In Italy, the mix of anti-money laundering regulations has an impact on cryptocurrencies. Moreover, recent changes to privacy legislation (which have considerably reduced the guarantees for citizens and taxpayers in cases of collection and processing of personal data by a public administration) lead to a clear disproportion between means, ends, and goods sacrificed.
Cryptocurrency exchanges and anti-money laundering obligations
The number of persons subject to anti-money laundering obligations is growing by leaps and bounds: not only banks and financial intermediaries, but also notaries, lawyers, accountants, auditors, and figures such as antique dealers, art dealers, real estate brokers, civil brokers, debt collection agencies, etc., who carry out activities that have nothing to do with finance. Now, even virtual currency exchanges, and in general all platforms that provide digital services, are subject to anti-money laundering obligations as a result of the Dac 6 and Dac 7 directives.
These obligations range from customer due diligence (the famous KYC, Know Your Customer), the retention of data and documents, and the obligation to report suspicious transactions to supervisory bodies, to refrain from carrying out certain transactions, and so on. A very wide range in which each violation implies very high fines.
In addition, for categories such as lawyers and accountants, who are normally bound to professional secrecy, the boundary separating the opposing obligations of confidentiality and communication or reporting is not at all clear. And if a client cannot fully rely on confidentiality in the professional relationship (where it is assumed that he is obliged to report suspicious transactions), it is clear that this may lead to an infringement of the right of defence.
All this pressure, which in the beginning essentially targeted the use of cash, is now also increasingly affecting cryptocurrency activities and transactions.
However, when one tries to target all forms of anonymous wealth transfer in the name of the fight against the financing of illegal or criminal activities, with such a degree of intensity as to suggest that the ultimate goal is the radical abolition of all forms of payment in cash or by non-traceable means, regardless of the amount, one risks inflicting a major blow to disintermediation.
“Killing” disintermediation, however, does not only bring great benefits to all those who make their living from intermediation. It also generates a series of dangerous side effects.
First of all, in a world where people cannot even pay for a coffee in cash (and neither in cryptocurrencies), if I necessarily have to go through an intermediary, the latter will be able to know not only how much I paid, but also where and when I drank my coffee. This, of course, also applies to payments related to activities of a more exquisitely personal nature, for which privacy is much more relevant. For example, in the case of a payment for health services, perhaps for sexuality-related issues. Or a donation to a political or religious organization or an organization that supports a certain sexual orientation. Or, more trivially, payment for adult entertainment services, such as renting an X-rated film from a pay-TV station, which may reveal one’s sexual preferences, and so forth.
If everything is ineluctably traced, without any alternative, everything will pass through an intermediary who, by handling the transactions, will have at his disposal a quantity of information of an exquisitely personal nature, which goes far beyond the strictly financial aspects.
If the authorities are then able to access the data without any particular obstacles and without the citizen being able to exercise any form of control or objection, these authorities could in theory abuse their powers and analyse this data for purposes that are anything but legitimate. For instance, for purposes of political control.
There is also a second problem, which goes beyond the question of anonymity, but concerns more the imbalance of bargaining power. If one were to prohibit any possibility of transferring money in a disintermediated form, or if one were to make it exaggeratedly burdensome, one would be handing over an enormous amount of power to a small number of authorized intermediaries: the power to allow or prevent certain transactions on the basis of questionable criteria. These criteria are at least as debatable and questionable as many of the anomaly indicators of transactions. In other words, an arbitrary situation would arise.
In reality, this is already happening to some extent today: the operators of many payment platforms impose what are known as AUPs (acceptable use policies) on users, which are changed unilaterally at will, and are made known to users by simple changes to the website. This leads overnight to the refusal of charges and credits on services and products that are often fully legitimate and legal. These include, you guessed it, the purchase of cryptocurrencies from trading platforms. This is in defiance of European rules that put exchanges on an equal footing with financial intermediaries in terms of authorization and supervision requirements.
The need to balance data collection
The fact remains that the lever of anti-money laundering purposes, to eliminate or marginalize any form of disintermediated transaction, thus entails the forced channelling into an oligopolistic system of centralized intermediaries of a vast amount of personal data, with an excessively deep level of detail, that payment transactions bring with them.
This should lead to the introduction of a balancing mechanism in which the collection of and access to data by those exercising public powers is subject to strict rules and limitations.
In Italy, the trend is in the opposite direction: notwithstanding the European framework of principles of the GDPR, with the so-called “decreto capienze ” (i.e. DL 139/21), an important bulwark for the protection of citizens has in fact been dismantled, because the Privacy Guarantor has been deprived of the power to impose on public administrations specific measures to protect data subjects, while the threshold of the obligations normally imposed on those who collect and process personal data has been reduced.
However, this systematic opposition to disintermediation techniques in payment transactions does not bode well. History teaches us that excessive concentration of power, whether in the hands of private individuals or public authorities, never leads to anything good. Especially if it lacks the counterbalance of effective independent control mechanisms.