Finding the Goldilocks zone of regulation

Article highlights

• Recent events in the digital asset market, including large-scale losses and failures of governance, have damaged trust and raised the need for regulation similar to what was implemented after previous financial scandals.
• Regulatory oversight and governance, similar to Sarbanes-Oxley and post-crash financial regulations, could help address the lack of internal controls and underhand practices in the digital asset market.
• Stability and clarity in regulations are crucial for the digital asset market. Crypto companies are seeking new places to settle in order to mitigate disruptions to their markets and business models
• The EU’s Markets in Crypto Assets (MiCA) regulation, which came into force in April 2023, provides clear rules for crypto asset service providers and addresses important aspects such as consumer protection, transparency, cybersecurity, and data loss.

“This porridge is too cold and salty,” said Goldilocks, dropping her spoon back in the SEC bowl, “and that unregulated porridge is sweet, but too hot. Where can I find a perfect balance?”

Regulation was at the forefront of the discussion in our recent Financial Markets Insight’s paper, Restoring Trust in Digital Assets. A cataclysmic series of losses in 2022 sent shock waves through the digital asset market in much the same way that the collapse of Enron in 2001 and the financial crash in 2008 damaged trust in traditional markets. Heavy regulation followed those scandals, and it is only logical to expect the same from recent events. The question is, in a nascent industry spread across multiple jurisdictions, where will we find the right conditions to sustain life and stimulate the digital asset market?

The parallel failings are clear. In March 2022, the largest crypto hack in history saw over $600m vanish from the bridge between the Ronin and Ethereum blockchains and exposed a failure of governance in their Proof of Authority consensus. A forgotten whitelisted node and a concentration of control within a single entity exposed transaction validation to a simple majority attack. Despite its scale, the Ronin hack was rapidly overshadowed by the depegging and death spiral of Terra/Luna in May 2022 which wiped $50bn in valuations from the market. The fundamental over-valuation of an asset that turned out to be valueless was a painful reminder of 2008’s subprime mortgage bundles. Finally in November of that year came the digital asset market’s Enron moment, the spectacular demise of unregulated exchange FTX and its complex web of sister companies.

Regulation as a response to loss of trust

What, then, will be the digital asset market’s equivalent of Sarbanes-Oxley (Sarbox) or of the post-crash financial regulation? It’s clear that Sarbox-style governance, independent oversight and corporate disclosures (alongside a healthy dose of investor due diligence) would have gone a long way towards tackling the lack of internal controls and proliferation of underhand procedures now evident from the FTX investigation. Regulatory oversight that traditional markets became accustomed to post-2008 might have prevented the consumer hype and subsequent loss with Terra/Luna. But these are centralised regulations enacted by turn in specific jurisdictions. How can the regulatory regimes of different countries be effective in restoring trust in decentralised organisations or in those with global operations whose jurisdiction is unclear?

This is the Goldilocks challenge – and we are watching a new nursery tale unfold. The ‘regulation by enforcement’ strategy of the U.S Securities and Exchange Commission (SEC) is blowing a cold wind through the digital assets market and taking casualties along the way. Some of the high profile failures of 2023 in the crypto-adjacent banking industry, notably Silicon Valley Bank, have been attributed to the SEC’s response to the debacles of 2022. The U.S approach appears to be freezing out the industry. With the power that market wields, lightly regulated corporate domiciles or the perceived shelter of a decentralised organisational structure may become too hot to handle. Where, then, does the Goldilocks zone lie?

Stability and clarity win the race

Crypto companies are seeking new places to settle in the face of disruption to their markets, their business models and the organisations themselves. Stability is a gamechanger. Silicon Valley VC investors Andreessen Horowitz (a16z) are opening a London crypto office, citing a ‘predictable business environment’ as a factor in the move, which is actively supported by the British government. Digital asset regulations are making their steady way through the parliamentary process. The UK’s unique combination of statute and judge-made law, as distinct from a written constitution, allows the lawmaking process to be agile and move with the evolution of the market As English law governs as much as 80% of commercial transactions worldwide, according to Professor Sarah Green, Law Commissioner for commercial and common law, this is significant for many jurisdictions.

In Europe, the EU’s Markets in Crypto Assets regulation (MiCA) came into force in April 2023. This offers clear rules of engagement for crypto asset service providers (exchanges). It addresses consumer protection and transparency, the segregation of assets, proof of reserves, audit, due diligence, cybersecurity, and data loss. MiCA harmonises regulations that developed piecemeal around Europe from around 2017 onwards as the industry grew. There are omissions and elements that need to be revisited – for example, there is no mention of NFTs – but the foundations are in place and a mechanism for regular revisions built in.

Action to restore trust

The industry experts who contributed to our Financial Markets Insights report agree that the call for regulatory action is loud, clear and global. Loopholes need to be closed. Governance, due diligence, audit and oversight must become priorities for investors and advisors. Digital asset companies have to move with the times from wild west innovation to risk management and market integrity.

And where does the Goldilocks zone lie? It’s up to us to lead the exploration. The industry can be proactive in helping to shape regulation, as MiCA has shown, but the industry does not have to wait for the regulators. Firms themselves can take strides towards restoring trust in digital assets by establishing best practice in business, security, education and transparency. The future is in our hands.