Risk Managers Getting Coffee: Episode 1

Season 1, Episode 1: Alexander Larsen meets with Gregory Irgin in the UAE to share experiences and insights

In this series of Risk Managers Getting Coffee, we’ll be meeting with seven Risk Managers to gain insight into their risk experiences, areas of expertise and to learn more about risk management in the country they work in.

In this first episode, Alexander Larsen met Gregory Irgin in the UAE. Gregory influences and drives integrated risk management – enterprise risk management, insurance, resilience (business continuity management and crisis security management) – resulting in shareholder protection and return on investment. He has worked across the Middle East and Africa and has exciting stories to share around geopolitical risks.

Introduction: Gregory is Head of Group ERM and Insurance within the aluminium and smelting sector in Dubai and Abu Dhabi, producing and selling aluminium in its 100% form. His customers are all over the world including big companies such as BMW. A mine coming online in Guinea and sales offices are based in America, Europe and China.

Episodes will be released every few weeks here on the Risk Guide website and via our LinkedIn (https://www.linkedin.com/company/risk-guide) and YouTube pages (https://www.youtube.com/c/riskguide).

Episode 1 Overview:

2:36 How did you get into Risk? Gregory originally trained as a lawyer in England, worked in New York until 9/11. Following this he worked in the UK in insurance construction claims and contracts. He has always been an advocate of ethical leadership. Worked all over the world in places such as Jordan, Iraq, Syria and Afghanistan. He discusses headlines v reality, understanding whats really going on in the country and once you know there’s no going back.

3:47 Geopolitics: Africa & Latin America: Working in London, Gregory was travelling to Africa and Latin America. Previously had a trip to Guinea to meet a Government representative and while boarding the plane, received a call saying the person he was due to meet had just been shot. Looking at it now, the stability in Guinea has changed a lot over 10 years.

4:38 People Risk: Nationalisation & Recruitment: Alexander and Gregory discuss bringing on board nationals to be involved and trained early in a project. They want to feel valued, rather than just expats on site. Bringing nationals in early so they are mentored and embedded within the team before expats leave. There will be an issue with Brexit as skilled workers may be leaving.

6:28 What makes a good risk manager, soft skill set vs quantitative and technical knowledge. Gregory is pro soft skills and breadth in risk management. It is essential to step back and review the situation, communication is key. A Risk Manager can draw on technical experts in any industry and don’t need to be quant heavy. They need to analyse information and interpret this to the top level management. Ultimately need a balance around the table to extract the right information from the right people and experts in the company.

9:03 People Bias- How do we engage people? The fundamentals to any organisation are the people. There is a duty of care to lead with ethics, manage people well and drive behaviour. However how can we do that? Each department has own agenda, KPIs arise as tick-boxes and everyone should all be working towards same goals. Alexander had previously worked with a national park senior management team in the UK. Some directors hadn’t ever seen company objectives and some didn’t agree with them. The CEO had just put them together and assumed they would be backed by the rest of the board. How can the whole organisation work together if the CEO and board management aren’t even aligned?

We hope you find this interview useful and informative!

Coffee and Crypto YouTube channel added to Risk Guide

By Alexander Larsen

Risk Guide is delighted to add a new channel to our RiskGuide YouTube page. Cryptocurrencies are really beginning to hit the mainstream with even major companies beginning to put their reserves into bitcoin rather than holding FIAT currency. If you’re interested in learning about cryptocurrencies and Bitcoin, or interested in certain coins or use-cases or even to understand where the market stands, then visit the Coffee and Crypto YouTube channel: https://www.youtube.com/channel/UCi3gwY5gEanoN1P0nyI1rGw

About Coffee and Crypto

Coffee and Crypto was started when a group of friends who are excited about cryptocurrency but geographically dispersed decided to connect virtually over coffee (timezones meant drinking beer in the morning for some was a no-no) to discuss all things crypto. Our discussions are centered around knowledge sharing and demonstration of tools and techniques.

After a few of a sessions, it was felt that the content being shared was of sufficient quality that it may benefit the wider crypto community and so we created this channel. Hopefully you find some of what we share of interest.

DISCLAIMER: No part of this channel constitutes investment advice. The analysis is presented for information only. It is important that all the risks associated with investing in cryptocurrency are fully understood before undertaking such an investment. Use of or reliance on this data is purely at the users own risk.

IRM Risk Predictions 2021- Cryptocurrency

Alexander Larsen provided insight into cryptocurrency for the latest IRM Risk Predictions 2021 report. The article looks into the value of Bitcoin over the last year and the rise of other cryptocurrencies. You can see the full IRM Risk Predictions 2021 report via the following link:

Bitcoin boom 10x

2021 will be the time for Bitcoin to shine. For years the argument for Bitcoin has always been that it has been a store of value and protection against irresponsible monetary policy. Countermeasure against inflation. This pandemic has only further proven what Bitcoin supporters have been saying. That the money machine keeps on printing. It has piqued the interest of wealthy investors and major companies alike. Microstrategy has already invested the majority of their reserves out of USD into Bitcoin. To be clear… this now values at 1.6 billion USD!

2021 will see more companies follow this strategy. Once budgets are finalized, tax is paid, and investments are to be made, we can expect to see a huge jump in price over the coming year. It has already jumped from the 10,000 marks to the mid 30,000s, and many are predicting a price in the region of anywhere from 100,000 USD – 500,000 USD. This is coming from “reputable” institutions such as JP Morgan, Deutsche Bank and others, although it is also important to remember that these are the same institutions that were very clear in their statements that Bitcoin was a scam only three years ago.

Altcoin boom 100x

With the rise of Bitcoin, however will also be the rise of altcoins. The altcoins that still have life left in them, and this is where the major gains will be found. Most coins are still down 60-90% from all-time highs whilst some of the more established coins have reached their all-time highs again. As Bitcoin increases and slowly stabilises, much of the money will trickle down to these altcoins which will experience phenomenal growth of 1000% and more.

This will of course, lead to another crash/bubble burst with altcoins expected to crash as spectacularly as they rose. However, Bitcoin will unlikely see such radical falls.

The rise of Defi & Stable Coins

Unlike the previous altcoin boom of 2017, where Initial Coin Offerings (ICO’s) drove growth, this Altcoin cycle will be riding off wave of decentralized finance. If ICO’s were the theme of the 2017 cycle, Defi is the main theme for this one. Defi is an experimental form of finance which utilizes smart contracts on blockchains. Defi platforms allow people to lend or borrow funds from others, insure against risks, trade and speculate as well as earn interest in a savings-like account. It does away with the usual financial intermediaries such as brokerages, exchanges, or banks.

Last year we predicted the rise of Stable coins, and whilst it wasn’t necessarily visible, it seems that country governments globally have been taking notice and making preparations. An article by the International Monetary Fund highlighting this rise was published at the end of 2020 and can be found here: https://blogs.imf.org/2019/09/19/digital-currencies-the-rise-of-stablecoins/

As an example, regulators in the USA have accepted the use of stable coins by banks, whilst numerous banks and countries globally are working on their own stable coins.

2021 could see the introduction of an official country stable coin or country approved stable coin (such as Facebook’s Libra). At the very least, a white paper will be published.

Risk Managers Getting Coffee

Meeting and Sharing experiences (and coffee) with Risk Managers across the world, with Alexander Larsen.

We are proud to announce the first season of “Risk Managers Getting Coffee”. In Season 1 of Risk Managers Getting Coffee, we’ll be meeting with seven Risk Managers to gain insight into their risk experiences, areas of expertise and to learn more about risk management in the country they work in.

At a time where risk and resilience has never been more important, Our guests share risk management expertise, opinions and thoughts on the future.

Trailer- Risk Managers Getting Coffee

Episodes will be released every few weeks here on the Risk Guide website and via our LinkedIn and YouTube pages.

Season 1 Participants:

Gregory Irgin – UAE – Gregory influences and drives integrated risk management – enterprise risk management, insurance, resilience (business continuity management and crisis security management) – resulting in shareholder protection and return on investment. He has worked across the Middle East and Africa and has exciting stories to share around geopolitical risks.

Episode released on 23-Mar-21, found here https://riskguide.wordpress.com/2021/03/23/risk-managers-getting-coffee-episode-1/

Dr Maria Papadaki – UAE – Years of experience in Risk Management from both Academia and Industry, with numerous of years in the implementation, development, improvement and management of risk frameworks, tools and techniques. Involved in Blockchain technology and other innovative technologies.

Peter Smith – UAE – Peter has over 13 years of experience leading teams of advisory professionals and implementing innovative initiatives in Project Controls Solutions and Risk Management across sectors including Oil & Gas, Rail, Infrastructure and Construction in countries like the UK, UAE and Iraq

Horst Simon – Namibia – A veteran in banking operations management, mergers, take-overs and implementation projects; who is now at the forefront of the Future of Risk Management with Risk Management Concepts and Risk Culture Building programs that disrupt and transform organisations to build sustainable competitive advantage.

Mykhailo Rushkovskyi – Ukraine – Has Held several high level risk positions in Energy companies across Ukraine and is a strong advocate for improving risk culture and reporting in his companies.

Aarn Wennekers – Qatar – Extensive international experience supporting Board Chairmen and Directors to promote good governance and enhance oversight of the executive management team to ensure the organization achieves its strategic, operational, reporting, and compliance objectives.

Paul Edge – Portugal – Based in Portugal, Paul is a Risk Manager with years of experience working with Quantitative Risk methods and has been involved in the blockchain space for a while. He has also established a cryptocurrency StatiCoin, a stable coin solution for traders looking for safe investment and merchants looking for a non-volatile digital currency.

We are sure you will enjoy these interviews with these excellent risk professionals!

Small Countries Compete for Crypto as Major Regulators Mull Crackdown

Originally Published on CryptoNews, April 08, 2018 and written By Emily Perryman

Smaller countries are taking advantage of the widespread crackdown on cryptocurrency exchanges by ushering in liberal legislation that aims to entice investors to their shores.

It comes after major governments around the world introduced strict crypto regulation and, in some cases, completely banned Initial Coin Offerings (ICOs) following a series of high-profile scams.

It was recently revealed that Binance, the world’s largest cryptocurrency exchange by traded value, is planning to open an office in Malta. The company had an office in Japan and tried to get a license to operate there, but decided to move to the European island to avoid a clash with local regulators.

Meanwhile, South Korea has put the brakes on its anti-crypto drive after regulations banning ICOs and trading for youths and foreign passport holders sparked a backlash against the government.

Emergence of ICO hubs

For smaller countries, there is a lot to gain from positioning themselves as the ICO hub of choice.

Alexander Larsen, president, Europe & Middle East at Baldwin Risk Services, an enterprise risk management firm, told Cryptonews.com that several small countries are actively looking at how to attract ICOs. They include Malta, Slovenia, Estonia and Switzerland.

 

Switzerland, for example, published guidelines earlier this year that aim to assist ICOs in navigating its “principles-based” regulatory framework. The country was home to the record-breaking USD 232 million Tezos ICO last year.

Other countries are encouraging investors by deciding not to tax income from cryptocurrencies. They include Germany, Denmark, Singapore, Belarus and Slovenia.

“I think countries who have a tech hub that doesn’t embrace ICOs will be questioning whether their tech will start lagging behind other, ICO-driven countries,” Larsen said. “In particular, I think all those countries who thrive on banking and their offshore status will be trying to attract ICOs because there’s no doubt ICOs will provide a real financial gain for the country.”

Avoiding the Wild West

Just because a country has extensive regulation, it doesn’t necessarily mean it won’t attract ICOs. Larsen pointed out that a country with no regulation could easily legislate the following year, thus hampering the ICO’s plans.

“As long as it’s positive regulation that is robust and ICO friendly, with the right investor protections in place, that’s a positive thing,” he added.

Nenad Gregec, compliance officer at Etherum-based investment platform ICONOMI, which is registered in Malta, said his company leans towards countries where regulation exists but is not too strict.

Gregec suggested that countries in Europe who lost out to Silicon Valley in the tech boom want to be early adopters of crypto so they don’t miss out again.

He added: “I expect more countries will follow Malta and Switzerland in setting up a legal framework. There might be competition, but eventually we will see harmonization. The European Union has a very good track record of harmonizing regulation in the financial sector.”
Waiting for the G20

It is likely regulation will continue to be fragmented until the G20 nations make a definitive decision on crypto and how to move forward.
David Coker, lecturer in accounting, finance and governance at Westminster Business School, told Cryptonews.com, that the G20 has been “bumbling around” and still lacks a cogent view on the future of crypto.

He added: “If ICO regulation is light-touch that would give crypto investing a degree of legitimacy. But if it goes down the US route, which treats crypto platforms like a security requiring authorization, ICOs wouldn’t be happy because they are very fast-moving and don’t want the additional costs.”

For now, the future regulatory environment is uncertain, but one thing is for sure – smaller countries with a lot to gain will be keeping a close eye on the developments to ensure they stay ahead of the competition.

Managing the risk of regulation: How Self-Regulation could reinvigorate the Cryptocurrency boom

Background

It is often claimed that external risks such as major regulation are impossible to manage, and certainly in an industry that is mostly unregulated such as the cryptocurrency space, the claim could be even more justified. This article hopes to prove otherwise however, with some examples of how the cryptocurrency space is already adapting and trying to reduce the impact of regulation through self-regulation and ideas of what self-regulation might look like.

Calls for regulation & the G20 summit

The cryptocurrency space has been fraught with cases of fraud and scams and with it being such a new industry with little in the way of regulation, it has been an ongoing focus of governments. This focus has only increased in recent months due to the number of high profile incidents. Following the theft of $500 million of digital money from the Coincheck exchange earlier this year, Japan’s financial regulator ordered all cryptocurrency exchanges to submit a report on their system risk management in relation to managing their customer assets and measures to counter cyberattacks.

The incident, and subsequent action from the regulators added to the ongoing pressures to introduce regulation into the cryptocurrency space and has been one of the contributing factors to the fear, uncertainty and doubt that has seen a cryptocurrency crash and an ongoing bear market with prices having fallen over 70% from all-time highs set in December 2017 and January 2018.

The uncertainty surrounding regulation also makes it very difficult for companies in the space to properly plan or remain innovative until there is more clarity over what regulation will look like. Some of the technology being developed for example may fall foul of future regulation whilst certain countries may prohibit investing in certain types of cryptocurrency.

The discussions around Cryptocurrency regulations have been as far reaching as the G20 Summit in Argentina (March 19^th2018). The G20 has rejected calls for regulation which has alleviated some of the fears of any major regulation being implemented any time soon, but it still leaves the uncertainty of future regulation or country specific regulation being put in place. This positive news is therefore the ideal time for the industry to take action and ensure this delay of regulation becomes permanent.

Response in Japan, UK, South Korea and USA

Japan

In a proactive move, and perhaps to avoid heavy regulation, The Japan Blockchain Association (JBA) and the Japan Cryptocurrency Business Association are expected to merge to create a new self-regulatory organization to strengthen self-regulation and if approved, could act as an independent regulatory body of the government. It’s interesting to note that JBA has already set an example for the industry, having established self-regulation standards which includes the use of cold wallets amongst its 15 crypto exchange members although it has become clear that this was not enough.

UK

In the UK, according to the Financial Times, and in what seems to be a move inspired by Japan, “seven cryptocurrency companies have set up the UK’s first crypto trade association in a bid to inject more legitimacy and transparency into the sector while authorities weigh up a potential clamp-down.” The association in question is CryptoUK which has been put in place “to improve industry standards and engage policymakers”.

South Korea

In South Korea, 66 members have signed up to the Korean Blockchain Association (KBA) including 25 of the biggest crypto exchanges with a view toself-regulate.  KBA is said to be looking closely at how the Japanese approach develops.

USA

Perhaps the biggest news however, is that of the Winklevoss twins’ intention to create the Virtual Commodity Association, a self-regulatory organisation meant to police digital-currency markets and custodians in the USA. The high-profile brothers, who run the Gemini exchange, aim to develop industry standards, promote transparency and work with regulators including the U.S. Commodity Futures Trading Commission to prevent fraud.

These responses should be seen by investors and the cryptocurrency space as a whole, as very positive. In fact, it would do the industry good to focus more on using self-regulation as a way to reduce the risks of regulation if it wants the market to recover and innovation to continue.

What is self-regulation

Self-regulation, in the majority of cases, is when regulatory authority which usually creates regulation, enforces it and punishes any behaviour that is in breach of the regulation, is delegated to a private entity or body. In some cases, self-regulatory bodies may only create and enforce the regulation whilst passing the responsibility of punishment on to a formal regulatory authority instead.

The body will usually be membership based requiring its members to sign up to the self-regulatory requirements and punishments and in many cases, members will police each other. Some bodies will have statutory backing whilst others won’t and it very much depends on the motivations for self-regulation. For the cryptocurrency space however, which is seeking to keep heavy regulation at bay, it is crucial that any self-regulatory body will need to have statutory backing and close ties to government regulators.

Benefits of Self-Regulation

Having a self-regulatory body for the cryptocurrency space has a number of benefits to the industry.

Combatting heavy regulation

One of the key benefits is demonstrating that the industry is being proactive and responsible towards protecting investors, preventing fraud, protecting against cyber-attacks and stamping out scams. This could be enough to appease regulators enough to delay or stop the introduction of heavy regulation. This assumes that the self-regulation goes far enough and is proving to be effective.

By removing the threat of heavy regulation and replacing it with self-regulation, a high level of uncertainty is removed bringing back confidence in the market and organisations can plan effectively with a renewed focus on innovation.

Fit for purpose and industry specific

With the industry driving self-regulation, it will ensure that it is not only fit for purpose, allowing innovation in the space to continue, but also adaptable and able to evolve according to need or market changes. Additionally, rather than a one size fits all approach, separate and specific regulations could be developed for different types of cryptocurrencies such as privacy coins, smart contracts and settlement networks amongst others. The following graph provides an example of how cryptocurrencies may be differentiated although this could be split even further.

 

A global solution

Self-regulation also combats one of the drawback of every country potentially having different regulation, which makes it increasingly difficult for companies to operate on a global scale. Self-regulatory bodies have more opportunity to collaborate with each other and introduce global regulations that are consistent and meet the needs of investors and cryptocurrency companies.

Beneficial to Government

Self-regulation can often be useful for governments too. It is not only faster to implement, but the burden of costs falls on the industry rather than the government. This is a major selling point of self-regulation and as long as the government are involved and are kept informed, they may be happy to leave it in the hands of self-regulatory bodies.

Influence

Another aspect that should be considered as being highly desirable to the industry is that it allows them to lobby, interact with and educate regulators and legislators. This can ensure that any future regulation that is introduced is not detrimental to the industry and is developed in conjunction with businesses in the space.

Effective self-regulation:

Whilst the benefits of self-regulation are clear, the regulatory body in place needs to be strong, fit for purpose and effective. Some key areas for consideration by newly formed self-regulatory bodies are covered below.

Government support and backed by law

In order to remove the introduction of government regulation, the industry needs to ensure that the self-regulatory body is backed by law and has a government regulatory partner. A positive relationship needs to be built with them in order to have successful self-regulation. Unfortunately, there is a widely held view within the cryptocurrency space that the government and banks are enemies of cryptocurrency and are looking for every opportunity to shut the industry down. This view needs to change if self-regulation is going to work and if they want the industry to flourish.

Industry support

Another critical success factor will be industry support and involvement in the creation of regulation. This helps the buy-in process and also ensures well thought out and extensive regulations are put in place that have been agreed by all members. The more participation the better as self-regulation can have little effect if companies are not involved.

Accountability

With self-regulation, members need to be prepared to accept that there will be penalties and sanctions for non-compliance. Therefore, a strong accountability program should be implemented and committed to in writing by members with annual certified compliance submissions. It should focus on sound financial and non-financial practices with oversight and transparency and members should expect for information to be shared with government regulators as appropriate.

Detection

A key challenge with self-regulation is that of detection. There needs to be a system in place for detection from audits and reviews to incentivised Incentivize the detection and deterrence of manipulative and fraudulent acts and practices, including partnering with regulators and particularly the CFTC to share or refer information, as appropriate.

Reporting

The whole purpose for self-regulating the cryptocurrency industry is to avoid heavy regulation and improve transparency and investor protection. As a result, there should be transparent reporting that meets the needs of each stakeholder and provides the right level of transparency and information sharing needed to ensure confidence in the process.

 

What areas should be self-regulated:

Once a self-governing body has been established and has the right framework in place to be effective, the areas of self-regulation to consider are numerous and some examples follow. This is not an exhaustive list and indeed is only a very high-level overview of what should be considered. The real requirements, as mentioned previously, should be designed and agreed by the members who offer expertise in their fields.

Cryptocurrency status protocols
One of the advantages of self-regulation, as mentioned earlier, is the ability to develop specific regulations for different types of cryptocurrencies depending on their status. Exchanges for example will have very different requirements from privacy coins or technologies that provide a platform for other tokens to be launched such as Ethereum/EOS.

Exchange regulation might focus on investor protection and ensure money on the platform is well protected, enough liquidity is available should the worst happen, and all user data is safe. Platform based tokens on the other hand might focus on ensuring that they do due diligence before allowing a token to be launched on their platform.

 

ICO’s & determining cryptocurrency status

A major area of concern for regulators has been ICO’s. There have been numerous out right scams as well as frauds when it comes to ICO’s being launched. Investors have lost a lot of money as a result and the industry should focus on ensuring that every ICO meets minimum requirements before it can be listed by any of the exchanges that are members of the self-governing body.

Minimum requirements such as clarity of who the board members are, checking that a physical address isn’t a “boiler room” address, ensuring other minimum due diligence has been undertaken by an external and approved organisation, etc.

Further work can also be done to analyse what type of cryptocurrency status the particular ICO will fall under as mentioned earlier (Privacy coin, smart contract etc.) and this could be extended to all members of the self-regulatory body. This can be determined from a legal analysis through to a technological analysis.

Fraud and money laundering

One of the ongoing criticisms of cryptocurrencies, whether valid or not, is that it is being used by terrorists and money launderers. It is therefore important to tackle this issue before it gets any further attention. Ensuring members properly screen their customers or analyse usage on their exchanges for trends that might indicate criminal activity could be one way of improving the image of the industry.

There needs also to be action taken by members when identifying such activity such as sharing information with the relevant agencies or regulators or freezing assets or accounts.

Cyber Security

Cyber security is the topic that launched regulators into action in the first place. Cyber risk has been a growing threat in the last few years. A recent report claimed that the risk in 2016 was four times higher than in 2015. 2017 was worse again.  Going forward we can only expect hackers to become more organised and well-funded, which, alongside advances in AI and technology, will lead to more sophistication in their attacks.

Some organisations are already spending hundreds of millions of pounds on cyber security, whilst governments are spending billions in order to prevent these attacks. It therefore makes sense for the cryptocurrency industry to be working hard to ensure this is the case for them too.

Transparency requirements

 Transparency requirements should be a basis of the regulation put in place and should cover aspects such as:

1. Conflicts of interest, Modern Slavery and ethics
2. Responsible financial management that ensures confidence for investors in the financial status of companies.
3. Investors complaints and communication process

 

Is self-regulation enough?

The cryptocurrency industry is a financially-strong industry, which is a pre-requisite to having successful self-regulation as a struggling industry is more likely to cut corners in its attempt to survive.

However, there are major challenges ahead. In various studies and theories such as Carlo Scarpa, “The Theory of Quality Regulation and Self-Regulation,” and the Australian Consumers’ Association, reporting to an Australian Taskforce in Industry Self-Regulation, it was found that self-regulation is more successful where non-compliance does not pose a high risk or serious harm to investors.

It is clear that the cryptocurrency space does indeed pose a high risk to investors. Other characteristics that are less favourable (and which describe the cryptocurrency industry) include an industry still in infancy and the absence of any cohesive industry association.

Additionally, the European Union (EU) study on self-regulation in Ecommerce highlighted:

1. The problem of enforcement if there is no statutory backing;
2. unless participation is obligatory, regulatory measures affect only those disinclined to flout the rules;
3. procedures can fall short of standards that would be set by courts (for example, for civil liberties);
4. the burden of the costs of regulation may discourage participants and thus fall on the consumer;

It is therefore wise that organisations and the industry as a whole should consider other Risk Management solutions alongside self-regulation such as identifying current regulation in other industries (such as the tech industry) and reviewing current business practices that could potentially fall foul of future regulation.

Conclusion

Risk Management seeks to mitigate risk by reducing the likelihood and/or impact of an event occurring. In this case, the introduction of regulation is the event in question and self-regulation is the solution to mitigate it.

Self-Regulation may reduce the likelihood of regulation being introduced but as we have covered with the EU and Australian Taskforce findings, even if self-regulation is successful, it may not be enough to convince regulators that government regulation is not required. All is not lost however, and just by having self-regulation, it will have prepared organisations for a regulated industry making them more resilient to change and therefore reducing the overall impact that regulations have on cryptocurrencies.

The conclusion therefore is that self-regulation, alongside other risk management solutions, has the potential to reduce both the likelihood and impact of regulation being introduced and the huge reduction of uncertainty that comes with it. This in itself should be enough to reinvigorate the cryptocurrency boom and see new all-time highs in the market and drive innovation further.

 

Alexander Larsen

President, Baldwin Global Risk Services Ltd

Fellow of the Institute of Risk Management

www.baldwinglobal.com

Twitter –  @AlexLarsen_Risk

Email – Al@baldwinglobal.com

 

 

Regulation of Cryptocurrencies

According to Reuters: “Japan’s financial regulator said on Friday it had ordered all cyrptocurrency exchanges to submit a report on their system risk management, following the hacking of over half a billion dollars of digital money from Coincheck.”

Whilst the whole premise of blockchain technology and crypto currencies revolves around it being essentially unhackable, the exchanges that trade these currencies are vulnerable. The introduction of system risk management (which we assume to be risk management of the software/operating systems and servers) checks is a step forward for the cryptocurrency space although it only covers one area of exposure linked to the cryptocurrency market.

History of incidents

Crypto currency has been a booming market with increases in some major coins in the high 1000’s of percent over the last year. This rise, coupled with a lack of regulation, has seen the crypto currency world being hit with a number of negative incidents from Ponzi schemes to fraud, scams and hacking incidents.

Bitconnect, which as of writing of this article, is trading at roughly $8.60, a huge fall from its height of over $300 a month ago, is an example of a potential major Ponzi scheme which has lost $2.4 billion worth of value over 10 days.

The subpoena by US regulators of crypto exchange Bitfinex and its relationship with Tether is another concern to the crypto currency market with many claiming Tether to be a scam. Tethers are tokens backed by US dollar deposits, with each tether always worth one dollar. These tokens should be backed by dollars but thus far the company has yet to provide evidence of its holdings to the public and has not had any successful audits as of yet.

There have also been a large number of Initial Coin Offerings (ICO’s), used to raise money for startups by issuing tokens/coins, which have raised vast sums of money only for the owners to disappear with all the money, whilst others have been less deliberate but have been just as devastating to investors. A cryptocurrency called Tezos, raised $232 million last year, but suffered internal power struggles which has left the project in disarray.

This brings us to the current concern in Japan of cyber attacks of exchange platforms. Cyber attacks and hacking attempts of exchanges have been frequent with Bitfinex, coinbase and kraken amongst others having been closed down for days at a time during 2017 due to a number of hacking attempts. It is the successful hacking incidents which are the most worrying however, with successful hacks such as MT Gox, which cost almost 350 million and two attacks on Youbit which led to it’s bankruptcy. The most recent coincheck hacking was worth 500 million, a record, and it is this which has caused Japan to act.

Regulation

Last year, China took a definitive stand on regulation on crypto currencies which sent shockwaves through the market. Some feel it was perhaps heavy handed with ICO’s being banned, bank accounts being frozen, bitcoin miners being kicked out and nationwide banning on the internet of cryptocurrency trading related sites. Others however believe that it has been a positive step, and has encouraged other governments to take regulation seriously and hopefully take a more balanced approach. It certainly isn’t in the interest of governments to stop ICO’s, which provide many positives including innovation, but they should certainly regulate them from a consumer protection, taxation and organised crime standpoint.

Implementing regulation also removes uncertainty for investors as well as the companies who are involved in ICO’s. Uncertainty is the source of many risks and often a negative certainty is better than uncertainty as it allows a focus within set parameters.

It’s important to remember that too little regulation doesn’t offer protection and too much stifles innovation.

How to regulate

There are a number of ways to regulate cryptocurrencies and the following are just some examples:

1)     Framework for ICOs

New ICO’s are currently not subject to much in terms of regulation globally. One of the problems is determining how they should be treated with some being considered securities. As a fund raising vehicle, there could certainly be a framework that lays out key requirements of an ICO such as a company needing to be registered in order to issue a token, transparency in terms of individual members of the registered company as well as perhaps introducing a few requirements that regular IPO’s require such as implementing risk management. Currently in USA, ICOs are expected to adhere to Anti Money Laundering (AML)/Know Your Customer (KYC) practices.

2)     Regulate exchanges

Exchanges, which is where much of the transactions take place in terms of trading coins, is a logical area of focus when it comes to regulations

South Korea’s financial services commission for example, has stated that trading of cryptocurrencies can only occur from real-name bank accounts. This ensures KYC and AML compliance. According to the FSC, the measures outlined were intended to “reduce room for cryptocurrency transactions to be exploited for illegal activities, such as crimes, money laundering and tax evasion,”

Regulators should focus on regulation that encourages transparency and minimises anonymity.

3)     Tax Laws

Clarity needs to be brought into the tax laws in terms of when investors should pay capital gains. The USA has been quite quick to ensure that crypto-to-crypto transactions are now taxable and not just crypto to Fiat currency transactions. This is not the case in the UK however, where things are less clear and will become even more so, once crypto currencies start to introduce dividend like behaviour.

4)     Reserve requirements of exchanges

Most banks and stock exchanges are required to hold a certain amount in reserves in order to survive any major downturn or crash. This should most certainly be the case for crypto currency exchanges too especially considering the volatility which sees crashes of 60% several times a year with some crypto currencies falling 90% before recovering. This is also known in part as systemic risk which could be what the Japanese financial regulator defines as system risk.

5)     System risk management

As we have seen from this Japan story, one way of ensuring more protection and reliability is by ensuring there is regulation around system risk management on exchanges. There should be minimum requirements protecting against hacking, phishing and other cyber related attacks. The requirements could be scaled against value of the exchange, number of users or number of daily transactions.

It’s important to note that much is being done to reduce the risks of hacking incidents such as the concept of a decentralised exchange. This would essentially be a crypto currency exchange on the blockchain, much like the crypto currencies themselves. This would reduce hacking significantly and whilst it is not currently practical, it could be the standard of the future.

Self-Regulation

The Crypto Currency market gets a lot of negative publicity and much of this could be rectified if there was more self-regulation. It would also reduce volatility within the market and bring about positive change. This refers to both exchanges and ICO’s alike.

The Japan Blockchain Association (JBA) for example has established self-regulation standards which includes the use of cold wallets amongst its 15 crypto exchange members (of which Coincheck was one of them) and are now looking to strengthen the standards further following this recent incident.

I will cover more on this in a separate article.

Risk Management in the Crypto Currency Space

Risk Management, as with all organisation’s, plays a vital role in meeting and exceeding objectives whilst providing resilience and stakeholder confidence. Exchanges and companies that are raising/have raised ICO’s should ensure that Risk Management is part of their business. Identifying risks and opportunities, assessing them and implementing response plans should be standard. Cyber risks, reputational risks, operational risks, system risks and strategic risks should all be considered and prepared for, which would minimise market disruption and reduce the likelihood of financial ruin. At the very least they owe it to the investors who have funded them.

For investors, with volatility so high, the rewards are great but so are the risks. Investors should ensure that they only invest what they can afford to lose, do their due diligence on their investments which includes understanding the technology, the team and look for a prototype rather than a wild concept. Additionally, investors should always be on the lookout for phishing scams and suspicious emails.

Finally, even the most optimistic investor should at least consider that cryptocurrencies are a speculative bubble that could burst.

Find out more about IRM’s Strategic Insights into Cyber Risk Course and many more here.