The Cayman Islands Monetary Authority (CIMA) has so far been very conservative in granting virtual asset service provider (VASP) licenses.
One of the foremost concerns is that regulatory failure in the digital asset space would harm the reputation of the islands’ financial services sector as a whole.
However, prudential supervision is just one important aspect. Effectively implemented corporate governance and compliance structures are another.
The Compass spoke to Cara Hennessy, co-founder and director of compliance at Provenance, a Cayman-based compliance services provider to investment funds in the digital asset space, VASPs and decentralised autonomous organisations (DAOs), who want to build their projects, taking into account existing and future regulations.
How can a debacle like FTX be avoided in Cayman?
Ultimately, the FTX fiasco was perpetuated by fraudulent activity and bad actors, human failures to do the right thing. How this can be avoided is by the implementation of robust corporate governance, risk management, internal controls and financial management.
The overall corporate governance framework for FTX was entirely flawed and, added to that, you had investment firms placing funds with FTX and/or Almeda without doing operational due diligence on their investments, and then other investment managers adopting the herd mentality and risking their investors’ funds without due care.In Cayman, we already have a very stringent companies management system oversight and enforcement actions for failure to do this.
So, really, we just need to continue to execute and enhance such frameworks. The only thing that will hinder us is the reputational damage of what has happened in the Bahamas once again puts the spotlight on all offshore jurisdictions.
The industry and service providers play a massive role in establishing good practices and seeing them through. As we started Provenance, we noticed that clients often needed more operational/ implementation support and assistance; not just being told what the law requires, which is something the law firms already do well, but also how to make it work for their own business model.Especially in the digital asset space, we cannot assume that clients are familiar with and know how to implement these best practices and standards. This is why, for example, some of our product and service lines are being built around due diligence, audit and remediation.
What are the challenges for those who provide compliance services to crypto businesses?
Understanding how crypto works, as well as the business model or tokenomics for decentralised projects, is key.
And this is why many traditional service providers have not taken on this challenge yet, because volumes of business are still small compared to traditional financial services and investment funds.
For investment funds specifically, compliance service providers often rely on various gatekeepers – the administrator, the auditor, and the board of directors obviously play key roles, but also the custodian, prime broker, etc.
Traditional investment funds playing in traditional capital markets are in a safer environment, from a compliance point of view, and require a lot less time investment and work compared to crypto businesses.
Accounting, security, banking and digital assets themselves all can pose unique challenges. When are such issues just the sign of a start-up or a fledgling industry and when do they become a red flag?
That’s a very good question. It is a well-known fact that many of these projects are turned away by some of the traditional providers and forced to go to less reputable ones.
Many clients would not hold their digital assets on exchanges like FTX if they had good banking and custody solutions available to them. Or, if investment funds had been able to accept subscriptions in kind from private wallets – something which is now becoming more acceptable due to the advances in the blockchain forensic solutions – we perhaps would not have seen so many Cayman Islands investment funds being impacted by the FTX collapse.
It’s all speculation, of course, but everything is connected for good or bad, and the digital assets industry would not grow to its true and best potential, unless it’s being helped to safely integrate with traditional financial services, which is what Provenance is supporting, and, of course, regulators.
Of note this week, another of the contagions that further impedes the progress for crypto funds and wider crypto eco system is how the main crypto banks Signature and Silvergate have lost up to 60% of value, owing to their interactions with FTX and, as such, are now moving to reduce their exposure to crypto, giving crypto funds fewer options.
Hasn’t crypto so far just replaced trusted intermediaries with untrustworthy ones?
That seems to be the case in quite a few scandals, which is why due diligence is important, but it’s part of the growing pains of any new industry. Some of the more experienced businesspeople may compare crypto and digital assets with the very turbulent start of the hedge fund industry.
Blockchain solutions and crypto projects have brought about numerous changes already to our world – central banks would not be talking about central bank digital currencies (CBDCs) if not for the stablecoin projects. And the banking system itself, at the global level, underwent a few upgrades and improvements in response.
It’s good for an industry to be disrupted by challenger projects, because this is how progress happens. But it’s true that the Wild West of crypto has so far attracted scammers and speculators almost as much as visionaries and reformers.
However, it is important to note that what happened with FTX and some others is entirely the equivalent of equally shameful occurrences in TradFi (traditional finance). Think 1MDB, where 30 Goldman Sachs employees were complicit or turned a blind eye to the laundering of Malaysian state funds. Or indeed the other big bad wolf, Bernie Madoff.
We need to segregate the human corruptibility from the value of blockchain technology and differentiate again the value of the underlying technology from the price volatility which exists in commodities markets of any kind.
Is it possible at all to have a decentralised structure (DAO, DEX) and be compliant?
That’s a difficult question, and not even the FATF has the answer to this one. The decentralisation issue has been debated, but not yet resolved, and it may be that the solution is reliant on gatekeepers and on-chain credentials with zero-knowledge proofs. In other words, I know that this wallet has been linked to a person and passed KYC with this trusted intermediary on this date, without actually seeing the personal data of the individual.
It’s not safer or more compliant for people to be forced to provide their personal data to unknown businesses 20 times over for even small transactions – doing that is actually creating more risk, both from a data protection and a cybersecurity perspective.
But yes, I think it’s possible to build compliance into a decentralised project – one good example would be screening for sanctions and transaction monitoring which can be done via API integrations, but I am sure we’ll develop other compliance solutions as well if decentralised finance continues to grow as fast as it has recently.
Related Videos
