Watching the FTX congressional hearings last week, there were more discussions about treating cryptocurrencies and digital assets as gambling. The individuals making these statements see gambling only as risky bets and describe it to the industry’s detriment. They lack knowledge of the industry’s business and its highly regulated nature. Though thinking about it, they do have a great idea! Let’s regulate the digital asset industry similarly to how we regulate the gambling industry.
The FTX hearings are a response to the collapse and sudden bankruptcy of FTX and its related companies, along with the effects on what may include millions of Americans. Some may lose lifetime savings, and many individuals and companies are already financially impacted by the bankruptcies. The collapse appears to result from a total lack of controls and compliance, even to basic business standards and oversight. However, “Crypto”, along with the hype and endorsements from celebrities such as Tom Brady, Stephen Curry, and Shaquille O’Neal, plus deals with Major League Baseball and Miami Heat, allowed this to have a much more significant impact on the public.
This article will use “crypto” to describe the entire ecosystem of digital currencies, digital assets, DAOs, NFTsNFT Non-Fungible Token or "NFT" is digital certificates showing ownership of an asset. It is embedded in a blockchain as a token. The asset can be digital or the NFT can point to a real-world, tangible item., Defi, smart contracts, and any financial aspect related to blockchain technology and its industries. The term crypto refers to how the data and assets in a blockchain are protected by cryptology. To debate about what crypto “acts like” and which government entity will regulate it has not led to a solution. We must act and implement oversight from the software code through to the financial transactions. What we can’t do is ignore it, or worse, debate it and not act or only act on the surface.
Over the past several years, the rapid ascent of crypto has made it a common talking point for governments and citizens worldwide. The industry has evolved with trillions of U.S. dollars flowing through it. At one point recently, crypto industries had a combined market cap of over $3 trillion or, to write this out for effect, $3,000,000,000,000. From another perspective, only six countries (US, China, Japan, Germany, UK, India) have a GDP over that amount. No public company has ever reached that amount in market capitalization.
Today, most regulators have treated crypto as a square peg attempting to fit it into their round holes. It is the proverbial hot potato that few regulatory bodies wanted to address. And no government body currently addresses the entire lifecycle of a crypto asset, though, to their credit, several have addressed specific pieces of the crypto ecosystem. Credit is due to these bodies, though they have only regulated a small, single-digit percentage of the market being restricted by legal overreach, funding, geography, or the oversight of their management boards.
This is not going to change overnight. However, public attention has achieved an immediate effect as the public is now aware that the crypto organizations they transact with are not financial organizations like the ones they are used to dealing with. Congress and the agencies they oversee should have been more proactive. Their lack of action has left it to other agencies to deal with the industry fallout, including unemployment agencies, welfare agencies, bankruptcy courts, and a host of others into whose lap this is all falling. And ultimately, this is a taxpayer issue as that is who pays to clean up, support recovery, and deal with individuals involved.
Regulate by Example – Look to the Gaming Industry
Implementing regulation with structure and controls is expected after adverse industry events. The FTX collapse is currently the subject of many congressional meetings, political commentators, social media, and coffee shop conversations. The financial, energy, insurance, and many other industries have gone through industry-changing events, and the public is better off for it. We expect our elected officials to be both proactive and reactive with an expectation of consistent progress and unbiased learning. To that end, let’s explore what we have learned in regulating the gambling industry, or as the industry is known, the gaming industry.
The gaming industry regulation focuses on providing a fair and honest system for patrons to enjoy themselves. However, one must maintain a perspective that it is over a trillion-dollar business ecosystem and needs regulations for Anti-Money Laundering (AML), Counter-Terrorist Financing (CTF), and other monetary restrictions. In gaming, there are numerous consumer protections as well. The industry affects the global economic community, from the game and real estate developers to the casino operators and governmental regulatory community. And like crypto, it can provide multiple public benefits, though nefarious individuals and bad actors have also used gaming to launder money for criminals and terrorists.
With global impact and to ensure full legal compliance, gaming regulatory bodies have become accustomed to working with other regulatory and enforcement bodies. These include the USDOJ, FinCEN, IRS, FBI, SEC, FTC, Central Banks, federal and state police, and many more. Though politics does influence these relationships, they work for the public benefit most of the time.
In crypto, the blockchains and software need to be reviewed and documented consistently by a regulatory body, akin to FDA testing requiring labels and disclosures. At its core, crypto is a software industry, and that software needs review, in addition to the people and businesses involved in the industry. This technology element needs to be addressed as most legislators and regulatory bodies understand financial aspects yet need a more technical understanding of the crypto ecosystem. A holistic approach is required to regulate the crypto industry, which is where the analogy to the regulated gaming industry is made.
A review of the regulated gaming industry has several components. Components cover the people involved, the systems used, and the business operations. There is licensing, certification, auditing, and enforcement with each of these. This structure is replicated in hundreds of jurisdictions worldwide, though with much overlap and support from other jurisdictions.
Licensing: Everyone needs a license, including the casino owners, employees, software suppliers, and service providers who interface with the casino business. No unlicensed entity or person can be involved in casino operations. Should you want a glimpse into this licensing, do an internet search for “Multi Jurisdictional Personal History Disclosure Form” to see what basic information is required to submit for a key license in the gaming industry. If you are following the FTX story, FTX CEO Sam Bankman-Fried complained that he couldn’t get a similar form completed by Changpeng Zhao, the CEO of Binance and an investor in FTX.
Certifications: Most every piece of software and hardware used in casino gaming must be certified for use in gaming. Where the individual piece is not reviewed, the outcome produced is evaluated. Certification is completed by either the gaming regulator or independent labs, which are licensed and certified by the gaming regulator. Elements of individual games, including pay tables and the game’s expected value, must be certified, documented, and available to the player. Asymmetry of information is not allowed.
Auditing: Auditing and monitoring operations is an ongoing and, in some cases, a real-time effort of each gaming regulatory body. As part of their licensing and certification, each operator must submit to auditing by the regulatory body. Adherence to internal controls and financial standards and operating only with licensed businesses, individuals, and certified software will be part of the ongoing audit of the business.
Enforcement: Should a business not be licensed or found during an audit to be operating outside of what it has been licensed for, the regulatory body or its proxy can apply due process to force correction or shut down the offending business. Depending on the extent of the violation, it is possible to immediately shut down a business pending adjudication of the issue.
Three of the four components listed above are familiar to most other regulatory bodies. It is the software certification that most do not cover. Other components in gaming also go beyond what some other regulatory bodies perform.
Most gaming and financial organizations operate with custom, or at least highly customized, software. We trust that when the banking application shows $100 in the account, the bank has $100 in assets for that account. We trust that the credit card company charges interest on our outstanding balance; it is calculated correctly. There is much trust in the financial industry, even though this industry makes mistakes. An Internet search for class action suits filed for incorrect charges and fees produces pages of results showing these mistakes.
In gaming, this type of work gets tested and certified before the public needs to trust it. Testing and certification do affect innovation and progress, though there is no lack of innovation in the regulated gaming industry. The industry even pays its own regulation costs in testing and certification fees. New games and operational software come out every month. The industry matures and learns to work with compliance.
The crypto industry is the Wild West during Gold Rush times. It is the Internet at the time when porn and sports dominated the traffic. It is still in its infancy. However, there are some pieces that people know well. It has been widely publicized that bitcoin is mathematically limited to 21 million coins that can ever exist and that a mining process ensures decentralization and compliance. Many assumed that other digital assets, currencies, or coins are the same, though a quick review of some other digital assets reveals there is no limit to what the creator can create, or already has created, for themselves. Some public buyers don’t know that a creator, or a single person, controls the type of digital asset they purchase on an exchange.
Even worse, some coins or tokens were publicly created as comedy. Coins named after dogs or other fictional characters were never intended to be financial instruments or investments. Yet exchanges and others saw a means to make money and promoted these on the same level as more structured crypto assets. Blame assessed on the exchanges is appropriate, yet when their business is exchanging one asset for another, it is difficult to blame them for promoting their business. They were given limited instruction, regulation, or oversight regarding operating their exchanges. The square peg fit into some round holes, and the space around it left lots of room for interpretation and lack of compliance.
The Crypto ecosystem is more than security exchanging, commodity trading, or the sale of property. Treating symptoms at the retail level, such as high-level exchanges, without addressing the fundamental structure and execution of the underlying software will not achieve long-term results. It is treating the headache without discovering and treating the source of the infection.
Two US Congressional Bills have been introduced attempting to address regulation. Senate Bill 4356 “Lummis-Gillibrand Responsible Financial Innovation Act” proposes some proactive changes toward crypto and its technology. It includes a change to Title 31 consumer protection to agree on a version of the source code. The customer still has no visibility as to whether the code actually does what it claims to. The source code or the resulting product should go through an independent or regulatory review. The Bill also includes an Innovation Laboratory at FinCEN, focusing on studying financial technology and making recommendations. Though it is not focused on public disclosure and protection, this also could be a good start for at least the regulatory bodies to begin to understand and educate congress on the technologies.
Other countries are working on regulations, though only looking at the public-facing transactional level or traditional business finance regulations. For example, the EU has its Markets in Crypto Assets (MiCA) proposal along with progress in the U.K., Japan, Singapore, and other countries. What I have seen proposed is a start. The world is focused on this now and we should make it the best we can with combined experience from all industries and knowledge.
Blockchains and the software around them, including the exchanges that work with the assets associated with the blockchains, need review, auditing, certification, and public documentation. Few blockchains have gone through public or academic review, and for many, the information is not published or made available for review. Legislatures and governing bodies need to include this in implementing any laws or rules for compliance. The public needs to know that they are dealing with an industry that is fair and honest, especially an industry that is de facto changing the world and optimistically is creating technologies that will change the world for the better.
Mark Munger is a technology consultant with experience working for gaming regulators, operators, and game developers. He has worked in multiple international jurisdictions with land-based casinos and online gaming, including working with testing labs on software certifications.