ML#7: Financial Hacking: From Dark Web Smokescreens to White-Collar Crime

Session 2

Josephine Wolff provides an account of the larger history and development of cybercrime business models, from the theft of payment card data to identity fraud and ransomware.

Malcolm Campbell-Verduyn discusses the perils and possibilities of bringing cryptocurrencies into official regulatory remit. Thomas Bollen will zoom in on Tether, a stable coin that might just be the biggest fraud in the cryptomarket.

Speakers: Malcolm Campbell Verduyn, Josephine Wolff, Thomas Bollen

Moderator: Balazs Bodo

Presentations and bios here.

Josephine Wolff

Josephine is an assistant professor of cyber-security policy at The Fletcher School, and an author of “You’ll See This Message When It Is Too Late: The Legal and Economic Aftermath of Cybersecurity Breaches”. For the opening of her presentation, she briefly describes her focus on the question of how policies are made to secure the internet and its usage. The questions she is concerned with are:

  • Who is losing money?
  • What motivates the choice for -cyber-crime?
  • When cybercrime occurs, who is actually invested in stopping the crime and paying the cost, rather than enforcing the law?

Josephine shows some examples of the attacks she deals with in her research (e.g. on TJX servers, Blabla sniffer, Wardriving, etc), as well as what are possible defenses, such as: Wi-Fi protected access (WPA); restricting connectivity to known/registered devices, storage of less customer information and stronger encryption, regulation of black market card sellers etc. Were we to deconstruct the cases in different stages, the question still remains: who is in a position to intervene in an effective way?

Although the examples are very strong, they show what the general focus is, and that is: policy and law enforcement. The answer to who is actually invested in stopping the crime, remains elusive.

Payment card industries and transactional technology companies react to cybercrimes by evaluating what the consequences and damages are. All that usually results in is a decision about the amount of the fine that needs to be paid. Ultimately, the question remains the same:

Who has to pay the real cost when all frauds are falling on banks?

In cybersecurity this question is handled with a lot of blaming and finger-pointing. With a question mark in the air, Josephine ends her presentation with the conclusion that most crimes units end up exhausting their focus on individuals breaking the law, while there is no one looking at a more structural approach to tackle the existence of the crime in the first place.

Malcolm Campbell-Verduyn

Malcolm is an Assistant Professor of International Political Economy in the Department of International Relations and International Organization at the University of Groningen; and an editor of Bitcoin and Beyond: Cryptocurrencies, Blockchains and Global Governance, and Global Networks.

The beginning of his presentation is an introduction to a castle in France, called Chateau de la Muette. After the 2nd world war, this castle was given to academic economic development, and from 1981, the FATF (Financial Action Task Force) was allowed to use it. FATF is an inter-governmental body on a mission to set standards, and promote effective implementation of regulatory measures for preventing money laundering, financing terrorism, and other threats which are considered harmful to international financial system. In 1990, FATF presented 40 recommendations on how to fight money laundering. After 9/11, another 9 recommendations were added to the list.

Interesting fact: FATF is housed in the building where the last king lived before the French revolution. Back in the day, their leisure time was spent hunting deerhounds. Were we to metaphorically reflect on that past and compare it to the current reality, one can say that FATF is chasing after modern-day deerhounds, also known as financial terrorists. However, this metaphor doesn’t hold for cryptocurrencies: their decentralized nature prevents regulators and banks to be involved in the cat-and-mouse hunting game.

By looking at examples from global finance, it is hard to tell if FATF is actually working with regulators, or chasing after them, trying to influence new laws. At the same time it could be argued that what we’re seeing here is efficient law-making collaboration.

Of course, FATF updated their recommendations to respond to cryptocurrencies as well, offering guidelines for the regulation of digital assets. One example is an implementation of the Travel Rule, which requires VASPs (Virtual Asset Service Providers) to collect and transfer customer information during transactions.

Malcolm points out that the notion of innovation is important; who gets heard and who has a voice is a crucial part of the new. He ends his presentation by saying that the presentation’s title Beyond the cat and mouse chase? is meant to be an open question.

Thomas Bollen

Thomas is a journalist for Follow the Money and a financial economist specialized in monetary policy and the banking sector. He is here to talk about Tether, a stable coin of fraudulent nature. He is on a mission to expose his skepticism towards it and starts by asking the audience whom do they trust with their money. ING? Bitcoin? European Central Bank? After a few hands raised here and there, he reflects publicly that there is not so much trust in general in this room. However, of all these tiny raised hands, it’s clear that European Central Bank is the winner of monetary trust.

Now moving on to Tether’s characteristics:

  • Tether is a stable coin with a value of one dollar. Compared to Bitcoin, which fluctuates, its value is always one dollar.
  • Total value of the Tether coins issued: 4,1 billion USD.
  • Tether is being used more than Bitcoin, which makes it the biggest among the cryptocurrencies. This is because most of us still think in terms of a dollar and a euro, and all we want to know is how much money we actually have.
  • It is claimed that Tether is issued only when there is an actual dollar to back it up. So, it’s always pegged to the dollar.
  • The owners of the Tether company also own BitFinex, which is the largest bitcoin exchanges company, but not many people know about them. Here they are:

After giving some insight to Tether, Thomas moves on to support his skepticism towards it by showing the following examples of headlines related to Tether’s journey:

One of the headliners claimed that in order to back up Tether coins with Dollars, one obviously needs to have a bank account. However, many big banks didn’t want to deal with BitFinex, so the company owners had to work with companies that aren’t generally perceived to be highly trustworthy. Perhaps unsurprisingly then, 850 million dollars disappeared, of which 50-60 million was found in private accounts of this not highly-trustworthy company’s owners and managers. These are classic consequences of banks not wanting to work with a company like BitFinex.

Although there is little attention paid to Tether, its ideology serves as a great inspiration for fresh ideas, such as Facebook’s Libra. So, Thomas concludes, it’s a positive thing that EU central bank is winning the trust race, isn’t it?

Q&A

Balasz invites Josephine, Malcolm, and Thomas back on stage, and the questions start flowing in.

One of the first, and main question was:

What is the need for digital money? Do we need it now, or will we need it once we get accustomed to it?
**I must say that at this point, there was some tension in the air, which indeed led to a very interesting discussion. (Balasz was right when he said that it will be interesting)**

A societal monetary perspective is that we value currency as an important medium, which we don’t want to crash. General panic makes people take money out of banks to protect what’s theirs, and that’s what causes banks to collapse. Afterwards, as we know, governments can bail them out. The bigger question however remains unanswered: who is responsible for this madness? The market doesn’t govern itself, we need to move on and find another system of governance. We need to build systems that try to re-think finance in terms of human values and priorities. Finance and crypto do not care about these, and distribution of power follows the same old patterns.

Are cryptocurrencies necessary? What is the social form that will exist around them? What are we actually discussing? The optimization of cryptocurrencies without the discussing what the necessity is?

At this point, the moderator got a bit confused with all these different perspectives that the topic was approached from. He asks the following: Whose perspective are we discussing, actually?

Here is the thing: We cannot (only) choose an idealistic approach to address the issue, because the fact is that all currencies are built on a dollar and we cannot run away from that fact. Replacing the dollar on a global scale is not happening any time soon, and that’s why we speak of re-building the monetary system. However, re-designing cannot happen until we are able to have a democratic situation, obviously, and discuss the value of a value, value of privacy, and the value of democracy (again: who can participate in deciding for the system).

Thomas said something beautiful and I will just quote him here for the end:

“We need to use the knowledge from institutions, but not let the institutions design the systems”

There is indeed, hope in experimentation.