There were some 2,000 comments posted as of the time of writing this (of which I read or skimmed a couple dozen), with respondents raising concerns that the proposed rule would infringe on personal rights, capture more of the crypto ecosystem than FinCEN intends and drive legitimate crypto use offshore.
Respondents ranged from privacy-focused wallet providers to industry lobbyists to analytics firms to decentralized finance projects, among others.
Chainalysis, a crypto analytics firm, said the proposals "are too broad" to be effective, and "will result in inconsistent and excessive reporting on transactions," most of which wouldn't be tied to illicit activity.
For example, "everyday economic activity" like liquidity pools or swaps might be captured in the part of the proposal that addresses users exchanging different types of digital assets, a letter from the DeFi Education Fund said.
A few of the letters warned that FinCEN's rule might move activity into other jurisdictions, which could backfire on the U.S. regulator.
The Blockchain Association's letter, for example, said "FinCEN must appreciate that there could be a tipping point at which overbroad and inappropriate anti-money laundering requirements could drive digital asset businesses to other less regulated countries, where there would be no requirement to file suspicious activity reports (SARs) to FinCEN and therefore limit U.S. law enforcement’s access to valuable information."
A letter attributed to America's Credit Unions – a new entity formed after the merger of the Credit Union National Association and the National Association of Federally-Insured Credit Unions – said that while credit unions don't currently engage in crypto transactions, the proposed recordkeeping requirements would be "potentially burdensome," and that those regulations "should not be duplicative of existing requirements."
"FinCEN should limit the application of its reporting and recordkeeping requirements to certain transactions. As noted, FinCEN has extensive experience with various thresholds," the letter said.
The letter did not provide a suggested threshold, suggesting creating one may not even work "given the complex nature" of crypto mixing.
"Perhaps a safe harbor based on the frequency of transactions might be appropriate. This is something FinCEN should analyze and work with the industry on, ultimately pursuing such changes through a subsequent proposed rulemaking," the letter said.
Fewer comments expressed support for the rule. One, by data analytics firm GeoComply – which describes itself as a company that uses "geolocation data intelligence to verify individuals' true digital fingerprint" – called the rule "an effective first step," but suggested there are places it could be stronger.
It recommended against relying on IP data, for example, noting that these digital addresses can be obfuscated by virtual private networks (VPNs) and the like.
Another comment, attributed to the Bangladesh Financial Intelligence Unit, Bangladesh's central bank's agency tasked with investigating money laundering, cited the recent U.S. Department of Justice action against Binance and recommendations from the Financial Action Task Force in supporting the proposal. Nevertheless, the FIU said the proposal might be a bit too heavy-handed. The Bangladesh FIU could not be reached for comment or to verify it indeed submitted the response, but FinCEN labeled the comment as coming from a state entity.
There were also, as Consensys' Bill Hughes pointed out, a number of comments that appeared to be written by a bot. A lot of these comments said they were written "to express [their] concerns" and say parts should be reconsidered. These parts deal with the reusing of bitcoin addresses, mixers, bitcoin programmability, bitcoin's use in terror financing and saying crypto users might use less safe offshore platforms.
They "urge the commission to evaluate the potential unintended consequences," presumably because whoever programmed the bot didn't realize that FinCEN isn't the same as the Securities and Exchange Commission. This has happened before.
I asked the Treasury Department how it evaluated GPT-generated comments, and a FinCEN spokesperson said, "In accordance with the Administrative Procedure Act and other applicable laws, regulations and Executive orders, FinCEN reviews all public comments and responds to all significant comments."
Many of the responses that seemed to be written by actual people (as opposed to bots) and filed from anonymous or individual submitters mentioned concerns about privacy and the right to transact.
And as appears to be tradition now, there are also a few random totally off-topic comments, including a handful pledging support for Richard Heart of Hex infamy and one supporting the Financial Innovation and Technology for the 21st Century Act, one of several pending attempts at comprehensive crypto legislation.
FinCEN now has to review the comments before officials decide whether they want to move to finalize the proposal, revise it or take some other action.