Blockchain and cryptocurrency, Cryptocurrency fraud, Fraud management and cybercrime
Fed cites privacy and cybersecurity concerns among top CBDC risks
Dan Gunderman (dangun127) •
January 21, 2022
The Federal Reserve has released its long-awaited discussion paper on a central bank digital currency, or CBDC, for the United States. In it, the Fed highlights the innovative qualities of digital currencies, but highlights the potential risks to the country’s financial system, including increased cyber threats and privacy concerns.
See also: Zero Trust Webinar: Research Overview Exploring Actionable, Holistic, and Integrative Approach to Security
In the document titled “Money and Payments: The US Dollar in the Age of Digital Transformation”, the US central bank said it would likely opt for an “intermediate system” in which the private sector would be responsible for issuing the digital wallets. for the US CBDC.
Yet among the Fed’s top concerns are both cybersecurity and privacy. The Fed says the design and implementation of a potential CBDC must consider consumer privacy and ensure strong identity verification controls to stem money laundering and terrorist financing.
The Fed has now opened the issue for public comment, which it is submitting until May 20.
Fed Chairman Jerome Powell has teased the working paper since last summer, and its release has been repeatedly delayed. Speaking at a press conference in September 2021, Powell said the Fed was still undecided on the merits of a digital dollar.
According to the Atlantic Council, an international affairs think tank, some 91 countries have now launched, developed or researched CBDCs. China has also moved forward with specific trials of launching virtual yuan.
Blockchain security experts say the Fed document is a “first step” in what could be a long journey towards a CBDC.
“The Fed, for the first time, explains what it wants from a CBDC – that it can be used to buy goods, pay taxes, and be programmable to make payments at certain times,” says Ari Redbord, an ISMG contributor who previously served in the Treasury Department as a senior adviser to the assistant secretary.
Redbord, currently head of legal and government affairs at blockchain intelligence firm TRM Labs, adds, “The bottom line is that the United States is really before the first inning when it comes to launching a digital dollar. to other countries we’re arguably behind the times – but at the same time it also signals the Fed’s desire to work with the White House and the Hill to get it right when and if we head into a digital dollar .”
Need “clear support”
In its findings, the Fed says it would not proceed with a CBDC without “clear support” from the executive branch and Congress, adding: “[Our] initial analysis suggests that a potential U.S. CBDC…would better meet U.S. needs by being privacy protected, intermediated, widely transferable, and identity verified.
Among its “benefits,” according to the Fed, the CBDC could spur innovation, support faster and cheaper payments — including cross-border payments — and expand access to the financial system.
“The United States has sat longer than necessary on both issuing clear and appropriate direct regulation of the digital asset space, as well as embracing blockchain technology in the form of a centralized national currency suitable for our modern digital lifestyle,” says Michael Fasanello, who has held various positions within the United States Departments of Justice and Treasury, including the Treasury’s Financial Crimes Enforcement Network.
Fasanello, who is currently director of training and regulatory affairs for Blockchain Intelligence Group, adds: “A ‘digital dollar’ is long overdue, and the benefits of speed, real-time settlement, transparency , the immutability of the ledger on which a US CBDC would be registered, the security of the data contained in the transactions, among other advantages, greatly eclipses the disadvantages.”
Role of the private sector
Expressing broader concerns, however, the report states: “Cryptocurrencies … remain subject to extreme price volatility, are difficult to operate without service providers, and have severe limitations on transaction throughput. currencies also have a large energy footprint and make consumers vulnerable to loss, theft and fraud.”
“Protecting consumer privacy is key,” he says. “Any CBDC should strike an appropriate balance…between protecting consumers’ privacy rights and providing the transparency necessary to deter criminal activity.”
One solution that would alleviate some concerns, the Fed says, is to make the CBDC a privately run system.
“Under an intermediate model, the private sector would offer digital accounts or wallets to facilitate the management of CBDC assets and payments,” the document states. “Potential intermediaries could include commercial banks and regulated non-bank financial service providers, and would operate in an open market for CBDC services.”
Despite the service offerings, the digital dollar would be a liability of the Federal Reserve, he says. This model would then leverage existing private sector privacy and identity management frameworks.
“In practice, this would mean that a CBDC intermediary would have to verify the identity of a person accessing CBDC, much as banks and other financial institutions currently verify the identity of their customers,” the report said.
Deterrence of criminal activities
Near the top of the Fed’s list of CBDC concerns is containing illicit activity.
The central bank said the intermediary system would build on its partners’ existing privacy tools – as financial systems must comply with “a robust set of rules” that address money laundering and terrorist financing. These include customer due diligence, record keeping and reporting requirements.
“Any CBDC should be designed in a way that facilitates compliance with these rules,” the document states.
With specific regard to operational and cyber risks, the report states that “any infrastructure dedicated to a CBDC should be extremely resilient to such threats, and operators of CBDC infrastructure should remain vigilant as bad actors employ increasingly sophisticated methods and tactics.”
The Fed says a “proper defense” could prove “particularly difficult” because a network of CBDCs would have a number of entry points.
Other security experts also continue to express concern.
“Traditional financial services institutions are not yet equipped with the technical infrastructure, workflows and risk mitigation necessary to implement this type of program,” warns Steven S. McNew, Senior Managing Director of the FTI Technology company and responsible for the segment’s blockchain and cryptocurrency. practice.
“There are still many cybersecurity and data security risks, and I don’t really see how to overcome many of them. [them]“, says Paul Sibenik, principal investigator and co-founder of blockchain security firm CipherBlade. “There will always be the same kind of money that is happening now, and fraudulent CBDC digital wallets that are created, where who controls this wallet will not always be the same person who goes through the identity verification.
“I’m also skeptical of its resistance to attacks, as it wouldn’t be as proven as Bitcoin, for example. CBDCs are centralized in nature, which creates opportunities for centralized points of failure.”