After Malta set out to deliver a regulatory framework for the cryptocurrency sector, policymakers & advisers recognized how blockchain, dispersed ledger technology & smart contracts, as well as correlated technologies, imposed new challenges to providing consumer protection & to fitting in existing legal structures.
Immutability of data & subsequently code, or rather smart contracts is a desirable feature to provide pledges to users that data (& smart contracts) cannot be interfered with. Nevertheless, this also poses a critical challenge: Every so often, it is intolerable, or infeasible, to change code after it has been written to such a distributed ledger. This possibly means that code can be deployed that ends up handling millions to billions of dollars worth of funds, & if a bug is found, it may be impossible to appraise the code to get rid of it.
Cryptocurrencies, tokens, initial coin offerings, security token offerings, etc., are built on this type of technology. To deliver consumer protection, regulators round the world have focused on executing a regulatory regime that ensures due diligence is undertaken concerning the individuals behind such operations & regarding the financial & legal aspects of the operations, which is excellent.
Hitherto, minimal effort has gone into ensuring that there are adequate levels of due diligence regarding the technology. In old-style financial systems, this is not much of a problem, as when something goes wrong, authorities & other centralized stakeholders can reverse actions & data as required. Nevertheless, when it comes to dispersed systems, this is not an option. Neither the crypto operator, users, regulators, enforcement entities nor even the courts can do anything to relapse the decentralized transactions. If a bug reasons losses of billions in crypto, the tokens are lost forever.
Some argue that users should bear such responsibility & risks. Being a computer scientist & programmer myself, I would be in a better position to accept this over many others. Nevertheless, should we expect users out there to bear the dangers of potential bugs within code?
If the sector desires to achieve mass adoption & not just entice the technology-inclined to use such technology, should we expect such non-tech-savvy users to understand code & the intricate types of bugs that often exist within?
Regulators see the profits in checking financial & business models neighbouring operations to ...