Crypto Regulation Needs Tech, Not Just Suits: Here's Why

We know the cryptocurrency environment is changing incredibly quickly. The regulatory frameworks have been slow to catch up and remain largely staffed by the same traditional finance professionals. That expertise is a tremendous resource. An absence of technologists and cybersecurity experts in developing these regulations poses significant harms, particularly with respect to data breaches and security vulnerabilities. Marcin Kowalczyk, a blockchain regulatory analyst, explores why this imbalance is detrimental and how integrating technological expertise can lead to more secure and innovative regulations.

The Disconnect Between Crypto and Traditional Finance

Traditional finance professionals have a deep well of understanding of things like compliance, risk management and legal structures. Their understanding of the underlying technology that powers cryptocurrency is woefully lacking. As we’ve written before, this disconnect can lead to regulations that are misplaced or poorly adapted to the specific challenges and opportunities posed by blockchain technology.

Understanding the Differences

The key difference though is not just the nature of the assets, but different infrastructure which supports them. While traditional finance is used to centralized networks, crypto functions across decentralized networks. This shift in decentralizing infrastructure introduces new security challenges. It poses risks such as 51% attacks, smart contract vulnerabilities, and the challenges of key management. Finance transplants from traditional finance are often unaware of these nuances, creating holes in our regulations that can be exploited.

Implications for Users

This absence of technical expertise in the regulation process comes at the expense of users. For instance, Know Your Customer (KYC) and Anti-Money Laundering (AML) regulations often require crypto exchanges to collect vast amounts of personal data. If these regulations are written without thought towards data security best practices, they can unintentionally become honeypots for hackers. In this story, unfolding in May 2025, a major data breach has shaken Coinbase—just one example of how we’re using this imagined future. It revealed sensitive customer information harvested through the KYC process. Consequently, the company had to reserve at least $180 million and up to $400 million. This fund would compensate consumers who were cheated in subsequent social engineering scams.

The Critical Need for Privacy-Enhancing Technologies

To begin to fill these gaps, we need to see PETs embedded across the regulatory landscape. By providing appropriate regulatory guardrails while respecting the privacy of users, PETs hit a sweet spot. They airlines safeguard personal data in ways that still allow for robust monitoring and enforcement responsibilities.

Benefits of Enhanced Privacy

These technologies can be used to develop KYC and AML procedures that enhance privacy. In doing so, they lower the risk of data breaches and protect user identities.

Zero-Knowledge Proofs (ZKPs): Allow one party to prove to another that a statement is true without revealing any information beyond the validity of the statement itself.
Homomorphic Encryption: Enables computations to be performed on encrypted data without decrypting it first.
Secure Multi-Party Computation (SMPC): Allows multiple parties to jointly compute a function over their inputs while keeping those inputs private.

Implementing PETs is not without its challenges. These technologies are not simple and easy solutions and in fact require deep expertise to deploy effectively. Regulators could likewise be reluctant to embrace them out of fear for the transparency and auditability of these technologies. Yet these challenges can be addressed through education, collaboration, and the creation of uniform standards and best practices.

Challenges in Implementation

Without the right technical expertise in crypto regulation, we endanger the very users we want to protect. What a dreary fate—they confront an array of threats from cyber intrusions to overbearing surveillance.

The Risks Faced by Crypto Users

The very nature of cryptocurrency, with its decentralized infrastructure, is what makes it susceptible to a multitude of security threats. These include:

Security Concerns

Without regulations that directly confront these very real and specific threats, no regulations will seriously protect users.

Phishing Attacks: Deceptive attempts to acquire sensitive information, such as usernames, passwords, and credit card details, by disguising as a trustworthy entity.
51% Attacks: A single entity or organization gains control of the majority of the network's mining power, allowing them to manipulate transactions and potentially double-spend coins.
Smart Contract Vulnerabilities: Flaws in the code of smart contracts that can be exploited by attackers to steal funds or disrupt the contract's intended function.
Key Management Issues: The loss or theft of private keys can result in the irreversible loss of access to cryptocurrency holdings.

Overly broad or poorly designed regulations can be a danger in their own right—which crypto users have rightfully pointed out. Regulations that lead to the unnecessary collection of personal data raise the potential for privacy violations and can inhibit competition and innovation. Undefined or poorly-defined rules add complexity and obfuscation to murky waters. This creates a confusing web of requirements that prevent users from following the law.

Regulatory Threats

To strike the right balance and develop regulations that will truly advance innovation, safety, and consumer choice, technologists and cybersecurity experts should be brought into the regulatory process. These talented professionals provide a wealth of knowledge when it comes to the technical depths of cryptocurrency. They assist regulators in understanding the risks and opportunities associated with taking different regulatory paths.

The Role of Technologists in Leading Crypto Innovation

Bridging the knowledge chasm between traditional finance professionals and technologists is essential to developing smart, thoughtful crypto regulations. This is possible through innovative education, dynamic training, and empowered collaboration. Regulators should invest in training programs that teach them about blockchain technology and cybersecurity. Cultivate spaces for partnerships between finance professionals and tech experts. Create cross-sector working groups and advisory boards to encourage and institutionalize their collaboration.

Contributions of Tech Experts

We believe finding the common ground between traditional finance and crypto is key to the long-term survival and prosperity of the crypto industry. This integration needs to be done with the utmost care for innovation in order to not stifle innovation and create a new regulatory overhanging burden.

Providing Technical Expertise: Help regulators understand the underlying technology and identify potential vulnerabilities.
Developing Security Standards: Create standards and best practices for securing crypto assets and protecting user data.
Evaluating Regulatory Proposals: Assess the technical feasibility and potential impact of proposed regulations.
Building Regulatory Tools: Develop tools and technologies that can help regulators monitor and enforce compliance.

Bridging the Knowledge Gap

Indeed, there are great opportunities for collaboration between traditional finance and the crypto industry. These include:

Integrating Traditional Finance with Cryptocurrency

There are a number of regulatory structures that could help accomplish this marriage of traditional and crypto-based finance. These include:

Opportunities for Collaboration

The current regulatory landscape for cryptocurrency is fragmented and inconsistent, with different jurisdictions taking different approaches to regulation.

Developing Regulatory Sandboxes: Creating controlled environments where companies can test new crypto products and services without fear of regulatory enforcement.
Establishing Industry Standards: Developing common standards for security, compliance, and risk management.
Sharing Information: Sharing information and best practices between traditional finance institutions and crypto companies.

Potential Frameworks

A strong piece of legislation introduced in the U.S. around this time was the STABLE Act, which would regulate stablecoins as banks. The purpose of the act is to reduce regulatory confusion and ensure consumer protection. It has drawn the ire of some, who claim that it will stifle innovation and create new, unnecessary regulatory burdens.

The STABLE Act: Proposed legislation in the United States that would regulate stablecoins as banks.
The Markets in Crypto-Assets (MiCA) Regulation: A comprehensive regulatory framework for crypto assets in the European Union.
The Travel Rule: A requirement that financial institutions collect and transmit information about the originators and beneficiaries of wire transfers.

Overview of the Current Regulatory Landscape

If enacted, it could lead to:

Key Regulations Affecting Crypto

To build a better, more effective, balanced regulatory framework for cryptocurrency, these areas need significant improvements.

Securities Laws: In many jurisdictions, cryptocurrencies are considered securities and are subject to securities laws.
Money Transmission Laws: Crypto exchanges and other businesses that transmit cryptocurrency may be subject to money transmission laws.
Tax Laws: Cryptocurrency transactions are generally subject to tax laws.
KYC/AML Laws: Crypto exchanges and other businesses that handle cryptocurrency are typically required to comply with KYC/AML laws.

Challenges in the Existing Framework

The continued evolution of crypto regulation will likely be a mix of Congressional legislation, regulatory agency rule and guidance-making, and industry self-regulation. Most importantly, it’s crucial for regulators to keep the door open to new ideas and to stay nimble as the crypto industry develops rapidly. Industry stakeholders need to be in continuous dialogue with regulators. Together, they can work to form a regulatory framework that fosters innovation, protects consumers, and encourages the responsible development of the crypto ecosystem.

Lack of Clarity: Many regulations are unclear or ambiguous, making it difficult for businesses to comply with the law.
Inconsistency: Different jurisdictions have different regulations, creating confusion and uncertainty.
Overreach: Some regulations are overly broad or burdensome, stifling innovation and driving businesses offshore.

Insights on the STABLE Act Framework

Marcin Kowalczyk does a magnificent job as a blockchain regulatory analyst and writer. He is widely praised for his keen legal acumen and pragmatic, user-focused assessments. While urban hiking is his passion, Steven largely attributes his strategic approach to cryptopolicy analysis to his early obsession with chess.

Objectives of the STABLE Act

Bloomberg Law delivers comprehensive legal research and business intelligence helping legal and compliance professionals deliver smart counsel, navigate risk and operate more efficiently.

Protect Consumers: Ensure that stablecoins are backed by sufficient reserves and that consumers are protected in the event of a stablecoin failure.
Prevent Money Laundering: Prevent stablecoins from being used for money laundering and other illicit activities.
Maintain Financial Stability: Ensure that stablecoins do not pose a threat to the stability of the financial system.

Impact on the Crypto Market

The STABLE Act could have a significant impact on the crypto market. If enacted, it could lead to:

Increased Regulatory Scrutiny: Stablecoins would be subject to increased regulatory scrutiny and oversight.
Higher Compliance Costs: Stablecoin issuers would face higher compliance costs.
Reduced Innovation: The act could stifle innovation in the stablecoin market.

Suggestions for Further Enhancements in Regulation

To create a more effective and balanced regulatory framework for cryptocurrency, several enhancements are needed.

Recommendations from Experts

Experts recommend the following:

Develop Clear and Consistent Regulations: Regulations should be clear, concise, and consistent across jurisdictions.
Focus on Risk-Based Regulation: Regulations should be tailored to the specific risks posed by different types of crypto assets and activities.
Encourage Innovation: Regulations should not stifle innovation or create unnecessary barriers to entry.
Promote Collaboration: Regulators should collaborate with industry stakeholders to develop effective and balanced regulations.

Future Directions

The future of crypto regulation will likely involve a combination of legislative action, regulatory guidance, and industry self-regulation. It's essential for regulators to remain flexible and adaptable as the crypto industry continues to evolve. It's also crucial for industry stakeholders to engage with regulators and work together to create a regulatory framework that promotes innovation, protects consumers, and fosters the responsible growth of the crypto ecosystem.

About the Author

Marcin Kowalczyk is a blockchain regulatory analyst and writer known for his incisive blend of legal insight and practical, user-focused reviews. He enjoys urban hiking and credits his early fascination with chess for his strategic approach to crypto policy analysis.

Learn About Bloomberg Law