By Bitcoin Revista - acum 3 luni - Timp de citire: 20 minute
Răspunsul portofelului Samourai la regulile propuse de FinCEN pentru Bitcoin Amestecarea
Pe 23 octombrie 2023 l-am întrebat pe avocatul nostru, Rafael Yakobi Avocații Crypto to assemble an expert legal team to respond to the U.S. Department of the Treasury and FinCEN’s proposed rules that would seriously harm your privacy by effectively outlawing bitcoin mixing as well as conflating basic best practices such as not reusing addresses as a suspicious action requiring enhanced reporting.
Mai jos este o reproducere exactă a scrisorii pe care am transmis-o Trezoreriei și FinCEN ca parte a cererii publice pentru perioada de comentarii.
Dorim să mulțumim Rafael Yakobi și echipa pe care a reunit-o pentru a redacta acest răspuns în numele Samourai și al utilizatorilor noștri: Carla Reyes, Sasha Hodder, JW Verret, printre alții care au lucrat cu sârguință în culise luni de zile pregătind această depunere, deoarece cred că această depășire dăunătoare a guvernului federal trebuie abordată.
Dorim să mulțumim călduros Zece31, care s-a angajat cu bunăvoință să ajute la acoperirea unora dintre costurile considerabile pe care le-am suportat pentru redactarea acestui răspuns.
Lastly, we would like to thank all 25 of the unaffiliated Bitcoin companies that read and signed this letter to FinCEN in agreement with our position. They are listed individually at the bottom of this page.
Puteți descărca un PDF al scrisorii de mai jos:
Secțiunea 311 Combinarea tranzacțiilor Desemnare NPRM Scrisoare de comentariu PDF
Andrea Gacki 22 ianuarie 2024
Director
Rețeaua de executare a crimelor financiare
Departamentul Trezoreriei SUA
PO Box 39
Viena, VA 22183
PREMISE ELECTRONIC
Re: Număr dosar FINCEN–2023–0016 – Propunere de măsură specială privind amestecul de monede virtuale convertibile ca clasă de tranzacții de preocupare primară de spălare a banilor
Stimate director Gacki:
We appreciate the opportunity to comment on Docket Number FINCEN-2023-0016 (the "Mixing Transaction NPRM"), released by the Financial Crimes Enforcement Network ("FinCEN") on October 22, 2023.[1] Suntem o varietate de companii neafiliate care se bazează pe măsuri importante de siguranță cibernetică și pe software care să permită confidențialitatea pentru a ne proteja afacerile și utilizatorii. Amploarea extremă a regulilor propuse de Tranzacția mixtă NPRM ar împovăra excesiv utilizarea noastră a unor astfel de tehnologii în moduri care nu ar ajuta FinCEN să își îndeplinească mandatul de prevenire a spălării banilor și a altor utilizări ilicite a banilor. Drept urmare, scriem pentru a ne exprima gravele îngrijorări cu privire la noutatea și domeniul de aplicare a Măsurilor Speciale Propuse și definițiile inadecvate conținute în acestea.[2]
The Proposed Special Measures would unreasonably infringe upon the legitimate financial privacy interests of cryptocurrency users, and would apply to a variety of digital techniques that are not mixing transactions at all, but rather simply represent good cybersecurity practices. Moreover, the Proposed Special Measures are unnecessary to achieve FinCEN's aim, and we encourage FinCEN to either withdraw the Mixing Transaction NPRM altogether or to pursue a less invasive, less restrictive, and more effective approach—the same approach it has used since its first enforcement activities in the cryptocurrency space in 2013—to enforcement against specific bad actors.
1. FinCEN ar trebui să fie prudent și să retragă în întregime sau să adapteze în mod restrâns NPRM tranzacției mixte, deoarece, dacă ar fi adoptată, NPRM a tranzacției mixte nu ar reprezenta doar prima dată când FinCEN și-a folosit competențele prevăzute la Secțiunea 311 împotriva unei clase de tranzacții, ci și prima dată când FinCEN a impus vreodată Măsura Specială 1.
Historically, FinCEN has exercised caution in making designations under Section 311 and implementing Special Measures. Section 311 (31 U.S.C. 5318A), authorizes the U.S. Department of Treasury ("Treasury") to designate a foreign jurisdiction, financial institution, class of transactions, or type of account as being of "primary money laundering concern" and impose one or more of five possible "special measures." Treasury delegated that authority to FinCEN, which has used its power quite sparingly since Section 311's enactment. The first Section 311 action instituted by FinCEN in the virtual currency space occurred in 2013, when FinCEN instituted special measures against Liberty Reserve. Prior to that time, between 2002 and 2013, FinCEN had only ever implemented special measures against just four jurisdictions and 13 financial institutions. After a protracted legal battle regarding a Section 311 action between 2015-2017, FinCEN seemed reluctant to use its Section 311 powers widely. [3] Crearea Diviziei de Investigații Globale (GID) în 2019 [4] and the enactment of the Anti-Money Laundering Act of 2020, which increased FinCEN's authority "to prohibit or impose conditions upon certain transmittals of funds (to be defined by the Secretary) by any domestic financial institution or domestic financial agency," [5] coincided with an uptick in the use of Section 311 powers and a broadening of FinCEN's attention to all 5 available Special Measures.
Importantly, throughout its use of Section 311, FinCEN traditionally imposes Special Measure Number 5 to isolate a specific foreign financial institution and prevent it from accessing the U.S. financial system. Until this Mixing Transaction NPRM, FinCEN has only used Special Measure Number 1 one other time—in 2012 against JSC CredexBank ("Credex").[6] Ulterior, FinCEN a retras această regulă propusă în 2016. [7] Dacă va fi adoptată, Tranzacția Mixtă NPRM ar constitui prima dată când FinCEN va impune Măsura Specială Numărul 1 în exercitarea Atribuțiilor sale conform Secțiunii 311. În plus, această tranzacție mixtă NPRM reprezintă prima dată când FinCEN încearcă să desemneze o întreagă clasă de tranzacții drept principală preocupare de spălare a banilor. Încurajăm FinCEN să manifeste o prudență extremă în exercitarea competențelor sale conform Secțiunii 311 într-un mod atât de nou – prima desemnare a unei clase de tranzacții și prima impunere a Măsurii Speciale 1.
Exercising caution in Section 311 powers reflects the seriousness of Treasury's policy purposes for invoking its powers to make primary money laundering concern designations and impose special measures—namely, to act as a signal to the world that FinCEN is "serious about ensuring that the international financial system is safeguarded against the threat of money laundering." [8] As Treasury explained in the press release announcing the very first use of its Section 311 powers in 2002, when FinCEN uses Section 311, "[FinCEN] tell[s] the world clearly that these jurisdictions [or entities or transactions] are bad for business and that their financial controls cannot be trusted." [9] For the reasons further explained below, FinCEN's targeting of convertible virtual currency ("CVC") [10] purported "mixing" transactions does not achieve these aims. Rather than target transactions that are "bad for business," the Mixing Transaction NPRM targets an overly broad range of technical approaches used as best practices both by businesses and individuals for ensuring the security of CVC and impinges on privacy rights of legitimate users of CVC. In an attempt to exercise authority it has never used before (class of transactions) through a special measure it has never previously imposed successfully (special measure 1), FinCEN created a proposed rule fraught with misunderstandings and overreach. We urge FinCEN to withdraw the rule and reconsider its approach to this novel use of its authority.
2. The Mixing Transaction NPRM proposes a rule that is an improper and overbroad application of Section 311 measures to achieve transaction surveillance and suppression that FinCEN does not otherwise have a lawful basis to undertake.
Although the Mixing Transaction NPRM ostensibly designates a class of transactions as being of Primary Money Laundering Concern, its real goal is to uncover an alternative method for collecting information about and suppressing the use of digital currency in general. The Mixing Transaction NPRM is an improper and overbroad application of Section 311 measures for that purpose. Indeed, although the Mixing Transaction NPRM allegedly sanctions a class of transactions, it inconsistently throughout refers to "CVC mixers," "CVC mixing" and "CVC mixing services" by reference to specific business entities [11] și ca tip de model de afaceri în general.[12] Dacă FinCEN are motive să creadă că anumite entități desfășoară activități ilicite, FinCEN ar putea folosi competențele din Secțiunea 311 pe care le-a folosit în mod tradițional și cu succes pentru a viza anumite entități ca instituții financiare cu principala preocupare de spălare a banilor. O astfel de abordare oferă o modalitate mai direcționată de a aborda spălarea efectivă a banilor, protejând în același timp utilizatorii legitimi ai instrumentelor legitime de îmbunătățire a confidențialității.
În special, Trezoreria a sancționat separat ceea ce se referă la tranzacții de amestecare CVC prin autoritatea Oficiului pentru Controlul Activelor Străine (OFAC) pentru a desemna persoane sau proprietăți care efectuează tranzacții cu jurisdicții străine desemnate în mod special, identificate prin ordin executiv ca amenințări teroriste. [13] Treasury is currently facing legal challenges to, and has been widely criticized for, its attempt to sanction the Tornado Cash open source software as property of a non-existent entity Treasury alleges is called "the Tornado Cash DAO entity." [14] Although we agree with the many arguments as to why Treasury's OFAC action with regard to Tornado Cash software is an example of agency overreach, we wish to make a different but related point here. To justify its OFAC sanctions against the Tornado Cash software, Treasury had to designate the software as property of an entity. [15] OFAC officially explained as part of defending its sanction to a judge that the Tornado Cash software was property under Treasury's regulations because it fell within the broad reach of "any contract whatsoever." [16] Although the definition of "transaction" under the BSA regulations is quite broad, it does not encompass "any contract whatsoever" but rather centers on monetary transfers and specific services offered by financial institutions, and provides a catch-all for "any other payment, transfer, or delivery by, through or to a financial institution, by whatever means effected." [17] Nicio parte din definiția aplicabilă amestecării CVC nu este, de asemenea, un contract.[18]
In other words, in proposing the Mixing Transaction NPRM, one arm of Treasury is classifying CVC mixing as a transaction type while another arm of Treasury argues that mixing is a contract for services. Under the regulations governing both enforcement actions, mixing activity cannot be both a transaction type and a contract for service simultaneously. Treasury's attempt to designate mixing software as both a type of transaction and a contract is evidence of the arbitrary and capricious nature of its attempt to regulate open-source software that enhances the digital privacy of legitimate CVC users. To the extent that FinCEN really wants to target non-custodial, open-source software that individuals can use on their own accounts, FinCEN exceeds its statutory authority.
Indeed, tools that enhance digital privacy in CVC transactions simply seek to enable a form of digital cash. As a result, in its rush to find a way to suppress CVC mixing transactions, by whichever means, even if inconsistent amongst different internal branches of its own agency, FinCEN's Mixing Transaction NPRM amounts to an attempt to sanction "all transactions conducted in cash," which is both impossible and an unreasonable over-extension of its rulemaking authority.
3. The Mixing Transaction NPRM should be withdrawn because the proposed definition of "CVC mixing" is overbroad and targets lawful activity in a way that makes the agency's proposed action arbitrary and capricious.
Setting aside FinCEN's own apparent confusion about whether CVC mixing is a transaction, a service, a business, or a specific business entity, when FinCEN does attempt to define the "class" of transactions that it considers to be CVC mixing, the Mixing Transaction NPRM's definition of "mixing" is extremely broad and includes numerous activities routinely conducted by legitimate users as a matter of routine safety precautions in online transacting in CVC. Specifically, the Mixing Transaction NPRM provides:
The term "CVC mixing" means the facilitation of CVC transactions in a manner that obfuscates the source, destination, or amount involved in one or more transactions, regardless of the type of protocol or service used, such as: (1) pooling or aggregating CVC from multiple persons, wallets, addresses or accounts; (2) using programmatic or algorithmic code to coordinate, manage, or manipulate the structure of a transaction; (3) splitting CVC for transmittal and transmitting the CVC through a series of independent transactions; (4) creating and using single-use wallets, addresses, or accounts, and sending CVC through such wallets, addresses, or accounts through a series of independent transactions; (5) exchanging between types of CVC or other digital assets; [19] sau (6) facilitarea întârzierilor inițiate de utilizator în activitatea tranzacțională. [20]
Într-adevăr, majoritatea activităților cuprinse în definiția propusă a amestecării CVC sunt considerate cele mai bune practici stabilite în industrie pentru utilizarea și păstrarea în siguranță a CVC. În mod specific, definiția propusă include, printre altele, tranzacțiile fulger, portofelele de unică folosință, swapurile atomice, protocoalele de finanțare descentralizate, caracteristicile de monede de confidențialitate și portofelele cu semnături multiple. Principalul punct comun dintre această gamă largă de instrumente software este că acestea îmbunătățesc confidențialitatea digitală și oferă tehnici de bază de securitate cibernetică proprietarilor sau custodelor CVC. Folosirea acestor tehnici pentru a proteja activele digitale valoroase este la fel de rutină, banală și lipsită de scopuri ilicite precum utilizarea autentificării cu doi factori pentru a securiza un portofel digital care conține informații despre cardul de plată sau un cont X (fost Twitter) pentru a preveni un anunț neautorizat.[21]
4. The Mixing Transaction NPRM should be withdrawn because its inaccurate depiction of standard security practices as "mixing" impermissibly restricts the capacity of users to protect their property so that FinCEN can conduct a fishing expedition.
The proposed rule describes as red flags such everyday practices as "creating and using single address wallets" and "splitting CVC for transmittal." [22] The standard practice among cryptocurrency users is to change addresses with every transaction. For example, Coinbase Exchange describes to their users that: "[w]e automatically generate a new address for you after every transaction you make or when funds are moved between your wallet and our storage system. This is done to protect your privacy, so a third party cannot view all other transactions associated with your account simply by using a blockchain explorer." [23]
The fact that a small subset of users, who may be criminals, engage in the same operational security practices as ordinary users does not make those operational security practices suspect. The fact that criminals may use two-factor authentication to protect the security of their online applications does not mean that the use of two-factor authentication is itself an indicator or facilitator of criminal activity. In exactly the same way, the fact that users do not reuse Bitcoin addresses is merely indicative of basic operational security.
Într-o aparentă recunoaștere a faptului că aceste instrumente permit în mod legitim măsuri de precauție importante de securitate cibernetică, FinCEN scutește instituțiile financiare de la raportarea oricăreia dintre propriile tranzacții mixte pe care le pot efectua în timpul furnizării de servicii către public.[24] Prin exceptarea instituțiilor financiare de la regulă, FinCEN creează un regim în care instituțiile financiare pot lua măsuri adecvate de securitate cibernetică pentru utilizarea CVC, dar oamenii obișnuiți nu pot.
Poate și mai problematic, în cadrul NPRM al Tranzacției de mixare, FinCEN justifică regula propusă ca fiind necesară pentru a permite autorităților de aplicare a legii și agenției să înțeleagă mai bine tranzacțiile și măsura în care activitatea ilicită are loc prin amestecarea CVC. [25] The extraordinary and never before successfully invoked Section 311 power to designate a class of transactions and implement special measure 1 is not appropriate for use in a fact-finding mission. Employing such overly broad definitions as proposed in the Mixing Transaction NPRM for the purpose of authorizing an invasive fact-finding mission represents an arbitrary and capricious use of FinCEN's delegated rulemaking authority because FinCEN's justification for the rule lies outside of the statutory criteria for determining a class of transactions is of primary money laundering concern.
Specifically, FinCEN is statutorily required to consider the following factors when determining that a class of transactions is of primary money laundering concern: (1) the extent to which the class of transactions is used to facilitate or promote money laundering in or through a jurisdiction outside of the United States, including money laundering activity with connections to international terrorism, organized crime, and proliferation of WMDs and missiles; (2) the extent to which a class of transactions is used for legitimate business purposes; and (3) the extent to which action by FinCEN would guard against international money laundering and other financial crimes." [26] Pe parcursul tranzacției de amestecare NPRM, FinCEN recunoaște că, din cauza lipsei de date și a lipsei de înțelegere a mixerelor CVC, nu poate evalua suficient în ce măsură amestecarea CVC și regula propusă se potrivesc cu oricare dintre aceste trei criterii. [27] FinCEN's assessment ultimately boils down to: FinCEN does not have sufficient information to properly assess the statutory criteria required to justify the proposed rule, so the proposed rule is justified because, in FinCEN's own words, it "is necessary to better understand the illicit finance risk posed by CVC mixing." [28] Utilizarea unei sancțiuni pentru a obține informațiile necesare pentru a justifica impunerea sancțiunii chiar și atunci când agenția știe că acest lucru va impune probabil o povară mare asupra utilizărilor legitime și instituțiilor financiare este definiția acțiunii de reglementare arbitrare și capricioase.
5. The Mixing Transaction NPRM should be withdrawn or significantly narrowed in scope because FinCEN's required statutory analysis fails to adequately value the legitimate uses of CVC mixing services and unduly burdens legitimate users and financial institutions.
FinCEN admits that public blockchains "make it possible to know someone's entire financial history on the blockchain" [29] and that it "recognizes that there are legitimate reasons why responsible actors might want to conduct financial transactions in a secure and private manner given the amount of information available on public blockchains." [30] Yet, in the same document, alleges that the Mixing Transaction NPRM is necessary because CVC "is not without its risks and, in particular, the use of CVC to anonymize illicit activity undermines the legitimate and innovative uses of CVC." [31] Aceste două propoziții nu pot fi exacte simultan.
As a matter of technical reality, FinCEN's assertion that public blockchains expose a user's entire financial history on the blockchain to the public for everyone to see and inspect is correct. [32] Într-adevăr, acest lucru creează nevoia fundamentală ca utilizatorii legitimi de CVC să efectueze tranzacții de amestecare CVC - pentru a reintroduce același nivel de confidențialitate financiară de care se bucură în sistemul financiar tradițional. [33] to their transactions via CVC (for example, the traditional financial system does not expose a consumer's entire credit card history to the public, and indeed, federal law requires that financial institutions protect such information from being exposed to the public [34]). [35]
Asigurarea că tranzacțiile lor CVC se bucură de același nivel de confidențialitate ca și tranzacțiile din finanțele tradiționale reduce potențialul pericol de vătămare personală pentru utilizatorii legitimi și le permite utilizatorilor legitimi să evite renunțarea la dreptul lor constituțional la confidențialitate. Când identitatea unui utilizator legitim CVC este cunoscută și conectată la portofelele care dețin active CVC, utilizatorul devine o țintă pentru răpiri, jaf, extorcare și scheme de hacking. [36] Mai mult, din cauza acestei transparențe inerente prin proiectarea blockchain-urilor publice, cel de-al cincilea circuit a decis recent că nu există așteptări de confidențialitate pentru utilizatorii blockchain-urilor publice fără permisiune care nu iau nicio măsură suplimentară pentru a-și proteja confidențialitatea tranzacțiilor. [37] Utilizatorii legitimi folosesc software de îmbunătățire a confidențialității atunci când fac tranzacții în CVC pentru a evita renunțarea din greșeală la drepturile lor de confidențialitate protejate constituțional.
În cele din urmă, FinCEN și-a eșuat complet obligația de a lua în considerare în mod adecvat impactul asupra utilizatorilor legitimi, așa cum este cerut de autoritatea sa de reglementare. În apărarea alegerii măsurii speciale de la 1 la 2 la 5, FinCEN subliniază, fără explicații, că măsura specială 1 – păstrarea suplimentară a evidenței – permite utilizatorilor legitimi să continue să utilizeze software de îmbunătățire a confidențialității fără întrerupere. [38] This is false, as covered entities must report on any transaction that may have involved CVC mixing and a foreign jurisdiction. Indeed, read broadly, it is possible that the rules proposed by the Mixing Transaction NPRM require reporting on transactions that involve CVC that were transacted through mixing software at any point in the asset's transaction history. Such reporting directly impedes the reasons for which legitimate users employ mixing software (to enhance financial privacy) by requiring the elimination of financial privacy (it is not a private transaction if an intermediary must surveil and report on the transaction). Software tools like mixers that enhance digital financial privacy provide a true electronic equivalent to cash. Notably, transactions in cash are not subject to rules such as those proposed in the Mixing Transaction NPRM. In an apparent acknowledgment of this deep and inherent conflict between the rules proposed by the Mixing Transaction NPRM and the legitimate uses to which legitimate users put CVC mixing software, FinCEN itself predicts that the rule will chill the use of CVC mixers.
6. The Mixing Transaction NPRM should be withdrawn because it requires covered financial institutions to perform law enforcement's function to accomplish FinCEN's AML goals, which FinCEN, DOJ, and law enforcement can achieve using existing tools when they have a proper legal basis to employ those tools.
Like the definitions of CVC mixing and CVC mixer, the Mixing Transaction NPRM's information reporting requirements demonstrate a deep lack of technological understanding. Notably, all of the transaction information that the Mixing Transaction NPRM proposes to include in required reports by covered financial institutions involves data that, in most circumstances, FinCEN can just as easily obtain itself through blockchain data analytics. Similarly, the customer information that FinCEN would require covered financial institutions to report includes the same kinds of information such institutions must already report if a transaction raises sufficient red flags to trigger the filing of a Suspicious Activity Report (SAR). Nevertheless, the Mixing Transaction NPRM seeks to require covered financial institutions to file such reports on every single transaction for which the CVC involved may have ever been transacted through the extremely broad set of software that FinCEN's proposed rule defines as CVC mixing software. In other words, because law enforcement investigations into activity involving CVC are sometimes more difficult, FinCEN seeks to impose broad surveillance of individuals without cause through covered financial institutions. Covered financial institutions should not have to become de facto ofițerilor de aplicare a legii pentru a facilita investigațiile pentru FinCEN.
FinCEN, Departamentul de Justiție și organele de aplicare a legii au folosit anterior și cu succes instrumentele pe care FinCEN le cere instituțiilor financiare să le folosească pentru raportarea conformității în cadrul NPRM privind tranzacțiile mixte pentru a viza anumiți actori ilegali. FinCEN a demonstrat că știe să investigheze și să pună în aplicare în mod corespunzător furnizorii de servicii de mixare CVC cu custodie care nu respectă reglementările la care sunt supuși. Vizând în mod specific actorii iliciți despre care FinCEN și organele de aplicare a legii au construit un caz clar și puternic, folosind instrumentele disponibile de analiză a datelor blockchain, echilibrează mai bine nevoia de a combate amestecul ilicit de CVC cu utilizarea legitimă a amestecului de CVC de către persoanele care încearcă să își protejeze legitim, constituțional și interese de confidențialitate protejate prin lege.
Pentru toate motivele discutate mai sus, îndemnăm FinCEN să retragă complet NPRM tranzacție mixtă.
Multumesc ca ai luat in considerare.
Dacă aveți întrebări sau doriți informații suplimentare, vă rugăm să consultați informațiile de contact de mai jos:
Rafael Yakobi, Esq.
Partener
The Crypto Lawyers, PLLC.
[e-mail protejat]
(619) 317-0722
Cu sinceritate,
Portofel Samourai, Zece31, Râu, S, RoninDojo, Lebădă Bitcoin, Primar, GRILĂ, Zaprite, Piersic, Spațiul Mempool, Date din amonte, Stakwork, Vida Global, Voltaj, Coinkite, Portofel Mutiny, Standard Bitcoin Despre, Energia Satoshi, Cathedra Bitcoin, AnchorWatch, Bitnob, Oshi, Battery Finance,Îndoiţi, Start9
FinCEN, propunere de măsură specială privind amestecarea monedelor virtuale convertibile, ca clasă de tranzacțiiof Primary Money Laundering Concern, Dkt. FINCEN-2023-0016 (Oct. 22, 2023) https://www.fincen.gov/sites/default/files/federal_register_notices/2023-10-19/FinCEN_311MixingNPRM_FINAL.pdf [hereinafter Mixing Transaction NPRM”] ↩︎In this regard, we intend this letter to specifically respond to FinCEN’s request for comments A(1)-(8), B(2)-(3), C(1), D(2), and D(11) as listed in the Mixing Transaction NPRM. ↩︎See FBME Bank Ltd. v. Lew, 125 F. Supp. 3d 109 (D.D.C. 2015); FBME Bank Ltd. v. Lew, 142 F.Supp.3d 70 (D.D.C. 2015); FBME Bank Ltd. v. Lew, 209 F.Supp.3d 299 (D.D.C. 2016); FBME Bank Ltd. v. Munchin, 249 F. Supp.3d 215 (D.D.C. 2017). ↩︎FinCEN, Press Release, New FinCEN Division Focuses on Identifying Primary Foreign Money Laundering Threats (Aug. 28, 2019),https://www.fincen.gov/news/news-releases/new-fincen-division-focuses-identifying-primary-foreign-money-laundering-threats. We note with some alarm that the timing of GID’s creation coincided with the release of FinCEN’s 2019 CVC guidance, indicating that perhaps the two were coordinated and greater targeting of CVC users has been underway for some time. ↩︎2021 NDAA, Section 9714, https://www.congress.gov/116/bills/hr6395/BILLS-116hr6395enr.pdf. ↩︎77 Fed. Reg. 31,794 (Mar. 30, 2012). ↩︎81 Fed. Reg. 14,408 (Mar. 17, 2016). ↩︎U.S. Dept. Treas., Press Release, Fact Sheet Regarding the Treasury Department’s Use of Sanctions: Authorized Under Section 311 of the USA PATRIOT ACT (Dec. 20, 2002), https://home.treasury.gov/news/press-releases/po3711. ↩︎Id-ul. ↩︎We note that we dislike the term convertible virtual currency, as it does not fit industry understanding of the technical realities of cryptocurrencies and their many uses. We use the term in this letter only because it is the language that FinCEN has adopted for the implementation of its regulations. As an aside, we would encourage FinCEN to adopt more technically accurate vocabulary for implementing its regulations, as doing so would help FinCEN avoid proposing unworkable and overbroad regulations such as the Mixing Transaction NPRM. ↩︎See, e.g., Mixing Transaction NPRM, supra note 1, at 15 (“ChipMixer, a darknet CVC ‘mixing’ service”); 16 (referring to Bestmixer.io as a CVC mixing transaction); 20 (referring to enforcement against “Bitcoin Fog”). ↩︎See, e.g., id. at 5 (“persons who facilitate…CVC mixing transactions”); 18 (“RAILGUN falls under the umbrella of CVC mixing…because it uses its privacy protocol to manipulate the structure of the transaction to appear as being sent from the RAILGUN contract address, thus obscuring the true originator.”); 20 (“CVC mixing services often deliberately operate opaquely…”.) ↩︎U.S. Dpt. Treas., Press Release, U.S. Treasury Sanctions Notorious Virtual Currency Mixer Tornado Cash (Aug. 8, 2022), https://home.treasury.gov/news/press-releases/jy0916. ↩︎See, e.g., Van Loon et. al., v. OFAC, No. 23-506669 (5th Cir. 2023) (notably, a variety of amici intervened with arguments critiquing the OFAC sanction at both the District Court and 5th Circuit Court of Appeals); Peter Van Valkenburgh, New Tornado Cash Indictments Seem to Run Counter to FinCEN Guidance, CoinCenter (Aug. 23, 2023), https://www.coincenter.org/new-tornado-cash-indictments-seem-to-run-counter-to-fincen-guidance/. ↩︎OFAC, FAQ 1095, https://ofac.treasury.gov/faqs/1095 (“OFAC designated the entity known as Tornado Cash, which is a “partnership, association, joint venture, corporation, group, subgroup, or other organization” that may be designated pursuant to the IEEPA.”). ↩︎See, Order, Van Loon et. al. v. Dpt. Treas., 1:23-CV-312-RP at 18 (W.D. Tx. Aug. 17, 2023). ↩︎31 CFR 1010.100(bbb)(1). “Except as provided in paragraph (bbb)(2) of this section, transaction means a purchase, sale, loan, pledge, gift, transfer, delivery, or other disposition, and with respect to a financial institution includes a deposit, withdrawal, transfer between accounts, exchange of currency, loan, extension of credit, purchase or sale of any stock, bond, certificate of deposit, or other monetary instrument, security, contract of sale of a commodity for future delivery, option on any contract of sale of a commodity for future delivery, option on a commodity, purchase or redemption of any money order, payment or order for any money remittance or transfer, purchase or redemption of casino chips or tokens, or other gaming instruments or any other payment, transfer, or delivery by, through, or to a financial institution, by whatever means effected.” ↩︎Notably, in the Mixing Transaction NPRM, FinCEN refers to Tornado Cash as a “CVC mixer,” not as a CVC mixing transaction. Is mixing a transaction? Is mixing a contract? Is mixing a type of business? The fact that FinCEN cannot decide belies the inappropriateness of using its Section 311 sanctions as proposed. ↩︎We note that the Mixing Transaction NPRM does not include a definition of “other digital assets” anywhere. Further, we are unaware of any definition of “digital assets” in FinCEN’s regulations or guidance. Finally, it is not clear to us how FinCEN has authority to impose regulatory reporting requirements upon exchanges of CVC for digital assets that are not CVC. See FinCEN, Application of FinCEN’s Regulations to Persons Administering, Exchanging or Using Virtual Currencies, FIN-2013-G001 (Mar. 18, 2013) (the phrase “digital assets” appears nowhere in the 2013 Guidance); FinCEN, Application of FinCEN’s Regulations to Certain Business Models Involving Convertible Virtual Currencies (May 9, 2019) (the only time that the phrase “digital assets” appears in the 2019 Guidance is in footnote 75 in reference to the title of the SEC “Framework for Investment Contract Analysis of Digital Assets”). This is just another small but notable way in which FinCEN seeks to overreach its authority through the Mixing Transaction NPRM. ↩︎Mixing Transaction NPRM, supra note 1, at 30-31. ↩︎True Tamplin, How to Protect Your Digital Wallet from Cyber Threats, Forbes (Dec. 19, 2023, 2:00 pm EST), https://www.forbes.com/sites/truetamplin/2023/12/19/how-to-protect-your-digital-wallet-from-cyber-threats/?sh=1e9146825981 (noting the importance of 2FA for securing digital wallets). ↩︎Mixing Transaction NPRM, supra note 1, at 30-31. ↩︎Vedea https://help.coinbase.com/en/exchange/managing-my-account/crypto-address-change ↩︎Mixing Transaction NPRM, supra note 1, at 31. ↩︎See, e.g., id. at 24 (“Furthermore, the information generated by this special measure would support investigations into illicit activities by actors who make use of CVC mixing to launder their ill-gotten CVC by law enforcement. At present, there is no similar or equivalent mechanism possessed by law enforcement to readily collect such information, depriving investigators of the information necessary to more effectively understand, investigate and hold illicit actors accountable.”). ↩︎31 U.S.C. 5318A(a)(1). ↩︎See Mixing Transaction NPRM, supra note 1, at 19 (not enough data to know how much CVC mixing is used in money laundering); 22 (not enough “available transactional information” for FinCEN to “fully assess the extent to which or quantity thereof CVC mixing activity is attributed to legitimate purposes”); 22 (essentially claiming that FinCEN’s lack of information itself is reason enough to show that getting more information would guard against international money laundering). ↩︎Id. la 23. ↩︎Id. la 7. ↩︎Id. la 21. ↩︎Id. at 6-7. ↩︎Matthias Nadler & Fabian Schar, Tornado Cash and Blockchain Privacy: A Primer for Economists and Policymakers, 105 Fed Res. Bk. St. Louis Rev. 122 (2023); Vitalik Buterin, et. al., Blockchain Privacy and Regulatory Compliance; Towards a Practical Equilibrium (Sept. 9, 2023) (unpublished manuscript), ↩︎See, e.g., 12 U.S.C. §§ 3401-3423 (the Right to Financial Privacy Act of 1978 (RFPA), which protects the confidentiality of personal financial records by creating a statutory fourth amendment protection for bank accounts). ↩︎16 C.F.R. Part 314, 67 Fed. Reg. 36484 (May 23, 2002) (FTC rule addressing the requirement that covered financial institutions safeguard non-public information”) ↩︎Matthias & Schar, supra note 32. ↩︎For a documented timeline of physical attacks on Bitcoin users, see Known Physical Bitcoin Attacks, GitHub
https://github.com/jlopp/physical-bitcoin-attacks/blob/master/README.md (last visited Jan. 22, 2024). ↩︎See United States v. Gratowski, No. 19-50492 (5th Cir. 2020). ↩︎Mixing Transaction NPRM, supra note 1, at 25 (special measure 1 is the only special measure that will preserve “legitimate actors’ ability to continue conducting secure and private financial transactions.”). ↩︎
This is a guest post by Samourai Wallet. Opinions expressed are entirely their own and do not necessarily reflect those of BTC Inc or Bitcoin Revistă.
Sursă originală: Bitcoin Revistă