Tuesday, November 28, 2023

Are central banks too reliant on SWIFT for domestic payments?


Central bank settlement systems are the the tectonic plates of the payment system: they are vitally important to our lives, but we never see them in action. All of a nations' electronic payments are ultimately completed, or settled, on these systems. If they stop working, our financial lives go on pause, or at least regress to older forms of payment.

In this post I want to introduce readers to a crucial feature of these payments tectonic plates: their reliance for domestic settlement on SWIFTNet, a financial messaging network used by banks and other financial institutions to communicate payments information. Think of SWIFTNet as a WhatsApp for banks, but exclusive and very secure. 

This reliance  or over-reliance  is best exemplified by a recent decision by the European Central Bank. The Target2 settlement system has long been the bedrock layer of the European payments universe. All domestic payment ultimately get tied-off on the system. Since it was introduced in 2007, Target2 has been solely reliant on SWIFTNet for sending and receiving messages. 

When the European Central Bank replaced Target2 with T2 earlier this year, it modified the system to have two access points: it kept SWIFTNet but added a competing messaging network, SIAnet, to the mix. As one commentator triumphantly put it, "SWIFT’s monopoly for access to the T2/T2S system is broken."

SWIFTNet is owned by the Society for Worldwide Interbank Financial Telecommunication, or SWIFT, which is structured as a cooperative society under Belgian law and is owned and governed by its 11,000 or so member financial institutions. Whenever SWIFT gets mentioned in conversations, it tends to be associated with cross-border wire payments, for which its messaging network is dominant. However, for many jurisdictions, including Europe, SWIFT is also integral to making domestic payments. It's this little-known local reliance that I'm going to explore in this post.

The dilemma faced by central banks such as the European Central Bank is that SWIFTNet is an incredibly useful messaging network. It is ubiquitous: most banks already use it for cross-border payments. And so the path of least resistance for many central banks is to outsource a nation's domestic messaging requirements to SWIFT, too. However, this reliance exposes national infrastructure to SWIFTNet-related risks like foreign control, sanctions, snooping, and system outages.

Financial messaging 101

Before going further, we need to understand why financial messaging is important. For a single electronic payment to be completed, a set of databases owned by a number of financial institutions, usually banks, must engage in an intricate dance of credits and debits. To coordinate this dance, these banks need to communicate, and that's where a messaging network is crucial.

Say, for example, that Google needs to pay Apple $10 million. Google tells its banker at Wells Fargo to make the payment. Wells Fargo first updates its own database by debiting Google's balance by $10 million. The payment now has to hop over to Google Apple, which banks at Chase. For that to happen the payment flow must progress to the core of the U.S's payments system, the database owned by the Federal Reserve, the U.S.'s central bank.

Along with most other U.S. banks, Wells Fargo has an account at the Federal Reserve. It communicates to the central bank that it wants its balance to be debited by $10 million and the account of Chase to be credited by that amount. Once Chase's account at the Federal Reserve is updated, Chase gets a notification that it can finally credit Apple for $10 million. At that point Apple can finally spend the $10 million.

This entire process takes just a second or two. For this "dance of databases" to execute properly, the Federal Reserve, Chase, and Wells Fargo need to be connected to a communications network.

The sort of messaging network to which the central bank is connected, and the stewardship of that network, is thus crucial to the entire functioning of the economy.

Proprietary messaging networks or SWIFTNet? 

The Federal Reserve is somewhat unique among central banks in that it has built its own proprietary messaging network for banks. All of the 9,000 or so financial institutions that use the Federal Reserve settlement system, Fedwire, must connect to the Fed's proprietary messaging network to make Fedwire payments. To make international payments, however, U.S. banks must still communicate via SWIFTNet.  

Let's flesh the story out by trekking north of the border. Whereas the Federal Reserve has no reliance on SWIFTNet, Canada's core piece of domestic settlement infrastructure, Lynx, relies entirely on SWIFTNet for messaging.

For example, if Toronto Dominion Bank needs to make a $10 million to Scotiabank, it enters this order into SWIFTNet, upon which SWIFT forwards the message to Lynx, which updates each banks' accounts by $10 million and sends a confirmation back to SWIFTNet, which tells Scotiabank that the payment has settled.

For payments nerds, this network setup is called a Y-copy topology. The network looks like a "Y" because the originating bank message is relayed from the sending bank via SWIFTNet, the pivot at the center of the Y, down to the settlement system, and then back up via SWIFTNet to the recipient bank. It is illustrated below in the context of the UK's payment system, with the CHAPS settlement system instead of Lynx, but the idea is the same.

A Y-copy network topology for settling central bank payments in the UK [source]

The upshot is that the Federal Reserve controls the messaging apparatus on which its domestic settlement depends, whereas Canada outsources this to a cooperative on the other side of the ocean.

Many of the world's small and middle-sized central banks have adopted the same Y-copy approach as Canada. This list includes Australia, Singapore, New Zealand, Nigeria, UK, Sweden and South Africa. However, some members of this group are starting to have second thoughts about fusing themselves so completely to SWIFT.

Removing the single point of failure

The European Central Bank is at the vanguard of this group. Prior to 2023, the European Central Bank was in the same bucket as Canada, relying entirely on SWIFTNet to settle domestic transactions. 

With its upgraded T2 system, Europe doesn't go quite as far the Fed's model, which is to build its own bespoke messaging network. Rather, European banks now have the option of either sending messages to T2 using SWIFTNet, or they can use SIAnet, a competing network owned by Nexi, a publicly-traded corporation. SIAnet stands for Societa Interbancaria per l'Automazione, a network that originally connected Italian banks but has now gone pan-European.

The reason for this design switch is that European Central Bank desires "network-agnostic connectivity." This dual access model will make things more complex for the European Central Bank. If a commercial bank originates a SIAnet message, the central bank will have to translate this over to a SWIFT message if the recipient bank uses SWIFTNet. Nevertheless, the European Central Bank believes this dual structure will offer more choice to domestic banks.

The ECB also hints at the enhanced "information security" that this new setup will provide, without providing much detail. The UK's recent efforts to update its core settlement layer sheds some extra insights into what these security improvements might be. Right now, the UK's core settlement system, CHAPS, can only be accessed by SWIFTNet, much like in Canada, so that all domestic UK payments are SWIFT-reliant.

In its roadmap for updating CHAPS, the Bank of England is proposing to allow banks to access the system via either SWIFTNet or a second network, which doesn't yet exist. The idea is to enable "resilient connectivity" to the core settlement layer, especially in periods of "operational or market disruption." Should SWIFTNet go down there would be no way for financial institutions to communicate with CHAPS, and the entire domestic economy would grind to a halt. A second network removes the "single point of failure" by allowing banks to re-route messages to CHAPS.

The Bank of England also highlights the benefits of competition, which would reduce the costs of connectivity.

This sounds great, but there are tradeoffs. Using a a single network for both domestic and international payments is valuable to the private sector because it offers standardization and efficiencies in banks' processing. Adding a second option will also complicate things for the Bank of England, since it will have to design and build a system from scratch, much like the Fed did, which could be costly. Either that or it will have to find another private option, like the ECB did with SIAnet. This second network may not be as good as SWIFTNet which, despite worries about resiliency, has been incredibly successful.

When CHAPS went down earlier this year for a few hours, for instance, it wasn't SWIFT's fault, but the Bank of England's fault. The same goes for a full day outage in 2014. 

Comparing a V-shaped network topology to Y-Copy in an Australian context [source]


The type of settlement topology that the UK is proposing is known as "V-shaped," since all messages are sent directly to the central bank settlement system for processing via any of a number of messaging networks, and then back to the recipient bank. The difference between a V-shaped topology and Y-copy is visualized in the chart above in an Australian context, but the principles apply just as well to the UK.

Sanctions and "the SWIFT affair"

The decision to make domestic payments less dependent on SWIFTNet is much more easy to make for outlier nations like Russia. SWIFT is based in Belgium and is overseen by the Belgian central bank, along with the G-10 central banks: Banca d’Italia, Bank of Canada, Bank of England, Bank of Japan, Banque de France, De Nederlandsche Bank, Deutsche Bundesbank, European Central Bank, Sveriges Riksbank, Swiss National Bank, and the Federal Reserve. That put SWIFT governance far out of Russian control.

You can see why this could be a problem for Russia. Imagine that only way to settle domestic Russian payments was by communicating through SWIFTNet. If Russia was subsequently cut off from that network for violating international law, that would mean that all Russian domestic payments would suddenly cease to work. It would be a disaster.

Needless to say, the Central Bank of Russia has ensured that it doesn't depend on SWIFTNet for communications. It has its own domestic messaging network known as Sistema peredachi finansovykh soobscheniy, or System for Transfer of Financial Messages (SPFS), which was built in 2014 after the invasion of Crimea. Prior to then, it appears that "almost all" domestic Russian transactions passed through SWIFTNet  a dangerous proposition for a country about to face sanctions.

Mind you, while Russia has protected its domestic payments from SWIFTNet-related risk, it can't do the same for its international payments. SWIFTNet remains the dominant network for making a cross border wire. There is no network the Russians can create that will get around this.

I'm pretty sure that most larger developing states and/or rogue nations have long-since built independent domestic financial messaging systems to avoid SWIFTNet risk. I believe China has done so. Brazil has the National Financial System Network, or Rede do sistema financeiro nacional (RSFN). India also has its own system, the Structured Financial Messaging System (SFMS), built in 2001. India is even trying to export SFMS as a SWIFT competitor.

The Japanese were typically way ahead on this. The Bank of Japan built its messaging network, the Zengin Data Telecommunication System, back in 1973, several years before SWIFT was founded.

The last SWIFTNet risk is snooping risk. This gets us into the so-called SWIFT affair. After 9/11, the U.S. intelligence agencies were able to pry open SWIFT through secret broad administrative subpoenas. They had the jurisdiction to do so because one of SWIFT's two main data centres was located in the U.S.

To ensure data integrity, SWIFT had been mirroring European data held in its data centre in Belgium at its U.S. site. That effectively gave U.S. intelligence access to not only SWIFT's U.S. payments information, but  also information on foreign payments sourced from Europe or directed to Europe. Worse, it also provided spooks with data on domestic European payments. Recall that the European Central Bank's Target2 settlement system, which settles all digital domestic payments in Europe, was entirely reliant on SWIFTNet for communications.


When the U.S.'s snooping arrangement was made public by the New York Times in 2006, it caused a huge controversy in Europe. SWIFT tried to placate Europe by building a third data warehouse in Switzerland to house Europe's back-up data. But the precedent was set: SWIFT is not 100% trustworthy. And that may be part of the reason why the European Central Bank chose to downgrade its reliance on SWIFTNet when it introduced its new system, and is surely why other nations want to entirely hive their domestic systems off from it.

---

In sum, central banks face a host of complicated decisions in how to bolt on messaging capabilities to their key settlement systems. SWIFTNet is a top notch network. However, too much SWIFT-related risk may be perceived as having negative implications for national security. For large nations with extensive banking industries, building a proprietary domestic messaging alternative seems to be the preferred option. It also seems to be the default choice for rogue states like Russia.

Another alternative is to fallback on using multiple independent networks for access, of which one is SWIFTNet, and thus mitigating exposure to SWIFT-related problems. This is the approach taken by Europe and the UK.

For smaller nations that comply with the global consensus, like Canada, the calculus is different. Building an alternative communications network is likely to be costly. The risk of sanctions and censorship are negligible while the benefits of using a high-quality ubiquitous network for both domestic and foreign payments messaging are significant. Given these factors, it may be worthwhile to bear all SWIFT-related risks and adopt the Y-copy model.

Monday, November 20, 2023

Is it legal to mix cash in a jar?

Chris Blec asks the following question:

Source: Twitter

Chris's premise is that it is "not illegal" for him to get together with a bunch of strangers to mix cash. But that's not quite right. It can be legal. It can also be illegal. To determine which it is, we need to understand the motivations of Chris and the other ten strangers. Why are they getting together to mix in the first place? Alas, Chris doesn't mention this in his tweet.

There are certainly all sorts of perfectly legal albeit quirky reasons to mix cash. We could imagine that Chris and ten other strangers are waiting for the bus, and to decide who goes first, they all put a $20 note into a jar, remembering their respective serial number. After the notes have been mixed, one note is taken out and whoever it belongs to wins. The notes are then given back. Nothing wrong with that.

On the other hand, if Chris and the other 10 strangers are mixing their cash because they want to conceal the source, then they need to be careful. They've taken one step down the path to engaging in money laundering.

The U.S. has several money laundering statutes. Below is part of one of the most contravened ones: 

Source: LII

As you can see, one of the key triggers for a money laundering conviction is making transactions that are designed to "conceal or disguise."

Even if Chris and the other strangers' motivations for mixing is to conceal the origins of their cash, that's not necessarily illegal. Before they reach the point at which they can be accused of having crossed the line over to money laundering, at least one of the strangers needs to contribute banknotes to the jar that are the "proceeds of specified unlawful activity." For argument's sake, let's say that one of the strangers contributes cash that they've earned from contract killing. Chris and the other 10 strangers are now a step closer to a potential money laundering indictment. 

Only one last criteria is lacking. Chris and the other strangers must participate in a "knowing" way. They must be aware that the property involved is criminally-derived. The most obvious example would be if one of the 10 strangers were to loudly announce just prior to putting their notes in the jar that the notes come from contract killing, and everyone hears this yet still participates. 

At this point, the three triggers have been met. Chris and the other strangers have acted in 1) a knowing way 2) to conceal 3) the actual proceeds of unlawful activity.

The state of "knowing" needn't be established in such an explicit fashion as the criminal announcing it loudly. For instance, even if the criminal says nothing, but Chris and the other participants suspect the possibility that dirty money is entering the jar, but they don't do due diligence, then they could be found guilty of money laundering. To demonstrate that they aren't knowing participants, Chris and the other strangers may have to take proactive measures, say like checking ID.

So Chris is right to say that mixing cash in a jar can be legal, but he incorrectly omits to say that it can also be illegal.

Having fleshed out Chris's premise, what about his conclusion? Can the jar-of-cash thought experiment teach us about the legality of crypto mixing methods such as custodial mixers, Tornado Cash, or CoinJoin? I'll let the readers work that one out on their own.

Thursday, November 16, 2023

Kraken v Kraken, or how to protect the public from crypto exchange failures


It's been a full year since FTX International and FTX-US collapsed, and the shocking thing is  there is still no regulated crypto venue in the U.S.! You'd think some lessons would have been learnt.

To best protect the public from the Sam Bankman-Frieds of the world, what the U.S. requires is securities-level oversight of crypto exchanges. Exchanges like Coinbase and Kraken are offering the sorts of investment services to the public that the U.S.'s main securities regulator, the SEC, is ideally positioned to regulate, such as trading, margin, custody, and market making. But one year after FTX's collapse, there doesn't appear to be a single SEC-regulated exchange.

The exchanges blame this on the SEC's lack of clarity. The SEC blames this on exchanges refusing to come in and register. God knows who's telling the truth.

Whatever the case, this intransigence only increases the odds that there'll be another U.S. crypto exchange collapse in the next few years, one that appropriate regulation could have otherwise prevented, or at least sheltered investors from the fallout.

What sort of protections am I talking about? After Canada suffered through the collapse of QuadrigaCX a few years back, and a bunch of Canadians like myself lost money, crypto exchanges were brought under the auspices of our existing securities regulatory framework, with a few nips and tucks to the rules to make them fit. This has led to a lot of changes that make Canadian crypto customers safer. I'm going to share the best example in this blog post.

Kraken is a well-known crypto exchange that serves both American and Canadian customers. However, if you're an American customers who uses Kraken, you possess a very different sort of asset than Canadian customers do.

Let's look at the fine print of the U.S. platform:

Source: Kraken's terms of service for U.S. customers

So in the U.S., asset are held "by us for you." That is, Kraken itself is doing the holding, safekeeping, or providing custody of crypto for its customers.

A key observation I want to make here is how fundamentally different this is from how standard regulated marketplaces function like the NASDAQ or the Toronto Stock Exchange. Traditional marketplaces offer a venue to trade assets, but they don't offer custody. If they tried to introduce this, their regulator would very quickly say no. I'll explain why below.

But first, let's head over to Kraken Canada. Once again, here's the fine-print:

Source: Kraken's terms of service for Canadian customers

What the underlined wording says is that if you're a Canadian, Kraken does not hold your crypto for you. That's very different from the U.S. Instead, Kraken says that customer crypto is deemed to be "custodial assets" and delegates your crypto to a "designated trust account at a Crypto Custodian." Bingo. There's the separation of trading from custody that I was talking about earlier, which aligns with standard practices for marketplaces.

Scan further through the fine print and you learn who that crypto custodian is: Anchorage Digital Bank:

Source: Kraken's terms of service for Canadian customers


Who is Anchorage? Anchorage is a federally-charted trust that is overseen by the Office of the Comptroller of the Currency, one of the key U.S. federal banking regulators. So if you hold some coins on Kraken, and you are an American, you own what is essentially a Kraken IOU, and you have to trust Kraken, but if you are a Canadian, you're effectively putting most of your trust in a federally charted financial institution. That's pretty stern stuff. 

Canadian securities regulators require all crypto exchanges operating in Canada to delegate at least 80% of customer crypto to a third-party custodian. (The other 20% can be held in a hot wallet for liquidity purposes.) Kraken doesn't appear to be doing this for its American customers, and that's because there's no U.S. regulator prompting it to do so. On top of requiring this separation, Canadian regulators stipulate that third-party custodians must be qualified. That is, they can't just walk in off the street. The custodian has to meet the regulator's standards, which requires having a Systems and Organization Controls (SOC) designation, and a bunch of other stuff too.

You can probably see by now that if you're a customer of Kraken, it's better to be Canadian than American, for the following reasons:

Anchorage is a federally-regulated financial institution and subject to strict oversight. Kraken U.S. is for the most part unregulated. No one is peering over its shoulder to check whether it is doing a good job safekeeping your coins.
Kraken has its fingers in a lot of different businesses, but Anchorage specializes on custody, and so it's probably better at the task.
Anchorage is independent from Kraken. This separation mitigates the risk of loss, theft, or misuse of assets by Kraken management. This is particularly salient in Kraken's case because it engages in many other business activities, such as trading or market-making, and these pose potential conflicts of interest.

In the future, one hopes that Kraken's U.S. exchange provides the same level of customer protection as Kraken's Canadian platform. But that's only go to happen if and when the SEC dictates a fundamental separation of crypto trading from custody, and whether U.S. crypto exchanges actually listen to the SEC.

Addendum (Nov 21): Talk about good timing. The SEC just announced that it is suing Kraken's U.S. entity for, among many other things, failing to segregate customer crypto assets and dollar balances. Segregation is different than third party custody. It basically means that customer property is kept separate from corporate property. This helps to prevent double-dipping. An exchange can make use of a third party custodian, for instance, but not segregate those funds into corporate and customer buckets. The combination of segregation and third-party custody is optimal.

By contrast, Canadian securities law clearly specifies that Kraken and any other Canadian exchange must already be segregating customers crypto and funds from corporate funds. In the regulators' own words, exchanges must keep customer property "separate and apart from its own property." This is in addition to the requirement that they use a third party custodian to store customer crypto and fiat. We can verify by reading Kraken's undertaking with Canadian regulators, in which it promises that it will be keeping customer crypto "separate and apart from its own assets."

Segregation is just one other low-hanging bit of customer protection that U.S. crypto exchanges should already have implemented, but probably won't until prodded by the government.


The next section is for pedants only, of which I'm embarrassed to be, which is why I'm putting this in very small print:

Kraken owns a U.S. bank. How does this fit into the story? Here are the details: In the U.S., the Kraken crypto exchange is really just the trade name for Payward Ventures. Payward Ventures is in turn a subsidiary of Payward, Inc. Payward, Inc has another subsidiary, Payward Financial, Inc, that owns a state-charted bank -- Kraken Bank. Notably, when you sign up as a customer of the Kraken crypto exchange, you are entering into a relationship with Payward Ventures, not Payward Financial. There is no indication in the exchange's terms of service that Kraken Bank is in any way involved in custody. Which seems... odd? Why wouldn't Kraken use its bank for custody?

When Kraken first applied to do business in Canada earlier this year, it said it wanted to use Kraken Bank as its custodian. Given that Kraken is in fact using Anchorage Bank as we speak, I suspect that Canadian regulators told Kraken: "Hey, guys. Kraken Bank is not sufficiently independent, you're going to have to use a third-party." And I suspect they were right about this.

Meanwhile, what about Canada's most popular exchange, Coinbase? Coinbase's Canadian terms of service doesn't indicate that it is using a qualified custodian. Customer assets are "held by the Coinbase Group for your benefit." Yeah, that's not going to fly with the regulators. I suspect that within a few months you're going to see it using a third-party like Anchorage, or its just going to leave Canada.

Tuesday, November 14, 2023

In praise of anti-money laundering thresholds

Two seemingly separate stories, a crypto and a banking story, have a common thread in anti-money laundering thresholds.

In the first story, the New York Times shows how regular folks are increasingly losing their bank accounts because their bank perceives them to be engaging in risky behaviour. In the second, the U.S. government has proposed an expansive new rule that would require financial institutions to report all customers who use cryptocurrency mixers to the government.

Anti-money laundering thresholds underpin what I'll call the Pragmatic Compromise between the government and citizens, albeit a tenuous compromise, for reasons I'll explain.

The U.S. government and its various law enforcement agencies have the ability to get full access to bank records for the purposes of fighting crime. They can do so directly, that is, without having to proceed through the standard process of convincing a judge to approve a warrant. This is an incredible amount of power to have. To counterbalance this, a compromise of sorts has been agreed to that limits the government's access to bank records. A number of key financial thresholds have been established, below which transactions are protected from surveillance.

The most well-known method the government has for accessing your personal financial information is the requirement that banks submit currency transaction reports, or CTRs (see below), every time someone withdraws or deposits paper money. Banks don't submit a report for all cash transactions. The threshold for submitting is set at $10,000. So if you withdraw $9,999, your name and address won't be reported to the government. If you withdraw $10,001, you'll lose the threshold's protection and will be reported.

The modern U.S. currency transaction report [source]
 

The U.S. has a long history of providing direct government access to banking records. The practice began in 1945 when Treasury Secretary Henry Morgenthau Jr, invoking war-time powers, issued an executive order (see below) instructing banks to begin reporting currency deposits and withdrawals made by the public. Known as TCR-1 forms, these reports were to be forwarded every month to the government with information about the cash amounts involved and the identification of the individual making the transaction.

Morgenthau's reporting requirement was motivated by the desire to stamp out black marketeering, writes Paul Camacho, which had emerged as a way to evade war-time rationing programs. But even though the war soon ended and rationing ceased, the practice of cash reporting continued through the 1950s and 1960s, albeit on what must have been legally dubious grounds now that it was peacetime.

Henry Morgenthau's 1945 executive order on currency reporting [source]

In 1970, the necessary legal formalization to justify the reporting of bank information was provided when Congress passed the Bank Secrecy Act, which encoded directly into law the requirement that banks record and report cash transactions, as well as legislating a set of extra recordkeeping and reporting requirements. Over the years, additional recordkeeping and reporting standards were added by Congress to the Bank Secrecy Act, including the 1994 requirement that banks screen for "suspicious" transactions and report them to the government by submitting a suspicious activity report, or SAR (see below).

While there's certainly a law & order case to be made for providing governments with direct (i.e. warrantless) access to financial records, there's a pretty clear set of reasons why society should want to limit this power. Allow too much access and banks will inevitably get bogged down in the expensive bureaucracy of filing reports, which can lead to accessibility problems as the accounts of customers deemed to be a compliance nuissance are terminated—especially the ones who tend to make riskier but legal transactions. There's also the crucial question of the public's right not to be be snooped on, especially without a warrant and probable cause.

Suspicious Activity Report form, introduced in 1995


The first legal challenges to the government's direct access to bank records only came in the mid 1970s. But after hearing these cases (California Bankers Association v. Shultz and United States v. Miller), the Supreme Court allowed the entire data collection apparatus to remain intact. The majority ruled that there was no expectation of privacy in bank records, and that the recordkeeping and reporting requirements imposed by the Bank Secrecy Act do not violate bank customers' constitutional rights.

With the public having no constitutional protections against direct government access to bank records, the lone remaining counterbalance is the various anti-money laundering thresholds.

Which gets us back to the New York Times article (we'll touch on the cryptocurrency further down). The reasons for the growing debanking problem that the Times article highlights is complicated, but I'd suggest that one driver is a steady deterioration of two key reporting thresholds at the heart of the Pragmatic Compromise.

The original $10,000 cash reporting threshold was set back in 1945 by Henry Morgenthau, a level that was ratified in 1972 after the passage of the Bank Secrecy Act. This level has never been adjusted. (Morgenthau also set a second and lower $1,000 threshohold, but this only applied when banknotes in denominations of $50 or higher were involved).

Alas, inflation has been steadily eating into each thresholds' real value. When the Bank Secrecy Act was passed, $10,000 was worth $75,000 in today's dollars. In Morgenthau's time it was equal to $173,000. Either way, when the data collection apparatus was first established and the Pragmatic Compromise reached, most people's day-to-day cash withdrawals and deposits would have been sheltered from reported requirements. With the passage of time and inflation, a much wider swathe of civilian cash transactions have lost the protection offered by Morgenthau's $10,000 threshold. That means more snooping. It also means more debanking. Rather than absorbing the growing compliance costs of having "risky" cash-reliant customers, banks are closing accounts.  

As for suspicious activity reports, when they were first legislated in 1994 the government subjected them to a $5,000 threshold, which is equal to around $10,000 today. With inflation having effectively destroyed half of the value of the threshold, more and more regular transactions are falling under suspicion. As the Times points out, suspicious customers don't make for good customers: "Multiple SARs often — though not always — lead to a customer’s eviction."

The Pragmatic Compromise that society came to decades ago is being poorly administered. To restore it, what is needed is a reasonably-sized one-time "catching up" of the various thresholds to account for at least part of the inflation that has occurred over the years, and then periodic adjustments to these levels each year to account for subsequent inflation. Maybe that'll solve some of the problems brought to light by the Times.

Now let's turn to the crypto story. In addition to the two classic anti-money laundering reporting requirements, CTRs and SARs, the U.S. government is now proposing a third reporting requirement: one for crypto mixing.

Last month, the government announced that it deems mixing of cryptocurrency to be of primary money laundering concern. Any U.S. financial institution that knows, suspects, or has reason to suspect that a customer's incoming or outgoing crypto transaction involves the use of a mixer will have to flag it and send a report to the government. That report must include information like the customer's name, date of birth, address, and tax ID.

The US Treasury's proposed rule for treating crypto mixing as a primary money laundering concern [link]

Notably, there are no thresholds to this proposed reporting requirement. Any customer crypto transfer with even just a whiff of mixing must be reported by financial institutions to the government.

In its proposal (it isn't final, yet) the government grants that there are "legitimate purposes" for mixing. What are they? I think the popular view of crypto is that it is anonymous, but this isn't quite right. Every bitcoin or ether transaction gets recorded on transparent databases. This makes them trackable by anyone. In some respects, crypto may be the least privacy-friendly financial medium ever created. Mixing your coins in a jumble along with other's coins is one of the ways to free oneself from this all-seeing eye, both for criminals who have stolen coins and regular folks who don't want their financial lives displayed for all to see.

Given that there can be licit reasons for mixing, and putting this in the context of the decades-old Pragmatic Compromise, precedent would seem to suggest that the government should include a reasonably-sized threshold for reporting crypto mixing. If this was set at, say, $10,000 (and then adjusted yearly for inflation), then a customer could in theory mix $8,000 worth of bitcoins and then deposit them at an exchange, and that exchange would not need to report the transaction and the person who made it. Go above $10,000, and the customer will end up in a government computer.

Without a reasonable threshold, the same phenomenon that the Times documents with respect to bank customers will happen to crypto users. A wave of deplatforming will hit as financial institutions close the accounts of any customer that betrays even a hint of risky activity, much of which might only appear to be mixing when it isn't.

The government has the capacity for changing its initial stance on thresholds. If you go back to the early 1970s when the Bank Secrecy Act's thresholds were set by executive order, the government initially proposed a $5,000 threshold. After the public provided comments and grievances were aired, the final rule compromised and pushed it up to $10,000.

Likewise for SARs.

The government's original 1995 proposed rulemaking for suspicious activity reporting included no thresholds. So even a $10 or $20 suspicious payment would have been reported to the government. In response to public push-back, the government admitted that its first version of the rule would impose a "burden of reporting," and in its final version it introduced a $5,000 threshold for filing a SAR, which the U.S. has to this day.

The government also granted in its 1995 SAR decision that the adoption of a threshold was intended to "conform the treatment of money laundering and related transactions to that of other situations in which reporting is required." This seems to me to be a pretty clear admission of the Pragmatic Compromise; that reasonably sized dollar thresholds are a standard element of any anti-money laundering reporting requirement. I don't see any reason why the government's 1995 olive branch for suspicious activity reporting should not be extended to crypto mixing.

Wednesday, November 8, 2023

How would a cash-only central bank conduct monetary policy?


What role do changes in the supply of banknotes play in contributing to a central bank's ability to carry out monetary policy? Put differently, to what degree does "printing," or creating new physical currency and issuing it into the economy, contribute to generating a central bank's desired inflation rate of 2-3%?

In a recent blog post at Econlog, Scott Sumner suggests that printing physical cash and "forcing" or "injecting" it into the economy has been an important part of central banks hitting their inflation targets, albeit less so now than in times past. I'm not so sure.

Having imbibed Scott's blog posts for more than a decade, I think I'm 99% on the same page as he is when it comes to thinking about monetary policy. We both agree that a central bank must either reduce the interest rate that it pays on the monetary base, or inject more monetary base into the economy, in order to push up prices. Using either of these two methods, the central bank sets off a hot potato effect in which a long chain of market participants do their best to unload their excess money balances, a process that only comes to an end when all prices have risen to a new and higher equilibrium such that no one feels any additional urge to spend away their extra money. Scott once described the hot potato effect as the the "sine qua non of monetary economics."

The monetary base is comprised of two central bank financial instruments: physical banknotes (a.k.a. cash) and digital clearing balances, sometimes known as reserves, a type of money used by banks.

Reading through Scott's post, I think the one spot where we may disagree is on the relative role played by the two types of base money in the hot potato process.

For my part, I don't think that cash has ever had much of a primary role to play in setting off a hot potato effect. All of the initial uumph necessary for driving prices towards target has typically been provided by reserves, either via a change in the interest rate on reserves or a change in their quantity. Once that initial uumph has been delivered, a whole host of other money types  physical currency, bank deposits, checks, money market funds, and PayPal balances  helps convey the forces originally unleashed by reserves to all corners of the economy.

An example of the hot potato effect in action may help illustrate.

Let's start with a central bank that needs to push inflation up to target. It reduces the interest rates on reserves. The first reaction to lower rates is a flight out of reserves into other assets, say shares.

As a result, share prices quickly rise. Those existing shareholders who realized their gains by selling at the new and higher price now find themselves with a hot potato on their hands; they have too many monetary balances in their possession and not enough non-monetary things.

Some of these ex-shareholders may choose to spend their excess deposits to go on, say, a vacation. As a result, airline ticket prices rise. Others transfer their extra money to their PayPal account in order to send it to friends and family, who may in turn make purchases, pushing up the prices of whatever they buy. Another group of ex-shareholders decides to buy used cars. They withdraw banknotes, their banks in turn asking the Fed to print new banknotes and ship them over. Used car prices rise.

The point is, the initial uumph is delivered by the change in reserves, and this gets conveyed to all prices by a daisy-chain of spenders offloading an array of different types of excess money.

In this story, note that cash isn't being actively "injected" into the economy by central banks, nor by commercial banks. Rather, people are choosing to draw cash out as their preferred method for getting rid of unwanted money, in response to a set of forces initiated by reserves. Reserves are the central bank's lever for change; cash is merely responsive.

Consider too that in a world where cash no longer exists, and has been replaced by digital payments options, monetary policy is still effective. In this world, the response to a reduction in the interest rate on reserves gets conducted to all the economy's nooks and crannies via non-cash types of monies, like fintech balances and bank deposits. (I'd be curious to hear if Scott is of the same opinion about monetary policy in a world without cash.)

Here's an interesting thought experiment. Would it be possible to redesign cash and reserves in such a way that cash takes over the initiatory role in monetary policy from reserves? That is, can we turn cash into the active part of the monetary base, the one that drives changes in monetary policy, and relegate reserves to the passive role?  

One step we could take is to pay interest on cash. This may sound odd, but it's possible to do so by setting up a serial note lottery to pay, say, 3% per year to holders of cash. (I wrote about this idea here and here.) Simultaneously, reserves would be rendered less important by no longer paying interest on them.

Now when a central bank needs to raise consumer prices in order to hit its targets, it reduces the interest rate on cash from 3% to 2%. This ignites the hot potato process as the entire economy suddenly tries to offload its unwanted $20 and $100 bills, which at 2% just aren't as lucrative as before.

Another change we could enact would be to modify the mechanism by which central banks inject base money into the economy. As it stands now, central banks inject base money by purchasing assets with new reserves. Since reserves are digital, they are a lot more convenient for making billion dollar asset purchases than physical money. These extra reserves become hot potatoes in the hands of asset sellers, which sets off the process of price adjustments described in previous paragraphs. If central banks were to buy assets with cash rather than reserves, that would put cash in the driver's seat, albeit at the expense of convenience.

It's an interesting thought experiment, but in the end I don't think it's very helpful to get bogged down over which type of base money has more monetary significance. As Scott says, the key point is that the central bank controls the price level via its control over base money in general. They can raise prices by either adding to the supply of base money, or by reducing the demand for base money with a cut in the interest rate paid on reserves. "It's basic supply and demand, nothing more."