The crypto industry is embracing self regulation. It’s time Washington gets on board

This post was originally published on this site

https://content.fortune.com/wp-content/uploads/2023/07/us-capitol-building-new-dawn-for-crypto-e1689952854883.jpg?w=2048

Public blockchains have been touted as cure-alls by enthusiasts over the last decade. Promoters have promised faster securities settlement, decentralized social media, instant payments, cheaper remittances, and everything in between. And indeed, these benefits may come in time. But there’s one domain in which blockchains clearly outperform their traditional counterparts today: accounting.

Blockchains track debits and credits to accounts on a ledger, just like an ordinary accounting system, but in a real-time, transparent, and immutable fashion (once transfers are settled). The existence of any asset that resides on a blockchain—whether a tokenized security, or a digital commodity like Bitcoin—is fully verifiable at any time by anyone with an internet connection. The entire supply of Bitcoin, down to the tiniest unit—one satoshi—can be verified in real time by anyone running a node. What’s more, any entity can prove mathematically to any third party that they own a digital asset via a cryptographic signature, without the need for any guarantor. This isn’t the case for traditional assets or commodities, which rely on a network of intermediaries to attest to their existence. In practice, this means financial assets end up concentrated in large custodians, like the DTC with equities, or gold with organizations like the LBMA. The high cost of auditability for conventional assets tends to have a concentrating effect.

This remarkable auditability property of digital assets has enabled crypto platforms to build attestation tools enabling end users to verify that their assets are actually being held in reserve, and don’t simply exist on someone else’s ledger, subject to error or fraud. And these tools are long overdue. For as long as crypto exchanges and custodians have existed, they have let down their users with a series of spectacular failures—one crisis after the next from Mt. Gox to Bitfinex to Quadriga to FTX and, most recently, Prime Trust. Those of us who believe in the promise of digital assets are fed up with this grim status quo and have begun to demand more transparency from the exchanges we all rely on.

As a result, exchanges and custodial platforms today are coalescing around a simple idea: What if these platforms could indisputably prove to users that they control funds held for users? This is known in the industry as a proof of reserve, or PoR. The concept has existed in the digital asset context for around a decade, and it has been continually refined ever since. Effectively, it involves a custodial platform providing signatures attesting to their unique ownership over some digital assets on-chain, combined with a disclosure of client liabilities. By publishing these datasets, and giving end users—and even interested onlookers—the option to actually verify that a given liability corresponds to some assets, clients can gain strong assurances that the platform is sound.

Legislative initiatives both at the state and federal level have focused on asking exchanges to segregate client and operating capital, and to give clients assurances in the case of platform liquidation or bankruptcy. This is necessary, but only part of the solution. Prime Trust, which recently revealed it had lost $82 million in client assets and hid those losses for years, was a Nevada Trust company. The architecture of the Trust Charter, ironclad from a legal perspective, unfortunately did little to reveal the loss of assets. A monthly—or even higher frequency—attestation, as is the standard with PoR, would have forced divulging the loss when it first occurred, because Prime Trust would not have been able to provide valid signatures for user funds held. This would have also been the case with Mt. Gox, Quadrigra, and FTX. These were all drawn out insolvencies, concealed for months if not years. An exchange engaging in PoR attestations isn’t immune from losing customer funds or being hacked, but the PoR does reveal these losses when they occur, limiting further fallout.

In the wake of FTX, PoR is now being voluntarily adopted across the industry. Many of the largest exchanges worldwide, including Kraken, Binance, Bitmex, Derebit, Kucoin, and OKX, now conduct these attestations with frequency, covering tens of billions of dollars in client assets.

Lawmakers in the U.S. and abroad have begun to recognize the importance of PoR. In March, Texas passed the landmark HB1666, which requires firms with money transmitter licenses to carry out PoRs, starting in September. At the federal level, Sens. Cynthia Lummis (R-Wyo.) and Kirsten Gillibrand (D-N.Y.) included in their reintroduced Responsible Financial Innovation Act mandatory PoR and a request for PCAOB to standardize the procedure.

Since 2021, Wyoming has made reference to proof of reserve in the state’s Digital Asset Custody Framework. Dubai (see Reserve Assets) and Singapore (see Regulation 16C(11)) have also made reference to similar on- and off-chain reconciliations in recent guidance. Canada has recommended since 2021 that exchanges engage in PoR as a best practice. Bermuda, which is distinguishing itself as a premier crypto-focused regulator, has maintained an explicit reference to proof of reserve in its Digital Assets Custody Code of Practice since 2019. PoR is neither new nor limited in its reach to a handful of enthusiasts. It has existed for years and has already been embraced by regulators worldwide.

That doesn’t mean PoR is without its critics. Sens. Elizabeth Warren (D-Mass.) and Ron Wyden (D-Ore.) have engaged in a campaign of harassment leveled at auditors who service crypto firms. They aim to stymie the crypto space by stripping it of CPA firm services, which are necessary for platforms operating in compliance with MTLs and similar regulatory regimes. In a recent letter to the PCAOB, they attacked PoR and called it a “sham audit.” The PCAOB duly released an advisory letter warning investors about PoR attestations. Frightening audit firms away from a fit-for-purpose form of assurance is the opposite of what a reasonable accounting regulator should do. For its part, the AICPA has demurred on issuing any guidance on PoR even though it’s progressing on stablecoin attestation standards. This uncertainty has had the effect of leaving most CPA firms unwilling to supervise these procedures. We in the industry are pushing for more sunlight, but some lawmakers in Washington aim to leave us in the dark.

The standard critiques of PoR have largely been addressed. PoR is not contemplated as a substitute for standard audit types but rather as a complement. Mindful of this, the Texas legislation blends traditional and crypto-native assurance, asking for PoRs but also for CPAs to supervise them. Specialist CPA firms have emerged with expertise in overseeing these procedures. Traditional assurance is fine, but it’s no substitute for a high-frequency proof to end users that custodians have their funds. And while early PoRs ran the risk of leaking client data, innovations—such as zero-knowledge proofs—allow PoRs to be done safely.

We are not asking crypto exchanges to be held to a different standard from conventional custodians. In fact, a frequent proof-of-reserve attestation provides far more transparency than conventional custodians can offer. It’s not a substitute to standard audits but rather a more narrow complement—it enhances conventional audits. Together, the two provide a level of assurance not otherwise attainable. We ask simply that Washington stop undermining the industry’s efforts to clean itself up, recognize the validity of PoR, and facilitate its proliferation across the industry. Lawmakers should encourage the accounting standards setting bodies, like the FASB or the PCAOB, to ratify industry efforts around PoR so audit firms feel empowered to supervise them. And they should recognize the good work that custodians are already doing to make themselves more transparent and accountable.

The crypto industry is working hard to gain back trust. If PoR becomes widespread and standardized, we will exceed the level of assurance that custodians can offer with traditional assets. This is a worthy goal, and one that Washington should support.

Nic Carter is the cofounder of blockchain-focused investment firm Castle Island Ventures and the cofounder of blockchain data company Coin Metrics. The opinions expressed in Fortune.com commentary pieces are solely the views of their authors and do not necessarily reflect the opinions and beliefs of Fortune.