As the cryptocurrency industry grows, state and federal governments are considering how that industry should be regulated. The President has directed the Secretary of the Treasury to report soon on the issues involved. A draft bill that would regulate stablecoins has been released in the U.S. Senate. Meanwhile, states are competing with one another to adopt regulatory laws that may attract cryptocurrency firms to their welcoming, but taxing, arms striving for economic growth.
Will regulation be designed to avoid discouraging innovation in a highly creative environment? Fears have been expressed that unregulated cryptocurrency could theoretically present systemic risk, and consumers may need to be protected--particularly in light of the recent collapse of the Luna cryptocurrency and its related Terra stablecoin. Some believe that regulation may be an opportunity to include those presently unserved by the banking system. Complicating this already complicated picture may be rivalry among multiple federal agencies, including the banking regulators, the Securities and Exchange Commission, the Commodities Futures Trading Commission, and the Federal Trade Commission, each of which may make a case for potential authority over aspects of the cryptocurrency industry. Our panel of experts will address these timely and controversial questions.
Douglas Elliott, Partner, Oliver Wyaman
Michael Piwowar, Executive Director, Milken Institute Center for Financial Markets
Dawn Stump, Former Commissioner, U.S. Commodity Futures Trading Commission
Thomas Vartanian, Executive Director, Financial Technology & Cybersecurity Center
Moderator: Paul N. Watkins, Managing Director, Patomak Global Partners
To register, click the link above.
As always, the Federalist Society takes no position on particular legal or public policy issues; all expressions of opinion are those of the speaker.
Dean Reuter: Welcome to Teleforum, a podcast of The Federalist Society's practice groups. I’m Dean Reuter, Vice President, General Counsel, and Director of Practice Groups at The Federalist Society. For exclusive access to live recordings of practice group Teleforum calls, become a Federalist Society member today at fedsoc.org.
Ryan Lacey: Hello, and welcome to The Federalist Society's virtual event. This afternoon, May 17, 2022, we discuss "The Government's Arms Around Cryptocurrency: Hug or Stranglehold?" My name is Ryan Lacey, and I'm an Assistant Director of Practice Groups at The Federalist Society. As always, please note that all expressions of opinions are those of our experts on today's call.
Today we are fortunate to have an excellent panel moderated by Paul Watkins, whom I will introduce very briefly. Paul Watkins is a Senior Advisor at Patomak Global Partners, where he focuses on state and federal regulatory issues surrounding financial tech, including payments, consumer and small business lendings, open banking, data privacy, and digital assets. Paul joined Patomak from the Consumer Financial Protection Bureau, where he founded the Office of Innovation and was the Bureau Director's primary advisor on innovation. Paul received his undergraduate degree from Hillsdale College, and his J.D. from Harvard Law School.
After our speakers give their remarks, we will turn to you, the audience, for questions. If you have a question, please enter it into the Q&A feature at the bottom of your screen and we will handle questions as we can towards the end of today's program. With that, thank you for being with us today. Paul, the floor is yours.
Paul N. Watkins: Well, thank you so much, Ryan. Thank you all for being here. And I think you're in for a real treat with this conversation among genuine experts in this space. It's a pleasure to participate and be with you all. The format today is that each of our panelists will speak for about eight minutes each, and then we'll have an opportunity for the panelists to engage, and some audience questions.
So what I'd like to do to kick things off is give you just a couple sentences about each of the speakers. You can find their full bios and extensive experience in the link for this event. Our first speaker is Dawn Stump, who recently completed her term as CFTC Commissioner. And she has an extensive history of senior executive roles in financial services, and, before that, on the Hill.
Next, we're going to hear from Doug Elliott, who's a partner at Oliver Wyman. He's held fellowships at the Brookings Institution and the International Monetary Fund. And this followed an extensive career in investment banking.
Dr. Michael Piwowar is the Executive Director of the Milken Institute Center for Financial Markets. He is a former SEC commissioner. And, I'll say, for a few wonderful months he was the Acting Chairman of the SEC. And I've always wondered what would have been the trajectory of crypto regulatory policy had he continued in that role.
Finally, we're going to hear from Tom Vartanian, who is the Executive Director of the Financial Technology and Cybersecurity Center. Her formerly ran the program on Financial Regulation and Technology at George Mason, and he has chaired the financial institutions practice at two international law firms. And he has must-read book, whose title you can see there, 200 Years of American Financial Panic.
With that, I will turn things over to Commissioner Stump. Thank you so much for being with us.
Dawn Stump: Thanks, Paul. And thanks, Ryan. I'm really excited to have this conversation. And for the first time for me, I'm having this conversation without all of my standard disclaimers that the government lawyers make me apply. So it's just my thoughts, but they are not with any government disclaimers today.
1 did think that the title of this particular webinar was quite fitting, "Hug or Stranglehold." And I think that is something that regulators are grappling with. And I think it's a very timely discussion. Recently, I think there's been a lot said about the existence of gaps in the crypto market regulatory authorities. What about gaps is it that we're trying to define here? And I think the expectation is that the regulators need more authorities. And perhaps they do.
But I do think we would all be well-served to think about existing authorities and what those current authorities already afford regulatory bodies, and, in particular, if the enforcement activity is any indication, the market regulators of the U.S. seem to believe their existing authorities already extend to many of these activities. And I would agree, in some cases, they do. So maybe we should first look at how to address the expectations for compliance with existing authorities, and therefore address the more immediate gaps, which I would call the gaps between enforcement and oversight expectation.
So I'm suggesting we might be better served to talk about two tracks. One, obstacles that can be addressed now, with the current authorities. And, two, those that may require new authorities, which will more time and action from Congress.
Unfortunately, I think the gap that may be hindering progress here is -- there are two. And I think gap number one is a gap in agendas. This gap is sort of what I call the gap among regulators. What is the agenda? Are we trying to advance responsible market innovation, or are we trying to limit it? And I think that needs to be decided among regulators. And I know there's quite a bit of work being done at the FSOC, and among the various regulatory agencies that are involved.
And then, two, I think there is a gap in priorities, which is pretty natural for any emerging new asset class, the gap that is -- if we are talking about skepticism or potential. And I think industry always sees potential first. And regulators tend to see, tend to approach these things with skepticism first. I think it's time we have the conversation in a sincere way about how we bridge that divide. Because, in reality, they should not be that far apart.
Regulators should also, in theory, be interested in advancing responsible technology and innovations. And those who are genuinely interested in advancing these innovations have an interest in a well-regulated market, a safe market space that only seeks to legitimize what they want to do.
But as crypto has evolved, or, perhaps, in response to the enforcement actions, many in the crypto product development area are desperately seeking a new regulatory home. And I think this process could be expedited with regulatory guidance and updated rules in the near term, under current authorities. And, also, on two tracks, with a separate track relative to what may need to be added to existing authorities. But I think regulators and innovators should really be focused on a genuine effort to address what needs to be addressed within current authorities first.
So these would-be regulated entities are suddenly desperate to find a hook to hang their hat on. And yet, the only real roadmap they have today is enforcement settlements. And I think that's led to a lot of confusion. And I honestly think many people are asking all the wrong questions. For example, one of the questions I think is just missing the mark is whether or not your product is a security or commodity. Maybe that's a correct question to be asking relative to the SEC. But the CFTC doesn't regulate commodities. They regulate futures and swaps. So, I really do think we need to have an honest conversation about who regulates what.
The gap that exists is really relative to the cash, or the spot market. And that's going to need to be answered in the longer term. I think, in the shorter term it, at least from the CFTC's perspective, they would be well-served to give thought to how crypto derivatives products that have been the subject of a number of enforcement cases could be regulated in a way that encourages compliance, or what is the compliant expectation.
Another question resulting from some of these enforcement actions is what types of registration should be sought to operate legally. Are you a clearinghouse? Are you an execution platform? At the CFTC, that could be DCM, and FBOT or a SEF. Or, my favorite, are you a broker at the CFTC? That's an FDM. And I think enforcement actions have suggested that the current activity may actually trigger all of these things. And that's somewhat impressive. And I think -- I'm unaware of any entity registered as both an FCM and a DCM, a broker and a platform, execution platform, as a CFTC today.
And so, in many cases, such as the pursuit of an FCM registration — which has been the subject of several enforcement cases, settled at the CFTC — I think there's currently no regulation to provide a clear roadmap as to how one might go about registering as an FCM, beyond the traditional way an FCM comes into the marketplace, which is very ill-suited, here. And then, I do think there's another question that is going to potentially need to be addressed, and I think people are grappling with.
I'm offering products to retail or institutional. And this is something the CFTC has always applied the same standards to both. Most of the products that CFTC regulates, or most of the infrastructure is offering products to institutional clients, though retail has always been there. The parameters of the regulations are designed around institutional. And so maybe this is a time that the CFTC, in particular, needs to take a look at the retail offering and make sure that their regulations are fit for purpose.
I'm just briefly going to talk about, since we're talking, since I'm talking about retail, there is a vast amount of confusion, I think, out there, relative to this one really interesting category of transactions that is under the Commodity Exchange Act, called the Retail Commodity Transactions. And I have to tell everyone that I find it so interesting that this has become an opportunity, or is being viewed as an opportunity. And I think that's great.
But I happened to be working on Capitol Hill. And I wrote this provision, in 2008, in the Farm Bill. And it was really designed to give the CFTC -- to ensure that the CFTC's anti-fraud authority extended into what was then known as leveraged retail transactions that were very commonly referred to as rolling swaps which, from the CFTC's perspective, looks a lot like futures contract.
There was no real consideration at that time for how those transactions might look different than futures contracts and how they might be applied differently. And, as a result, there have never been any rules written around how those products could be developed and offered. And so most of the activity has really just been enforcement. And I do think that many very innovative, thoughtful folks are now thinking about how do we get this retail commodity transaction category? I think it's going to require the CFTC to be very thoughtful about designing some regulations around that to provide a roadmap.
So, just to sum things up, I think regulators could advance this process in the short term by clarifying what they want, in the way of compliance, and, as a remedy to many of the enforcement actions that have been taken to date. And I think they actually have an obligation to do so. But any of these adaptations that regulators may make to their rulebook doesn't mean it's an escape of regulations. I think, once armed with more clearly defined expectations, there's a higher bar for compliance. And then there are more legitimate enforcement actions that can be taken.
So, separately, and, I think, longer term, Congress will probably need to be engaged in deciding where gaps exist after the regulatory gaps under current authorities are dealt with. So I'll stop there. And I'm happy to take questions later.
Paul N. Watkins: Thank you so much. Doug, go ahead.
Douglas Elliott: Thank you. And thanks for the opportunity to speak with you all today. Eight minutes is not a long to cover something this big, even at a high level. So I'll be referring to several papers that I've written, which have considerably greater detail for those of you who are interested. And the first one of those, I — in March, I think it was — put out a paper on key questions in digital asset regulation. Because all over the world, not just in the U.S., policymakers are facing issues of how to deal with this new class of assets and activities.
So, in that paper, I tried to lay out, conceptually, what the most important issues are to deal with. And, not surprisingly, you'll see that it overlaps with the issues that Commissioner Stump chose to focus on, of which the first one is should digital assets be encouraged, discouraged, or channeled in some way? Because the core of my job is speaking with senior policymakers around the world in the sector. And it's become clear to me that there are three remaining classes, or buckets of views. And, by the way, for this particular question, I have a paper called, "Cryptoassets: Tulips or Dot-coms?" where I go into more detail.
But the very high-level point is there's a group of policymakers, a considerable number, who really wish they could make -- and here I'm focused on what I've taken to calling "traditional cryptoassets," like Bitcoin, Ether, etc. A little tongue-in-cheek -- thirteen years isn't a long time for tradition, except in the internet. But, in dealing with those, there's a set of policymakers that really wish they could just make them go away altogether. And they realize they haven't. They can't do that. But they still see it as the work of the devil. And, therefore, they'd like to really limit it.
There's another group I tend to call "pragmatists," who believe -- frankly, they don't tend to much like these traditional cryptoassets either. But they know they can't make them go away. They think they're going to be expanding, both in size and in types of activity, and increasingly intermeshed with the financial system. So their focus is not on making them go away, but on creating the right laws, regulations, and supervisory approaches appropriate to dealing with those.
The third and smallest group are policymakers who actually want to encourage digital assets. Now, this is the dot-coms part of my "Tulips and Dot-coms" in the title. Basically, they look at this and say, "It's a lot like the dot-coms were in 1999." If you remember back, there was massive speculation, often based on naivete and ignorance. There was outright fraud. There was almost any bad thing you can think of. And yet, as we look back, the dot-com phenomena and the internet turns out to have had massive societal value.
So this group who are more supportive, they do want appropriate safeguards, but they want to make sure that it's a hug and not a stranglehold. So I go into that because these different camps, it's very hard to bring them together. You just imagine how difficult it is to get a coherent policy, when some people want to kill them, some people want to channel them, and some people want to encourage them. So I always try to keep this in mind as I'm analyzing what's likely to happen, and what proposals have been like the Basel Capital Proposals.
A next question is whether existing laws and regulations are adequate for digital assets or whether you need to take a whole different approach. And I would say most countries in the world — and I do think the U.S. will end up there as well — are going with the approach of trying to use existing financial regulators and existing boxes and adapting those as necessary, rather than stepping back and creating a whole new regulatory body. You may be familiar with Dubai, for example, has created a whole new body for digital assets. But that's not, generally, where countries are going.
Assuming you do stick with the existing regulators, then you've got the issue that Commissioner Stump has already talked about, which is what do you do about the overlaps and the underlaps between these different authorities? And I won't insult the audience. I'm sure you've all been following the many disputes, such as the SEC's lawsuit against Ripple, which come out of disagreements about what's a security, what's a commodity, etc.
Another issue is how central bank digital currencies should fit into the broader scheme. Not that there will likely be direct regulation of central bank digital currencies when they come. But you need to look in developing policies at that whole integrated field. You don't want silos. Because, if you do go with a central bank digital currency, it will have significant effects on the rest of the digital assets ecosystem. And that can also depend heavily on the design for central bank digital currencies.
Even though I do think you need to consider this, all of this, part of one set of policies, it's a little bit outside today's talk. So I won't go a long way into this. But I will just tell you, I believe that for retail central bank digital currencies, in most jurisdictions, the arguments, from a policy point of view, for and against, are pretty evenly balanced. I tend to think that, on balance, they make sense, in most jurisdictions. But there are very intelligent, expert people who have argued the other direction.
But, at the same time, that's almost irrelevant, because these are going to happen. And they're going to happen in enough of the world that I do believe they'll end up happening here, as well. Again, I have papers on that. And that's a much longer discussion. So I won't go on at great length there.
There's questions on how you handle decentralized finance, or DeFi. And that is a -- that is a whole can of worms that needs to be dealt with one way or the other, because it's a tough set of questions. I will just say, I was initially rather horrified by decentralized finance, given that its performing functions that could be quite central and operating more or less without regulation. But the more I've learned about it, the more I think there is a chance, at least, that you could have a kind of regulated DeFi, that that's not an oxymoron, and that the ability to move from these cumbersome time-consuming expensive human-centered processes that we have towards automated processes has huge potential rewards. So we don't want to lose those.
Dawn's already talked about the question of whether existing legislative authority is sufficient to be used by the regulators, or if we need new law. I'm convinced that we will need substantial new law here. I just think there are too many ambiguities. This touches on enforcement actions as well, versus enhanced regulation. And there is also a set of questions on whether digital assets are systemically important, which then triggers if they're determined to be systematically important. It triggers a whole set of other issues.
And then the sort of next-level issues: what kind of licensing and chartering you need, what capital liquidity you also needed, and how you get adequate global coordination of what is, by definition, a very global ecosystem. I've probably run through my eight minutes at this point. So let me leave it there.
Paul N. Watkins: Right on time. Thank you so much. And now we'll go to Dr. Piwowar.
Michael Piwowar: Yeah. Thanks, Paul. And thank you to The Federalist Society for inviting me to speak. I realize that I'm talking to mostly lawyers, but I'm still going to frame my opening remarks, as an economist would say. I've come up with what I think are three necessary but not sufficient changes that I think that Congress needs to do to change the current regulation of cryptosecurities.
They're necessary, in the sense that I believe that they're the minimum that needs to be done to modernize crypto regulation in a way that promotes, rather than stifles what Commissioner Stump has put out there — or Dawn, now, I don't have to call you Commissioner anymore — responsible innovation, and also stops the loss of U.S. competitiveness in crypto markets. As Doug pointed out, these markets are truly global, and there are so many jurisdictions that are ahead of us. It's not too late for us to catch up. But we need to start moving in the right direction.
At the same time, by no means, they're not sufficient, in the sense that I think this is all that needs to be done, or should be done. But I think it's an incremental set of steps that need to get done. My fellow panelists and others have put other interesting proposals on the table that merit thoughtful attention. And I look forward to talking to them today.
So what are the three things I think Congress should do? I'll just list them off and then briefly explain each one. First, I think Congress should merge the SEC and CFTC. And I recognize that Dawn may disagree with me on that. And we can talk about that. Second, Congress needs to create a crypto-regulation regime with a shock clock on the regulator and an appeal process for the registrant. And third, Congress should codify SEC Commissioner Hester Peirce's token safe harbor proposal. So let me talk briefly about each one of these.
Merging the SEC and CFTC, and let's just, for purposes of discussion today, call it the Financial Markets Commission. Doug mentioned his paper that shows that questions about how to regulate crypto are faced by financial regulators throughout the world. Well, let's look at international jurisdictions, and how their regulatory framework looks, compared to ours. When they choose between how to regulate the financial sector, they're often choosing between a single-peak model, or a twin-peaks model. Do they have one regulator, a single peak that oversees the entire financial system? Or do they have two regulators, twin peaks? One prudential regulation, and one markets regulator.
In the United States, look at our regulatory regime. We have what I call the rolling hills model of regulation. We don't have one market regulator. We have two markets regulators, the SEC, FTC. We don't have one prudential regulator. We have, on the banking side, we have the OCC, the Fed, and the FDIC. Plus, we have state-based insurance regulation, and on and on and on.
Former Senator Chris Dodd used to say that we had an alphabet soup of regulators with acronyms in Washington D.C. Now, unfortunately, when he had the chance to sort of rationalize the system, he actually added to the alphabet soup. Yes, he got rid of the Office of Thrift Supervision, the OTS. They were repeat offenders. But he also added the CFPB, the FSOC, and the OFR, for a net gain of two.
So why do I think we need to merge the SEC and CFTC? Well Dawn and Doug have already talked about a lot of the regulatory gaps exist because of jurisdictional disputes or lack of clarification, and all those sorts of things. We've seen this before with the SEC and CFTC, where Congress has had to come in and split the market up artificially when it comes to either index futures, which are either narrow-based futures, which go to the SEC, or broad-based futures, index futures that go to the FCC. We've seen it in the swaps market where they're either swaps or are they security-based swaps.
And, for a long time, people put up with these artificial distinctions because, as Dawn pointed out, the CFTC is traditionally overseeing institutional commodities and futures, while the FCC is overseeing both retail and institutional markets for securities. Now, when we have cryptocurrencies, we have -- even ones that are deemed to be commodities, we're seeing a large retail participation. And so, I think, if we merge these two entities together, you could have the benefit of the expertise, in terms of the CFTC overseeing commodities, and the SEC with thoughtful regulation for retail investors. I think it's -- now, it actually makes sense.
And I could spend some time going through, if we want to in the discussion, how exactly that would happen, concerns we have with jurisdiction over the different committees, and those sorts of things. But I think, at a minimum, we just need to look at the 400-pound gorilla in the room and say, look, a lot of these things that Doug and Dawn pointed out could go away if we just simply put them in one single regulator.
The second thing I think Congress should do is create a crypto registration regime for this new commission, which includes, let's say, a 30-day, or some reasonable time, shock clock for them to determine whether a newly registered crypto is a security or a commodity, and then also have an appeal process for the registrant. As Dawn said, crypto market participants are desperately looking for a regulatory home. I can attest to that.
Milken Institute, we just had our global conference a couple weeks ago. We had so many crypto people there. And not one of them were trying to get out of a U.S. regulatory regime. They want to be in the United States. They want to be regulated. And, in fact, many of them have already registered at various states for them to conduct their business. And they just want Congress to address something for them so that they can have a home here in Washington D.C. Dawn used the term "responsible crypto innovators." That's what we need to promote. And we need to have them operate in the United States with regulatory certainty.
I also mentioned a shock clock. One of the things that we've seen is if we put determinations in the hands of regulators, sometimes they will sit on them. Dawn specifically mentioned a gap in priorities. These regulators are busy doing a lot of other things. Things like this can sit on someone's desk at the regulator for a long period of time. So Congress could build in a shock clock that says, look, within a certain period of time, the new regulators determine whether it's a security or a commodity or a default commodity, or they could do something else. And then also we need to build in an appeal process. We need to have checks and balances with our government. And there's various ways you could do it.
And then, finally, I think what we need to do, Congress needs to do, is codify SEC Commissioner Hester Peirce's safe token harbor proposal. She actually has a newer version of it, called 2.0. What that does is provide network developers with a three-year grace period within which, under certain conditions, they can facilitate participation in the development of a functional decentralized network that are exempt from registration and provision of the federal securities laws.
So what does that mean? What it does is it provides a safe harbor for tokens that start out as securities under the Howey Test, solely because they get caught under one of the four prongs of the Howey test, the common enterprise prong, when they first start out, because they have to have a common enterprise before it becomes decentralized. And so what you have is a Catch-22 situation where these developers of these new tokens eventually want to have a decentralized network. And, in fact, be a commodity.
But when they start out, just as a practical matter of getting these things placed, you have a common enterprise and end up being a security at the beginning. So how do you deal with something that starts out as a security and morphs into a commodity? I think Commissioner Peirce's safe harbor proposal is a very thoughtful approach to dealing with that. So, with that, I'm almost out of time. And, Paul, I'll turn it back to you.
Paul N. Watkins: Thank you so much. And Tom, we'll conclude with you. I think you're -- I see the red mic, so I think you might be on mute.
Thomas Vartanian: Yes. Thank you very much. So, thank you. And I'm very honored to speak with all of these esteemed, brilliant speakers before me. When I was playing baseball in high school and college, I was always the cleanup hitter, so I'll try to perform that role here a little bit. I'm amazed about two things. I'm amazed about how we've gotten to this point 13 years down the line from the creation of Bitcoin and not had more regulation, frankly.
Assume for a second that Satoshi Nakamoto, whoever he or she is, was an employee at JP Morgan in 2008, and went to see Jaime Dimon with the idea. And JP Morgan Chase proposed to idea to both the Comptroller of the Currency and the Federal Reserve Board, depending on where they wanted to put the business. How do you think Congress would have reacted? How do you think regulators would have reacted? How do you think consumers would have reacted if JP Morgan was the initial guiding force behind Bitcoin?
The second thing that sort of amazes me is I think when we talk, we must be speaking in a foreign language to people in the crypto and the techno business. Because we're talking about traditional boxes, traditional concepts, regulators. And they don't live in that world at all, not for a second. And the boundaries that we're talking about are completely irrelevant to the pioneers and the innovators out there.
That said, I am shocked that we've gotten to this point where we have built something that has an enormous impact on financial stability, and yet it is completely unregulated. And when I say regulation, I'm talking about prudential regulation. I'm a former bank regulatory guy, so I talk about prudential regulation. And this is an area which is largely unregulated.
But do they have an impact on the financial system instability? Hell yes. The business today is $10 trillion globally. Now, we hear the number $3 trillion of crypto out there. But that's not the real number. There's $3 trillion of crypto, there's $3 trillion of derivative securities built on crypto. And there's another $3 billion or $4 billion of $3- or $4 trillion of leverage and margin in the purchase of those securities. So that's a $10 trillion footprint.
Well, that would be the largest bank on the planet, frankly. And so the question you have to ask yourself is how do we get to this point 13 years down the line and have so little regulation, so much confusion, and so many financial regulatory agencies fighting for turf and jurisdiction?
I just finished a book, which I gave to the publisher, on what I call the un-hackable internet, which is about the fact that we've built the wrong internet for everything we're doing, because it is so highly insecure. But you take crypto, for example, built on, supposedly, the immutable blockchain. Well, there's been $14 billion of crypto taken, stolen, through hacks and other things -- just in 2021, $14 billion. How safe is that? Fourteen billion dollars, that's larger than all of the bank robberies in the history of time. So we're talking about a much different scale. And then, you look at the platform we're on. I don't care whether it's blockchain or anything else. We're on an internet that is highly insecure.
The Carnegie Endowment for International Peace has a terrific part of its website that it catalogs all of the hacks and financial incursions into financial services companies since 2007. And there's about 300 of them there. And you can read them. And you get blurry-eyed, and you say to yourself, "What in the world are we doing? How are we moving all of this business, all of this crypto, all of this value onto insecure networks that are largely, for the most part, unprotected?
And so, I want to sort of come back to a question that I get asked all the time, and I'm sure the other speakers get asked all the time, "Should I invest in crypto?" I get asked that question all the time. And I did an op-ed in the Hill this week, precisely on that question, called, I think the title of was, "Is Crypto too Cool to be Questioned?" And what I said at the end is, when we actually know what we're buying, and when we actually have some systemic regulation over the process, that's when I'll think about investing in crypto.
I think we're building a financial timebomb here, in terms of how we're approaching this with a broken regulatory system. And I think we have to be careful. I was at the Controller's Office in 1977, when the first national bank came in and made an application to establish an ATM. And we thought that was the height of technological development at the time. Again, go back to the question I asked. Where would crypto be today, if Satoshi Nakamoto was an employee of JP Morgan?
The other end of the spectrum, I look at all of the problems that we have in the financial sector, all of the embedded explosives in the marketplace that exist today, many of them created by Congress. Many of them created by what's going on in the economy, and the enormous spending of money, and the Fed buying all the treasury notes that are coming out. I mean, the Fed bought 56 percent of the Treasury notes over the last 15 months. So you got to ask yourself, who's surprised about us having inflation? And what impact on monetary policy will crypto have?
But we are creating embedded problems in the marketplace. And the question I have is sort of a question I thought about when I was writing my book, and that is, what causes financial crisis? What causes all this stuff to blow up? And the answer is, you never know. There's always a trigger that occurs once all of these things get embedded into the marketplace. And all of the things right now are clearly embedded in the marketplace. So ask yourself, what's the trigger that makes any of that explode? And I think that's something we ought to be thinking about from a point of view of financial stability.
So where do we go with all of this? Well, I sort of try to think outside of the traditional boxes that I have had ingrained into me over these 45 years that I've been doing this. And so I start with the conclusion that we've got the wrong regulatory structure. We have far too many agencies. Forget merging the CFTC and the SEC. I think we're long past that. I would merge all of the financial agencies. Because look at what a financial institution has to do when it's in business, whether it's a crypto company or JP Morgan, or Wells Fargo. They've got to negotiate with hundreds of regulators, literally hundreds of regulators, state regulators, federal regulators, international regulators.
And, in the crypto market, I count some 50 federal regulatory bodies writing standards for financial companies, not to mention the states, who are clearly trying to get into this business and create jurisdiction for themselves, and don't want to give it up. And international standards boards that are replete. And so, if you're a financial institution, how do you deal with this sort of tower of Babel?
The Bank Policy Institute, in 2017, wrote a terrific paper. It's now a little bit out of date, but it was a terrific paper. And it basically said the regulators have created more chaos than good from all of the overlapping things that they have said. And it basically accused them of not knowing what they were doing. The quotes from that report by the Bank Policy Institute are really unbelievable. Bank regulatory and supervisory guidance in this area adds no value, they said. Bank examiners lack expertise. They're making a mistake by creating once-size-fits-all regulation.
So I think we need to begin to start regulating activities rather than businesses. In the banking business, what do we regulate? We regulate banks. But Meta comes along and they said, "We're going to issue a new currency called Diem." And they just do it. They file some money transmitter forms here and there, and deal with FinCEN. But they can do it. A bank can't come along and just do it. They've got to deal with their regulators. They've got to file for basic approvals. They've got to talk to the states, and so on and so forth. And so we've got this uneven playing field, which is not great for innovation, at the end of the day.
And so the last point I'll make here is the regulation of who controls crypto companies. In 1978, I worked in the Controllers Office on the Bank Change in Control Regulation, which had just been issued by Congress as a law, resulting out of the Bert Lance affair in the Jimmy Carter administration. I know many people don't remember that. But it resulted in the Change of Bank Control Act, which resulted in regulations. What did it say? It said pretty much what the Bank Holding Company Act says. It says that if you're going to control a financial institution, because of the impact on financial stability, we want to know who you are. We want to know that you have the integrity, and the ability and the experience to run a financial institution.
Well, all you have to do to understand that that's not happening in crypto is read the Bloomberg Report on Tether. It wrote an extended journalistic investigative report on Tether. And it basically was highly critical of the fact that just about anybody and anybody can enter into the crypto business and make assertions about whether the coins are backed or not, and decide how they're going to be backed, or when they're going to be backed. And whether any of that is true, and whether any of it's going to come to fruition is anybody's guess, because nobody's watching. There are no regulators.
I'm a person who has never really loved overregulation. I think we overregulate our financial innovation. I think we overregulate everything to death. But what we need is smart regulation. We need regulation of the key factors and the key touchpoints in financial stability. That's where we ought to be looking. And the bottom line is that we built a business here of $10 trillion in 13 years, and it's largely unregulated. And that's a financial risk. It's a risk to financial stability that we ought to be thinking about.
Paul N. Watkins: Thank you all very much. And I want to let the audience know that there's an opportunity for you to ask questions that we can direct to our panelists. And we had one just come in right now. Also, the panelists may ask each other questions. And that takes precedence. So anybody who wants to take their mic off, I will recognize you, take the mute off.
So we have a question come in about DeFi. And so, Doug, maybe I'll direct this to you, because I think you commented on DeFi. How exactly could a regulator regulate a truly decentralized DeFi protocol?
Douglas Elliott: It may well be impossible to take the full extent of the decentralized finance vision and regulate an entity that operates that way. I wouldn't be shocked by that. But I think it may well be, and we'll find out over time, that you could get the great bulk of the benefits of that decentralization by having a fairly light-touch governance structure that was still enough of a true governance structure that it's possible to have appropriate regulation for it and to enforce that regulation.
But I'll admit, I don't know exactly how to do this. The International Organization of Securities Commissioners, IOSCO, put out a very good paper a month or so back, looking at the extent to which DeFi entities were actually decentralized. And what they found was, there's actually a range. Some of these are actually relatively tightly controlled by a small group of people. Others are closer to full decentralization. It's not always possible to tell from the outside. More transparency would clearly be better.
So, the point I was really trying to make, to which that question responded, is when you see the massive increase in efficiency, of being able to, essentially, reach out to all other possible counter-parties virtually instantaneously, around the world, at very low cost, you realize that the benefits are so big that I've moved from my initial abhorrence of the whole idea, which most policymakers still have, towards thinking we ought to work as hard as we can to see if we could at least find pieces of this that we could bring into an acceptably regulated environment, and get substantial advantages.
Paul N. Watkins: I know some folks have talked about potentially regulating the onramps to DeFi, so most people are getting their coins through an exchange. They're using some sort of wallet that's not entirely decentralized. It's affiliated with some kind of institution. Maybe they're going through their bank. As an initial step for folks who want to regulate more, do you think a significant percentage of the activity could be regulated by those onramps, by regulating those onramps?
Douglas Elliott: Others may have opinions on this too. My gut is it's probably not a huge percentage. I think the much bigger issue is what happens -- like the matching of the buyers and sellers, or the lenders and the borrowers, and how that all operates. I think that's more central than how you got your money from fiat currency into digital format into the DeFi entity.
Paul N. Watkins: Right. And then very much harder to address there.
Douglas Elliott: Yeah.
Michael Piwowar: Can I jump in here real quick?
Paul N. Watkins: Yeah. Go ahead.
Michael Piwowar: Yeah, sure. As you guys pointed out, what people say is truly DeFi, there's very few things that are fully DeFi. Once you start looking, peeling back the onion, you find out that there are intermediaries, or maybe onramps and offramps and all that stuff. But suppose we get to a point where you have something that really is just DeFi, really just a bunch of smart contracts out there. Well, I think one way to address that is Tom's point that he made. We need to start regulating by activities, not by what you call yourself.
So, for example, I know it's the case of broker-dealers, and Dawn, correct me if I'm wrong, pretty much the case with futures commissions merchants. What are they? They're a bunch of business processes, and a bunch of regulatory obligations. They're just basically a rulebook that puts things through. Now, if you have some creative person out there that creates a smart contract that replicates all of the processes and the regulatory obligations of a broker-dealer or an FCM, then that smart contract is in effect. It's just a bunch of if/then statements.
But, if this customer gives you money, in this custody, and if they want to trade, then you route it here, and you have these best execution requirements and all that stuff. That's, in effect, a broker-dealer at that point, right? So, even if you get to that point, just because you call something a smart contract doesn't mean it's outside the regulatory framework.
Thomas Vartanian: Paul, I agree with Mike. And, Mike, one of the problems I see in this area is everybody's got their own definitions for every word. I can't seem to pin down the definitions of DeFi or Web3 or stablecoins or anything. It's all over the place.
Michael Piwowar: We found out with digital assets — not to just plug the Milken Institute — we have what we call the taxonomy of digital assets. We could not have conversations with policymakers, because they would use two words to mean the same thing, and different words to mean --
Paul N. Watkins: Right. Right.
Michael Piwowar: -- and one same word to mean a different things.
Thomas Vartanian: But, Paul, what I wanted to say was, let me come back to the point I made about regulating activities, rather than charters. Because I think it's fundamental to where we're going. And, frankly, I think technology's going to be the thing that breaks down this barrier and tells everybody, "You can't regulate charters anymore."
Let me give you an example. All of the laws that we're talking about today were established between 1932 and 1940: the Banking Act, the Glass-Steagall Act, the Investment Company Act, the Securities Act, the Securities and Exchange Act, Federal Home Loan Bank Act, Federal Home Loan, whatever, the FDIC ACT, all between 1932 and 1940. Well, I have to say that we have nothing economically in the world today that looks like anything like 1932 to 1940. But we're still living under that structure.
Because of that, that structure was bank-centric. It created regulation that was largely focused on banks. And it should have, because banks were 95 percent of the financial services market in 1932 to 1940. Well, fast forward to today, we've got banks being about 35 percent of the financial services market. Banks made only 25 percent of consumer loans last year, 25 percent. Where's the rest? And what turns out is that we've got 100 percent of our prudential regulation focused at 35 percent of the financial services market. That makes no sense whatsoever.
And I think what we've got to start doing is we've got to say, "Look, if you're engaged in an activity that's a financial activity that has an impact on financial stability and the way the system works, you get regulated prudentially. I don't care whether you're a crypto firm or a fintech." When I was still practicing law, every time we were engaged to look at an incursion or a hack of a financial institution, where did it emanate from? It emanated from a third-party service provider, over and over and over again.
And you can see that today. Many of the hacks are because all of these things are outsourced, and you don't have control over those elements. And so I think we really have to start thinking about regulating activities. What does that mean for deposit insurance? Frankly, if you want to buy deposit insurance and be prudentially regulated, I'd give it to you. And you can offer a crypto product with deposit insurance, but you have to submit yourself to the same types of regulatory rigors that all of the regulated financial institutions in this country are. I think then we start going into a more modern and technically adroit regulatory system.
But I would conclude by this. I will freely admit, if we try to regulate technology with the current regulatory structure we have, we will kill innovation. I don't have much doubt about that. We will slow down innovation. We will kill innovation. Maybe that's good. Maybe innovation's gotten too far out in front of us. But the one thing I know is, you can't stop it. You can only channel it. And I keep coming back to a smart regulation of technology, and merging technology and financial services in a way that it really is in the marketplace, and regulating it that way.
Paul N. Watkins: Thank you. Mike, if I can ask a question about your regulatory proposal for federal licensing, what activity do you think needs to be licensed at the federal level? The states right now that are supervising most of the major stablecoins, which are based out of New York, they're supervised by New York DFS, which is a pretty tough regulator. Most of them are required to be backed one-to-one. So that's certainly not unregulated activity.
Most of the major exchanges are supervised as either money transmission, under money transmission license or under SPDI. And then, of course, there's a lot of anti-fraud enforcement already. So saying that we're unregulated, in my opinion, at least, may overstate things a little bit. What do we really need to see licensed at the federal level?
Michael Piwowar: Yeah. That's a good question. I think -- stablecoins. Bert Ely has a question, I guess it was in the chat, rather than in the Q&A, about stablecoins, about how they should be regulated. And I agree with Bert. If you look at these things, what are they doing? They're offering a $1 stable net asset value. And what are they backed with? Well, cash and cash equivalents, and a little bit of other stuff. That's a money market fund, right, by any other means. So that one takes care of that question there.
And then, Paul, to your question, is what sort of incremental regulatory stuff needs to get done. And that's -- Congress has to look at that. What are the states already doing that the federal government needs to do on top of. So, take, for example, insurance regulation. That's done solely at the state level. And that works quite well in the United States. But states have disparate ways of dealing with this. And states are the natural laboratories for this stuff. Some are doing it under money transmitter licenses. Some are coming up with new innovative things like Wyoming has come up with the first Dow LLC. And we'll see how that goes.
So, before actually jumping to actually doing something, look at what we're learning from the states. The fact that we haven't moved so quickly, to Tom's point, maybe there's time to catch up. Maybe there's time to let this innovation go. But the states are the natural laboratories, and we'll see. Some are probably working quite well, and some probably aren't.
Paul N. Watkins: Dawn, if I can direct one of the questions to you, it's about the idea of combining regulatory agencies, so combining two, combining all of them. Since you're the most recent regulator, would this have a tendency to increase the power of a regulator, which, conceivably, under some public choice theories, you increase the authority to regulate, you'll get more regulation? Could there be negative consequences to this?
Dawn Stump: Well, first of all, in fairness to Mike, he and I have had similar conversations offline before, and so I know he has more thoughts than he had time to share today. So I do think he's given this a lot of thought, on what might work and what might not. But for me, and I do think it's relevant to Rebecca's question, what is it that has caused, in current times, what is it that has caused this entire industry who want -- maybe not the entire industry, many of them, to gravitate towards the CFTC. And I think it is insane that any of these folks think that there is a lighter-touch regulation at the CFTC. I heard that all the time.
And I think those who have been waiting for years to get their exchange approved to list crypto assets might now disagree that there's a lighter-touch regulation. I think what is important about the distinction among all of the regulatory agencies is what Congress has told them to do, relative to embracing innovation. And I do worry that if we were to merge the agencies, that would very quickly be lost or overcome by what other statutory requirements and other regulators beyond the CFTC require.
And so what I mean by that is we have a self-certification process at the CFTC. It doesn't mean you walk in one day and say, "I want to self-certify Bitcoin binary options, or a binary option on Bitcoin pricing." You don't get that approved in a matter of days. It takes years. But it is a very engaging process. And, I think, by statute, the CFTC has been pretty good about engaging with innovators to get many things across the finish line. And I do worry that if the CFTC were part of another agency that that culture would be lost. And so, while I recognize and agree that there's a lot of inefficiencies, relative to the current structure, that we could probably do a much better job of.
Mike and I sat through the development of the Dodd-Frank Act, and there were some very nonsensical questions asked during that time about which market regulators should get which piece of the OTC market. Some of it was rooted in logic. Some of it wasn't. But it is unfortunate that we lose efficiency through all of these various tiers. But at the same time I do worry we would potentially lose more innovative cultures if we were to merge all of the agencies. I'm sure Mike has a way to preserve them. I like the culture at the CFTC, Mike. How are we going to hold onto that?
Michael Piwowar: Largely it's personality driven. And we can name names of particular chairs at particular points in time. And it takes over the personality on that. This is another role that Congress can play. Congress has given each agency its mission. The SEC has to protect investors, maintain fair, orderly, and efficient markets, and promote capital formation. Now with the crypto markets coming in, there's no way Congress would have contemplated that when they -- could have created that. So they can explicitly put in there, and encourage responsible innovation, something like that in there.
Now, the agencies can go off the rails, but they ultimately are accountable to Congress. And that's why, as Dawn mentioned, the Dodd-Frank Act. And so the pendulum swung in the other direction. Well, then you have a changeover in the Republicans taking over the house and working with the president. And then you have the JOBS Act, which got the SEC back to its capitol formation mission. So, yeah, regulatory agencies kind of go off the rail, temporarily. But that's the role of Congress, to bring them back in and explicitly have a mission for them to encourage this type of innovation.
Douglas Elliott: Can I add one other thing on all this. Because I've written in a different context about microprudential policy, about how you set this up. Is it better to have one agency, or to have it spread out as multiple? One of the things we haven't touched on is you have it in one agency, that agency will have internal silos, and that agency will doubtless have seven or eight sometimes conflicting objectives. So I'm sure we can find an optimal organizational structure, but many of the problems exhibited by having separate agencies would still exist.
Paul N. Watkins: Do you think — if I can just ask a direct question — so do you think the FCA has done a better job preparing for innovation and preparing for potential crises than the U.S. regulators?
Douglas Elliott: I think the FCA has done better on some aspects, like with fintech. I don't know that they've done better, in general. And, of course, the FCA is the result of the FSA blowing up in the global financial crisis. So I'd be reluctant to give too strong an endorsement to them.
Michael Piwowar: Just to be clear, yeah, FCC, FTC merge, one market regulator, maybe we do the same with prudential regulator; not sure we want all of those. And, to Doug's point, you're right. There are silos within organizations. But at least with a single organization, like with one market regulator, you have one chairman that goes in front of the Banking Committee and House Financial Service Committee that is accountable. If you have multiple regulators, you saw there in the global financial crisis, they all go like this and point at each other. So at least you have one person that's held accountable by Congress.
Thomas Vartanian: Yeah. That blame game has been played, traditionally, by financial regulators for a long, long, time. But I'll make one point. If we merge the CFTC, the SEC, the FDIC, the Federal Reserve Board, and the OCC tomorrow, financial institutions would still have 100 regulators to deal with around the world. So I'm not worried about there being just one regulator, frankly, who's going to corrupt the system. And, it's interesting, when I was General Counsel of the Federal Home Loan Bank Board, which is now long-since gone, but that was the most efficient regulatory system you could have imagined. Because they regulated every thrift in the country.
They regulated the FSLIC, which was the sister to the FDIC; regulated Freddie Mac, because the board of the Federal Home Loan Bank Board was the board of Freddie Mac. And so, when it came to housing and housing finance, it was an enormously effective and efficient regulatory body, in terms of making decisions. And I think that's important. And I think that's important because history tells us that financial regulators have never been prepared for a financial crisis, never. And I think that's a function of resources. I think that's a function of not using technology. Today, I think it's a function of regulatory agencies not using artificial intelligence. Congress should give them the resources to use those kinds of technologies to be out in front, instead of reactive. But the history is that we're always reactive, because we're never predicting.
Paul N. Watkins: Well, thank you all very much. My takeaway is we need a lot more webinars. So many interesting questions to raise and discuss. Thank you all for participating and taking time out of your schedule. It's such a benefit to hear from experts in this space. And, Ryan, I'll turn it back.
Ryan Lacey: Absolutely. Thanks, Paul. On behalf of our audience, I would like to thank our experts for the benefit of their valuable time and expertise today. And I would like to thank our audience for joining us and participating. We welcome listener feedback by email at email@example.com. As always, keep an eye out on our website and your emails for announcements about upcoming webinars, including a webinar on crypto and national security that should be announced and that will be coming out in early June. That will be announced, probably, later this week or early next week. Thank you all for joining us today. We are adjourned.
Dean Reuter: Thank you for listening to this episode of Teleforum, a podcast of The Federalist Society’s practice groups. For more information about The Federalist Society, the practice groups, and to become a Federalist Society member, please visit our website at fedsoc.org.