The Treasury Department needs a wake-up call. At least, that’s what Coinbase believes.
Paul Grewal, Coinbase’s Chief Legal Officer, just sent a clear message to US regulators. Money launderers are using cutting-edge tech to hide illegal crypto transactions. Meanwhile, government agencies fight back with outdated tools. That disconnect is costing everyone.
His solution? Fight fire with fire. Use blockchain analytics, AI, and APIs to track down the bad actors.
The Treasury Asked for Ideas. Coinbase Delivered
This didn’t come out of nowhere. Back in August, the Treasury Department asked the public for feedback on better ways to combat crypto-related crime. The request came as part of the GENIUS Act, which requires fresh thinking on financial crime prevention.
Grewal responded with a detailed letter dated October 17. He shared his recommendations publicly via X on Monday, October 20.
His main argument is straightforward. Criminals have upgraded their methods. So law enforcement needs to upgrade too. Specifically, he wants regulators to embrace the same technologies that legitimate crypto exchanges already use every day.
“This would align with a primary objective of the Anti-Money Laundering Act of 2020, which aimed to update the Bank Secrecy Act,” Grewal wrote.
What Technologies Does Coinbase Want Regulators to Use?
Grewal laid out several specific recommendations. Each one targets a different aspect of tracking illegal crypto activity.
First, blockchain analytics tools. These platforms analyze transaction patterns across public blockchains. They can identify clusters of addresses controlled by the same entity. Plus, they can flag suspicious activity patterns that human analysts might miss.
Second, artificial intelligence. AI systems can process massive amounts of transaction data in real time. They spot anomalies that suggest money laundering or fraud. But here’s the problem. Many companies hesitate to fully deploy AI for anti-money laundering work because regulatory guidelines remain unclear.
Third, Application Programming Interfaces (APIs). These allow different systems to share data automatically. For financial crime prevention, APIs enable real-time information sharing between exchanges, banks, and law enforcement. Yet inconsistent standards and regulatory uncertainty hold back widespread adoption.
Fourth, decentralized IDs and zero-knowledge proofs. These technologies let users verify their identity without revealing unnecessary personal information. They balance privacy with compliance requirements.
The Safe Harbor Proposal That Could Change Everything
Grewal’s boldest recommendation involves creating a “safe harbor” rule under the Bank Secrecy Act. This would protect companies that use AI and API-driven monitoring tools for anti-money laundering compliance.
Why does this matter? Currently, companies worry about regulatory penalties if their AI systems make mistakes. That fear prevents them from fully leveraging these powerful technologies.
Grewal argues that the safe harbor should focus on outcomes and governance rather than prescriptive requirements. In other words, regulators should evaluate whether a company’s overall approach works, not whether it follows a specific checklist.
Faryar Shirzad, Coinbase’s Chief Policy Officer, strongly backed this idea. He pointed out that crypto exchanges already use these digital tools effectively. The US government should learn from that example.
Clear Guidelines for API Integration
APIs face a different problem. Multiple standards exist, and regulatory requirements vary across jurisdictions. This creates confusion about what’s allowed.
Grewal wants the Treasury to establish clear guidelines that define acceptable use cases for APIs in financial crime prevention. These guidelines should specify data privacy requirements and set standards for how different systems connect to each other.
With clearer rules, companies would feel more confident integrating APIs into their compliance systems. That would enable faster information sharing about potential illegal activities.
Privacy-Preserving Identity Verification
Traditional identity verification often requires handing over sensitive personal information. Grewal argues that decentralized IDs and zero-knowledge proofs offer a better approach.
These technologies let someone prove they meet certain requirements without revealing unnecessary details. For example, you could prove you’re over 18 without sharing your exact birthdate or home address.
The Treasury should recognize these methods as legitimate forms of customer verification, according to Grewal’s recommendations. This would encourage their adoption while maintaining strong anti-money laundering standards.
Blockchain Analytics and Information Sharing
Grewal also wants clearer rules around using blockchain analytics for compliance. Specifically, he recommends guidance that encourages sharing information about potential illicit activities on public blockchains.
But there’s a balance to strike. Companies need to avoid excessive record-keeping requirements that create unnecessary burdens for users conducting legitimate transactions.
His suggestion focuses on enabling targeted information sharing about suspicious activities while not treating every blockchain participant as a potential criminal.
The Broader Context Behind These Recommendations
Money laundering methods have grown more sophisticated as technology advances. Traditional monitoring systems that worked for wire transfers and cash transactions struggle with crypto’s speed and complexity.
Public blockchains record every transaction permanently. That creates an enormous trail of data. But analyzing that data effectively requires specialized tools. Law enforcement agencies often lack access to the same analytics platforms that legitimate crypto exchanges use routinely.
This creates an asymmetry. Criminals can exploit sophisticated techniques to hide their activities. Meanwhile, investigators work with limited technological capabilities.
Coinbase argues that closing this gap requires embracing the same technologies that make crypto exchanges effective at identifying suspicious activities in the first place.
Not Everyone Agrees on the Approach
Jim Harper, a non-resident Senior Fellow at the American Enterprise Institute, offered a different perspective. Instead of complex technological solutions, he suggested establishing a direct communication system.
Under his proposal, law enforcement agencies would simply ask crypto firms for specific information needed in investigations. This would create a more straightforward process than implementing elaborate monitoring systems.
Harper’s view represents an alternative philosophy. Rather than building comprehensive surveillance capabilities, focus on targeted information requests when specific investigations require them.
Why Companies Hesitate to Adopt AI
Grewal’s letter highlights a key problem. Many companies want to use AI for anti-money laundering work but worry about unclear regulations.
If an AI system flags a transaction as suspicious but turns out to be wrong, what are the consequences? If it misses something illegal, is the company liable? Without clear answers, firms take a conservative approach and avoid fully leveraging AI capabilities.
The safe harbor proposal aims to solve this by providing legal protection for companies that implement AI responsibly. As long as they follow proper governance procedures and achieve good outcomes, they wouldn’t face penalties for individual system errors.
This would encourage innovation while maintaining accountability.
The API Integration Challenge
APIs enable different systems to talk to each other automatically. For financial crime prevention, this means exchanges could share suspicious activity reports with regulators in real time instead of filing periodic paperwork.
But several obstacles prevent widespread API adoption. Different systems use different data formats. Regulatory requirements vary by jurisdiction. And many legacy government systems weren’t built to accept API connections.
Grewal’s recommendation for standardized guidelines would address these issues. Clear specifications for data formats, privacy protections, and security requirements would make integration easier.
What Happens Next
The Treasury Department collected public comments through its GENIUS Act request. Coinbase’s detailed letter represents one of the most comprehensive responses from a major crypto exchange.
Whether regulators adopt these recommendations remains uncertain. Government agencies often move slowly on technology adoption. Plus, implementing new systems requires budget allocations and technical expertise that may not be immediately available.
Still, Grewal’s letter puts specific proposals on the table. That gives policymakers concrete options to consider rather than vague suggestions about “doing something” about crypto crime.
The debate reflects a larger question. Should law enforcement fight emerging technologies with traditional methods? Or should they embrace those same technologies to level the playing field?
Coinbase clearly believes the answer is embracing blockchain analytics, AI, and other digital tools. The Treasury’s response will show whether US regulators agree.