Challenging the BIS’ conclusions on permissionless systems
Regulation needs a nuanced analysis of both public and private infrastructures
The Bank for International Settlements (BIS), an international standard setter for financial regulation, plays a crucial role in shaping the global regulatory landscape applicable to banks and other financial intermediaries. Among other things, they issue standards concerning capital requirements for banks. These standards have recently been amended to include rules for crypto assets, with the BIS conducting public consultations in the context of such amendments. Part of the latest consultation is a review of the BIS’ previously established stance towards the risks of public, permissionless blockchains. The Cardano Foundation participated in the consultation to contribute our viewpoint on this important matter.
It is essential to have international standards that comprehensively acknowledge the risk-benefit profile of public blockchains while addressing the legitimate concerns of regulators. However, given their significant and far-reaching impact on decentralized, public infrastructures in general, we believe the provided conclusions lack sufficient transparency and could do more to enable an open conversation on the tradeoffs of using public, permissionless blockchains. Indeed, without providing adequate insights into the analysis underlying the conclusions, it is very difficult to engage in a meaningful and constructive dialogue.
Impact of BIS Standards on Blockchain
In 2021, the BIS first introduced two main categories to classify crypto assets under the amended standards. The first encompasses tokenized traditional assets—such as shares or bonds—and stablecoins issued on a private, permissioned blockchain. The second category covers unbacked crypto assets, such as ada or Bitcoin, and all tokenized assets issued on a public, permissionless blockchain. For these the BIS required banks which hold such assets on their balance sheet to apply an extremely conservative capital treatment. In a nutshell, the more conservative the capital treatment, the costlier it gets for banks to hold such assets.
The incentive structure of public, permissionless blockchains rely on their own native tokens. These tokens act as reward mechanisms for the node operators, who run the peer-to-peer network by verifying transactions and contributing to its security. Virtually all such native tokens fall within the second BIS category.
When banks face such costs to balance sheet exposures in native tokens, it indirectly cuts off many of the companies and developers building on that blockchain from all, or at least from more sophisticated banking services. This has already started happening in anticipation of the new standards and is disproportionately harming smaller blockchain companies and hindering innovation throughout the industry. In the bigger scheme of things, it also creates what we believe is a disproportionate intervention for public, permissionless infrastructure as an entire technology sector, hampering its innovative potential.
Public vs Private Infrastructures
Given the history of the BIS' regulation, the preference for centrally operated and controlled infrastructure is understandable. Such systems operate with known, vetted participants, aligning with familiar risk criteria and mitigation requirements. Centralized control provides a clear point of contact and accountability.
However, this in-built preference for the legacy approach risks limiting infrastructure innovation in the financial markets. The potential of public, permissionless blockchains to challenge the existing infrastructure paradigm and address such challenges as provider consolidation should not be underestimated. In fact, this would result in significant public policy benefits, for example through increased infrastructure redundancy and resilience and reduction of vendor lock-in.
While regulators rightly focus on risk management, the overly simple mantra of "public equals bad, and private equals good" is counterproductive. A careful, nuanced analysis of both public and private infrastructures, as well as their relative tradeoffs, is required. The unfortunate lack of transparency in this latest BIS report offers the industry very little opportunity to address the BIS-identified risks in a constructive manner, since it leaves to conjecture how these conclusions were drawn.
Addressing the BIS’ Key Concerns
The BIS raises concerns about permissionless blockchains' reliance on third parties, particularly the difficulty of conducting due diligence on node operators, as well as their pseudonymity and lack of traditional accountability mechanisms (i.e. contracts). The BIS likewise highlights the potential risk of a small group of node operators gaining too much power. While we understand these concerns, it is also important to, on one hand, acknowledge the benefits decentralization offers and, on the other, the mitigants already available for the stated risks.
Permissionless blockchains enhance resilience, remove reliance on single providers, and safeguard data integrity by distributing control. A well-designed permissionless infrastructure fosters trust among its participants and can rival the operational resilience of legacy financial infrastructures.
Financial institutions can also operate nodes themselves or outsource this function to trusted partners. In fact, this would address at least some of the BIS' concerns and simultaneously boost the skillset and diversification of node operators, thus further increasing operational resilience. Likewise, it could be part of a less onerous mitigation approach than the current hard division between private and public blockchain infrastructures . Ultimately, this example illustrates the need for a thorough analysis of the trade-offs between permissionless and legacy infrastructure risks.
Finding a Way Forward
In summary, the current BIS policy trajectory feels disproportionate and offers no clear path for risk mitigation by the industry. More transparency and openness around the conducted analysis and how respective conclusions were reached would help us address the raised concerns in a solution-oriented manner. As such, our consultation contribution offered the following approach for consideration:
- •Risk-Adjusted Approach: Analyze risks and benefits across all types of financial market infrastructures—public or private—to establish a basis for an informed level playing field discussion.
- •Clarity for Banks: Provide guidelines for safe interaction with public, permissionless blockchains, exploring risk mitigation strategies like banks operating their own nodes or outsourcing this function.
- •Open Dialogue: Foster continuous collaboration with stakeholders to find solutions that address concerns and promote innovation.
Regardless of the methodology, the Foundation champions collaboration with regulators to ensure blockchain technology integrates safely into today’s financial systems. Clear and balanced regulations will not just help to unleash this technology's potential but simultaneously protect consumers and enhance financial system stability.
We urge the BIS and similar regulatory bodies to provide thorough insights into the rationale informing their conclusions, so as to open effective lines of dialogue with industry experts. Similarly, we encourage all regulatory entities to adopt a nuanced perspective on public blockchains so that the world can harness this technology’s unique strengths in a responsible way while simultaneously addressing risks through technical solutions and thoughtful guidance. The Cardano Foundation hopes to help shape a future where public, permissionless blockchain infrastructure flourishes within a well-regulated and secure financial landscape.