Cryptocurrency is a confusing business with a language all its own, in part because it is a genuinely new way of doing business and in part, because it was created by programmers and cryptographers, who should never be allowed to name anything regular people will use.
Cryptocurrencies have a lot of uses as an investment, as a currency for payments, as a store of value, as well as others. Like any investment, it’s vital to know what you’re talking about and more importantly, what the person trying to sell you something is really saying. And like any other field of finance, industry, art or basically every human endeavor, it has its own lingo, acronyms and definitions. And especially in matters of law and finance, definitions matter.
Read also: Dai or Die: ‘Payment Stablecoins’ and Why the Taxonomy of Crypto Matters
In this series of articles, we’re going to create a number of glossaries for various parts of the crypto industry, which we’ll combine into a larger reference tool. Today, we’re talking about the regulatory and legal terms — crime included of course — that describe and define cryptocurrencies.
See also: PYMNTS Cryptocurrency Glossary: The Basics
51% attack: The whole point of blockchain technology is that it prevents double spending attacks, in which the same digital asset is spent more than once by a bad actor. Blockchain is described as immutable — unchangeable once written, which is true. Unless someone gains control of more than half of the “hash power,” which is the total computing power validating new transactions. If they do, and it has happened to smaller blockchains, the attacker can stop new transactions from being written onto the blockchain and double-spend those tokens.
Read more: The 51% Attack: Crypto’s Double-Spending Achilles Heel
Anti-money laundering (AML): AML regulations require crypto exchanges and other virtual asset service providers (VASPs) — and all regular financial institutions to monitor and record transactions above a certain amount, reporting them and any suspicious activities to authorities, including FinCEN in the U.S.
See also: Deep Dive: Why AML/KYC Regulations Left Cryptocurrency Exchanges With A Difficult Choice
Countering the funding of terror (CFT): Legal regulations are similar in purpose to anti-money laundering regulations, except they focus on preventing funds from being transferred to terrorist organizations.
Commodity Futures Trading Commission (CFTC): The CFTC is one of the main U.S. regulators of the crypto industry, overseeing derivatives trading like bitcoin swaps, options and futures. It has no authority over security tokens (see below), but utility tokens would be classified as commodities — which isn’t to say they can’t also be securities.
Read also: SEC, CFTC’s Crypto Aspirations To Be Tested by Courts, Lawmakers
Crypto-asset: EU regulations define a “crypto-asset” as a “digital representation of value or rights which may be transferred and stored electronically, using distributed ledger technology or similar technology.” It is somewhat different than the Financial Actions Task Force “virtual asset.”
Compliance: In crypto, compliance often refers to complying with AML/CFT and know-your-customer (KYC) rules, but really can refer to any legal or regulatory requirement or to the employees of a company tasked with ensuring it complies with them.
Digital Asset: Any asset that is purely digital, uniquely identifiable and has value or is a digital representation of a physical asset.
Double Spending: A flaw in any digital cash system that allows a token to be spent more than once. In the third line of the Bitcoin Whitepaper, blockchain is described as “a solution to the double-spending problem using a peer-to-peer network,” that does not require a trusted third party to prevent a participant in the transaction from spending the same token twice
Financial Action Task Force (FATF): The FATF is an international body that “recommends” anti-money-laundering and anti-terrorism financing policies. The quotes around “recommends” are because being gray listed means extra monitoring that is bad for an economy. A black listing is effectively removal from the world financial system.
Fiat Currency: A currency issued by and back by the full faith and credit of a national government
FinCEN: The U.S. Treasury Department’s Financial Crimes Enforcement Network, or FinCEN, is responsible for collecting and analyzing information about financial transactions to prevent money laundering and financing terrorism.
Howey Test: The U.S. Supreme Court defined a security as having four parts: [1] An investment of money [2] in a common enterprise [3] with expectations of a profit [4] to be derived from the efforts of others.
ICO: An initial coin offering, or ICO, is the presale of a project’s tokens to fund its development. It was the primary way cryptocurrency projects were financed through 2018 or 2019 when the SEC determined that they were illegal, unregistered securities offerings and began cracking down with huge fines and forcing some projects to return funds to investors. Sales to accredited — read “rich” — investors have far less stringent and onerous requirements and are still in use.
KYC: Know-your-customer or KTC regulations detail the kind of personally identifying data about buyers and sellers of financial products, including cryptocurrencies and digital assets, required for AML/CFT compliance.
Markets in crypto-assets (MiCA): The EU’s wide-ranging cryptocurrency regulatory legal framework. As of August 2022, the terms have been set, but the bill hasn’t been passed by the European Parliament yet.
Mixer/mixing service: Like privacy coins, mixing services are there to obfuscate transactions and make it next to impossible to trace that path of a bitcoin or other token. Supporters say this is about an essential right to privacy in your financial affairs; many others — including all of law enforcement — say they are obvious money-laundering tools for mixing multiple people’s tokens together and then redistributing them, so you can’t trace the A to B to C transaction route.
Read more: Crypto Crime Series: When Privacy Counts, Crypto Users Turn to Mixing Services
Mt. Gox: If you know about only one crypto crime,s this is the one. Japan-based Mt. Gox was far and away the largest and most trusted crypto exchange in 2014. At its height, nearly three-quarters of all bitcoin trades took place on it. Turns out, that trust was badly misplaced, as when the shoe dropped, it dropped fast and far. The exchange was robbed of some 600,000 bitcoins, then worth $460 million — and as of August 2022, $14.4 billion. It was originally thought to be as high as 850,000 but the exchange found several hundred thousand bitcoins it had misplaced — forgotten about — in an old offline “cold” wallet. Which tells you something about its management.
Read more: Crypto Crime Series: Mt. Gox, the Mother of All Crypto Heists
Office of the Comptroller of the Currency (OCC): The primary banking regulator of the U.S. Treasury Department. It oversees the way federal banks can use cryptocurrencies, stablecoins and other digital assets, such as custody of those assets, holding the cash reserves backing stablecoins.
Ponzi scheme: A scam in which early investors are paid with funds raised from new investors, which pays off until the number of new investors runs short and the scheme collapses.
Privacy coin: A privacy coin differs from most cryptocurrencies, which can be traced easily on publicly accessible blockchains. Privacy coins like Monero, Dash and Zcash — and in the last couple of years Litecoin, thanks to a code upgrade — from the deep end of crypto’s libertarian roots, are designed to be as hard as possible to trace. They actively obfuscate, hide, and in some cases, lay false trails to stop trackers. A number of countries, including South Korea, have banned them.
Read also: Privacy Coins: Blow for Freedom — or Boon for Crime?
Pseudonymity: A mash-up of pseudonym and anonymity, pseudonymity refers to the way bitcoin and other cryptocurrencies let owners hide their identity without being truly anonymous, as privacy coins try to be. Because all bitcoins have a “public key” traceable by anyone on the blockchain they are not anonymous. But because the identity of the owner is hidden behind a one-time-only “private key” they are effectively hidden behind a pseudonym.
Pump-and-dump: A standard equities market scam adapted well to cryptocurrency. A scammer starts and nourishes a rumor that a worthless token is going to “moon,” or skyrocket in value, pumping up the price before quickly selling their own large holding — dumping it on the market — driving the price down and leaving newer investors holding the bag. This is easy in crypto, which has a long history of backing projects — including genuine, serious and sometimes successful ones — run by developers hidden behind pseudonyms or simply unknown.
Ransomware: A type of hack in which the attacker gains access to the computer system of a company or individual, encrypts all the data, and demands a ransom — generally in bitcoin or more recently the privacy coin monero — to decrypt it. The Colonial Pipeline ransomware attack on May 7, 2021, which shut down a major source of gasoline to the eastern U.S., set off a potentially major national crisis until a $4.4 million ransom was paid.
Rug pull: A standard equities market scam adapted well to cryptocurrency as it is very easy to cut and paste an existing project, giving the operators the semblance of a serious project that they can pitch to investors. Once they’ve collected enough money —or cryptocurrency in this case, often by selling new tokens — they run off with all the funds.
U.S. Securities and Exchange Commission: The SEC oversees all securities which are defined under the Supreme Court’s Howey Test (see above). As of August 2022, it has determined that almost all cryptocurrencies other than bitcoin are securities under that definition, although there is widespread opposition to this view — which has not yet been proven in court or clearly defined by legislation — in the crypto industry.
Security token: And cryptocurrency that is a security under the Howey Test (see above). Among other things, the SEC has only determined that bitcoin is sufficiently decentralized to avoid Howey as of August 2022. The CFTC has said ether counts as well, something the SEC hasn’t commented on.
Stablecoin: A type of cryptocurrency designed to maintain a one-to-one peg against a fiat currency like the dollar or some other asset, such as gold. Doing this relies on the confidence of users that they will always be able to redeem a token for a dollar or other asset. Without this confidence a bank-run style panic can ensue, causing it to lose its peg (“break the buck” when set against the dollar). There are several ways to maintain this peg, but the two biggest are.
Read also: DeFi Series: What Is an Algorithmic Stablecoin? DAI and the Fiat-Free Dollar Peg
Read also: $45B Stablecoin Rout Confirms Worst Fears about Crypto’s Need for Reserves
Travel Rule: FATF’s AML regulations mandate that governments require Virtual Asset Service Providers (VASPs) to send, receive and screen personal and/or business identifying information when involved in a crypto transaction. In the U.S. it’s $3,000, and the EU’s MiCA law is about to set that at zero euros) — every transaction.
Utility token: A token with a specific use in a blockchain or platform, generally making transactions that perform a specific function like taking an action or accessing a good or service. Notably, it would be classified as a commodity rather than a security — although one may also be classified as a security.
Virtual asset: According to FATF: “A virtual asset is a digital representation of value that can be digitally traded, or transferred and can be used for payment or investment purposes. Virtual assets do not include digital representations of fiat currencies, securities and other financial assets that are already covered elsewhere in the FATF Recommendations.”
Virtual asset service provider (VASP): According to FATF: A virtual asset service provider means any natural or legal person who… as a business conducts one or more of the following activities or operations for or on behalf of another natural or legal person.
For all PYMNTS Crypto coverage, subscribe to the daily Crypto Newsletter.