1. Home
  2. coinbase-news

coinbase-news

Coinbase gains regulatory approval in the Netherlands

Tl;Dr: Coinbase becomes the first major global crypto exchange to successfully register with the Dutch Central Bank (De Nederlandsche Bank — DNB), allowing us to offer our crypto products and services to the Dutch market.

By Nana Murugesan, Vice President, International and Business Development

Hoi, Nederland!

We are excited to announce that Coinbase has successfully registered with the Dutch Central Bank (De Nederlandsche Bank — DNB) as a crypto service provider. This registration will allow Coinbase to offer our full suite of retail, institutional, and ecosystem products to customers in the Netherlands. We are proud to be the first major global crypto exchange to receive DNB registration approval — a significant milestone in Coinbase’s continued international expansion.

Coinbase views regulation of the industry as an “enabler” for crypto’s growth, setting clear ground rules that will create an environment which encourages innovation and strengthens trust in the sector from both the public and policymakers.

As part of Coinbase’s ambition to be the world’s most trusted and secure crypto platform, we have taken strides to work collaboratively with government, policymakers and regulators to shape the future in a responsible way. Coinbase prides itself on being a compliance-led business. The Netherlands is a critical international market for crypto, and I am really excited for Coinbase to bring the potential of the crypto economy to the market here,” said Nana Murugesan, Vice President, International and Business Development at Coinbase.

Coinbase serves customers across almost 40 European countries through dedicated hubs in Ireland, the UK, and Germany. Additional registrations or license applications are in progress in several major markets, in compliance with local regulations.

— — — — — — — — — — — -

Coinbase Europe Limited and Coinbase Custody International Ltd are listed in DNB’s public register as a crypto service provider. DNB supervises Coinbase Europe Limited and Coinbase Custody International Ltd in compliance with the Anti-Money Laundering and Anti-Terrorist Financing Act (Wet ter voorkoming van witwassen en financiering van terrorisme — Wwft) and the Sanctions Act (Sanctiewet 1977 — Sw). The crypto services of Coinbase are not subject to prudential supervision by DNB or conduct supervision by the AFM. This means that financial operational risks in respect of the crypto services are not monitored and there is no specific financial consumer protection.


Coinbase gains regulatory approval in the Netherlands 🇳🇱 was originally published in The Coinbase Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

Ethereum Believers May Be Staring Down Opportunity As ETH Reaches Another Low Against Bitcoin: CryptoQuant CEO

Sanctions Should Target Bad Actors. Not Technology.

Tl;dr: Coinbase is funding a lawsuit brought by six people challenging the US Treasury Department’s sanctions of the Tornado Cash smart contracts and asking the Court to remove them from the U.S. sanctions list. The lawsuit explains that OFAC exceeded its authority from Congress and the President in sanctioning open source technology, rather than sanctioning the bad actors who used it or the property of those bad actors.

By Paul Grewal, Chief Legal Officer

Today, Brian Armstrong shared why Coinbase is funding and supporting a challenge by six individuals (including two Coinbase employees) against the Treasury Department’s novel sanctions of open source software associated with Tornado Cash. I wanted to take a moment to share a little more detail about this legal action. At its core, this legal challenge is about how the Treasury Department exceeded the authority Congress and the President granted it in sanctioning open source technology, rather than sanctioning the bad actors who used it or the property of those bad actors. No one wants criminals to use crypto protocols, but blocking the technology entirely (which is what this sanction essentially does) is not what the people’s elected representatives authorized — especially when there are effective routes to more narrowly target bad actors. These sanctions represent a significant unauthorized expansion of OFAC’s authority, and they have harmed innocent people seeking to legitimately protect their privacy and security using this technology, as the stories of these six individuals make clear.

Tornado Cash Sanctions

On August 8, 2022, Treasury’s Office of Foreign Assets Control (“OFAC”) sanctioned Tornado Cash, an open source software project that uses smart contracts to allow users to send assets privately on the Ethereum network. As part of this action, OFAC added to its Specially Designated Nationals and Blocked Persons List (“SDN List”) Tornado Cash’s smart contracts, which are publicly available, open source tools that anyone can access to send assets from their private accounts and withdraw them to a different crypto address. Smart contracts are essentially code that is not controlled by any individual or group and is executed by the Ethereum network according to strict rules that cannot be modified.

While prior OFAC sanctions against individuals or entities sometimes listed crypto addresses owned or controlled by these bad actors, OFAC has never before sanctioned an open source technology like the Tornado Cash smart contracts. For example, when OFAC sanctioned the North Korean Lazarus Group, it added eight Ethereum addresses to the sanctions list — each were accounts controlled by the Group where they held their assets.

In this case, by adding the Tornado Cash smart contracts to its SDN List, OFAC made it illegal for any U.S. person to use this privacy protocol — banning this technology for all.

OFAC Exceeded Its Authority From Congress and the President in Sanctioning Open Source Technology

Federal agencies, like the Treasury Department, ultimately get their authority to act from the people’s representatives in Congress, which enacts legislation defining an agency’s powers. When operating, federal agencies must act within the bounds of that Congressionally defined authority. If an agency’s action exceeds those powers, Congress has also authorized courts to review that action, with the remedy being to set aside the unlawful action. These challenges are critical to preventing executive overreach and ensuring agency action stays within the bounds of what the people’s representatives in Congress allowed.

Applying these principles here, Congress passed the International Emergency Economic Powers Act (“IEEPA”), authorizing the President to freeze the assets of, and prohibit transactions with, any person determined to be a threat to the United States, and the President delegated this power to Treasury to issue sanctions. However, this delegated power only authorizes OFAC to target persons or their property.*

We are supporting the legal challenge to the Tornado Cash action because the Tornado Cash smart contracts are neither person nor property. This means OFAC exceeded its authority from Congress when it recently added these to the SDN List — effectively banning the technology for all U.S. persons. The outcome sought by this challenge is to have OFAC remove these crypto addresses associated with software from its SDN List, so that U.S. persons can once again use this privacy technology.

First, at the risk of stating the obvious, Tornado Cash open source smart contracts are not persons. They are lines of code, not humans, corporations, or organizations. Tornado Cash’s smart contracts enable a user to deposit tokens from one crypto address and later withdraw those same tokens to a different crypto address, and are executed automatically without human intervention. They are a privacy tool, a technology, that is neither human nor an entity.

Second, and for similar reasons, the Tornado Cash smart contracts are also not property. The ordinary meaning of “property” is something owned, a possession, or a tangible or intangible item that someone has legal title to possess.** The smart contracts are non-proprietary, open source code not controlled by any individual or group. Instead, they are simply programs that run on the Ethereum network according to preset rules that cannot be changed or altered. In the case of the Tornado Cash smart contracts, anyone in the world can send ETH to these contracts, which will then run according to preset instructions that neither the original developers of the code nor those sending or receiving funds can change. When an individual uses these smart contracts, they never turn over control of their assets to another individual or group and assets are not commingled or mixed; they simply use the privacy code to send and then withdraw their assets.

These Novel Sanctions Harmed Innocent Individuals and Threaten the Critical Development of Crypto Privacy Protocols

Unlike in traditional finance, ETH transactions are transparently recorded on the Ethereum blockchain. That means anyone with a computer can view the transaction history and balances associated with a particular user’s address. So, when users send ETH from their address to a recipient’s address, anyone can use a public blockchain explorer to look up that sender’s prior transactions, learn about their spending habits, and check their account balance.

While this transparency is important for auditability and verification, it poses privacy challenges for Ethereum users who reasonably want to protect their personal financial information. For the same reasons that you’d be reluctant to publicly share all your private bank statements that detail your spending history, a person who receives their salary in ETH does not necessarily want everyone knowing how much they make or how they spend their funds.

The Tornado Cash privacy protocol allowed users to regain that privacy. Using smart contracts, a user could deposit assets from one crypto address and withdraw crypto assets to a completely different address, severing the otherwise clear connection to their prior transactions. Once withdrawn, the user could transfer those assets without fear of exposing their entire financial history or net worth to third party strangers. The plaintiffs in this lawsuit represent a cross section of crypto users and developers who used Tornado Cash to protect their privacy and security for various legitimate reasons — from wanting to safely donate to Ukraine war relief without risk of Russian retaliation, to concealing salary deposits that would show how much they earn, to preventing malicious actors from targeting their homes to try to steal large quantities of crypto assets held in their wallets. By creating new, private crypto addresses when sending funds to strangers, these plaintiffs could avoid disclosing their personal accounts, which they use to hold their assets and send personal transactions.

In this way, crypto privacy protocols are not only critical to the development of the crypto ecosystem, they are an important tool to protect individuals against hackers and thieves who may otherwise target owners of crypto addresses that hold significant assets. The sanctions against Tornado Cash have not only blocked this open source technology to U.S. persons, but cryptographers and developers have also been scared away from contributing to other important privacy projects, fearful that their code will be sanctioned in the future.

Coinbase is Committed to Combating Illicit Finance and Supports Reasonable Regulations and Action Against Bad Actors

Coinbase is fully committed to combating illicit activity and sanctions evasion. We regularly partner with and advise law enforcement and regulators on a range of cryptocurrency topics, support critical law enforcement investigations, and respond to many thousands of subpoenas a year. We fully support OFAC’s overarching national security objectives and greatly appreciate the important work it does to sanction bad actors and block the property those actors control. However, in the Tornado Cash action, OFAC did not target the bad actors or the property controlled by those actors; instead, it took the unprecedented step of sanctioning open source technology — a tool legitimately used by many innocent people even if also by some bad actors. We do not believe Congress authorized this, and for good reason. After all, we do not shut down email or the internet code because among its many users are some criminals. That is why we are funding and supporting this challenge by six crypto users seeking to regain critical tools needed to protect their privacy and security.

*50 U.S.C. § 1702(a)(1)(B).
**American Heritage Dictionary of the English Language 1412.


Sanctions Should Target Bad Actors. Not Technology. was originally published in The Coinbase Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

Ethereum Believers May Be Staring Down Opportunity As ETH Reaches Another Low Against Bitcoin: CryptoQuant CEO

Defending Privacy in Crypto

Tl;dr: Coinbase is funding a lawsuit brought by six people challenging the U.S. Treasury Department’s sanctions of the Tornado Cash smart contracts and asking the Court to remove them from the U.S. sanctions list. The sanctions exceed Treasury’s authority, harm innocent people, remove privacy and security options for crypto users, and stifle innovation.

By Brian Armstrong, CEO

Today we’re announcing that Coinbase is funding a lawsuit brought by six people challenging the United States Treasury Department’s sanctions of the Tornado Cash smart contracts and asking the Court to remove them from the U.S. sanctions list.

Tornado Cash is an open source piece of software running on the Ethereum blockchain that preserves privacy by allowing users to deposit assets from one crypto address and withdraw them using a different crypto address.

Last month, Treasury sanctioned the Tornado Cash software because it was being used by criminals — including North Korean hackers. We have no issue with the Treasury sanctioning bad actors and we take a hard stance against unlawful behavior. But in this case, Treasury went much further and took the unprecedented step of sanctioning an entire technology instead of specific individuals. The problem here is twofold: (1) there are legitimate applications for this type of technology and as a result of these sanctions, many innocent users now have their funds trapped and have lost access to a critical privacy tool, and (2) we believe the Treasury exceeded its authority, given by Congress, by sanctioning a technology.

At Coinbase, we’ve been fighting illicit activity since the very beginning, and while we share Treasury’s commitment to fighting crime, we believe this action harms innocent people and threatens the future of decentralized finance (DeFi) and web3 specifically.

Treasury used a hammer instead of a scalpel

The nature of the blockchain — where every transaction is public — makes crypto more secure. But it can also create privacy concerns. If you receive your salary in crypto, for example, you might not want the world to know how much money you make, or how you choose to spend it.

That’s why the individuals we’re supporting in this case used Tornado Cash in the first place:

  • One person used Tornado Cash to anonymously donate money to Ukraine. Afterwards, his wallet received potentially malicious air drops. But because he anonymized his crypto before donating, he avoided attacks against his personal accounts. He has funds trapped in Tornado Cash.
  • Another person is an early crypto adopter with a large online presence and a public ENS name linked to his Twitter profile. He used Tornado Cash to protect his personal security while transacting. Now he also has funds trapped in Tornado Cash.
  • A third person operates an Etherum staking business. At one point, a stranger working near where he engages in staking asked how much money he was earning. He started using Tornado Cash to protect his assets and his personal safety.

Sanctioning open source software is like permanently shutting down a highway because robbers used it to flee a crime scene. It’s not the best way to solve a problem. It ends up punishing people who did nothing wrong and results in people having less privacy and security.

We believe law abiding citizens have a right to privacy, especially with some of their most sensitive data: their finances.

Treasury acted outside its authority

The second problem is that, while Treasury is allowed to sanction people (along with their property), Congress never gave it the power to sanction open source software. That’s why these plaintiffs are going to court to ask that this software be removed from the U.S. sanctions list. You can read more about our legal argument here.

This will stifle innovation

Finally, sanctioning open-source code has a chilling effect on innovation.

Right now, developers are worried that they could be held responsible for something they had nothing to do with, and no ability to control. At a time when we should be encouraging innovation, this kind of fear and uncertainty will do the opposite — making developers wonder if, by pushing the industry forward, they could be putting themselves at risk.

As one of the largest companies in crypto, we have a responsibility to defend the crypto industry against actions that go too far, and treat crypto on an uneven playing field. It’s not enough to just say we disagree and sit on the sidelines. That’s why we’re funding and supporting this lawsuit.

We will fully comply with the law while we await the court’s decision. But we’re hopeful that these sanctions will be reversed, allowing innocent crypto users to regain access to their funds and making it possible for anyone to use privacy tools to protect themselves.


Defending Privacy in Crypto was originally published in The Coinbase Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

Ethereum Believers May Be Staring Down Opportunity As ETH Reaches Another Low Against Bitcoin: CryptoQuant CEO

How Coinbase Protects Users From Risky Assets

By Dan Kim — Vice President, Ecosystem and Listings

Tl;dr: Coinbase reviews thousands of crypto tokens; around 90% never get considered for listing as they do not meet our strict requirements for protection against scams like “pump-and-dumps” and “rug pulls.”

Our proprietary threat detection software has identified and blocked over 700 tokens with malicious software that can harm Coinbase users.

We also conduct in-depth research on project teams to ensure they don’t have a record of engaging in questionable business practices.

In order to get the next 100 million people into web3, we need to make it easy to buy, sell, and hold the safest and most reputable catalog of digital assets, and further solidify Coinbase as the most trusted bridge to the cryptoeconomy. We also need to make sure users are protected.

That’s why our goal at Coinbase is to list every asset that meets our industry-leading standards for risk, safety, and user protection: If an asset doesn’t meet those standards, we don’t list it.

We only announce the assets we have decided to list — not the ones that fail to meet our standards. But we’ve heard from many of you that you’d like to learn more about how we decide which assets are added to our roadmap.

How Coinbase reviews digital assets

We review assets based on applications submitted by project teams on Coinbase Asset Hub, as well as the thousands of other projects we track across the global web3 ecosystem.

The order in which we sequence asset reviews is not based on whether we think a project is popular or interesting. Our framework is much more objective and nuanced, and includes factors such as the legitimacy of a project’s white paper, integrity of their contributors, details of how their token works, and engagement levels of their user and developer communities. We only consider listing those assets that meet our rigorous guidelines for legality, safety, reputability, and technical integrability.

We do not list the majority of the tokens that we review. In fact, out of every 100 tokens we consider, only around 10 are identified as potential candidates for Coinbase Exchange, and fewer than that actually get approved for listing.

Today we’re sharing more details about the industry-leading tools, systems and methods we use to protect our users from dangerous digital assets.

How our threat detection software keeps users safe

Blockchain technology is constantly evolving, so any asset review system must be able to adapt with those changes.

That’s why Coinbase developed our proprietary secure trait analyzer, a safety-first, threat detection software that informs us if a token is designed in a way that can harm you or your crypto.

Our software automatically reviews tokens on all the blockchains we support, and identifies those programmed with software (also known as smart contracts) that can potentially harm Coinbase customers. The secure trait analyzer works by detecting specific patterns in smart contracts (which we call code signatures), and comparing them against our database of code signatures from previously analyzed smart contracts. The more smart contracts we review, the faster we’ll be able to distinguish the safer tokens from the riskier ones.

So far, our Listings team has used this automated system to identify over 700 tokens that didn’t meet our security standards due to critical risks, such as single individuals being able to automatically seize users’ funds or unilaterally drain account balances. The proprietary software has also helped us detect dangerous backdoor vulnerabilities — like those that can be used for rug pulls, in nearly one out of every four smart contracts we’ve reviewed.

Whenever we find things that aren’t safe, we ask project teams to take the appropriate measures to mitigate those risks. If they don’t, we don’t list their tokens.

Added security from comprehensive research

In addition to screening smart contracts with our threat detection software, we also conduct other types of detailed due diligence to protect our users.

That includes in-depth research into the project’s purpose, milestones, and key contributors to make sure we’re complying with regulations and identifying any potential connections to illicit activity.

To capture the most comprehensive view of all assets we consider for listing, we also perform on-chain and off-chain analyses of quantitative and qualitative signals — things like historical token prices and trading volume, ownership and vesting schedules, investment and financing history, market capitalization, community sentiment, technical roadmap, and information about how tokens are earned, burned, and distributed.

Digging deeper: Protecting users from bad actors

Beyond our security reviews, we take other important steps to protect our customers from scams.

Earlier this year, we implemented a fraud detection framework that expands our ability to identify even more factors that could potentially harm Coinbase customers. This analysis is specifically designed to evaluate consumer and business risks that might not show up when we review project whitepapers or analyze token smart contracts — things like key project contributors with a record of shady business practices or confirmed allegations of pump-and-dumps.

Since implementing this additional layer of protection, the Listings team has identified nearly 100 projects with tokens that we perceive to be high risk and have chosen not to list.

Coinbase is the most trusted platform for buying, selling, and exchanging digital assets. While we aim to list as many assets as we legally can, our priority is to protect our users. We’ve invested an enormous amount in tools and processes that weed out risky assets, and will continue working towards keeping all Coinbase users safe.


How Coinbase Protects Users From Risky Assets was originally published in The Coinbase Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

Ethereum Believers May Be Staring Down Opportunity As ETH Reaches Another Low Against Bitcoin: CryptoQuant CEO

Compliance and Protecting Personal Information

tl;dr How we protect personal information while complying with existing laws and regulations.

Recently, we’ve received questions about why we occasionally review specific accounts and ask for more detailed personal information about the owners of those accounts. In short, we do this to meet our regulatory obligations. Here’s a more detailed explanation:

At Coinbase, we strive to be the most trusted platform for buying, selling, and exchanging digital assets. Trust is the best way to help more people participate in the cryptoeconomy and reach our goal of increasing economic freedom around the world.

Earning and maintaining trust requires us to ensure the integrity of all transactions supported by our platform. And an important part of doing that is abiding by relevant laws and regulations. We’ve always believed that for crypto to gain the legitimacy needed for mainstream adoption, compliance can’t be an afterthought — it is core to the way we operate.

In practice, this means following laws and regulations in different jurisdictions, some of which are more stringent than others.

Crypto is a highly regulated market, with various parts of it overseen by many different federal regulatory agencies, individual states and others — and that’s just in the U.S. If we want to offer Coinbase services in other countries, we also have to comply with local regulations. In some cases, this includes the Travel Rule, which requires companies like Coinbase to exchange information about the participants in crypto transactions under certain circumstances.

Over time, the advantages of web3 may allow people to create and own centralized identities, sharing much less information with third parties and keeping that information more secure. We’re also excited about advances in digital identity which may move us away from reliance on traditional forms of identification, like driver’s licenses and other paper documents. But for now, companies like Coinbase are required to follow existing regulations, some of which have been on the books since before the Internet even existed.

This means we have to ask our customers for basic information about themselves and their businesses. Sometimes, and for a very small percentage of our customer base, we need much more detailed information. This helps us to comply with “Know Your Customer” regulations and keep Coinbase and the cryptoeconomy safe. No matter what, we are committed to protecting our customers’ privacy and providing a smooth and intuitive customer experience.

As part of our ongoing efforts to keep our customers safe, we’ve also organized a coalition to help other companies comply with global regulations, following industry leading safeguards to protect customers’ privacy and security. To join this coalition, and receive Travel Rule information, all participants must meet anti-money laundering, security, and privacy requirements.

We’ve also developed proprietary blockchain analytics capabilities to help secure the crypto economy from bad actors. And we have ongoing dialogues with policymakers globally where we advocate for consistent and reasonable requirements that protect our customers’ privacy.

While some within the digital currency industry have questioned the application of more traditional Know Your Customer (“KYC”) requirements in this novel space, widespread adoption of crypto will depend on building and maintaining the trust and integrity of the ecosystem. For crypto to succeed, people need to be able to buy digital currency with common payment methods, and feel safe doing so. The only way that can happen is if companies like Coinbase follow local laws and regulations, while partnering with policymakers to guide the next generation of rulemaking in this space. Put simply, if we want crypto to be widely accepted, compliance can’t be optional.

That’s why we’ll keep working to be an industry leader in compliance — protecting our customers, preserving trust, and building the cryptoeconomy.


Compliance and Protecting Personal Information was originally published in The Coinbase Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

Ethereum Believers May Be Staring Down Opportunity As ETH Reaches Another Low Against Bitcoin: CryptoQuant CEO

Why We’re Launching a Voter Registration & Education Initiative

By Faryar Shirzad, Chief Policy Officer

Tl;dr: We’re launching our U.S. crypto policy education initiative today, which includes a voter registration portal, to respond to our community’s strong interest in learning more about where their representatives and candidates for public office stand on issues of importance to the crypto community, and in finding ways to have their voices heard.

Today, Coinbase launched a voter registration tool as part of a broader education initiative to give the crypto community tools to participate in the critical policy discussions happening across the United States. We’ve heard loud and clear from our customers that they want to get involved in these debates and are looking for trusted resources, tools, and support to help them be heard.

Why Now?

Today, more than ever, crypto and web3 are cemented as topics of public interest and the political debate. Political candidates are talking about them, the public is interested in them, and the crypto community wants to help shape them. This is especially true as we approach the 2022 midterm elections in the United States, where nearly 1 in 4 households (24% to be exact) own cryptocurrency, according to a 2022 Morning Consult report.

We don’t regularly talk about politics here at Coinbase, but we’ve always said that we will engage in the political process at moments when it relates to our mission of increasing economic freedom in the world. The 2022 U.S. midterms are one of those moments. Being informed and being engaged are mission critical for the future of crypto.

In the next few years, legislation and regulations will be developed that will help shape the direction of our industry for the coming decades. In this Congress alone, more than 50 bills have been introduced aiming to shape some aspect of the crypto regulatory landscape. And policymakers are just getting started.

Put simply, this year’s U.S. midterm elections are the most important in crypto’s history. The leaders we elect in November will be making key decisions about how crypto, blockchain, and web3 are regulated. It is essential that our elected leaders understand the potential of crypto and support a policy framework that fosters continued innovation here in the United States and forward progress toward a future of economic freedom for everyone in the world. For our part, Coinbase will continue to be a partner to lawmakers and regulators as these conversations play out.

Why Voter Resources?

We’ve also heard from the crypto community and our customers that they want to understand how these ongoing debates will impact the future of crypto, and they’re eager for resources that help them engage in and shape these conversations. We know that two of the biggest barriers to participating in the political process are education on the issues and access to voting. Helping empower the crypto community by helping them overcome these barriers is at the heart of our voter registration and education program. We are eager to do our part by providing trusted resources for crypto voters on the issues, candidates, and political process that will define crypto’s future. With all this, we are calling on the crypto community to register and get involved this fall by learning about the candidates and the issues, by finding opportunities to talk to representatives and candidates, including at town halls and candidate forums, and, above all, by voting.

Sensible and workable crypto regulations are critical for maintaining U.S. competitiveness and unlocking innovation. Engaging in the 2022 U.S. midterm elections gives everyone a chance to be an important part of the conversation on the future of crypto.


Why We’re Launching a Voter Registration & Education Initiative was originally published in The Coinbase Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

Ethereum Believers May Be Staring Down Opportunity As ETH Reaches Another Low Against Bitcoin: CryptoQuant CEO

PayPal joins the TRUST Travel Rule Solution

Coinbase is pleased to share the addition of PayPal to the Travel Rule Universal Solution Technology (TRUST) network. TRUST is a global, industry-driven solution designed to increase compliance with a requirement known as the Travel Rule while prioritizing the security and privacy of customers.

PayPal has been a leader in digital payments for more than 20 years by leveraging technology to make financial services and commerce more convenient, affordable, and secure for more than 400 million consumers and merchants around the world.

By joining TRUST, companies become part of a rapidly growing coalition from around the world. Since TRUST launched last February, it has already expanded to include 38 members, including: Amber Group, Anchorage Digital, Balance, Binance.US, bitFlyer, BitGo, Bittrex, BlockFi, BlocPal, Cake DeFi, Circle, Coinbase, Coinhako, Coinsmart, Coinsquare, Crypto.com, Custodia, Fidelity Digital Assetsˢᵐ, Gemini, Kraken, Netcoins, Nexo, Paxos, PayPal, Prime Trust, Robinhood, sFOX, Shakepay, Standard Custody & Trust, Symbridge, Tetra Trust, TradeStation, Unbanked, VirgoCX, Voyager, Wealthsimple, Zero Hash, and Zodia Custody.

The addition of PayPal marks another milestone in TRUST’s journey to become the global, industry-standard solution for Travel Rule compliance.

For more information about how TRUST prioritizes customer privacy and security while providing top-tier Travel Rule compliance, or if you are interested in joining TRUST, please contact us.


PayPal joins the TRUST Travel Rule Solution was originally published in The Coinbase Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

Ethereum Believers May Be Staring Down Opportunity As ETH Reaches Another Low Against Bitcoin: CryptoQuant CEO

The Crypto Securities Market is Waiting to be Unlocked. But First We Need Workable Rules.

TL;DR:

  • Coinbase filed a petition asking the SEC to begin rulemaking on digital asset securities.
  • The existing rules for securities just do not work for digital assets.
  • Our petition calls on the SEC to develop a workable regulatory framework for digital asset securities guided by formal procedures and a public notice-and-comment process, rather than through arbitrary enforcement or guidance developed behind closed doors.

By Faryar Shirzad, Chief Policy Officer

Today, there is a robust crypto market in the U.S. That market includes thousands of different digital assets, crypto companies, and decentralized financial products, and is regulated at every level of government, including by multiple federal agencies in the United States. Yet despite the growth that has happened in recent years, close examination reveals a glaring deficiency in this market. Even with billions of dollars invested toward crypto innovation, and the passage of more than 13 years since the introduction of Bitcoin, there is still no meaningful crypto securities market in the United States.

Many factors can positively influence how a given market develops, but when it comes to crypto securities there is a significant, foundational hurdle that has prevented that market from maturing. That hurdle is the fact that the securities rules simply do not work for digitally native instruments. They don’t work for tokenized debt. They don’t work for tokenized equity. They don’t work for crypto. And that’s a major problem.

The consequence is that the United States is falling behind in digital asset innovation. Most of the digital assets traded today have the characteristics of commodities, and in many instances, were specifically designed to avoid the securities laws. In other words, as the crypto market develops, it is deliberately steering clear of the securities market — one of the principal financial markets in the United States. At Coinbase, we believe that digital asset innovation offers a number of profound, market-enhancing benefits — like real time settlement, the ability to trade safely without needing to go through costly intermediaries, and a transparent record of all transactions. But the full weight of those benefits will not come to pass if they are excluded from a market as big and impactful as the securities market.

Crypto assets that are securities need an updated rulebook to help guide safe and efficient practices. Crypto assets that are not securities need the certainty of being outside those rules. Anything short of that will have the effect of entrenching incumbent technologies at the expense of innovation and ultimately, consumers. That’s why we have submitted a petition to the SEC to request that it develop rules that work for digital asset securities. Here’s a little more on the problem as we see it, and how we hope to work toward a solution:

The Problem

Modern securities law was put into place by the Securities Act of 1933 and the Securities Exchange Act of 1934. The most well-known securities are stocks and bonds, but most other assets that are considered securities are classified as such because they are “investment contracts” or “notes.” The Supreme Court set forth how to determine whether an asset is an investment contract or note in SEC v. W.J. Howey Co. and Reves v. Ernst & Young. The former case created a test for determining whether an asset is an investment contract; the latter created a test for determining whether an asset is a note. These tests play a large role today in evaluating whether a crypto asset is a security.

It is often difficult to determine what a jurist was thinking when they drafted a given piece of law, but I think it is reasonable to assume that none of the authors who drafted these securities statutes from the 1930’s, or the subsequent Supreme Court tests interpreting those statutes, did so while thinking of a day when a decentralized, cryptographically-based, automated financial instrument would be adopted en masse by a millions of people in the United States and around the world.

Put simply — when these authors were writing rules to regulate square pegs, they did not account for how those rules would impact the unpredictable round holes of the future.

Securities law is thus not well-suited to govern digital assets. Attempted application of such ill-fitting laws to crypto creates a number of problems, including:

  • Lack of regulation for the subset of crypto assets that are securities;
  • So many different steps and intermediaries that there is no way trades can settle in real time;
  • It is effectively impossible for individual investors to trade directly, without using a broker; and
  • Blockchain technology is not able, under the current rules, to be used as a reliable record of transactions, even though this is the innovation that makes distributed leverage technology so powerful.

The SEC has thus far been unwilling to write new rules for crypto securities. Instead, the Commission recently announced that it will double the size of the enforcement unit that handles crypto and cyber cases. This enforcement-first approach has stifled development of the crypto securities market and prevents entrepreneurs from using crypto to raise money for their companies. It also prevents investors from using crypto to invest in those ventures.

Perhaps worst of all, the SEC’s approach has created enormous risk for investors. We saw this in vivid detail when the Commission brought an enforcement action against Ripple, after years of taking no action against them, claiming that XRP is a security. The value of XRP dropped immediately, costing investors huge sums of money. The XRP case is especially notable because there was disagreement even within the federal government about whether XRP was a security or not: FinCEN had determined it was not a security, and then the SEC said that it was.

If the SEC were to write rules permitting the tokenization of securities, the opportunities for innovation would be significant. The crypto markets could be expanded to offer crypto securities, subject to SEC regulation and governance, thereby giving investors new ways to invest in crypto. And opening debt and equity securities to tokenization would promote efficiency and resiliency in traditional markets.

But the SEC has not done this.

While the SEC has refused to develop new rules for digital asset securities, several governments and other organizations around the world are well on their way to new, workable crypto rules. The list is significant, and includes the European Union, United Kingdom, Singapore, Japan, Hong Kong, Australia, and Brazil. Action taken last month by the EU on their Markets in Crypto Assets (MiCA) regulation, for example, demonstrates the world’s largest economy — made up of 27 different countries — putting in place a clear, comprehensive set of rules for crypto.

We believe the SEC should follow the lead of these jurisdictions by helping to develop a robust and vibrant crypto securities market, with all of the excellent protections that investors have come to expect from American financial markets. That is why we filed our petition with the SEC that requests such a rulemaking to take place.

Coming Up With a Solution

With this petition, we are asking the SEC to start a process where the public and key stakeholders can transparently provide input into the agency’s work on crypto. We also hope the petition will launch a broader conversation where members of Congress — many of whom also see the need for the regulations to evolve — will provide their views. Doing this right will help to avoid one-off, arbitrary decisions that provide little clarity or guidance to the industry, and will instead result in a clear set of comprehensive rules, much like important jurisdictions around the world are working toward.

Coming up with such comprehensive rules will require a genuine examination of how crypto works differently from traditional financial securities and what provisions would actually protect investors who trade in crypto securities.

That examination should look at current crypto trading. Crypto trades differently from securities in a number of ways, and these differences must be weighed when writing rules for crypto securities. Consider:

  • Traditional financial exchanges like the New York Stock Exchange and NASDAQ have set trading hours, but crypto trades 24/7/365.
  • While traditional financial exchanges require that investors trade through the services of a broker, crypto lets you buy, sell, and trade assets directly, without going through an intermediary.
  • Finally, traditional securities exchanges only trade securities; they do not trade commodities or any other type of assets. Crypto investors seek to trade across types of tokens — buying stablecoins to store value, and then buying other crypto with those stablecoins, for example — all on one platform. This kind of trading is not recognized under existing rules for securities exchanges, but could offer tremendous capital efficiency gains.

Another way crypto is different from stock exchanges has to do with custody — or how securities have to be held and kept safe by brokers and exchanges.

Traditional securities transactions are permitted up to two days to settle. This delay is designed to accommodate trades going through a number of intermediaries before the securities are finally in the hands of the buyer, and the cash with the seller. Using existing technology, these intermediaries are needed to help make sure a trade goes through as promised. The buyer must actually pay the money, the seller must actually give up the assets, the trade must be properly recorded, and there must not be any errors or unauthorized actions. The broker also has to hold the securities in a certain way to ensure that it has “possession” and “control” over the assets. These rules ensure that the broker keeps the customer assets safely, and also ensures that the broker completes customer trades appropriately.

This system of intermediaries, and the specific custody rules governing them, fail to leverage the benefit of blockchain technology and do not work for crypto:

  • First, crypto investors expect trades to happen within seconds — one of the key innovations of crypto. But the current rules have too many steps to allow for immediate settlement.
  • Second, in order for trades to happen that fast, the securities and the money have to be held by the exchange so the exchange can effect the transaction as soon as it happens. But a crypto exchange cannot custody assets the same way that a broker can and still effect an immediate trade.
  • Finally, the rules for how to keep assets safe — to show possession and control — are based on how you would keep a stock or bond safe, not how you might hold a private key for crypto securities.

Let’s Work Together on This Solution

Coinbase believes that effective regulation benefits everyone — buyers, sellers, exchanges, and the U.S. financial system. The SEC has a long history of creating and enforcing regulations that have enabled the development of deep, liquid, and transparent capital markets in the U.S. These markets have, in turn, fueled incredible innovation and helped entrepreneurs build companies that have transformed the lives of billions of people.

Thankfully, the SEC won’t have to start from scratch when figuring out how to move forward. We laid out the questions that we think the Commission should be asking stakeholders and itself in determining the right path forward — our petition was written with the input of some of the best securities lawyers and economists in the country. If the Commission starts an open process where all of us can provide input, we look forward to sharing our thoughts on how to answer the important questions our petition raises, and we would encourage others to do the same. We may not agree every step of the way, but it’s critical that this is an open and transparent process, where the public has a chance to offer their views. Policymaking at this level is far too important to be made in a black box.

Crypto represents the next wave of innovation within the markets themselves — and whatever country encourages that innovation while also keeping investors safe will reap enormous benefits. We need the SEC to once again write the rules that will unleash the potential of U.S. capital markets, this time fueled by the benefits provided by crypto.

If they don’t, others will — and the U.S. may not be able to catch up.


The Crypto Securities Market is Waiting to be Unlocked. But First We Need Workable Rules. was originally published in The Coinbase Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

Ethereum Believers May Be Staring Down Opportunity As ETH Reaches Another Low Against Bitcoin: CryptoQuant CEO

Coinbase secures Crypto Asset Service Provider approval in Italy

Coinbase secures Crypto Asset Service Provider approval in Italy 🇮🇹

Tl;Dr: By meeting the regulatory requirements, Coinbase will continue to offer crypto services in Italy, and has a clear path to bring new products and features to market in the country.

By Nana Murugesan, Vice President, International and Business Development

As discussed in our recent blog post, Coinbase is committed to bringing the power of our full product suite to customers across Europe. Today, we’re able to announce a key milestone in that journey: securing approval from Italian regulators to provide ongoing crypto services to its residents. The new requirement implemented by the Organismo Agenti e Mediatori (OAM), mandated that all companies offering crypto trading, custody or other services, meet set criteria. We’re proud to be among the first companies to meet these benchmarks.

Coinbase serves customers across almost 40 European countries through dedicated hubs in Ireland, the UK, and Germany. We are in the process of strengthening our presence across Europe and have registrations or license applications in progress in several major markets in compliance with local regulations. In each of these markets, our goal is to grow our customer base by launching the Coinbase suite of retail, institutional, and ecosystem products.

Building a constructive relationship with regulators in every jurisdiction in which we operate is incredibly important as we march toward our mission of increasing economic freedom in every corner of the world. Gaining this regulatory approval is a testament to our close collaboration and positive working relationship with the Italian financial regulators. As we continue to grow across Europe and other regions, maintaining our strong regulatory relationships will ensure that we will continue to bring to market the products that our customers want, through the most trusted and secure platform in the cryptoeconomy.” Nana Murugesan, Vice President, International and Business Development.


Coinbase secures Crypto Asset Service Provider approval in Italy 🇮🇹 was originally published in The Coinbase Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

Ethereum Believers May Be Staring Down Opportunity As ETH Reaches Another Low Against Bitcoin: CryptoQuant CEO

Operating efficiently at scale

By Brian Armstrong, CEO and Co-founder

As companies scale, they usually slow down and become less efficient. It takes more dollars, more people and more time to get anything done. Coordination headwinds increase, vetocracies emerge, risk tolerance fades, and teams become inwardly focused instead of staying focused on their customers.

While this trajectory is natural, it is not inevitable. Every great company, from Amazon to Meta to Tesla, found ways to retain their founding energy in conjunction with appropriate controls, even as they scaled to be much larger than Coinbase is today. Great companies maintain their insurgent mindset, for fear of becoming complacent and irrelevant over time.

That’s why we’re focusing on driving more efficiency at Coinbase. After 18 months of ~200% y/y employee growth, many of our internal tools and organizing principles have started to strain or break. So we’ve been digging in to identify the set of changes we need to make to help us succeed at this new scale.

The first step was significantly slowing our growth, and making the difficult decision to reduce the size of our current team, which we announced last month. Moving forward, we’ll keep looking for ways to make Coinbase more efficient, and to get back to the mindset and approach that made us successful. I believe that these steps will carry us forward.

Push decision making down to single-threaded DRIs

We use DRIs (directly responsible individuals) to help us execute faster. DRIs balance input from the team, and make clear decisions in a timely manner.

But now that we’re a larger company with many products instead of one, we need to adjust how we make decisions — pushing most decision making down in the org, removing bottlenecks and empowering our product leaders.

DRIs often have the temptation to push decision making up the chain when they aren’t sure or don’t want to take risks. Sometimes they’re afraid of being fired if the decision doesn’t go well. That’s why, where possible, we are increasingly focused on identifying “single-threaded” DRIs. Single-threaded is tech jargon that simply means solely focused on a single area. The single threaded DRI is the most senior person whose only job is to run a given product or initiative, this will typically be a product management or engineering leader. They can’t be the single-threaded DRI if they are the DRI of multiple areas.

This may mean that not every decision is perfect. But that’s OK if we can scale our impact and empower subject matter experts who are closer to the products and closer to our customers.

Give product leaders visibility into their P&L

Each of our products have well funded competitors that are dedicated companies. We believe the right way to compete is to incentivize our product leaders to also run their product more like a standalone company. Companies must achieve profitable growth on some reasonable time horizon. Over time, we’ll be able to give product leaders direct visibility into their P&L, so they can move their product toward positive margins and make better decisions around where to invest, while at the executive level we will continue to look at consolidated performance.

Leverage shared services to minimize duplication

While product leaders can operate independently, there are often common elements across products. We have shared services around how customers onboard, manage their accounts, store crypto, add payment methods, trade crypto, and more. Done wrong, shared services can slow down and frustrate product teams. But when they work well, they can create amazing synergies between products, and deeper product integration.

Product teams should not be required to use a half baked shared service. But once a shared service is mature, all products may be required to use it. We’ve found that it often helps to start a shared service with one anchor product in mind. When it becomes clear that we are duplicating effort or creating an inconsistent user experience across our products, services need to graduate into clearly decoupled services that any product can leverage.

Organize teams into small pods

Small teams are more efficient. That’s why it’s important to set a maximum size on teams, so they don’t grow too large and slow down.

We’re beginning to deploy a new concept that we call “pods” to create more structure around the appropriate size of a team. Within each product, we will be defining pods of <10 people working on a specific feature or area. If a pod grows to be more than 10 people, it will be time to split it in two and assign each one a more specific goal or focus. Pods also need to have a focus, and a north star metric that ties into the overall company metrics.

Ship products not slide decks

Inside growing companies, there’s a danger that product and engineering teams start shipping great slides decks instead of great products. It can be tempting to “manage up” and feel like a meeting went great with a beautiful deck shown to superiors. But our customers never see the slide decks we create. They only see the product.

So we’re experimenting with banning slide decks in product and engineering reviews. Instead of a slide deck, you can show:

  • A dashboard with your metrics — hopefully your team is looking at this at least weekly anyway
  • Figma mockups
  • But most importantly….show the product itself and use it live!

It’s fine to include a one page agenda to capture action items, or to link to any pre-reads like technical design documents. But the best use of time in product and engineering reviews is to share your screen and walk through the actual product on mobile or web. It could be the production version, or a staging version. The important thing is to get hands-on with the product, see what the customer is seeing (or is about to see), and make it better.

As we do this, we should avoid spending too much time talking about what’s going well in meetings. We can share what’s going well in the pre-read, and take a moment to celebrate it, but the majority of the time in meetings should be focused on what is not going well, so we can improve the product.

It’s hard to overstate this point. Inside companies, there are plenty of things that feel like work, but ultimately don’t improve the customer experience — from market cycles and negative press, to policy efforts, internal politics/drama, titles, and compensation. We have teams that focus on these areas, so that the vast majority of the company (80%+) can remain focused on talking to customers and building better products.

APIs instead of meetings

Larger companies also get slowed down by endless meetings around prioritization and feature requests. We need to move to a model where all product and engineering teams (not just shared services) publish APIs so that other teams can benefit from what they’re building without ever needing to schedule a meeting. In other words, they need to productize their services and allow other teams to use them in a self-service way.

This requires us to adopt an internal API catalog where any engineer at Coinbase can browse to find an appropriate service. Without this, it’s difficult for any engineer to even know if an API exists, leading to duplicate work. All services need to be architected using “paved roads”, meaning consistent libraries and languages for authentication, logging, instrumentation, etc. Many of these APIs will be surfaced in Coinbase Cloud for external customers as well, making them even more robust.

Maintain an insurgent mindset

Ultimately, a lot of this comes down to retaining the founder mentality inside the company and acting like owners. Most companies start off by being anti-establishment, seeking to right some wrong in the world. But as they grow bigger and more successful, they start to become the new establishment. They get complacent, feeling that they’ve won, and bureaucracy sets in.

At Coinbase, one of our values is repeatable innovation, meaning we always want to be pushing the frontier. We use a 70/20/10 resource allocation model where we invest 70% of our resources in our core business, and 20% in strategic efforts, we also ensure 10% of our resources are always going toward ambitious new bets. And we always try to make products that are the most trusted and easiest to use, so we can bring a billion people into crypto. This is the best way to accomplish our mission of increasing economic freedom in the world.

Conclusion

Coinbase’s success has always been rooted in an ability to operate efficiently with a startup mindset. Now, as we adjust to our new scale, we need to get back to the things that made us successful — to drive more efficiency and shake off the complacency that can creep into a bigger company. We need to empower our leaders to make decisions, and our teams to deliver great products to customers. It won’t be easy, and we’ll need to keep adjusting. But we got this far, and I’m confident that if we make smart decisions now, it will only be the beginning.

Further reading

Companies approach this problem of declining efficiency in different ways, to best fit their situation. We’ve aligned on implementing these changes and tools after doing significant research on how other companies have navigated this. Here are a few great books and resources that helped educate me on this topic:

  • Amp It Up: Frank Slootman has a great blog post on this that turned into a book. The core message is that when someone says I’ll get back to you next week, say how about tomorrow. When someone says it will take six months, ask how we would do it in six weeks or six days if we had to.
  • Turn The Ship Around: The core message of this book is instead of asking your manager what you should do, tell him or her what you intend to do, and they will edit your thinking if needed. You still need to inform, but it’s your responsibility to decide the best path.
  • Founders Mentality: The core message is to maintain an insurgent mindset, with a bias for action, bold mission, customer advocacy, and more. Try the quiz for more details.

Operating efficiently at scale was originally published in The Coinbase Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

Ethereum Believers May Be Staring Down Opportunity As ETH Reaches Another Low Against Bitcoin: CryptoQuant CEO