Paxos and Gemini: the dangers of unbundled blockchain banking, and the end of the ‘trustless’ dream
The New York Department of Financial Services (‘NYDFS’) announced on 8 September 2018 that it had approved the launch of two blockchain-based banking platforms, ‘Paxos’ and ‘Gemini’, and their respective cryptocurrencies.
‘Another day; another cryptocurrency’, some might say, but what these platforms have in common (as well as their ancient Greek etymology) is that they are subject to a regulatory scheme so thorough that an ordinary consumer could be forgiven for mistaking Paxos and Gemini for traditional banks with added functionality.
This essay first analyses the fundamental legal differences between traditional banking, in the United States and United Kingdom, and blockchain banking. It explains the roles of deposit-holder and central counterparty which banks traditionally play, and how these roles are logically inseparable in the traditional banking relationship. It then considers the ways in which blockchain banking legally differs from traditional banking, and identifies inherent dangers to participants posed by the uncoupling of formerly inseparable banking functions which is being undertaken by blockchain-based banking platforms. The essay highlights the steps which Paxos, Gemini and the NYDFS have taken in order to secure their services, before arguing that the regulatory approval of the Paxos and Gemini platforms, whilst promoting the growth of a viable blockchain-based banking industry, sounds the death knell for the ‘trustless’ promise of the blockchain dream.
Part I: Banking
Banks traditionally perform a number of roles, including deposit-taking, lending, keeping money safe and facilitating transfers of funds between customers. Each of these practical functions is backed by the legal obligations which result from the relationship between the bank and the customer.
When a bank takes a deposit, a relationship of debt is established between the bank and the depositor. An ordinary depositor is entitled to demand the return of that money at any time. The role of the bank as the safe-keeper of customer funds is not based merely on goodwill: a bank which loses its depositor’s money will become subject to an enforceable action by the depositor to recover the value of that debt.
When a bank transfers money to another account on the instructions of its customer, the performance of that task involves a process of creating, altering and extinguishing legal duties owed by the bank to different parties. The role which the bank plays is that of a central counterparty (‘CCP’) who establishes a legal relationship with both the transferor and the transferee and owes obligations to both during the course of the transfer. The transferor has certainty that, from the moment they instruct their bank to transfer funds until the moment at which the transferee has full access to those funds, the transferor will have legal recourse against their bank. Not only is this recourse guaranteed in private law, but those who undertake transfers of funds are regulated as CCPs.
Blockchain technology has been widely hailed as having the potential to revolutionise banking. Blockchains are distributed ledgers which update simultaneously each time a transaction decreases the value held by one participant and increases the corresponding value held by another. Each participant’s ledger is ‘append only’, which means that the existing record of transactions can be only added to, not retrospectively altered. The best-known example of a blockchain platform is Bitcoin, on which anyone can transact. ‘Miners’ — parties who provide the computing power required to communicate with and achieve consensus amongst the millions of ledgers — are paid a small commission on each transaction.
It is apparent that blockchain technology could revolutionise banking by removing the need for a central depositary of money. Banks are unlikely to die out, given participants’ probable reticence at paying unknown individuals to process each transaction. It is more likely that any blockchain banking platforms will involve an operator who updates the blockchain. Crucially, however, no legal relationship between participant and operator is integral to the system, because the operator merely communicates amongst all the participants in order to update the ledger after each transaction. In contrast to the process of contractual novation which characterises a traditional payments system, blockchain banking more closely resembles the ‘CREST’ securities settlement system which is used in the UK to record the ownership of shares, bonds and other intangible assets.
In order to be able to transact on a blockchain platform, each participant must buy the ‘cryptocurrency’ of that platform. The fundamental premise of distributed ledger systems is that the ledger is authoritative, which is to say that the balance of accounts on the ledger is determinative of, rather than declaratory of, the relative spending power of each participant. A cryptocurrency is nothing more than the flip-side of the blockchain record — the unit of value in which distributed ledger updates are recorded. Cryptocurrencies such as Bitcoin and Ethereum are widely circulated but also subject to remarkable price volatility, such that they are not at present useful as a store of value. In a blockchain which allows only a single and specially issued cryptocurrency to be transferred amongst participants, an arbitrary and fixed price can be attached to each unit in order to maintain price stability. The primary ambition, and indeed attraction, of many blockchain platforms is, however, to facilitate the trading of multiple cryptocurrencies and digital representations of tangible or intangible assets, some of which will have volatile price fluctuations.
Paxos and Gemini solve the problem of volatility using ‘stablecoins’: cryptocurrencies specially designed to maintain a consistent value relative to a fiat currency such as the US Dollar or Sterling. Stablecoins can be designed using complex algorithms which release additional coins to pre-arranged buyers (in order to deflate the price in moments of high demand) or to buy back coins from similar sellers (to inflate the price when demand is low). Paxos and Gemini, in contrast, stabilise their cryptocurrency using a 1:1 ratio of issued coins to deposited US Dollars, such that the overall value of the cryptocurrency cannot fall below the value that its originally buyers cumulatively paid.
The seller of whatever cryptocurrency is used by the blockchain plays the role of ‘issuer’ in much the same way that a company does when it issues shares which can be exchanged on secondary markets. The issuer and the operator may be the same legal entity, but this does not necessarily have to be the case. The issuer might characterise themselves as a seller of securities or even simply of access tokens which grant quantified rights of participation in the payments system. As such, blockchain payments platforms present the possibility of ‘unbundling’ the legal nature of banking. With this unbundling comes the opportunity to uncouple the roles which previously were necessarily all performed by the same party. The operator and deposit-holder could, for example, locate themselves in different jurisdictions for bona fide commercial reasons. This freedom, however, is not necessarily one that will always be used to the advantage of participants. There is no suggestion, of course, that Paxos or Gemini have anything other than the best interests of their clients at heart. But it is important to recognise that the impetus which currently drives open banking reforms around the world is the desire to diversify the sources of banking services, and so one that also brings the risk of the entry of bad actors into the market.
Part II: Banking Law
The next part of this essay considers the ways in which the law prevents banks, as CCPs and as deposit-holders, from acting to the detriment of their customers, and whether the unbundling of these functions to separate parties in the blockchain banking industry presents a threat to customers.
Where a bank fails to make a payment as instructed by a customer but deducts the value from the instructing customer’s bank account, the bank is liable in contract for the value which has been deducted from its customer’s account. This position is axiomatic because of the relationship of depositor and deposit-holder. The same is not true of a blockchain platform, on which no deposits are necessarily held by the operator and on which there is not necessarily any contractual relationship between the customer and the operator. An alteration to that record does not necessarily give rise to a contractual action for damages.
Such an operator cannot be liable in the tort of conversion, both because conversion cannot be brought in relation to intangible assets and because the operator is not in possession of any goods in any event. A claim in negligence will be subject to any disclaimers or exclusions of liability made by the operator. The operator cannot be said to have been unjustly enriched by the act, unless it also holds an account on the platform. Arguably, the deposit-holder has been enriched: as a result of the operator’s action in reducing the depositor’s account balance, the value of cryptocurrency which that depositor could redeem as fiat currency with the deposit-holder will be reduced, leaving the deposit-holder with an undue surplus of fiat currency. But because no payment has been made or liability discharged, such an action would constitute a novel ground of unjust enrichment which the court will be loath to recognise. A wronged participant in a blockchain banking platform may therefore find themselves without any legal recourse against the operator.
Similarly, there are acts which, if performed by a traditional bank in its role as deposit-holder, would constitute actionable wrongs against its customer, but against which a participant in a blockchain banking system may have no recourse against the deposit-holder. The first of these is a failure to maintain the value of customer deposits. A bank has no duty to segregate each customer’s deposits, and most deposits are sold as loans (including mortgages) in order to generate income, but cannot lawfully put itself in a position in which it is unable to service its debts.  Doctrinally this is unsurprising, because each customer’s deposit establishes a contractual obligation on the part of the bank to repay the debt upon demand. Where the roles of the traditional bank can be split into the operator of the payments system and the recipient of participant funds, the cryptocurrency issued in return might simply be characterised as an intangible asset. The consideration used to buy the cryptocurrency is pure profit in such an instance, to be allocated as the cryptocurrency issuer choses, and no contractual relationship need exist between the buyer and issuer after the transaction. Unlike in a traditional banking relationship, there is nothing inherent to a blockchain banking platform that would give any recourse to a participant who subsequently wishes to leave. Just as a shareholder in a publicly listed company cannot force the company to buy their shares, a participant in a blockchain banking platform might find that they have no right to redeem their cryptocurrency or convert it back to fiat currency other than through a third-party cryptocurrency exchange.
Those blockchain platforms which stabilise their cryptocurrency value using the 1:1 asset-backed model, as described above, must hold sufficient assets to satisfy all claimants. Whether a platform uses this model is, however, a matter of economic rather than logical imperative, and is unlikely to be desirable, from profitability and cash-flow perspectives, if the same effect can be achieved using algorithmic supply-and-demand controls. Perhaps more importantly, however, is that any promise of price stability is a warranty for the cryptocurrency seller to give or obfuscate at its discretion, and will be worthless if the issuer proves to be a man of straw at a later stage.
Part III: “Cryptobanking” Law?
Recognising the potential vulnerability of the participants in blockchain banking platforms, the third of this essay considers the steps which have been taken by Paxos and Gemini, in conjunction with the NYDFS, in order to guarantee the protection of participants.
Under Section 200.9 of the NYDFS Code governing virtual currencies, Paxos and Gemini must hold deposits within a diversified portfolio of “cash, virtual currency, or high-quality, highly liquid, investment-grade assets, in such proportions as are acceptable to the superintendent.” This provision is similar to that concerning e-money providers in the European Union, which must keep all customer funds in a segregated account or must insure the value of those funds. In addition, both Paxos and Gemini are holding their customer deposits in accounts at US banks which are insured by the Federal Deposit Insurance Corporation. The effect of this measure is that, even in the event that the bank at which the deposits are held becomes insolvent, the deposits will be guaranteed by the government. A similar level of safety could be achieved in all EU jurisdictions, where deposit insurance (up to €100,000) is provided by governments pursuant to the Deposit Guarantee Scheme Directive.
An alternative to compulsory or controlled deposit-holding may be for the courts or regulation to recognise a fiduciary relationship existing between the operator of a blockchain payments system and each participant. Although the record of transactions is distributed amongst all of the participants, a relationship of trust and reliance arguably exists between the participant and the operator whenever the former entrusts the latter to effect a transfer by updating the ledger. A traditional banking relationship of debtor-creditor does not give rise to fiduciary duties because the cause of action for debt prevails. Banks do, however, act as agents for their customers and it is well established that agents have a fiduciary relationship with their principals. As such, this would give a participant a cause of action for breach of the operator’s fiduciary duty to act in the participant’s best interests when dealing with the participant’s assets, were their account value to be reduced without a corresponding transfer having been performed.
A second fiduciary relationship could be recognised to require the deposit-holder (and cryptocurrency issuer) to maintain a stable cryptocurrency value. Paxos and Gemini have been approved by the NYDFS as New York trust companies, as a result of which they are under a statutory duty to hold participant deposits on trust and as fiduciaries. This measure enforces the 1:1 ratio of assets to issued stablecoins, the result of which ought to be a constant stablecoin value. The trust company structure is, however, a statutory creation which exists in the US but not in other jurisdictions such as the UK, rather than the product of a fiduciary duty recognised at common law. Courts in the UK may well be reluctant to recognise a duty to maintain a constant stablecoin value given the potential future argument by analogy that States owe a duty to maintain a constant currency value. In addition, such a duty alone, without complementary fiduciary duties such as to act in the participant’s best interests, would not prevent an issuer from disposing of the profits from the cryptocurrency sale, as envisaged above.
A problem that exists contiguously to each of these solutions is the regulatory reluctance to draw a distinction between cryptocurrencies as an asset class and as a currency. This is important because, whilst it is clear that blockchain banking platforms ought to protect the deposits of participants, it is equally clear that companies who issue shares on a blockchain platform in order to raise capital ought not to be subject to the same rules. The NYDFS has adopted a constitutive approach by which it has selected Paxos and Gemini and established a scheme of regulations around them in order to make them safe blockchain banking systems. The result is that consumers who use these blockchain platforms will be protected, but that is not to say that public or private law offer any protection to consumers generally. It is impossible to regulate blockchain banking as an industry without distinguishing those cryptocurrencies which by design will maintain a constant value relative to fiat currencies from those whose issuers hope will, like securities, increase in tradeable value over time. The precedent set by the NYDFS arguably makes it less likely that regulators will ever chose to make that distinction.
Part IV: Regulation Redux
Any cryptocurrency purist following the announcement of Paxos and Gemini’s launch as banking and stablecoin providers surely could not help but weep at the centrality of regulation and trust to the development of a potentially viable blockchain banking industry. The vision of the Bitcoin whitepaper, published in 2009 by the pseudonymous Satoshi Nakamoto, was of a system which did not rely on government authority or guarantees in order to function, and which did not place users at the mercy of the institutions perceived to have created the 2008 financial crash. The scheme adopted by Paxos and Gemini is the opposite — it requires participants to deposit their money with a holding company in the faith of its continued solvency or regulatory compliance, or that of its insurer.
As if to add insult to doctrinal injury, both Paxos and Gemini will undergo a monthly audit rather than rely solely on the promised transparency of distributed ledger systems. And the Winklevoss brothers are taking a lead both in encouraging regulatory oversight and building a self-regulatory body of exchanges. The participant is effectively in exactly the same position as that of a traditional banking customer. This might be described as a travesty, but it might also suggest an acceptance by blockchain developers that trust and regulation are essential features of banking as an economic activity.
The approval of the NYDFS places Paxos and Gemini in a strong position to lead an emerging blockchain banking industry. Recognising the threats to consumers which the unbundling of formerly inseparable banking functions poses, they have implemented protective measures which may become the international standard for such blockchain platforms. The scheme of regulation adopted in this instance, however, is constitutive and selective in nature. The danger is that, in the proliferation of the idea that blockchain banking is viable, participants may mistakenly place their trust in bad actors intent upon using the unbundling of banking functions to avoid liability and regulation and misuse participant funds. The NYDFS regulations do not draw a distinction between an blockchain platform on which users can invest in volatile cryptocurrencies at their own risk and a banking platform which seeks principally to protect deposits and facilitate secure payments. Perhaps most notably, the regulation of Paxos and Gemini suggests the entrance of trust into the supposedly ‘trustless’ world of blockchain.
Rory Copeland is a trainee solicitor with Pinsent Masons LLP. His personal research interests include regulatory and private law approaches to distributed ledger technology and emerging developments in payments and financial services. The views expressed are all his own.
 Department of Financial Services, ‘DFS continues to foster responsible growth in New York’s Fintech industry with new Virtual Currency product approvals’ (September 8, 2018) https://www.dfs.ny.gov/about/press/pr1809101.htm
 Foley v. Hill (1848) HLC 28; N Joachimson v. Swiss Bank Corporation  3KB 110
 See: Regulation (EU) No 600/2014 of the European Parliament and of the Council of 15 May 2014 on markets in financial instruments OJ L 173/84; Federal Reserve Act 12 U.S.C. §§ 221–522 (1913); Securities Exchange Act 15 U.S.C. § 78a et seq. (1934)
 Phillip Wood QC, Set-Off and Netting, Derivatives, Clearing Systems, 14–012 (2nd ed, 2007)
 Euroclear, ‘Settlement Euroclear UK and Ireland’ https://www.euroclear.com/services/en/settlement/settlement-euroclear-uk-ireland.html
 OBG v. Allan  UKHL 21
 As well as the relevant general contract law, such as the Unfair Contract Terms Act c50 (1977) in the UK or Article 2, Part 3 U.C.C. § 2–302 (2002)
 See for example: Basel Committee on Bank Supervision, ‘Basel III: The Liquidity Coverage Ratio and liquidity risk monitoring tools’ (January, 2013) available at https://www.bis.org/publ/bcbs238.pdf
 Unless there is a specific provision to that effect in the company’s constitution.
 Department of Financial Services 23 NYCCR 200 Virtual Currencies (June 24, 2015) available at https://www.dfs.ny.gov/legal/regulations/adoptions/dfsp200t.pdf
 Directive 2009/110/EC of the European Parliament and of the Council of 16 September 2009 on the taking up, pursuit and prudential supervision of the business of electronic money institutions (2009) OJ L 267/7
 Directive 2014/49/EU of the European Parliament and of the Council of 16 April 2014 on deposit guarantee schemes OJ L 173/149
 As described in Bristol and West Building Society v. Mothew  EWCA Civ 533
 Owen v. Tate  QB 402
 Restatement (Third) of Agency § 1 (3rd ed, 2007). In English law: Aberdeen Railway Co v. Blaikie Brothers (1854) 1 Macq 461
 Cowan v. Scargill  2 All E.R. 750, 760, per Megarry VC
 See for example Keech v. Sandford (1726) Sel Cas Ch 61
 The Virtual Commodity Association <https://virtualcommodities.org/>