Home » Podcast » Dr. Max Bernt
Podcast Transcript

Regulation in Web3

Dr. Max Bernt MD Europe, Taxbit · Ex-Blockpit CLO

Dr. Max Bernt is an Austrian lawyer who went deep on crypto regulation: Blockpit's Chief Legal Officer at the time of this conversation, today Managing Director Europe at Taxbit and co-chair of the OECD's CARF business advisory group. A conversation about what regulation means for Web3 builders.

  • Published 07 Nov 2022
  • Runtime 52:22
  • Operator
  • Recorded in English
// The short version
  • Max Bernt, Chief Legal Officer at Blockpit at the time of recording (November 2022), argues that legal certainty and legal clarity are the first step toward mass adoption. Big players only enter crypto once their compliance departments can sign off.
  • During the MiCA negotiations in March 2022, several MEPs proposed rules that would have practically banned self-hosted wallets. Bernt warns that regulation like this pushes providers and users out of Europe to places like Dubai instead of protecting anyone.
  • Bernt’s model for combining privacy with compliance is one registered gatekeeper wallet for on- and off-ramping, with KYC tied to thresholds such as the 50,000 US dollar mark in the OECD’s Crypto-Asset Reporting Framework, while DeFi activity across other wallets stays private.
  • On mixers like Tornado Cash, Bernt notes that on-chain analytics providers such as Chainalysis, CipherTrace, Elliptic, and TRM can all see that funds stem from a mixing service. His comparison: speed limits do not disappear because people speed, you simply carry the legal consequences.
  • Bernt does not see a future where 100% anonymous transactions are treated as legal without any reporting obligations, and Brussels already has a label for fake decentralization: DINOs, entities that are decentralized in name only.
Regulation in Web3: podcast episode with Dr. Max Bernt, MD Europe, Taxbit · Ex-Blockpit CLO

Who is Max Bernt and how did he get into crypto?

Watch this part · 0:00

Kevin Hi everyone, welcome at Wavect. Today with Dr. Max Bernt, who is the Chief Legal Officer at Blockpit AG. He is also Working Group Chair Advisor at International Association for Trusted Blockchain Applications and Partner Senior Associate Attorney at his own company, Dr. Bernt. And today we are going to talk about a super interesting and relevant topic, and that's, as you might guess, regulation in Web3. Thank you, Max, for being here. It's really a pleasure having you on. And starting out, I would love to know a little bit more about you. What are your passions? How does your everyday look like? What are you currently working on? Whatever you want to let us know.

Max Thank you, Kevin, for the introduction. Hi, guys. My name is Max. I'm Chief Legal Officer at Blockpit. We are one of the leading, globally leading software providers in terms of crypto taxation. So what we do on an everyday, so to say, is provide a software-as-a-service application that helps individuals and entities alike with filing their crypto tax declarations. From my background, so my passion, I think you can already see it here. What are my passions? Of course, it's crypto. This is also why I went into crypto. So basically, my background, I come from a legal background. I used to work as a lawyer, or I still do sometimes on the side. And I'm based in Vienna. So I'm Austrian. I'm born and raised here. But I fell into the crypto rabbit hole when I studied in Australia. I did a PhD in Australia. And my roommate back then earned quite a lot of money with Bitcoin. So I already heard about Bitcoin. I heard about blockchain before, of course. But I never really got into it too much. And then my roommate told me about Bitcoin. I was like, oh my God, I need to get into that as well, right? Because he was like, yeah, it's so easy. Just look at it. And it's so cool.

Max And that was actually the first time I really dealt with blockchain, blockchain-based applications. And back then, Ethereum had already been published. So there was also the opportunity to go beyond the mere system of payment services, as it would be provided by the Bitcoin blockchain, and also implement, for example, smart contracts and protocols to the Ethereum blockchain, which of course opened it to a whole new level. Next milestone in this regard, of course, Metaverse, Web3, now upcoming decentralized finance, something which I really deal with in detail as well, not just from a legal point of view, but also from a technical point of view. Because I just really think that this is the next big step, so to say, that we are now on the verge of creating a new financial system, which is faster, more secure, and actually also, when it comes down to the legal aspects of the financial system, more safer. The only thing that we have to provide in this context, of course, is legal certainty. So my background at Blockpit is I'm Chief Legal Officer there. So we are a company with roughly 60, 70 employees. Of course, I handle all the legal stuff that comes with such a joint stock company, which is quite a lot.

What does crypto lobbying in Brussels actually look like?

Watch this part · 3:44

Max But besides that, I also work in politics. So I'm a so-called policymaker, or as you would say it in Brussels, you're a lobbyist, which kind of has a negative connotation to it, especially when it comes down to German-speaking countries, because here it's often linked with corruption, if you say, oh, I'm lobbying in favor of my company or in favor of a certain idea. But actually, and this is something which I really like about Brussels and working with the European Parliament and the European Commission, is that lobbying is treated in a very different way than it is in national states. So basically, lobbying, that means you give practical insights on a topic where policymakers don't really know how to deal with it. And that's something very, very important, especially when it comes down to crypto. So what I do is, for example, next week, it will be in Brussels, we will have a panel on crypto taxation, which in Europe, and I know this is an often discussed topic, like how much should crypto even get regulated? Because one of the key priorities or key objectives when Bitcoin was first introduced in 2008 was to cut out intermediaries, right? It was supposed to be a peer-to-peer transaction. It was supposed to have some kind of certain [unclear] behind it, so to say, that not everyone can see which transactions you actually conduct.

Max But on the other hand, and this is something that I think is really important, this is something we see right now. Of course, there are a lot of concerns, especially by policymakers and by users as well. You see, for example, lately with the Terra Luna crash, where a lot of money was lost by a lot of crypto users. And it was really unexpected, because I thought, generally speaking, the environment within the Terra Luna ecosystem was quite good. Problem was that the algorithm behind it had some major issues and someone took advantage of it. So the whole system crashed. But I think this just showed us that we need some kind of protection. And also, what we should not forget, and this is why legal clarity within the fields is very, very important, is legal certainty and legal clarity is the first step towards mass adoption. It's the first step, for example, for big players to get into crypto and also get the verification, or like the OK, from their compliance departments. Very, very important. Yeah. Kevin, do you have some questions?

How much regulation does crypto need to flourish?

Watch this part · 6:32

Kevin Yeah, 100%. Actually, I have a lot. In general, what's always funny is, as you just said, when you talk in crypto about regulation itself, right, people are always super offensive or defensive, like, hey, no, we don't need that. Crypto should be completely unregulated. It should be everything. But what you just beautifully said is big companies only have the possibility at all to enter the space if it's properly regulated. But now the big question is how much, as you teased already, is good enough, but also less enough that you have the freedom as a company to flourish and build new great products?

Max Exactly. So, actually, there is no uniform answer to this question. Of course, this has to be looked at individually. But I think, for example, where this is a really hot topic at the moment within the discussions is the regulation of decentralized finance. So for example, during the discussions of MiCA, the Markets in Crypto-Assets Regulation, back in March, there were several MEPs, so members of the European Parliament, that proposed a legislation that would have practically resulted in the ban of unhosted wallets, what they called it. Now it's called self-hosted wallets, which is a better term, in my opinion, because someone hosts them, so they are not unhosted. Anyways, they proposed the legislation, which would have resulted in their ban. So the reason being that they were scared if someone would use a self-hosted wallet in order to proceed transactions, that this would enable people that, for example, are subject to sanctions, something which is really, really hot topic at the moment because of the Ukrainian crisis, is that Russians would start using crypto in order to proceed transactions. So there's always a certain fear when it comes down to policymakers and certain prejudice when it comes down to crypto assets.

Max So the major prejudice about the crypto assets that we have to keep in mind when talking to politicians is, first of all, the environmental impact associated with proof of work. So this is something where a lot of parties, especially, of course, the Green Party, would argue that Bitcoin should be banned completely. Because from their point of view, it just produces so much energy waste, or has such a high energy consumption, that it would result in a lot of environmental damage. Which, of course, if you look at the numbers behind it and looking at Bitcoin overall compared to traditional finance, it's just not true. There's like studies on that, there's numbers, you can provide so much evidence meanwhile. But still, of course, within the heads of policymakers and also within the government, within the minds of the broad public, it's still a big topic.

Max And it's something that you, as someone that is advocating towards a more implemented crypto market, you would say you need to look at these concerns and you have to tell people, yes, of course, we understand your worries about climate change, about the climate impact of proof of work. But for this and these reasons, these are very, very little compared to everything else. So this is something very important. So you shouldn't just say, oh, that's all wrong. That's often an issue that we see, that a lot of people within the crypto sphere just have this very black-to-white approach. So they don't really take what people tell them when they say we are concerned about this, but they just say, oh, no, it's all bullshit, so we won't talk about it. Right? Yeah. So this is something which you learn within policies. You have to accept what the other person next to you is talking about. You have to take the concerns and actually deal with them. Something very important. And this is something, of course, which doesn't happen from one day to another. This is just how it is. You have to tell them over and over again. And then at some certain point, you have the success.

Why are AML and KYC the core of crypto regulation?

Watch this part · 11:07

Max So first thing, environmental impact. Second thing, and that's maybe the biggest topic right now, is AML, so anti-money laundering and counter-terrorist financing. So these are the key objectives, mostly, when it comes down to crypto regulation. Crypto regulation per se at the moment mainly aims at connecting wallets to people. So basically what you see nowadays with every big exchange and with every regulated exchange, they would conduct quite comprehensively. So you as a user, if you sign up to, for example, Kraken, to Binance, to Bitpanda, wherever, you would have to provide them with your passport or your ID. You have to provide them with your state of address. And in the future, you'll also have to provide them with your tax jurisdiction, for example, so that they can provide the government with further information on that. And now people are saying, okay, this is actually against the objective that Satoshi Nakamoto had in mind when he created Bitcoin, namely that there should be less transparency when it comes down to transactions, or at least that, because of the way blockchain is built, it's an open book. So you can actually see every transaction that was conducted. So of course, this needs to be handled in a different way than it is with traditional finance.

Max But overall, if you ask my opinion, okay, should we regulate that? Should we have such a KYC approach? In my opinion, the answer is yes, to a certain extent. Namely, also, and this is something very, very important in centralized finance, if we're talking about CeFi, is that if you look at CeFi transactions in general, it's more of the broad public that goes into CeFi transactions. So these are people that usually have less knowledge of crypto and the crypto sphere. They're more prone to actually losing their keys. They're more prone to being subject of fraud, or phishing mails, et cetera, because they're not dealing too much with the situation. They see crypto and say, hey, it's a cool opportunity to invest money. Let me invest money because I want to be part of this ecosphere. But they don't really deal with decentralized finance, et cetera. So this is what I always say is the average Joe investor that has to be protected. And yes, there have to be certain laws to protect those people. Because there were a lot of people that actually got scammed, because they just didn't know any better. And how should they? It's still an evolving market. There's still so much that you have to learn about. So it's not something you just jump in from one to the other side. So I think that a certain level of, first of all, criminal law regulation is very important, especially when it comes down to mass adoption of crypto.

Max Second thing that is very important, of course, is customer protection. So this is also why it's very important to have regulated exchanges and not just unregulated exchanges. Because if you see something like Mt. Gox, who's going to be liable? You have a lot of money in there and it's all gone, right? Someone has to be held accountable. Very important for customer protection. And I'm talking here specifically about the broad public participating with crypto. And then on the other hand, there, of course, is decentralized finance, or Web 3.0, or what we often start with. And this is something very important, is that decentralized finance per se doesn't necessarily mean peer-to-peer transaction, but it means the peer-to-protocol transaction. Because this is something that actually a lot of policymakers don't realize at first, that when we're talking about decentralized finance, we're not talking person A conducting a transaction to person B, but rather that a person A is conducting a transaction with a protocol, where you don't have the second party straightaway. Right? For example, if you participate in a DAO, in a decentralized autonomous organization, or in any other DeFi protocol.

Max And these kind of subjects, when it comes down to decentralized finance, of course, have to be dealt with from a different point of view. And something where we say, and this is something also that the European crypto community is quite strong about, is that we need certain regulation, but we need regulation that makes sense and also allows crypto and decentralized finance to actually flourish within the European market, and not ban it. Because sometimes if you say, okay, we ban unhosted wallets, yeah, then of course you wouldn't be able to proceed any transactions from a gatekeeper where you can actually put in fiat into crypto, then have DeFi transactions, and then you try to go back to an exchange in order to cash out, so to say. You can't do it. Basically, you can't do it. So very, very important that there are certain regulations that make sense and that, of course, prevent money laundering, et cetera, from happening.

Max But ultimately, also, if we look at the numbers, and these are quite valid numbers, if someone's very interested into the criminal aspects of crypto, I always refer to the reports that are published on an annual basis by Chainalysis. These are free for download online, so you can read or get into them. And they are actually referred to in our discussions within the European Parliament, they are referred to within the discussions in the White House in the US. So they are very valid documents. So if you look at these statistics, you can really see that the crime within crypto is not that high as it's always supposed to be, so to say, by the public. So it has to be kept in mind as well. There needs to be a sense for regulation that also allows new technology to emerge and flourish within Europe and doesn't push away service provider and user from Europe into third countries. Something that we've seen quite a lot with people going to Dubai, for example, where there's a whole new market emerging within crypto. A lot of money going there also for tax reasons, of course.

Why is crypto taxation such a battleground in the EU?

Watch this part · 17:58

Max And this is something where we come into play with Blockpit, because one of my major parts is taxation. And I just had a call yesterday with a member of the European Parliament. And she's very pro a national approach to taxation. So she says, you know what? Within the European Union, we have a common ground. But when it comes down to taxation, every country should be responsible themselves to decide how much do we want to tax our people. And you can guess from which country from the European Union this member of the parliament was. So there's always, of course, if you are the country that has less taxes, for example, crypto, you don't have any taxes at all, you benefit from a lot of people coming into your country and proceeding a lot of payments, buying property, leaving a lot of money in the market overall. You don't even need to have taxes on crypto because the other money that is spent is so much higher anyways. It's something you could see in Ireland at the start of the [unclear], when all the big companies like Dell, Microsoft, et cetera, would all settle down in Ireland because they have the best taxes, the best tax regime.

Max So, of course, this is a huge topic within the European Union, taxes, and no crypto user likes to pay taxes. No one likes to pay taxes, right? But actually, especially when it comes down to policymaking, tax is one of the key building stones of progress. And this is something which people often forget about. Why? Because especially within policymaking, you always have to have a so-called carrots-and-sticks approach. So basically, you say, okay, we provide you with carrots, with sweets, basically, like taxes, like every government wants to get taxes. This is basically the best thing that they can get because it's money. And on the other hand, you have to grant us certain freedom. So you have to grant us the freedom of not regulating certain areas in too much detail, because it would otherwise result in this environment not flourishing within Europe, but in other countries in the world. So yeah, taxes are quite a big topic as well. I know not many people want to talk about it, but nobody does. That's my recommendation point of view.

Kevin Yeah, 100%. You just triggered a lot of questions in my head. So I just want to start with a little note on there. When it comes to taxes, as you said perfectly, they have different functions, right? If you look at simple taxes like the one for cigarettes, they try to build intentions as well, right? If you have an extra tax on something, then you want to disincentivize it. You want to discourage people from doing that, for example, and encourage better behaviors, for example. Or, as you said, just fund public goods, whatsoever, right? Push the economy, things like that.

Can blockchain be sanctioned the way SWIFT is?

Watch this part · 21:13

Kevin But referring to a topic that you mentioned before, which was particularly interesting for myself, and I might be wrong here, so that's going to be risky for me now. But if you look at the international system, basically, for payments, as far as I know, sanctions, for example, are not actually implemented on SWIFT itself as well, right? Because countries, states, basically it's something that has to be handled nationally and not internationally, because of the different jurisdictions and everything. Isn't that the same with blockchain, actually? Or what's your take on that?

Max No, you can't really compare those two. Especially with SWIFT, you can't just sanction SWIFT. What you can do is you can prevent SWIFT payments, for example, from Russia to be happening. But if you leave a sanction just on SWIFT, every Russian would just use a bank account within China and then proceed to transactions. And then it has Chinese SWIFT, right? So this is something that doesn't work. It doesn't work in this way. So you always have to look at the person behind the transaction. And this is the same approach they have with transactions coming from Russia at the moment, since it's a sanctioned country. So they would look, there's a lot of KYC going on, and KYB in particular at the moment, looking at companies: who's the ultimate beneficial owner? Are there any people involved that would be subject to certain sanction rules? To be honest, the question if all of these sanction rules are actually legit, or if the reason behind them, or if they are valid the way they are, this is a different topic that has to be discussed in more detail. But like I said, right now this would be approached in a bit different way than with crypto.

Max And it can be way more easily identified, since you have an intermediary that is obliged to report certain keys or key parts of the transaction. So basically, if you have an incoming transaction as a bank, you have to have certain AML standards that you have to comply with. And this kind of the same structure is now applied to crypto asset service providers as well. And this is why a lot of crypto asset service providers, for example, coming to Europe and wanting to apply for a license here, fail to apply for the license. Because they just don't live up to the expectation that the European countries have in regards of AML, data protection, and so on and so forth. So big, big topic that, for example, Binance was struggling a long time with.

Can a KYC gatekeeper wallet still preserve privacy?

Watch this part · 24:11

Kevin That's super interesting. Thanks for that. Talking about KYC and AML, there are a lot of interesting approaches right now in the crypto sector that try to address that topic somewhat, to still retain the decentralization and privacy aspect, but still comply with regulatory frameworks, in a perfect world. Let's put it that way. Are there some promising technologies or frameworks or things that you have discovered yourself? Such as, for example, that approach where you use so-called zero-knowledge proofs, if that says something to you, where you actually can produce certain claims to prove that you are somebody or that you know something, basically. Versus the reputation approach, where people just have that pseudonymous identity on chain, where they have some kind of reputation when they pay loans back or things like that, and you basically track that and punish that and everything. What is your take on that, if you have one? And yeah, how do you view these things?

Max When it comes down to KYC, I think the answer is quite simple. Like I said, it should always be looked at from a point what makes sense. So it's something that is very individual, that has to be discussed on a case-by-case basis. There's no uniform approach to that either. And this is what makes regulation within crypto, since the development of the crypto sphere is such a fast-paced one, quite difficult. Very, very difficult in this regard. So something which is very, very interesting, for example, since you asked me if I have seen some interesting things popping up lately, is that big service providers, like for example Coinbase, they just started providing users with self-hosted wallets. So what they would do is they provide you with a self-hosted wallet under the framework of Coinbase. So you can pop in via Coinbase, you register the self-hosted wallet at Coinbase, so to say, they know it's yours, but every transaction that runs through the wallet is done completely outside of the regime of Coinbase. So it wouldn't be able to track it.

Max I haven't used this wallet myself. I've just discussed it with some people from Coinbase themselves, and I don't know how much they have implemented yet. But ultimately, I think this is a quite good approach when it comes down to, first of all, customer protection, because you can't really lose your keys if it's registered with an official exchange, so to say. On the other hand, of course, you have a door to a gatekeeper. So I think something which is very, very important, and this is something coming from a regulatory perspective, is, yes, there should be a certain degree of privacy, and privacy is a fundamental right that should be kept in high regards. And it's a very, very big topic also in Europe, with a lot of big players coming in from the US that wouldn't treat privacy the way we in Europe do it. Anyways, very, very important is that, yes, privacy is something very, very important, but to a certain extent, it's okay if I say, okay, I have a certain wallet, this wallet functions as my gatekeeper wallet. So basically, you have one wallet that is registered, and it's the one where I cash in, cash out, or where I conduct my retail payments with.

Max So basically, if you go shopping, right, you go shopping and you say, okay, I'm going to go shopping, and this wallet, as a retail payment, if this retail payment exceeds a certain threshold, and within the new laws or guidelines just issued by the OECD in regards to tax, the Crypto-Asset Reporting Framework, such threshold would be 50,000 US dollars. So it's quite high, right? If a payment exceeds 50,000 dollars, you actually have to say, okay, this is my name, and this is my address, and this is where I'm living at, right? And this is fair enough, because why should I be able to make a private, fully anonymous payment which exceeds 50,000? The problem is this just opens way too much possibilities for making advantage of such legal loopholes, so to say, and using that for criminal purposes.

Max And this is something we don't really want within the crypto sphere either. Because within crypto, what we want is to create certain ecosphere, like I said, that is stable, that is secure, and that is clear, so to say. And when I say clear, I mean, no one should know, if I'm online in my DeFi and I have a lot of DeFi transactions, it's done with as many wallets as I want to. No one should see that. There should be certain regulations that keep privacy, of course, no question. But once I use these cryptos in order to really make big transactions, there should be a certain threshold, and this is something which will be implemented anyways. There should be a certain threshold where I say, okay, in order to proceed these transactions, either if it's a retail payment or if I want to cash out in fiat, I have to conduct KYC. And that's okay, because ultimately, this is just KYC based on this one wallet. I can use 10 other wallets in between, and no one can track my transactions if I do it the right way. So it's more about, what I'm saying is, the shell wallet in between, so to say. And yes, of course, this shell wallet in between should be protected in a certain way when it comes down to privacy as well. No one from the outside should see which transactions went in and went out from the shell wallet, so to say, where I say, okay, I use this wallet for on- and off-ramping.

Does Tornado Cash break the gatekeeper wallet model?

Watch this part · 30:50

Kevin Yes. That makes sense. Yeah, 100%. One thing that comes into my mind right now is, when you said you have that basically gatekeeper wallet, right? But basically, it can or should be somewhat private when you're doing on-chain transactions. How do you basically relate that with technologies such as protocols like Tornado Cash, for example? And I'm sure you expected that. Because I could basically launder or scam someone for, I don't know, 10K, use Tornado Cash, have anonymous, I don't know, a couple of ETH, and then transform that to my KYC wallet, and everything is fine. Doesn't there actually, what's the actual root of the issue, need to be some kind of, because what governments actually are interested in, right, is the origin of the funds, right? Not who you actually are, but actually where do the funds come from? Group of funds. And thinking of that, could you imagine some kind of future where we actually just need to prove that the funds come from legitimate sources, but not who we are?

Max For example, if the funds come from legitimate sources, but we don't have to provide who we are, that wouldn't work, since, for example, that wouldn't work with something which we have going on right now with the sanctions regime, because you could never ensure that. The problem is that, of course, you can always put in a third party that would say, oh, I'm the owner, I do the KYC, and then you hand out the money to someone else. There's always ways to avoid certain acts, right? Because you could say, okay, someone does the KYC for me and they actually accept the money and then they hand it over to me. But at least I have one person that I can approach and I can ask, okay, whom did you give the money to? Right? So there is already a certain degree of security. And when it comes down to Tornado Cash, every single on-chain anti-money laundering software, like Chainalysis, CipherTrace, Elliptic, TRM, whatsoever, they can all track that. They can all see that it stems from a mixing service.

Kevin Yeah, that's true. And this is what I'm talking about.

Max And yes, if I want to use such mixing service, I just have to be aware of the legal consequences. And that's my own fault. And if they say, okay, we won't cash you out, these assets shouldn't necessarily be frozen so that you can't use them anymore. But to be honest, if you use a mixing service yourself, and not get the assets from someone else via the transaction, then that's a problem that you have to deal with. Right? It's something that we see in everyday life as well. No one really obeys any speed limits on the highway. People always go too fast. And okay, if they are punished for it, they are punished. And that's the way it is. Right? And on the other hand, we shouldn't say, okay, we don't need any speed limits because no one's obeying them anyways. So there should be certain regulation. Yes. But also, on the other hand, and this is something which is, of course, a very dedicated topic, is that in certain aspects, privacy is something which is very, very important. And it's a fundamental requirement for certain transactions to stay private. So not every mixing service is something which will be used for a money laundering purpose in this regard. So there, like I said, again, no uniform answer to that.

Max But ultimately, if I say, okay, I have a certain wallet and I do a KYC. And what also is always connected with that, and this is something that the AML procedures by crypto asset service providers are always twofolded. The first step is you have the KYC requirement, which is the person-related measures, so it's the wallet-related measures, so just saying who's behind the wallet, who owns the wallet, and so on and so forth. The second level is the transaction level. So you have to conduct appropriate measures to check the proof of funds, so to say, to say, okay, this doesn't stem from any illegal sources, or there weren't any privacy mechanisms involved.

Will CBDCs make the financial system fully transparent?

Watch this part · 35:40

Max On the other hand, and this is something which is a rather hot topic at the moment, it's discussed a lot in the context of CBDCs. So a lot of central bank digital currencies, as they are called, there's white papers being involved in this regard a lot right now. And also they're talking about the digital euro, et cetera. And this always opens up the question, how can we make sure that once we have such an e-euro implemented, not all of our financial system becomes completely transparent? This is something which is very, very important. And there will be certain mechanisms, like Tornado Cash, that are implemented within the CBDC so that you will get anonymous transactions. But still, these transactions are in the end supervised by the European Central Bank, since the blockchain is under their supervision. So you have an intermediary. Yes. And what we don't want, of course, is something like we see in China nowadays, where you have an e-yuan implemented that is partly used for social scoring. So you would conduct certain transactions, and if you are not the well-behaved person in the eyes of the government, you will get a lower social score. So this is something we definitely want to prevent from happening.

Max So yes, there's always huge discussions between, like, the criminal law aspect and the data protection law aspect. There's like a big spectrum amongst these lines, and certain areas need to be regulated more strict and certain areas less strict. This is something which can be done, but it's quite an intense way to get there, so to say.

Kevin Yeah, definitely. In general, I think what we see is blockchain itself enables us to go to the extremes, right? You are either actually somewhat decentralized, depending on the infrastructure that we have, or you're actually fully observed, have no control at all. Even less than you have now. For example, with CBDCs, many people are anxious that the money even gets some kind of expiration date, for example, right, where you need to spend your wage this month. It's just something that causes throughout the internet, right? But things like that. And in general, just that empowerment on both sides is definitely the challenge, to find somewhat the way in the middle, right, to actually comply with regulation, to block or reduce the risk of, let's say, scams whatsoever, but still give power to the people. Because that's the only reason actually, from the very beginning, besides interoperability, why blockchain actually exists, right? And that's maybe the reason why many people are, I would say, even toxic now, or really offensive about it, right?

Max Absolutely. And like I said, in a certain aspect, they have their point. But ultimately, we can't have private, completely anonymous transaction-based assets around the globe, because human beings by nature are just not perfect. So a lot of people take advantage of such possibilities, and they would just say, okay, let's use that in order to proceed with transactions that couldn't be conducted in any other way than by using blockchain-based services which provide me with the possibility of anonymous transactions. But like I said, this is something which is quite a hard topic to discuss, because on the other hand, I'm very, very concerned also about privacy, something we are argumenting a lot for, also especially when it comes down to the future implementation of CBDCs. Like you said, there has to be a certain way that no one can just open up a book and see all of your transactions. That's not the way it works.

Max But ultimately, it will be the same like it is nowadays. Like nowadays, if you have a judge that says, okay, there's evidence that there is a suspicion that this person is involved into criminal behavior, then someone that holds the keys for that has to open up, so to say, the blockchain register, and then people can see which transactions you conducted. This is the same way it is in traditional finance right now, since they would approach banks. But there have to be very, very strict combined standards about that as well, that not just if someone says, okay, we have a certain sense of suspicion, so we can just look into transactions and a transaction history. That wouldn't make sense either, right? So it definitely has to be regulated from a certain point of view. But also, we really need to be aware that, like I said, privacy is extremely important, and that we should try not to collect all our data within two or three big players from the US, like it is in Web 2.0.

Max So to say, this is something we're trying to prevent from happening in Web3. Sadly, we are heading towards this direction, but trying our best, to be honest. Like I said, I'm really from the politics point of view, so, as you can see, and maybe very different from most other people you have in your discussions, I'm trying also to understand the worries that politicians and policymakers have when they write down laws. Namely, that your grandma is using Bitcoin to pay for transactions, and to make sure that she is not being part of the scam and loses all of her money. So that's some food for thoughts. I know that there is certain people that say there should be no regulation at all, it should be all certain numbers at least, so that you can't even follow transactions. But ultimately, looking at it from a modern society point of view, I think that this won't be enforceable. So we are trying to have an appropriate approach towards it and to regulate crypto in a sensible way.

Is crypto more like bank transfers or like cash?

Watch this part · 43:04

Kevin Love it. Just to clarify at that point, I'm definitely not the typical Web3 maxi or something like that. If you look at my other podcasts or posts, I'm basically coming from the Web2 angle as well, to some extent. And the only thing that I discovered in that discussion now is, when we look at all the regulation that is happening right now, it's actually focusing on, or it is considering, crypto like regular bank transfers, right? But many people claim it would be actually more comparable to using cash, where you are actually always anonymous and don't see the transactions as well. You have your limits maybe, right, like 10K in Europe, as far as I know, and things like that. For sure, it's not 100% applicable to crypto, because you basically can do transfers all over the world, in contrast to cash, which is much more difficult. But in general, there are no answers to it, right? And that's why it makes the full discussion so interesting.

Do ZK privacy solutions have a regulatory future?

Watch this part · 44:33

Kevin I have one last question for you, and then I don't want to take too much of your time. Basically, what we really see, and that's the last thing about privacy, most, really, I would say 80%, that's just a guess right now, of all new crypto projects are focusing all in on privacy. Zero knowledge, more than ever actually, or more than for a while, let's put it that way. All these ZK solutions, zero knowledge, now on layer 2, where you have anonymous transactions, but they are settled in layer 1, things like that.

Kevin Could you, or do you think that there could be some kind of middle ground, where you are somewhat KYC'd when it comes to entering the crypto space as it is now, but still observing, let's say, inputs, outputs on layer 1, but being private on L2, as long as you can somewhat ensure that the actors on there are somewhat regulated, you know that they're not, I don't know. That sounds like fancy imagination right now. But are there some things that you could imagine? I try just to satisfy the people that are watching this right now with somewhat that some of these privacy solutions have a future, right? Because right now it looks like everyone is building on it, but in five years, they are all gone, vanished, because regulation is shutting them down.

Max No, like I said, because I think there should be certain transactions which should be kept private, and where there should be a certain degree of privacy allowed. But in order to enter this space of privacy, there must be certain reporting obligations, in order to enter it and to exit it, in order to prevent certain people to get in, so to say. This is one of the key issues here. Yes, especially, this is also when it comes down to reporting obligations that would be applicable to DAOs, right? So you would have some DAO, and the question is, if you're taking part of this DAO, and there's some behavior that is proceeded by this DAO, who's responsible? Are you responsible as an individual, or is the DAO as a whole responsible? Certain people now even argue that the DAO itself is an entity containing of all the people that are participating. So there is a lot of thoughts on that right now. There is no clear answer, to be honest, right now.

Max And I think the same thing applies to privacy mechanisms on layer solutions. When you have that, maybe you can say, okay, the person that is organizing such privacy, if it's a startup, like if it's a company that would provide for that, then of course the company will be obliged to report certain transaction behavior, or they would at least be obliged to report who's participating in this environment. So this is something, because they control it, they have controlling influence on this solution. Question is, if it's just smart contract based, or if it's just a completely DeFi application, then it's way, way harder to regulate. And a big, big topic right now, because this is something discussed also because all of these privacy crypto initiatives are claiming to be decentralized. They're claiming to be completely decentralized. No one can influence any transaction whatsoever.

Max There's a new word in the European Council for that, or like the European Parliament, from around Brussels, called DINOs. DINOs are, like, entities that are decentralized in name only. So we're not talking about dinosaurs when we say the word DINO, but about entities or persons, like entities or protocols or DAOs, that claim that they are decentralized, whereas, for example, the majority of voting rights would be held by the same person, by the same entity, by the same ultimate beneficial owner, or by the same group of people that would say, okay, we have a syndicate amongst us, so we can just take the votes and say, okay, we always get our 51%, so we have the controlling influence. Yeah, and no one would know, right? So this is something that has to be quite thought about as well.

Max But yes, of course, there will be a lot of projects that are trying to hold on to the stick, saying we want to be completely anonymous. And like I said, it's not the bad approach, because I think privacy is something that should be very well treated, so to say. Ultimately, I don't see a future where 100% anonymous transactions would be regarded as legal if they are not connected to any reporting obligations whatsoever. This is something I don't see as realistic, and it would be very, very difficult, besides certain exceptions, maybe, but who knows?

Why should you report your crypto taxes now?

Watch this part · 50:34

Kevin Yeah, that's definitely going to be a super interesting, let's say, next five years, where you see those two factors clash into each other.

Max Yeah, let's see where it goes.

Kevin Exactly. Hey, thanks, Max, for that great discussion. Well, enjoyed it, learned a lot myself. And yeah, if there is nothing else, maybe some kind of last sentence you want to drop here. Otherwise, I will add all your links that you want me to add into the comment section and description. And yeah, I would say thank you. And yeah, have a great day.

Max Thank you, Kevin. It was a big, big pleasure. Maybe one last sentence, since we were talking about our new financial system. Don't forget to report your taxes. I know it sounds crazy, because most people haven't been reporting taxes in the past five years. But also, especially in Central Europe, a lot of governments are already now looking into crypto taxation. It's very, very, very unlikely that any gains from before 2020 will be looked at, especially if they're not beyond six or seven figures. But everything after that, after the bull run in 2021, be careful. So we cover all the assets, all the NFTs, everything. So, use Blockpit.

Kevin Thank you very much for your time.

Max Likewise. Thanks.

Transcript lightly edited for readability (filler words removed). The recording is the authoritative source.

Questions this episode answers

During the March 2022 discussions of MiCA, the EU Markets in Crypto-Assets Regulation, several members of the European Parliament proposed legislation that would have practically resulted in a ban of so-called unhosted wallets, fearing that sanctioned individuals could use them for transactions. Max Bernt, Chief Legal Officer at Blockpit at the time of recording, argues such a ban would have made it impossible to move between fiat, DeFi, and exchanges, and that regulation should let crypto flourish in Europe rather than push users and providers into third countries.
DINO stands for “decentralized in name only,” a term used around the European Council and European Parliament in Brussels. According to Max Bernt, it describes entities, protocols, or DAOs that claim to be decentralized while the majority of voting rights is held by the same person, entity, ultimate beneficial owner, or a coordinated group that always secures 51% of the votes and therefore keeps controlling influence.
Not from the perspective of investigators, according to Max Bernt. He says on-chain anti-money laundering software such as Chainalysis, CipherTrace, Elliptic, and TRM can all see that funds stem from a mixing service. He compares using a mixer to ignoring speed limits: the rule still applies, and the user has to be aware of the legal consequences.
Max Bernt says this is exactly the open question in current CBDC white papers, namely how to implement an e-euro without the whole financial system becoming completely transparent. He expects anonymity mechanisms to be built into CBDCs, but transactions would ultimately be supervised by the European Central Bank. He points to China, where the CBDC is partly used for social scoring, as the scenario Europe must prevent.
Yes, according to Max Bernt, whose company Blockpit builds crypto tax reporting software. At the time of recording in late 2022, he said governments, especially in Central Europe, were already looking into crypto taxation. In his view, gains from before 2020 are very unlikely to be examined unless they reach six or seven figures, but everything after the 2021 bull run deserves caution.

Want this kind of thinking applied to your product?

We build MVPs and act as fractional CTOs for founders who'd rather ship than talk.