July 7, 2020
FATF Impressed by Progress | What’s Driving CBDCs? | Balancer DeFi Hack | Singapore Cracks Down on Crypto
- FATF‘s New Virtual Asset Initiatives and Outcomes from Plenary
- Recent CDBC Developments ‘Not a Reaction’ to Libra, Says BIS
- $500K Stolen in Complex Hack from DeFi Platform Balancer
- Singapore Enforces New Cryptocurrency Regulations
Outcomes of FATF Virtual Plenary and New Objectives Under German Presidency
The FATF convened virtually on June 24, 2020, to discuss, among other things, the twelve-month review of progress towards implementing regulations for virtual asset service providers. The report found that both the public and private sectors have made significant progress in implementing the revised FATF Standards, particularly around the Travel Rule for VASPs. While the FATF decided amending its Standards on virtual assets and VASPs was not necessary at this time, it highlighted the need for providing VASPs with further guidance. The global anti-money laundering watchdog plans to undertake a second 12-month review by June 2021 before considering whether further updates to the FATF Standards are necessary.
The full report on VASP standards was released on July 7 and a publication of red flag indicators and case studies is expected by October 2021.
FATF Plenary Outcomes:
https://www.fatf-gafi.org/publications/fatfgeneral/documents/outcomes-fatf-plenary-june-2020.html
12 Month Review of Revised FATF Standards – Virtual Assets and VASPs:
This meeting was the third and final under the presidency of Xiangmin Liu of China. The organization will next be led by Germany’s Marcus Pleyer. Germany laid out five focus areas for their Presidency:
- Digital Transformation of AML/CFT
- Financing of ethnically or racially motivated terrorism
- Money laundering and migrant smuggling
- Environmental crime
- Illicit arms trafficking
Under the German Presidency, the FATF will continue to build on the virtual asset standards that have already been introduced. Part of Germany’s plan for the digital transformation of AML/CFT is to launch an initiative to monitor virtual asset risks.
Objectives for the FATF during the German Presidency (2020-2022):
http://www.fatf-gafi.org/publications/fatfgeneral/documents/objectives-2020-2022.html
Central Banks Reject Popular Narrative Regarding CBDC Issuance Motives
On June 24, the Bank for International Settlements (BIS) released a statement in which they rejected the supposition that private-sector stablecoin proposals—such as Libra—have spurred the issuance of central bank digital currencies (CBDCs).
BIS explained the newfound interest in CBDCs as a realization that digital currencies present a vessel through which they can shape the future of payments. The report states, “CBDC issuance is not so much a reaction to cryptocurrencies and private sector ‘stablecoin’ proposals, but rather a focused technological effort by central banks to pursue several public policy objectives at once.”
Why It Matters: The report provides an alternative explanation to the sudden increase in CBDC tests, hirings, and studies that have occurred in the past year. Regardless of the reasons behind the boom in CBDC interest, the BIS made it clear that digital currencies are likely transformative, and that “CBDCs have the potential to be the next step in the evolution of money.”
Read more in CoinDesk:
https://www.coindesk.com/cbdc-issuance-is-not-a-reaction-to-libra-says-central-bank-body
DeFi Hackers Use Complex Attack to Steal $500,000 From Balancer
On June 29, Balancer, a Decentralized Finance (DeFi) liquidity providing platform, was hacked for $500k in crypto. Following several reports online, Balancer confirmed that an incident occurred that affected two pools containing transfer fees, known as deflationary tokens.
Their report described how the attackers took a flash loan in Ethereum (ETH) from the non-custodial exchange dYdX, converted those ETH into WETH (Wrapped Ethereum), executed a subsequent trade for STA tokens, and finally drained the STA balance from the pool. According to the platform, once the balance of the pool approached zero, “its price relative to the other tokens [was] extremely high and the attacker [used] STA to swap for other assets in the pool extremely cheaply.”
CryptoNews pointed out that this attack bears similarity to others that happened earlier this year. Back in February, tokenized margin trading and lending platform bZx suffered two attacks, which were defined not as oracle attacks, but “a clever arbitrage execution.”
Why It Matters: This attack is unfortunately just one in a line of many blows to the DeFi industry. In February, hackers also targeted a known vulnerability in the callback mechanism of ERC777, which allowed hackers to hijack a transaction and sell the same batch of tokens multiple times. These instances highlight the need for enhanced security mechanisms and audits to catch attacks early and, ideally, prevent them altogether.
Read more in CryptoNews:
https://cryptonews.com/news/defi-attackers-get-more-creative-steal-usd-500-000-from-bala-6965.htm
Singaporean Authorities Charge Woman in Unlicensed Bitcoin Purchase
On June 23, Singapore authorities charged a young woman with breaking the city-state’s ban on unlicensed bitcoin sales. The woman, a Singaporean national identified by the Straits Times as Lange Vivian, allegedly purchased $2,400 in bitcoin in late February 2020 using funds from the proceeds of an online scam.
This appears to be the first time Singapore has enforced the Payment Services Act of 2019. Under this updated cryptocurrency regulation, all so-called “Digital Payment Token” (DPT) service providers must receive licensure from the state.
Singaporean Police said Lange did not have a license or licensure exemption. She faces a maximum penalty of S$125,000 (roughly $88,000 in US currency) in fines and three years’ imprisonment for violating the Payment Services Act, according to a press release from the Singapore Police. Despite the relatively small amount of bitcoin purchased, the punishment seems severe. This is in tune with the policing attitudes of Singapore, known for its strict laws even for “gum smuggling,” which carries the penalty of one year in jail and $5,500 fine.
Why It Matters: Singapore demonstrates how illicit finance using cryptocurrencies can be curtailed by requiring all cryptocurrency companies acting as money service businesses to register as such. Without the registration requirements, enforcement has no impetus to act against criminality.
Read more in Coindesk: https://www.coindesk.com/singapore-enforces-payment-services-act-2019