm in policing crypto’s national security risks.

The hawkish think tank, known for its hardline stance on Iran, wields significant influence in Washington foreign policy circles, and it sees crypto-enabled money laundering as a big national security threat. It wants to bring the industry in line with the extensive compliance regime that applies to traditional financial firms — along with some additional measures to address the unique technical characteristics of digital assets.

It gave DFD an exclusive look at its new framework ahead of a public release later today. The goal is to spur policymakers to fill in gaps and eliminate ambiguities in crypto rules that could impact national security, including those governing areas such as privacy-focused coins like Monero and anonymizing currency mixers like Tornado Cash.

The think tank plans to follow up with briefings of its contacts in the Biden administration and Congress. The idea, as the report puts it, is to head off “a national security version of the FTX implosion.”

If that doesn't sound like a ringing endorsement of crypto — well, to put it mildly, FDD doesn't subscribe to crypto purists’ vision of anonymous, borderless, permissionless finance.

“The industry may oppose some of these steps because they’re costly,” the framework’s co-author, FDD senior advisor Rich Goldberg tells DFD. “Or because they’re antithetical to their business models”

National security concerns raised by crypto have grown in recent years as U.S. adversaries like Iran and North Korea have seized on the pseudonymity and decentralization of blockchain networks to evade sanctions and launder the spoils of state-backed hacking schemes.

The FDD framework is meant to build on a plan for countering illicit crypto-finance released by the Treasury Department in September, in response to President Joe Biden’s executive order on digital assets.

Goldberg said he hopes it will permit the Treasury Department to avoid replicating the ad hoc approach taken (most notably) by the SEC in its enforcement of consumer protection rules when it comes to policing illicit flows of money.

Laying out explicit rules tailored for digital assets could prevent a repeat of the firestorm that occurred last summer when the Treasury Department sanctioned Tornado Cash, a decentralized protocol for anonymizing crypto transactions.

Tornado Cash had been used extensively for money laundering, but the unprecedented nature of sanctions against a software tool — as opposed to a company or people running a conventional piece of software — created fears of overreach.

Crypto supporters worried the sanctions could implicate all kinds of users who had nothing to do with money laundering, including passive recipients of crypto sent with the tool or impinge on free expression by prohibiting the publication of Tornado Cash’s source code.

Following weeks of uproar, Treasury published additional guidance saying that it would not prioritize enforcement against people who received small amounts of unsolicited crypto with the tool, and that its rules did not forbid people from interacting with the source code if they are not involved in banned transactions.

FDD’s report finds that some questions raised by the Tornado Cash sanctions remain unanswered. They include how far back in a crypto token’s transaction history a firm has to look when making sure it hasn’t passed through a sanctioned address.

The U.S. also needs to step up pressure on other governments to enforce financial surveillance rules for crypto firms, the report argues.

Specifically, FDD wants the U.S. to lean on fellow members of the Financial Action Task Force — an intergovernmental group charged with countering money laundering and terror finance — to comply with the task force’s crypto compliance recommendations.

The framework calls, too, for investment in on-chain analysis capabilities by government agencies and says Congress should consider requiring crypto firms to incorporate such methods into their compliance systems.

Other recommendations include minimum cybersecurity standards for crypto firms and a higher standard of scrutiny for crypto exchanges based in jurisdictions deemed high-risk for money laundering and terror finance.

For harried crypto execs still reeling from this year’s crackdown, there’s one more recommendation in particular to take note of. Despite its preference for proactive rulemaking, the framework still calls for regulating through enforcement “when necessary.”

“Sometimes you have to kill the chicken to scare the monkey,” Goldberg said, invoking a Chinese idiom about making an example of someone. “But that shouldn't be your primary position.”

STEP INSIDE THE WEST WING: What's really happening in West Wing offices? Find out who's up, who's down, and who really has the president’s ear in our West Wing Playbook newsletter, the insider's guide to the Biden White House and Cabinet. For buzzy nuggets and details that you won't find anywhere else, subscribe today.

In yesterday’s DFD, I wrote about accusations of political bias in generative AI systems — specifically ChatGPT, which has some seemingly unaccountable guardrails about who and what it will or won’t praise.

A spokesperson for OpenAI didn’t respond to me before our send time, but did email back later and point to a passage from this blog that addressed the topic generally, saying “While we’ve made efforts to make the model refuse inappropriate requests, it will sometimes respond to harmful instructions or exhibit biased behavior.”

OpenAI also published a blog post today that directly addressed the topic, titled “How should AI

systems behave, and who should decide?” In it the company acknowledged that “users have shared outputs that they consider politically biased, offensive, or otherwise objectionable,” and that “In many cases, we think that the concerns raised have been valid and have uncovered real limitations of our systems which we want to address.”

It’s still not exactly clear why ChatGPT would agree to compose admiring poems about some liberal political figures and not conservative ones. But for those interested in ChatGPT’s internal workings, the authors go on to shed some light on how their models are trained and the process of human input and review that determines what users see. They also make the point that “Our guidelines are explicit that reviewers should not favor any political group” and “Biases that nevertheless may emerge from the process described above are bugs, not features,” before promising to iterate and improve the system. — Derek Robertson

So sayeth the Department of State: Robots should be allowed to kill you.

With some caveats. Many, actually: The department’s Bureau of Arms Control, Verification, and Compliance released a “Political Declaration on Responsible Military Use of Artificial Intelligence and Autonomy” this morning, featuring a list of “best practices” that should be involved in the use of military AI, which “can and should be ethical, responsible, and enhance international security.” They include:

• That states should maintain “human control and involvement” over nuclear weapons
• That the development and use of military AI should be overseen by “senior officials”
• That military AI systems should have failsafes built in to “ disengage or deactivate deployed systems that demonstrate unintended behavior”
• Taking “deliberate steps” to “minimize unintended bias” in the technology’s use

For more on the long-running debate over the ethical and strategic viability of autonomous military weapons, read POLITICO’s Matt Berg’s recent reports in DFD here and here. — Derek Robertson

• Microsoft says it’s working out the kinks with its sometimes loopy new AI search.
• Is your boss tracking your brain with neurotechnology?
• New technology could clean up the massively-polluting steel industry.
• Bitcoin might be reviving the moribund NFT business.
• Robots are helping to save the world’s dying coral reefs.

Stay in touch with the whole team: Ben Schreckinger (bschreckinger@politico.com); Derek Robertson (drobertson@politico.com); Mohar Chatterjee (mchatterjee@politico.com); Steve Heuser (sheuser@politico.com); and Benton Ives (bives@politico.com). Follow us @DigitalFuture on Twitter.

Ben Schreckinger covers tech, finance and politics for POLITICO; he is an investor in cryptocurrency.

If you’ve had this newsletter forwarded to you, you can sign up and read our mission statement at the links provided.

DOWNLOAD THE POLITICO MOBILE APP: Stay up to speed with the newly updated POLITICO mobile app, featuring timely political news, insights and analysis from the best journalists in the business. The sleek and navigable design offers a convenient way to access POLITICO's scoops and groundbreaking reporting. Don’t miss out on the app you can rely on for the news you need, reimagined. DOWNLOAD FOR iOS– DOWNLOAD FOR ANDROID.

Follow us on Twitter

Ben Schreckinger @SchreckReports Derek Robertson @afternoondelete Steve Heuser @sfheuser Benton Ives @BentonIves

Follow us

To change your alert settings, please log in at https://www.politico.com/_login?base=https%3A%2F%2Fwww.politico.com/settings

This email was sent to by: POLITICO, LLC 1000 Wilson Blvd. Arlington, VA, 22209, USA

Please click here and follow the steps to .