Exploring the Top Four Concerns for Cross-Border CBDCs: Privacy, Transparency, and More
Central bank digital currencies (CBDCs), virtual currencies backed by central banks, are gaining popularity as more nations, representing over 95% of the world’s GDP, consider issuing their own CBDCs. While some nations are exploring the use of CBDCs domestically, cross-border CBDCs, which allow for direct transactions between financial institutions in different countries using digital currencies, are also becoming more common. According to the Atlantic Council, there are currently over 7 cross-border CBDC projects underway, with more expected in 2023. These projects aim to improve cross-border financial transactions by making them faster and cheaper for users. However, to be widely adopted, cross-border CBDCs must address privacy concerns, as they could potentially increase the scale and speed of breaches threatening users’ privacy. To address these concerns, participating countries must align their technological frameworks and regulatory standards at the outset of development. The EU and US, which have different privacy laws, must also harmonise their approaches as they work towards a comprehensive CBDC. Cross-border transactions, which are expected to reach $156 trillion by 2022 and over $250 trillion by 2027, play a crucial role in supporting the movement of capital, goods, and services as well as new business lines and models. To improve the speed, cost, and inclusivity of these transactions, the public and private sectors must work together to improve current systems and explore new technical and financial solutions. Central banks and monetary authorities must also consider their role in this area, as new businesses offering alternatives to traditional banks emerge.
Ensuring Privacy and Transparency in Cross-Border Central Bank Digital Currencies
Cross-border CBDCs can raise privacy and transparency issues. A methodology is needed to analyse the privacy effects of a global CBDC. To do this, we must identify the main privacy and transparency requirements for a typical transaction, as well as the key stakeholders in a cross-border CBDC. Seven primary categories of stakeholders are:
- The sender and the receiver: These are the individuals or organisations initiating and receiving the payment, respectively. In a retail scenario, the sender and receiver may be connected to banks that hold accounts containing the CBDC being used in the transaction. In a wholesale scenario, the sender and receiver may be banks themselves.
- Financial intermediaries: These organisations facilitate international trade by providing services such as foreign exchange, client onboarding, and compliance checks.
- Central banks: The CBDC ledgers of the issuing central banks for the sender and receiver’s CBDCs may be updated to settle international transfers. Depending on the domestic CBDC architecture, these central banks may be able to view transaction details. Other central banks may also be able to see the global ledger.
- Validators: In multi-CBDC architectures, validators are responsible for checking the legality of each transaction. Validators may be operated by commercial and central banks, as well as non-financial entities.
- Third-party service providers: Multi-CBDC projects often involve public-private partnerships, with third parties providing infrastructure, code, and services such as cloud hosting and network operations.
- Oversight institutions: Regulators and oversight agencies may need access to (parts of) the cross-border CBDC ledger. There may be various regulators in different countries, each with their own standards that may change over time.
- Third-party delegates: In a multi-CBDC, third parties not directly involved in a given transaction, such as other users or advertisers seeking access to user data, may also participate.
Data Formats and Privacy Concerns in CBDCs
Privacy and data protection laws cover a wider range of data types than anti-money laundering laws, but in CBDC schemes, the data types collected for AML purposes often raise the most important privacy and data protection issues. Regulated entities typically collect and retain the following information for AML purposes for a period of five years after the end of the commercial relationship or occasional transaction:
- Client and beneficial owner information: This typically includes client identity and contact details (e.g., phone number, email, address) as well as personal information for individuals (e.g., name, last name, ID or passport number, nationality, and date of birth) and business information for legal entities (e.g., country of incorporation, nature of business, identities of directors, and information on beneficial owners).
- Account specifics: This includes account information such as the intended use and anticipated location of transactions, which can be helpful for transaction monitoring and for supporting notifications of unusual activity.
- Transaction details: This includes transaction histories and patterns, including sender, receiver, amount, and modality (e.g., credit), as well as any supporting analysis used to identify suspicious transactions and associated metadata such as timestamps, IP addresses and information on the success or failure of the transaction.
Data Sharing Mechanisms in CBDCs
In theory, governments and other public or private third parties do not automatically have access to Know Your Customer (KYC) data. However, there are various situations in which data sharing occurs, including:
- Sharing of information before suspicion (private-to-private): This refers to data exchange that takes place as a general precaution before reporting a transaction.
- Exchange of information after suspicion (mostly private-to-public, but also public-to-private and public-to-public): When filing Suspicious Transactions Reports (STRs) or Suspicious Activity Reports (SARs), some information is shared once suspicious activity is discovered.
- Controlled access (private-to-public, public-to-public): In other cases, supervisory agencies, and sometimes the Financial Intelligence Unit (FIU) itself, may carry out regular inspections without first submitting an STR/SAR or starting an inquiry.
- Other systems for sharing information (private-to-public, public-to-public): Other regulatory frameworks may allow for the use of AML-related information for additional purposes, such as tax purposes.
The technical design of a multi-CBDC has a significant impact on privacy and transparency features. Most existing pilots have relied on enterprise blockchain solutions (such as Corda, Quorum, Hyperledger Fabric, Hyperledger Besu, and Elements), each of which uses a different method for disseminating and representing transactions to provide privacy for different stakeholders. As a result, different designs can compromise efficiency, security, and openness.