Embracing Regulation within the Blockchain Space

Anja Stang
Signature Ventures Blog
11 min readNov 24, 2020

We have backed Notabene’s highly-experienced team since their pre-seed stage on their ambitious mission to bring regulatory compliance to the Blockchain space.

Notabene is building a Blockchain-focused compliance platform to provide crypto businesses with the tools to implement regulatory compliance in a simple way. Their diverse founder team follows a Blockchain-first approach combining decentralized-identity technology with the highest compliance standards. We are happy to have been on board right from the start as Notabene’s first institutional investor. Recently, the team has completed their USD 1.7+ million Seed round led by Castle Island Ventures.

When a Suitcase of Cash Is Faster Than a Digital Money Transfer

Legacy finance had been one of the strongholds to resist long overdue disruption until FinTech came along a few years ago. Today, one particular pain point that has been almost eradicated in the western part of the world is the transfer of money across national borders. Thanks to digitization and political agreements, money can be sent almost in real-time and at little cost within Europe and across the Atlantic. However, as soon as the money crosses the borders of the western political hemisphere things look entirely different. As Anna Tims from the Guardian writes half-jokingly: it can be faster to take a suitcase of cash on a plane. This is no exaggeration. Despite efforts to digitize the process and enable faster and cheaper transactions, international money transfers can still take up to five days and sometimes even longer. The reason has less to do with technology, but everything with compliance, regulation and fraud detection.

Most international transfers are processed through the SWIFT network which consists of over 10k banks in more than 200 countries. The Society for Worldwide Interbank Financial Telecommunication (SWIFT) was established in 1973 by 239 banks to solve the communication problems of cross-border payments. Ever since, SWIFT has become a leading authority in communication standards of international payments that has resulted in a universal financial industry message scheme (ISO 20022). Unlike common perception, SWIFT has nothing to do with the actual transfer of funds from one bank to the other. Indeed, as the name suggests, it solves a communication problem that comes with the metadata required by financial institutions, most notably: Who exactly is sending money to whom?
Still, a SWIFT-based transfer can take up to 5 days and longer to be completed. A surprising result, given the simplicity with which messages of different types can nowadays be sent over the internet. It turns out financial messaging standards are not as easy as the everyday WhatsApp chat.

One of the major reasons for the hold-up is fraud prevention. Financial institutions and banks in particular are typically among the most regulated entities of any industry. Hence, it is essential to them to know where the money comes from and where it goes. In this context, ‘from’ and ‘to’ can widely differ by the business concept (a bank, an individual, a manufacturer etc.), the business activity (a settlement, clearing, credit card payment, etc.) and the physical entity (i.e. the actual address, if such exists unambiguously). There are also jurisdictional differences among regulations with regard to the information a bank needs to know about the sender and beneficiary of a money transfer. When adding the cumbersome process where the money has to pass through multiple banks with potentially multiple jurisdictions, it becomes clear how complex a seemingly simple change in numbers in two tables can be.

Moreover, differences in standards concerning the syntax and type of an address (e.g. country-specific address format), the form of a transfer initiation (in person, through a paper or digital form, etc.), the language used (e.g. writing Chinese addresses in English) and the actual digital protocol (XML, JSON, ASN1, etc.) add a physical and technical layer to the problem. All this has to be checked and verified before a transfer can be accepted or forwarded to the next financial institution.

Well-Defined Regulations Can Ensure Quality Standards

The risk stemming from a failure to perform proper counterparty due diligence can be severe: Last year, Dutch bank ING was fined €775 million for failing to stop criminals laundering money through its accounts. In addition to the financial penalty, the responsible entity also carries the reputational and ethical burden of having facilitated criminal activities such as money laundering and/or the financing of terrorism through its own infrastructure and services.

Combating financial crime remains a challenge. Despite tighter regulation regarding anti-money-laundering (AML) and countering the financing of terrorism (CFT), the flow of illicit finance indicates a serious problem on a global scale. As an example, the estimated amount of money laundered globally in one year amounts to 2% to 5% of global GDP, or $800 billion to $2 trillion. The predictable response has been almost universally more stringent regulations by governments. In practice, companies are required to fulfill a massive amount of obligations to ensure compliance. This entails high costs in terms of time, money, and qualified staff to implement and apply the new processes into the day-to-day business. For example, this results in projected annual total costs of financial crime compliance amounting to more than $180 billion across global financial institutions.

Financial crime is not limited to the borders of the so-called traditional financial sector, where transactions are settled in fiat. Nor are regulations regarding the basic AML and CFT requirements: They have started to expand to crypto businesses. During the last years, there has been a global trend of extending regulatory rules that had originally been designed for traditional financial markets toward the emerging Blockchain space. To give an example, the European Union’s 5th Anti-Money Laundering Directive (5AMLD) extends its AML and CFT rules to any entity that handles cryptocurrencies. EU member states’ national legislators have started to implement it following its transposition deadline in January 2020.
This extension of rules to the Blockchain space can be seen as the consequential next stage of the sector’s maturity: When basic regulations for fiat assets start to find their way into the crypto space, it is the very proof of its legitimization as an increasingly equal, albeit relatively new asset class. Regulation once was (and to some extent still is) a toxic word in the crypto community. It stands in direct opposition to the ethos of Bitcoin which was developed on the premise to free the individual from the centralized financial control of governments and banks. However, governments are not (necessarily) the opponents of individual freedom and regulations are made to ensure quality standards and protect the average person. In reality, any experimental technology can only grow so far before becoming too big and too complex for all users to be sufficiently understood. Thus, regulation is the compromise that allows everyone to become a user without the insider knowledge of the first adopters. Regulatory uncertainty, on the other hand, hinders the adoption of digital assets by regulated investors and thereby slows the flow of institutional money into the ecosystem. Additionally, regulatory uncertainty poses a high risk to companies that are actively engaged in the sector. These companies are most likely tech startups and pioneers, pursuing their vision to build the future of finance within a very dynamic space, which exposes them to all kinds of risks by default. Consequently, the notion of proper regulations is shared by conservative companies and young disruptive startups alike. For any Blockchain business required to meet these new regulations, improved compliance can turn out as an opportunity in several ways. Once clear regulations are in place, the respective companies are able to provide for compliance and thus create legal certainty for their business operations. Not to mention the increasing awareness by customers of regulation which is especially the case when serving business customers who are affected by regulatory requirements themselves. Their needs can be proactively embraced: Implementing and signaling high compliance standards can become one of their competitive advantages.

Financial Regulations Keep Expanding into the Crypto Space: Entering the Travel Rule

While regulators and associations like SWIFT were slowly developing new respective frameworks for a world of digital communication, the internet has quietly grown beyond simple communication. Crypto assets introduced a new way to settle transactions that is rooted in trustless and borderless Blockchains. At the same time, all transactions are bound to an identity that is ultimately connected to a Blockchain. Where SWIFT has to adapt its protocols to numerous different physical identity and settlement standards, Blockchain incorporates digital identities and settlement from the start, thus, enormously simplifying the messaging load. Not only is this architecture superior to the current financial messaging system, it also offers advantages to regulators through a completely transparent ledger. It is therefore no surprise that the original Wire Transfer Rule (the “Travel Rule”) in its essence, has been recommended to be applied to certain crypto businesses as well.

In June 2019, the respective international guidelines by Financial Action Task Force (FATF), the global organization founded to combat money laundering and terrorist financing, were issued as a worldwide regulatory framework for the Blockchain space: Financial institutions participating in a transaction are required to exchange both relevant beneficiary and originator KYC information. In FATF’s Travel Rule speak, the entities covered are referred to as Virtual Asset Service Providers (VASPs) and include among others exchanges, custodians, and fiat onramps. FATF’s guidance is directed to its 37 member states, including most European countries, the US, Canada, Russia and China, to name but a few. It can be seen as a fundamental framework of how these member states are supposed to implement digital assets regulation in their jurisdictions as a prerequisite for legal oversight. Although the FATF itself has no legal authority within any jurisdiction, its guidance does carry significant moral authority. In fact, the majority of its member states has introduced the new legislation in response to the FATF guidance, according to the FATF 12-month review report, published in July 2020. A smaller number of member states has decided to extend their AML/CFT regulations in place to cover VASPs. The US, to give another example, was already ahead of the curve due to its stringent Financial Crimes Enforcement Network’s (FINCen) interpretation of the 2013 Bank Secrecy Act (BSA). Consequently, FinCEN issued its own guidance for VASPs in May 2019, confirming the application of the BSA travel rule.

Fig 1. A custodial bitcoin transaction with the Travel Rule implemented. Illustrative. Source: Presentation by Pelle Braendgaard, CEO Notabene at SSImeetup webinar June 24, 2020.
CC BY-SA 4.0 license.

Although cryptocurrencies were initially developed around trustless monetary transactions that don’t require centralized authorities like central banks and governments, it is illusionary to believe that mass adoption is possible without regulatory rules. Just like in traditional finance, regulations around the identity of transaction participants will be part of the future of digital assets. At first glance, this calls for SWIFT-like protocols to accompany transfers with proper messaging about transacting parties. However, the decentralized nature of Blockchain coupled with a fairly small market size (at least when compared to the established financial system) is unlikely to attract the attention of big legacy players like SWIFT to throw in massive resources behind the development of a technical solution they are not familiar with. Moreover, Blockchain technology offers a much more secure and efficient basis for the development of a digital identity system. Ultimately, it’s the absence of such a system in the legacy finance world that causes most of the friction and thus high costs in the implementation and settlement of transactions.

This is where Notabene’s compliance platform comes into play. With their vision to bring Blockchain-native regulatory compliance to monetary transactions, they are ideally positioned to become the SWIFT of the decentralized future.

Notabene’s Blockchain-First Travel Rule Compliance Solution

Notabene’s compliance solution tackles the challenges that lie ahead by providing Blockchain-native compliance tools while staying true to the core values of the crypto ecosystem.
Notabene’s go-to-market product is focused on the Travel Rule to make Travel Rule adherence simple and efficient. Therefore, the team has built an all-in-one Travel Rule compliance platform to help financial institutions perform crypto transactions in a regulatory compliant way. Its user-friendly, and intuitive dashboard and APIs allow companies to easily integrate, onboard quickly and start complying with the latest requirements in their jurisdictions.

Key feature to meet VASPs’ compliance needs:

  • Sending and receiving transfer requests; Generation of Travel Rule reports
  • Secure exchange of customer information: Secure way to exchange data with any counterparty / all counterparties through allowing support for all major information-sharing protocols.
  • Manage the day-to-day compliance tasks of the travel rule: Ability to diligence who the counterparty is and to set risk-based rules around that. This includes KYC of a VASP as well as non-custodial KYC and UBO analysis for Blockchain accounts and smart contracts
Fig 2. Notabene’s Travel Rule Compliance Platform, Screenshot. Source: https://notabene.id/, accessed 11/2020.

The Travel Rule is Setting the Stage for Notabene’s Vision: Building a SWIFT Network for Crypto

The Travel Rule creates an entry point for an extensive market opportunity in the medium term. Since the initial talks about VASPs in 2018, different industry groups and initiatives have evolved that have proposed protocol standards, such as OpenVASP, to cope with the Travel Rule implementation tackling the information exchange issue. Although these protocol standards are a vital part of the solution, they do not serve as a plug-and-play compliance solution for a VASP. Even though VASPs could decide to directly use the OpenVasp network themselves by running a node and afterwards designing an integration with their business workflow. This would mean that they had to run this process and maintenance for any additional protocol used by a given counterparty VASP to handle interoperability.
With the help of Notabene’s best- in-class platform, a VASP needs to only integrate once by using their unified API. Notabene supports the different protocols and provides a convenient solution on top of these standards that already focuses on the compliance workflow at the end user, such as the compliance officer of a crypto exchange. Being protocol-agnostic, Notabene provides interoperability for securely exchanging financial messages in the Blockchain space. Going forward, the team sets out to build out their compliance platform as the SWIFT network for crypto.

Deeply rooted in the Blockchain community, Notabene’s highly-experienced team is composed of identity and fintech experts, software engineers and product designers. Before founding Notabene in 2020, Pelle Braendgaard, Alice Nawfal, Ania Lipinska, and Andrés Junge had worked together for over two years at ConsenSys as co-founders and technical leads building out uPort, a decentralized identity protocol. To date, uPort has been adopted by several regulatory compliant Blockchains such as the EU Commission’s self-sovereign identity framework, the Inter-American Development Bank’s LACChain and Spain’s Alastria.

With a deep commitment to data ownership, privacy, and security and a focus on user-centric products, Notabene is embarking on a mission to bring regulatory compliance to all crypto transactions. We at Signature Ventures are excited to back such exceptional founders and are grateful for having been part of that journey from day one.