There is much debate and speculation around the upcoming Cryptocurrency and Regulation of Official Digital Currency Bill, 2021 that is one of the 26 new bills on the agenda of the Union government for the upcoming winter session of the Parliament that begins from November 29. Media reports say that the legislation will try to define cryptocurrency and any information like number, code, token that promises a price will be considered cryptocurrency. As per the reports, the Central government is also considering a ban on all private cryptocurrencies in the proposed bill. ETCISO spoke to a range of stakeholders, including the security agencies and cybersecurity leaders about the Crypto Regulatory Framework, the pros, cons, opportunities and risks.
“I feel a regulatory framework is a must, including the KYC of each investor, properly licensed exchanges that follow transparency, and a database of all credit and debit activities of crypto, otherwise this entire crypto currency world will be hacked and it will evaporate. This is a big grey area operation that provides anonymity and which is leading to the misuse of this beautiful product and technology. For the police, it is a big headache. Whom do we go to in case some heist occurs? There are currently fake exchanges, fake mining , fake wallets, etc. How to we authenticate and enforce?” says Professor Triveni Singh, SP, Cybercrime, Uttar Pradesh Police.
“The biggest issue with crypto is its misuse by criminals, nation-states and speculators. Any digital currency must be designed to be traceable, and remove risks from paper currency while replacing it. One physical rupee should be the same as one crypto rupee. If crypto currency is controlled, a major portion of the incentive to hack companies would go. Today, my guess is that criminals invest a lot of money in vulnerability and exploit research and may be more adept than even security firms,” says Lucius Lobo, Chief Information Security Officer at Tech Mahindra.
“Addition of a regulatory framework and tying it back to the financial transactions lifecycle to check for terror financing or illegal transactions should also be one of the vectors to bring in governance for crypto. And a common framework on minimum security controls and assurance framework for organizations in setting up such environment, complimented with required education and awareness for end users of the system on how to secure their crypto assets and credentials would be helpful,” adds Dilip Panjwani, Senior Director – Chief Information Security Officer (CISO) & IT Controller at Larsen & Toubro Infotech Ltd.
Money laundering using fiat money far exceeds misuse via crypto
There is a counterview to the opinion that cryptocurrencies have aided money laundering.
“I will disagree with this. Money Laundering using fiat money far far far exceeds misuse via crypto. But agree that KYC will help. But database of all transactions is already online and public on the blockchain,” counters a senior infosec leader.
Moreover, there are voices against such regulation as well.
“If we break its anonymity and control international transfers, as recommended by the RBI governor, It’ll just become another Paytm wallet. Here’s the problem. There’s no point of a distributed/ decentralised cryptosystem being controlled by one entity, for example, the RBI.
The entire reason for its immense popularity is “no control by any central authority” via it’s technical construct,” says another top cybersecurity expert on condition of anonymity.