Capital and financial markets regulation is based on the principle ‘same business, same risks, same regulation’. At the same time, global standard setters and national regulators alike consistently highlight that regulations are meant to be technology-neutral.
So, what happens if the technology changes the risk profile of a business?
The risk profile is redefined.
In a blockchain context, this seems to be one-directional, however. Rather than considering the full transparency and auditability of permissionless blockchains when assessing the risk profile, the FATF and national regulators do not get tired of stressing the risks related to pseudonymity and peer-to-peer transactions. The fact that blockchain analytics companies can track every transaction on most major networks is only considered as part of the risk mitigation measures.
By then, the risk profile is already established and may cause financial institutions and other regulated entities to refrain from interacting with the blockchain space altogether.
If technology changes the risk profile, it should apply in both directions.