There's a new financial loophole in town: stablecoins. Stablecoins are dollar, yen, or pound-based payments platforms that are built using crypto database technology.
Financial institutions are always looking for loopholes to game the system. Typically this has meant avoiding capital requirements or liquidity ratios in one jurisdiction in favor of a looser standards elsewhere. The new stablecoin loophole allows for a different set of financial standards to be avoided, society's anti-money laundering regulations.
I'll explain this new loophole using PayPal as my example.
PayPal now offers its customers two sorts of regulated platforms for making U.S. dollar payments. The first type will be familiar to most of us. It is a traditional PayPal account with a U.S. dollar balance, and includes PayPal's flagship platform as well as PayPal-owned platforms Xoom and Venmo. These all have strict anti-money laundering controls.
The second type is PayPal's newer stablecoin platform, PayPal USD, which has loose anti-money laundering controls. PayPal USD is built on one of the world's most popular crypto databases, Ethereum. Dollars held on crypto databases are typically known as stablecoins, the most well-known of which are Tether and USDC.
What do I mean by fewer anti-money laundering controls?
If I want to transfer you $5,000 on PayPal's traditional platform, PayPal will first have to grant both of us permission to do so. It does so by obliging us go through an account-opening process. PayPal will carry out due diligence on both of us by collecting our IDs and verifying them, then running our information against various regulatory blacklists, like sanctions lists. Only after we have passed a gamut of checks will PayPal allow us to use its platform to make our $5,000 transfer.
Contrast this to how a payment is made via PayPal's new stablecoin platform.
First, we both have to set up an Ethereum wallet. No ID check is required for this. That now allows us to access PayPal's stablecoin platform. Next, I have to fund my wallet with $5,000. I can get these these funds from a third-party who already holds money on PayPal's stablecoin platform, say from a friend, or from someone who buys goods from me, or from a decentralized exchange. Again, no ID is required for this transaction to occur. Once I have the funds, PayPal will process my $5,000 transfer to you.
Can you spot the difference? In the transaction made via PayPal's legacy platform, PayPal has diligently got to know everyone involved. In the second transaction, PayPal makes no effort to gather information on us. And lacking our names, physical addresses, email addresses, or phone numbers, it can't do a full cross-check against various regulatory black lists.
More concretely, PayPal's legacy platform does its best to stop someone like Vladimir Putin, who is sanctioned, from ever being able to sign up and make payments. But if Putin wanted to use PayPal's new stablecoin platform, PayPal makes almost no effort to stop him from jumping on.
One of the biggest expenses of running a legacy financial platform is anti-money laundering compliance. Programmers must be deployed to set up onboarding and screening processes. Compliance officers must be hired. If a transaction is suspicious, that may trigger a halt, and the transaction will have to be painstakingly investigated by one of these officers. The platform is hurt by lost customer goodwill – no one likes a delay.
That's where the stablecoin loophole begins.
PayPal can reduce its costs of getting to know its customer by nudging customers off its traditional platform and onto its PayPal USD stablecoin platform. Now it can onboard them without asking for ID. Since it no longer collects personal information about its user base, fewer transactions trigger flags for being suspicious, and only rarely do they register hits on sanctions blacklists. That means fewer halts, delays, and costly investigations. PayPal can now fire a large chunk of its compliance staff. The reduction in costs leads to a big rise in earnings. Its share price goes to the moon.
For now, PayPal's stablecoin platform remains quite small. Only $150 million worth of value is held on the platform, as the chart at the top of this post shows. The company's legacy platforms are much larger, with around $40 billion worth of balances held. Given the compliance cost difference, though, I suspect PayPal would love it if its stablecoin platform were to grow at the expense of its legacy platform.
I've used PayPal as my example, but the same calculus works for the financial industry in general. If every single bank in the financial system were to convert over to a stablecoin platform for the delivery of financial services, and no longer use their legacy platforms, the industry's total anti-money laundering compliance costs would plummet.
So far I've just explained this all from the perspective of financial institutions, but what about from the viewpoint of the rest of us? Society has set itself the noble goal of preventing bad actors from using the financial system. A large part of this effort is delegated to financial institutions by requiring them to incur the expense of performing due diligence on their platform users. This requires a big outlay of resources. Many of these costs are ultimately passed on to us, the users.
If institutions like PayPal switch onto infrastructure that doesn't vet users, then resources are no longer being deployed for the purposes we have intended, and the broader goals we have set out are being subverted. Is that what we want? I'd suggest not.
Some followup thoughts:
1. PayPal's stablecoin platform employs fewer anti-money laundering controls than its regular platform. On the other hand, its stablecoin platform has stricter standards in other areas, including the safety of its customer funds. I wrote about this here: "It's the PayPal dollars hosted on crypto databases that are the safer of the two, if not along every dimension, at least in terms of the degree to which customers are protected by: 1) the quality of underlying assets; 2) their seniority (or ranking relative to other creditors); and 3) transparency."
2. The pseudonymity of stablecoins is something I've been writing about for a while. In a 2019 post, I worried that at some point this loophole would lead to "hyper-stablecoinization," a process by which every bank account gets converted into a stablecoin. I'm surprised that almost five years later, this loophole still hasn't been closed.
3. The typical riposte to this post will be: "But JP, stablecoins are implemented on blockchains, and blockchains are transparent. This prevents bad actors from using them, and so stablecoins should be exempt from standard anti-money laundering rules." I don't buy this. Bad actors are using stablecoin platforms, despite their pseudo-traceability. "Its convenient, it's quick," say a pair of sanctions breakers about payments made via Tether, the largest stablecoin platform. Society has deputized financial institutions to perform the crucial task of vetting all their users. By not doing so, stablecoin platforms are shirkers. Trying to outsource the policing task to the public or to the government by using a semi-transparent database technology doesn't cut it.
Interesting post. What I don’t understand is how the regulator that supervises AML compliance would tolerate PayPal doing this end run? Don’t they have leverage via their role in regulating the rest of PayPal business?
ReplyDeleteThe US has an incredibly fragmented regulatory structure split between a number of Federal watchdogs and 51 state financial authorities. PayPal itself is regulated by dozens of authorities (see https://www.paypal.com/us/webapps/mpp/licenses). What I think has happened is that the state regulator in charge of PayPal's stablecoin, the New York DFS, is engaging in a bit of regulatory entrepreneurialism by allowing a lite approach to AML compliance.
Delete> "PayPal's stablecoin platform"
ReplyDeleteWhat is PayPal's stablecoin platform? You seem to be conflating the token itself (PYUSD), the Ethereum blockchain (which facilitates the transfer, minting, and redemption of PYUSD), PayPal's app (which allows individuals to exchange USD for PYUSD without directly interacting with the blockchain), third parties that trade PYUSD and require KYC/AML checks, and third parties that do not require KYC/AML checks. This is like saying "the dollar platform" to refer to hedge funds, the fed, the entire banking system, the entire equities market, PayPal, the physical wallet I have in my pocket, and the briefcases of cash in Putin's basement.
> First, we both have to set up an Ethereum wallet. No ID check is required for this. That now allows us to access PayPal's stablecoin platform. Next, I have to fund my wallet with $5,000. I can get these these funds from a third-party who already holds money on PayPal's stablecoin platform, say from a friend, or from someone who buys goods from me, or from a decentralized exchange. Again, no ID is required for this transaction to occur. Once I have the funds, PayPal will process my $5,000 transfer to you.
The only source of PYUSD is Paxos, which is regulated by the NYDFS. The only way to create PYUSD from USD is through PayPal itself or an exchange that has established a USD pair. All of which, AFAIK, have KYC/AML laws.
If you're saying it's possible for a bad actor to get access to PYUSD through channels that _don't_ require KYC/AML checks, I don't see how that's any different than acquiring dollars. The difference is that with PYUSD, 100% of PYUSD transactions are made through a regulated entity that follows AML laws, and 100% of transactions off of those platforms and between third party crypto wallets will be publicly traceable on the blockchain.
> PayPal can reduce its costs of getting to know its customer by nudging customers off its traditional platform and onto its PayPal USD stablecoin platform. Now it can onboard them without asking for ID.
Why would PayPal do this? The enormous network of individuals and merchants is arguably PayPal's most valuable asset. Pushing individuals off of its platform and onto the public blockchain would destroy that value.
"What is PayPal's stablecoin platform?"
DeleteMy definition of "platform" is the functionality that PayPal has built that allows users to transfer dollars amongst each other. A stablecoin platform is build on a crypto database. A traditional platform is built on a non-crypto database.
"If you're saying it's possible for a bad actor to get access to PYUSD through channels that _don't_ require KYC/AML checks..."
Yes, that's what I'm saying. PayPal's regular platform is designed to stop bad actors from hopping on; not so its stablecoin platform.
"Why would PayPal do this? The enormous network of individuals and merchants is..."
You misunderstand. PayPal would keep the network of individuals and merchants. All it's doing is sliding them onto a different PayPal platform, the AML-lite one, so it can save on costs.
The post has over simplistic connotation suggesting the only use case of stablecoins is to subvert AML. Failing to present a myriad of its benefits over the established system.
ReplyDeleteBy all means let's see these benefits in action, but only after stablecoin platforms are held to the same AML standards as legacy platforms.
Delete