The Hill, a Hack and a Hot August Day: Two Crypto Events That Broke the Haze
In Washington, DC, at least, August is typically a slow, muggy month, best suited for pool parties and family beach vacations. But on one August day last week, two key crypto events broke the haze.
First, we saw the skirmish over the infrastructure bill, H.R. 3684, and its provision requiring crypto "brokers" — defined broadly to include any service effectuating transfers of digital assets on behalf of another person" — to provide disclosures to the Internal Revenue Service (IRS). As "call your senator" trended on crypto-twitter, a series of dual amendments attempted to clarify legislative intent. The efforts failed, the bill passed and now will be taken up by the House after the summer recess.
The same day the Senate passed the infrastructure bill, the Poly Network, a cross-chain decentralized finance (DeFi) platform, announced that it was the victim of crypto's largest hack yet — $600 million in various assets on the Ethereum, Binance Smart Chain, and Polygon blockchains. TRM immediately investigated the attack, but in a surprise turn of events, the attacker returned the funds days later chalking the exploit up to testing the network's weak cybersecurity.
Though the events may seem unrelated (apart from the date on which they occurred), looking at them together yields some interesting takeaways about the future of cryptocurrency regulation:
- Congress may intend to delegate broad powers to regulators: The crypto tax provision in the infrastructure bill provides wide latitude to the IRS and Treasury has already indicated that it plans to provide guidance and clarification on how it will define "broker" even before the bill is passed by the House. If the infrastructure bill's crypto provision provides broad latitude to the IRS, it is very possible that the SEC, OCC, CFTC, FinCEN and other regulators could be provided similar latitude in future crypto legislation.
- Transparency changes everything: If Congress does delegate broad authorities to regulators, the blockchain - the open ledger on which crypto lives and moves - will allow regulators unprecedented visibility compared to the current system which relies on intermediaries for information. The Poly hack reinforces the transparency of the crypto financial system as the world watched financial flows of hacked funds in real time. And the world did watch...
- Self-regulation and the power of cyber sleuths: As Adam Samson pointed out in the Financial Times, following the hack we saw an immediate reaction from the crypto community as blockchain analytics companies and individuals alike tracked and traced the movement of the hacked funds providing updates on social media in real time. Samson explained, "This type of self-enforcement and self-regulation may be something we start seeing much more regularly...Official enforcement agencies should, of course, play an important role in any alleged crime, but these kinds of informal linkages represent another step in the maturation of the digital asset industry." The nature of the blockchain allows what Samson refers to as "cyber sleuths," to uncover and potentially deter future hacks.
- Crypto is a bipartisan issue: Republicans and Democrats can't seem to agree on anything in Washington these days. But remarkably, the final attempt at a compromise amendment was supported by the Treasury Department and Senators Pat Toomey (R-Pa.), Mark Warner (D-Va.), Kyrsten Sinema (D-Ariz), Rob Portman (R-Ohio), and Cynthia Lummis (R-Wyo.). “The fact that a bipartisan group of senators — and very influential senators … were all persuaded of the industry's point of view, that shows that it's a rapidly maturing industry organization,” said Sujit Raman, a partner in Sidley’s Privacy and Cybersecurity practice, former associate deputy attorney general and TRM Talks alum.
- Cybersecurity will be front and center: While some observers of the Poly Network hack point out that "the crypto industry is better able to withstand a major hack than in the past...reflected in the quick efforts by Tether and others to block the transfer of the stolen funds," it is also clear that cybersecurity is critical infrastructure for any cryptocurrency or DeFi project. Cyberattacks and ransomware are also top of mind on the Hill, and, as a legislative framework for crypto moves along, it is clear that cybersecurity will be an important issue. If a recent Senate Judiciary Committee hearing on ransomware is any indication, legislators are hearing from the Department of Justice that "cryptocurrency and bitcoins are the coin of the realm when it comes to this ransomware." As last week's TRM Talks on cyberattacks made clear, cybercriminals and rogue states like North Korea's Lazarus group will continue to test the cybersecurity of crypto businesses.
- This is just the beginning: The debate over the infrastructure bill may be remembered as the first skirmish in what could be a looming battle over on how to shape a comprehensive legislative and regulatory framework for cryptocurrency. Even as the Senate was passing the infrastructure bill, the Blockchain Caucus, a group of crypto-focused legislators, released a letter indicating that it will pursue a legislative fix when the House takes up the bill and Representative Don Beyer (D-VA) has introduced a bill, the "Digital Asset Market Structure and Investor Protection Act," that seeks to provide a clear legislative framework for crypto.
Staying Hot
As the infrastructure bill moves to the House and as hackers continue to pose a threat to the crypto financial system, there's a lot to be learned. Stay tuned for more takeaways.
Access our coverage of TRON, Solana and 23 other blockchains
Fill out the form to speak with our team about investigative professional services.