Cryptocurrency: Liability and Regulatory Issues

Written by Tan Yan Ru | Edited by Josh Lee Kok Thong

We’re all law and tech scholars now, says every law and tech sceptic. That is only half-right. Law and technology is about law, but it is also about technology. This is not obvious in many so-called law and technology pieces which tend to focus exclusively on the law. No doubt this draws on what Judge Easterbrook famously said about three decades ago, to paraphrase: “lawyers will never fully understand tech so we might as well not try”.

In open defiance of this narrative, LawTech.Asia is proud to announce a collaboration with the Singapore Management University Yong Pung How School of Law’s LAW4032 Law and Technology class. This collaborative special series is a collection featuring selected essays from students of the class. Ranging across a broad range of technology law and policy topics, the collaboration is aimed at encouraging law students to think about where the law is and what it should be vis-a-vis technology.

This piece, written by Tan Yan Ru, seeks to explore liability and regulatory issues around cryptocurrency. It begins by exploring how the two central characteristics of blockchain – decentralisation and pseudonymity raise liability and regulatory issues. It then examines existing measures taken by regulators and policymakers to address liability issues, while acknowledging increasing sophistication on the part of those seeking to evade these measures. Other measures, such as raising cryptocurrency literacy and setting up a cryptocurrency task force are examined. Moving on, it examines the existing regulatory conundrum arising from the use of cryptocurrencies. It is observed that current regulatory regimes appear to reflect an escalating legal arms race to be the first in coming up with a solution. Finally, the paper submits that regulatory issues may be resolved by the harmonisation of the various regulations with international institutions working together.

Introduction

We are in the midst of the Fourth Industrial Revolution, a concept popularised by Professor Klaus Schwab at the World Economic Forum in 2016.^[1] According to Schwab, the Fourth Industrial Revolution is characterised by sophisticated data-driven automation and increased interconnectivity between the physical, digital and biological realms.^[2] As a result, technology has become an ubiquitous part of our daily lives and business activities. This in turn has radically altered the social and economic fabric worldwide.^[3]

One disruptive technology of the Fourth Industrial Revolution is financial technology, specifically cryptocurrencies and their underlying blockchain architectures.^[4] The blockchain architecture consists of key characteristics such as decentralisation and pseudonymity. To prevent the “double spending problem”,^[5] all transactions and metadata about them are recorded and time stamped on a public cryptocurrency ledger known as the blockchain. This ledger is shared across a distributed network of thousands of participants, which takes the place of an intermediary.^[6] As a result, each participant controls his cryptocurrencies directly by entrusting them to a distributed network instead of a central authority like the government or a financial institution.^[7] The system is therefore decentralised. Additionally, each participant is assigned a private key and a public key. These keys are strings of numbers that are unable to establish any identities. However, all transactions will be anchored to the user if his identity is uncovered.^[8] Therefore, cryptocurrency is pseudonymous (and not anonymous, as popularly believed). 

As a result of the decentralisation and pseudonymous characteristics of blockchain, a host of unprecedented legal challenges arise from the use of cryptocurrencies.^[9] For instance, there is much difficulty in establishing jurisdiction or attributing liabilities in cases of cryptocurrency theft and scams. Traditionally, customers can bring an action against the bank if it is responsible for a banking transaction gone wrong. The appropriate jurisdiction will then be determined and applied. However, these tasks are unenviably challenging to perform for decentralised cryptocurrency networks. First, the ledger is distributed across nodes which are situated globally. Thus, every transaction will conceivably be within the jurisdictional scope of the locality in which each node lies. Consequently, the cryptocurrency network must comply with an onerous number of laws and regulations.^[10] Second, there exists uncertainties on the appropriate authorities to regulate and govern the cryptocurrency networks due to their cross-border nature.^[11] Third, the discussion on jurisdiction is moot if the defendant cannot even be identified.^[12] Presently, there exists substantial hurdles to trace and uncover the real-world identities of perpetrators in cases of cryptocurrency thefts and scams. Further, the lack of regulatory certainty implies that victims may be transferred from one country to another or one regulator to another during investigations.^[13] Consequently, cryptocurrency investors have lost their investments, with little hopes of recovering them.^[14]

The purpose of this paper is to examine liability issues and the lack of international coordination to regulate cryptocurrencies. It then proposes solutions on how they can be overcome. The paper will first critically examine existing laws and regulations to address the liability issues surrounding cryptocurrencies and the underlying blockchain technology. It will then propose that regulators ought to push for cryptocurrency literacy by publishing an investment checklist guide to specifically educate retail cryptocurrency investors. This complements existing laws and measures that attempt to unmask the perpetrators and thereby mitigates liability issues. The paper also suggests that a cryptocurrency task force can be set up to unmask the perpetrators to attribute liability. Finally, the paper recommends that international institutions (like Financial Action Task Force (“FATF”), The Financial Stability Board (“FSB”), The Basel Committee on Banking Supervision (“BCBS”), and the Organization for Economic Co-operation and Development (“OECD”)) work together to harmonise the various regulations to solve the regulatory conundrum posed by cryptocurrencies and their attending blockchain technology. Alternatively, a single organisation could be set up to formulate a harmonised regulatory framework. 

Liability Issues

Existing measures to identify perpetrators to impute liability

Law enforcement investigators, particularly those in the US, have developed many methods for unmasking the pseudonymous perpetrators. First, the investigators can obtain the Internet Protocol addresses belonging to the perpetrators when the transfer of cryptocurrencies are conducted online or when fiat currency is converted to cryptocurrencies on online cryptocurrency exchanges.^[15] Second, blockchain analysis techniques can be utilised to single out the perpetrators.^[16] For instance, investigators can analyse transaction histories and track the flow of cryptocurrencies in blockchain tracing. Another example is where investigators identify numerous cryptocurrencies addresses that were used concurrently in clustering. In this case, the inference is that the clusters belonged to a particular perpetrator. Most of the time, the blockchain analysis will eventually lead to cryptocurrency exchanges or wallet providers, particularly when the perpetrators want to cash out on the values of their cryptocurrencies.^[17] The investigators can therefore acquire information about the perpetrators’ identities since most major cryptocurrency exchanges and wallet providers are mandated by FinCen to collect Know-Your-Customer (“KYC”) information for anti-money laundering purposes.^[18]

At the same time, law enforcement investigators recognise that perpetrators have grown in sophistication. This is evident by the increasing number of perpetrators utilising obfuscation techniques to break the transaction trail and thwart tracing efforts.^[19] In coin mixing, the perpetrators’ cryptocurrencies are jumbled with other users’ cryptocurrencies, so that “brand-new” cryptocurrencies are issued with a corresponding “brand-new” cryptocurrency address. In chain hopping, cryptocurrencies undergo rapid and successive blockchain-hopping. In chain peeling, a few cryptocurrencies peel off from the blockchain into a cryptocurrency exchange while the remaining cryptocurrencies are shuffled to a new blockchain. Further, new cryptocurrencies, particularly Monero, possess enhanced security and privacy features such as ring signatures and stealth addresses which make them even harder to track.^[20] Finally, the KYC information collected by the cryptocurrency exchanges may prove to be useless. For instance, the IP addresses collected from Binance, led to a Netherlands telecommunications firm but with no personal identifying details of the perpetrators.^[21]

It has been suggested that policymakers ought to incentivise the development and use of cryptocurrencies that promotes user identification.^[22] Alternatively, it is suggested that firms issuing cryptocurrencies be able to identify the participants on the blockchain by imposing a KYC rule for any users entering the blockchain.^[23]However, these approaches likely against the pseudonymity ethos of cryptocurrencies.^[24] In fact, the popularity of cryptocurrencies stems from the ability to maintain some semblance of anonymity, much like when cold hard cash exchange hands in the real world. It is thus difficult to imagine that cryptocurrencies would abandon this pseudonymous pillar.

Recommendations to mitigate liability issues

Given that it is an uphill battle to identify the perpetrators and victims are likely unable to seek adequate legal recourse from the authorities,^[25] this paper suggests that regulators and policy makers should push for cryptocurrency literacy to complement existing measures and thereby mitigate liability issues. This recommendation proposes for the publication of an investment checklist guide for cryptocurrency investors. This checklist should incorporate both general and specific tasks with descriptions to increase the investors’ cryptocurrency literacy. In this case, general tasks can include: 

1. Researching before investing in cryptocurrencies;^[26]
2. Developing an investment roadmap;^[27] and
3. Understanding the risks associated with cryptocurrency investments. ^[28]   

On the other hand, specific tasks could include:

1. Conducting elemental inspection on the performance records, industry connections and social media presence of the cryptocurrency developers;^[29]
2. Checking whether the cryptocurrency project operates a bug bounty scheme;^[30]
3. Studying white papers of the cryptocurrency project to grasp its conceptualisation and development, including its strategies to generate profits;^[31] and
4. Look out for red flags like cryptocurrency projects promising exorbitant gains but appear to be short of statistics and details to bolster the claims.^[32]

In this regard, checklists for investment products are not a new concept. They are prevalent in financial regulations such as the Securities and Futures (Offers of Investments) (Securities and Securities-based Derivatives Contracts) Regulations 2018.^[33] The Twentieth Schedule contains prospectus disclosure checklists so that investors possess all necessary information before committing to an investment. Checklists are also utilised widely by international organisations as demonstrated by the G20/OECD Checklist on Long-term Investment Financing Strategies and Institutional Investors.^[34] In these cases, the checklists function as evaluation tools to help parties assess their investment strategy. Hence, these illustrate that cryptocurrency investors can benefit greatly from an investment checklist to guide their investment decisions. 

One likely criticism is that the investment checklist is too broad-based since no checklist can comprehensively cover everything that a cryptocurrency investor should know.^[35] This is compounded by the constant evolution of cryptocurrency protocols. While this paper acknowledges this difficulty, Charlie Munger has asserted that an investor will likely make a bad investment if he tries to evaluate a company without an adequate checklist.^[36] Besides, cryptocurrency literacy is simply one crucial element in the investor’s toolbox to better protect themselves.^[37]

Another criticism concerns that fact that investors may simply disregard the checklist.^[38] Bearing in mind that this behaviour is psychological,^[39] policymakers can emphasise the importance of using the checklist by highlighting incidents of people losing their cryptocurrencies in the investment checklist guide. 

The last criticism relates to the technical jargon used in the white paper which may put the investors off understanding the cryptocurrency projects. Nevertheless, research is part of an investor’s due diligence^[40] – including learning the terminologies. In fact, investors could even consider turning to YouTube videos to grasp basic concepts about the cryptocurrency landscape.^[41]

To be sure, investment checklists alone are likely insufficient to mitigate liability issues. Victims of cryptocurrency frauds and scams are likely to demand the law to be able to identify the perpetrators to attribute liability. In the US, a multidisciplinary special task force has been established to conduct investigations on the Dark Web. This task force is made up of agents from the different federal law enforcement agencies and are equipped with the necessary skillsets to infiltrate the Dark Web and acquire crucial intelligence to break the shield of anonymity cloaking the Dark Web users and operators.^[42] A case in point is the shutdown of Silk Road, an online and anonymous marketplace, and the capture of its founder, Ross Ulbricht, in October 2013. Online users of the Silk Road could peddle or purchase illegal drugs and weapons, host money laundering activities and even hire assassinators using Bitcoin anonymously and without being monitored.^[43] Consequently, an elite FBI cyber taskforce successfully infiltrated the Silk Road to bring down the dark marketplace and unmask Ulbricht, who was operating by the name of Dread Pirate Roberts. Indeed, such investigations are starting to gain traction among major cryptocurrency industry players as evident by Binance hiring ex-agents, who have worked on some of cryptocurrency’s most high-profile investigations like the Mt Gox hack and the Silk Road website, to head Binance’s global intelligence and investigations team.^[44] Thus, a cryptocurrency taskforce can similarly be set up by governments and law enforcement agencies to unmask the perpetrators of cryptocurrency frauds and scams so that they can be attributed liabilities. This is likely to mitigate liability issues posed by cryptocurrencies. 

Lack Of International Coordination To Regulate Cryptocurrencies 

Existing cryptocurrency regulations

Cryptocurrencies predate cryptocurrency regulatory issues. Hence, even as regulators and policymakers scramble in response to the cryptocurrency fever gripping the world, they seemingly fall short of the critical tools to regulate cryptocurrencies which are everywhere but nowhere.^[45]  Eventually, this haphazard scramble culminates in a huge range of regulatory approaches across various jurisdictions.

In Singapore, cryptocurrencies may fall within the scope of the Securities and Futures Act^[46] (“SFA”) if they function as capital market products which is defined as securities, units in a collective investment scheme, derivatives contracts, and spot foreign exchange contracts for purposes of leveraged foreign exchange trading. The Monetary Authority of Singapore (“MAS”) also passed the Payment Services Act (“PSA”),^[47] which licenses and regulates payment service providers. In addition, cryptocurrency-based payments and payment service providers as digital payment tokens and digital payment token services are also regulated under the PSA. Further, the MAS has put forward the Omnibus Act to bring licensing requirements and AML/CFT regulations under a single umbrella framework to eliminate any overlaps between the PSA and the SFA. Overall, a calibrated risk proportionate system is adopted with MAS launching the FinTech Regulatory Sandbox to enable collaborations and consultations between fintechs, banks and regulators^[48] and the Project Ubin Initiative in which MAS experiments with a Central Bank Digital Money built on blockchain technology.^[49] Cryptocurrencies are property but not legal tender.^[50]

In the United Kingdom, the Financial Conduct Authority policy statement PS19/22 (2019) provides guidance on cryptocurrencies and the applicable regulatory regime for each type. Thus, cryptocurrencies can be classified as specified investments under the Regulated Activities Order, or as e-money under the E-Money Regulations. They could also be covered under the Payment Services Regulations; or simply fall outside regulation.^[51] Similar to Singapore, cryptocurrencies are property but not legal tender.^[52]

In the US, many regulatory agencies have claimed jurisdictions over cryptocurrencies. The Securities and Exchange Commission deems cryptocurrencies as securities. The Commodity Futures Trading Commission considers cryptocurrency as commodities. The Treasury’s FinCEN recognises cryptocurrencies as currencies, while the Internal Revenue Service defines cryptocurrencies as a digital representation of value that functions as a medium of exchange, a unit of account, and/or a store of value. The disparities in the frame of reference have therefore resulted in overlapping regulatory frameworks.^[53]

The European Union endorses a comprehensive approach. The European Commission has proposed the Markets in Crypto-Assets Regulation, a comprehensive Europe-wide regulatory framework that enhances consumer protections. Nonetheless, governance over cryptocurrency exchanges is determined by individual member states. 

China adopts a restrictive stance. Although the Civil Code (2020) regards cryptocurrencies as property but has banned all cryptocurrency exchanges and mining operations.^[54] Despite the bans, People’s Bank of China is currently leading the world in developing a central bank digital currency, known as the Digital Yuan.^[55]

Brazil maintains a wait-and-see position. Thus, existing laws and regulations pertinent to the financial industry are enforced on cryptocurrency entities.^[56]

Problems with existing regulations

The current regulatory regimes appear to reflect an escalating legal arms race to be the first in coming up with a solution to the regulatory issues.^[57] Consequently, this has led to uncoordinated and fragmented regulations that produce a prisoner’s dilemma in which key stakeholders engage in short-term decision making. Although this satisfies their immediate interests, pernicious long-term consequences are likely to arise. For instance, cryptocurrencies will gravitate to jurisdiction with very favourable regulatory regimes like Malta and Gibraltar, thereby decreasing the level of innovation, and the potential to harness the benefits of cryptocurrencies in jurisdictions with regulatory uncertainties.^[58]  

Recommendations to overcome the lack of international coordination

Since governments has thus far not been very successful in coordinating regulatory efforts, there exists an institutional gap that must be filled to adequately address the regulatory arbitrage.^[59] Hence, this paper submits that this may be resolved by the harmonisation of the various regulations by the international institutions (FATF, FSB, BCBS, and OECD) working together. At present, each international body targets different aspects of cryptocurrencies. FATF’s emphasis is on regulating cryptocurrencies, with the goal of hampering money laundering and terrorism financing activities. It has therefore enacted the extended travel rule mandating all cryptocurrency service providers to collect information on market participants. FSB’s attention is on whether cryptocurrencies pose a risk to health of the global financial system. It had called for setting up a vigilant system to monitor the development of cryptocurrencies. BCBS’s focus is advancing policy frameworks to mitigate risks and enhance benefits of the banking systems being exposed to cryptocurrencies. It currently assumes a conservative stance towards cryptocurrencies. The OECD deals with the taxation matters of cryptocurrencies. It is working on a tax reporting framework for cryptocurrencies to ensure tax transparency. By working together to harmonise the various regulations, the final stance adopted by these international institutions will have crucial ramifications. The reason is that as standard setting bodies, they can build the core foundation for treating cryptocurrencies consistently across jurisdictions.^[60]

While critics have acknowledged that the formulation of a transnational law to resolve the regulatory conundrum is the best course, they argued that international harmonisation is a herculean enterprise considering the patchwork of laws asserting to regulate cryptocurrencies. This paper submits that this observation is accurate and clarifies that the harmonisation of the various regulations does not necessarily entail a single transnational law. Rather, it calls for the international bodies to examine and pinpoint synergistic elements of clashing legal rules and chip away at the discrepancies, and disagreements between the various domestic legal systems to establish a regulatory framework.^[61]

In fact, resolving the regulatory conundrum on cryptocurrencies may not even require forming another international organisation or confer the responsibility to a single existing organisation, since cryptocurrency issues are germane to many international entities.^[62] For example, in the early days of the Internet, regulators viewed cyberspace as terra nullis – a field out of range of any regulations.^[63] Yet, an ecosystem surfaced overtime to govern the Internet. This ecosystem has since facilitated the legal interoperability that the global network demands necessary. Hence, entities like the Internet Engineering Task Force and the World Wide Web Consortium standardise Internet and Web specifications, whereas the Regional Internet Registries and the Internet Corporation for Assigned Names and Numbers coordinate the allocation of IP addresses and domain names. Each of these transnational institutions oversees a specific issue and possesses an internal protocol and align among themselves to cover all aspects of a sound governance system that serves billions of people worldwide by permeating almost all human activities.^[64] Hence, this paper submits that the harmonisation of the various regulations by the international institutions has equal potential to achieve the same outcome.

However, this ecosystem may not be feasible given the current proliferation of uncoordinated and fragmented regulations worldwide. Rather, various regulatory authorities and institutions must first recognize that the international harmonization of cryptocurrencies is desirable^[65] and then set up a single organisation like an International Council for Harmonisation of Cryptocurrency Regulations.^[66] This organisation can thus bring together vital actors like international institutions, regulatory authorities from various countries and industry experts to formulate universal cryptocurrency regulatory measures.^[67] Moreover, the International Council for Harmonisation can use and adopt Conventions, model laws, legislative and non-legislative instruments similar to that found in the United Nations Commission on International Trade Law (“UNCITRAL“). This ideally takes into consideration the different regulatory regimes and levels of cryptocurrency penetration in each country. In this way, the regulatory framework can offer appropriate solutions for each country.^[68]

Ultimately, harmonisation of cryptocurrency regulations is desirable and possible. The decentralised architecture of cryptocurrency networks, in which the ledger is distributed across nodes situated globally, highlights the urgency and importance of a harmonized regulatory framework. Thus, government and regulatory authorities will likely eventually recognise a clear need for the international harmonisation of cryptocurrency regulations and work collectively to achieve this goal.^[69]

Conclusion

This paper proposes that cryptocurrency liability and regulatory issues may be mitigated and solved. It begins by exploring how the two central characteristics of blockchain – decentralisation and pseudonymity raise liability and regulatory issues. It then examines existing measures taken by regulators and policymakers to address liability issues. These include obtaining Internet Protocol addresses and utilising blockchain analysis techniques. However, it acknowledges that perpetrators have increased in sophistication to hide their cryptocurrency trails.

Next, it evaluates recommendations to either incentivises user identification or imposing a KYC rule on the cryptocurrency blockchain. However, the paper argues that these approaches likely go against the ethos of cryptocurrencies. It then suggests that regulators ought to push for cryptocurrency literacy by publishing an investment checklist guide to educate retail cryptocurrency investors. This complements existing laws and measures that attempt to unmask the perpetrators so that liability can be imputed on them. Additionally, a cryptocurrency task force can be set up by governments and law enforcement agencies to unmask the perpetrators of cryptocurrency frauds and scams so that they can be attributed liabilities.

Moving on, the paper examines the regulatory conundrum arising from use of cryptocurrencies. It is observed that current regulatory regimes appear to reflect an escalating legal arms race to be the first in coming up with a solution.

Finally, the paper submits that regulatory issues may be resolved by the harmonisation of the various regulations with international institutions working together. As standard setting bodies, they can build the core foundation for treating cryptocurrencies consistently across jurisdictions. Alternatively, it is argued that various regulatory authorities and institutions must first recognise that international harmonisation of cryptocurrency regulations is desirable and then set up a single organisation like an International Council for Harmonisation of Cryptocurrency Regulations. This organisation can formulate universal cryptocurrency regulations via a process of consensus with regulatory and industry experts working alongside each other. To ensure successful implementation of the regulatory framework, the body could use and adopt Conventions, model laws, legislative and non-legislative instruments similar to that found in UNCITRAL.

This piece was published as part of LawTech.Asia’s collaboration with the LAW4032 Law and Technology module of the Singapore Management University’s Yong Pung How School of Law. The views articulated herein belong solely to the original author, and should not be attributed to LawTech.Asia or any other entity.

^[1] World Economic Forum website <https://www.weforum.org/events/world-economic-forum-annual-meeting-2016>

^[2] Klaus Schwab, The Fourth Industrial Revolution (Crown Publishing Group, 2017).

^[3] Ibid.

^[4] Klaus Schwab & Nicholas Davis, Shaping the Future of the Fourth Industrial Revolution (Crown Publishing Group, 2018).

^[5] Satoshi Nakamato, “Bitcoin: A Peer-to-Peer Electronic Cash System” (2008) <https://bitcoin.org/bitcoin.pdf> 

^[6] Jerry Brito & Andrea M. Castillo, Bitcoin: A Primer for Policymakers (Mercatus Centre, George Mason University, 2016).

^[7] Antony Lewis, “The Basics of Bitcoins and Blockchains” (Mango Publishing, 2018).

^[8] Supra, n 6.

^[9] World Economic Forum, “Navigating Cryptocurrency Regulation: An Industry Perspective on the Insights and Tools Needed to Shape Balanced Crypto Regulation” (2021) <https://www3.weforum.org/docs/WEF_Navigating_Cryptocurrency_Regulation_2021.pdf>

^[10] McKinlay et al, “Blockchain: background, challenges and legal issues” (2018) <https://www.dlapiper.com/en/uk/insights/publications/2017/06/blockchain-background-challenges-legal-issues/>

^[11] Supra n 9.

^[12] Joseph Lau, “Legal and Regulatory Intervention In The Cryptocurrency Space” (2021) 33 SAcLJ 50. 

^[13] John Yoon, “A Cryptocurrency Inspired By ‘Squid Game’ Crashes. The Industry Has Questions.” (2021) <https://www.nytimes.com/2021/11/02/business/squid-coin-crypto-scam.html>

^[14] Federal Trade Commission website <https://www.ftc.gov/news-events/blogs/data-spotlight/2021/05/cryptocurrency-buzz-drives-record-investment-scam-losses#end2>

^[15] C. Alden Pelker, Christopher B. Brown & Richard M. Tucker, “Using Blockchain Analysis From Investigation To Trial” (2021) 69 U.S. Attorney’s Bulletin 59.

^[16] Ibid.

^[17] Matthew J. Cronin, “Hunting in the Dark: A Prosecutor’s Guide to the Dark Net and Cryptocurrencies” (2018) 66 U.S. Attorney’s Bulletin 65.

^[18] Michele R. Korver, C. Alden Pelker & Elisabeth Poteat, “Attribution in Cryptocurrency Cases” (2019) 67 U.S. Attorney’s Bulletin 233.

^[19] Supra, n 15.

^[20] Andy Greenberg, “Monero, the Drug Dealer’s Cryptocurrency of Choice, Is on Fire” (2017) <https://www.wired.com/2017/01/monero-drug-dealers-cryptocurrency-choice-fire/>

^[21] Monty Munford, “How I lost £25,000 when my cryptocurrency was stolen” (2019) <https://www.bbc.com/news/business-49177705>

^[22] Supra n 12. 

^[23] Jabotinsky, Hadar Yoana and Jabotinsky, Hadar Yoana and Lavi, Michal, “Speak Out: Verifying and Unmasking Cryptocurrency User Identity” (2021) <http://dx.doi.org/10.2139/ssrn.3828970> 

^[24] Binance website <https://www.binance.com/en/blog/ecosystem/%E2%80%8Bwhat-is-kyc-or-identity-verification-and-how-is-it-increasingly-important-for-crypto-421499824684902130>

^[25] Christina Pazzanese, “Regulators put cryptocurrency in crosshairs” (2021) <https://news.harvard.edu/gazette/story/2021/09/regulating-the-unregulated-cryptocurrency-market>

^[26] U.S. Securities and Exchange Commission website <https://www.investor.gove/research-you-invest> 

^[27] U.S. Securities and Exchange Commission website <https:www.sec.gov/investor/pubs/tenthingstoconsider.htm> 

^[28] U.S. Securities and Exchange Commission website <https://www.sec.gov/reportspubs/investor-publications/investorpubsaskquestionshtm.html>

^[29] Shobhit Seth, “What’s a Cryptocurrency Exit Scam? How Do You Spot One?” <https://www.investopedia.com/tech/whats-cryptocurrency-exit-scam-how-spot-one/>

^[30] Kraken website <https://www.kraken.com/en-us/features/security/bug-bounty> 

^[31] Supra n 29.

^[32] Supra n 29.

^[33] Securities and Futures Act (Cap 289), Securities and Futures (Offers of Investments) (Securities and Securities-based Derivatives Contracts) Regulations 2018.

^[34] OECD, “G20/OECD Checklist on Long-term Investment Financing Strategies and Institutional Investors” < https://www.oecd.org/daf/fin/private-pensions/G20-OECD%20Checklist%20on%20Long-term%20Investment%20Financing%20Strategies.pdf>

^[35] Atul Gawande, “The Checklist Manifesto: How To Get Things Right” (Penguin Random House, 2014)

^[36] Munder, Charles T, Kaufman, Peter D, “Poor Charlie’s Almanack: The Wit and Wisdom of Charles T. Munger, Expanded Third Edition” (Walsworth Publishing Company, 3^rd Edition, 2008)

^[37] Delia Richard, “MoneySmart: Simple Guidance you can trust”< https://www.oecd.org/daf/fin/financial-education/49648648.pdf>

^[38] Psychology & Neuroscience website <https://psychology.stackexchange.com/questions/4831/why-dont-people-read-instructions>

^[39] Sabrina Dunham et al, ”The Psychology of Following Instructions and Its Implications” <https://www.ajpe.org/content/ajpe/84/8/ajpe7779.full.pdf>

^[40] Supra n 29. 

^[41] Taylor Locke, “These 14- and 9-year-old siblings earn over $30,000 a month mining cryptocurrency” (2021) <https://www.cnbc.com/2021/08/31/kid-siblings-earn-thousands-per-month-mining-crypto-like-bitcoin-eth.html>

^[42] Supra, n 18.

^[43] Sommers and Bernstein, “Inside the FBI takedown of the mastermind behind website offering drugs, guns and murders for hire” (2020) <https://www.cbsnews.com/news/ross-ulbricht-dread-pirate-roberts-silk-road-fbi/>

^[44] Joanna Ossinger, “Binance Hires Ex-U.S. Agent Who Led Probes on Silk Road, Mt.Gox” (2021) <https://www.bloomberg.com/news/articles/2021-09-30/binance-hires-ex-u-s-agent-who-led-probes-on-silk-road-mt-gox>

^[45] Rabindra Kumar Mitra, ”Blockchain Technology: Importance of Transnational Laws and Jurisdictional Issues in Blockchain Dispute Resolution” (2019) <https://rmlnlulawreview.com/2019/02/26/blockchain-technology-importance-of-transnational-laws-and-jurisdictional-issues-in-blockchain-dispute-resolution/>

^[46] Securities and Futures Act (Cap 289, 2006 Rev Ed) s 2(1).

^[47] Payment Services Act 2019 (No, 2 of 2019).

^[48] MAS website <https://www.mas.gov.sg/development/fintech/sandbox> 

^[49] MAS website <https://www.mas.gov.sg/schemes-and-initiatives/project-ubin> 

^[50] Timothy Smith, “Cryptocurrency Regulations Around the World” (2021) <https://www.investopedia.com/cryptocurrency-regulations-around-the-world-5202122>)

^[51] Financial Conduct Authority website <https://www.fca.org.uk/publications/policy-statements/ps19-22-guidance-cryptoassets>

^[52] Supra n 50. 

^[53] Todd Ehret & Susannah Hammond, “Compendium – Cryptocurrency regulations by country” (2021) <https://www.thomsonreuters.com/en-us/posts/wp-content/uploads/sites/20/2021/06/Compendium_Cryptocurrency-Regs_FINAL.pdf>

^[54] Supra n 50.

^[55] Supra n 9.

^[56] Ibid.

^[57] Bertrand De La Chapelle & Paul Fehlinger “Jurisdiction on the internet: How to move beyond the legal arms race” (2016) <https://www.orfonline.org/expert-speak/jurisdiction-on-the-internet> 

^[58] Ibid.

^[59] Ibid.

^[60] Supra n 9.

^[61] Supra n 45.

^[62] Supra n 56.

^[63] Supra n 45.

^[64] Supra n 56.

^[65] UNCITRAL, “Thirty-five Years of Uniform Sales Law: Trends and Perspectives” (2015) < https://uncitral.un.org/sites/uncitral.un.org/files/media-documents/uncitral/en/35_years_of_uniform_sales_law-e.pdf>

^[66] ICH website <https://www.ich.org/>

^[67] Supra, n 65.

^[68] UNCITRAL website <https://uncitral.un.org/>

^[69] Supra, n 65.