Bitstamp Compliance Officer Raynold Part 2 of 2 // Web3 Accountant Radio Ep21 Transcript
Raynold Poh is the Compliance Officer of Bitstamp
Bitstamp is the world’s longest running crypto exchange. Bitstamp holds an IPA for the MPI license to provide CBMT and DPT Services in Singapore under the PSA.
In this conversation, we dive into:
1. What is an unhosted Wallet
2. Reverse Satoshi Test
3. Why did you decided to enter the Web3 space
4. One key experience / lesson in this space
5. What are you looking forward to in the crypto space
6. New Compliance Office – Where can they start
7. Web3 Compliance Organisation
And more!
__________________________________
Connect with Raynold & Bitstamp👇
Linkedin: / raynold-wei-cheng-poh/
Website: https://www.bitstamp.net/
Email: [email protected]
Just start? Yeah. We’re talking about unhosted wallets, right? What is an unhosted wallet? The simplest definition, like the simplest comparison of what an unhosted wallet that I would have for people who are not familiar with crypto would be a wallet that you collect, that you carry around in your pocket, right? unhosted wallets are basically otherwise known as like private wallets or self-custody wallets. What this means is that you hold the private keys to access these wallets that nobody else can access unless you give them your private key or your seed phrases, right? some examples like in crypto with, regarding like unhosted wallets would be Metamask, Ledger, Trezor, Phantom wallet, your trust wallet, yeah, some examples of those, right? just understand that for unhosted wallets, travel rule is not applicable to unhosted wallets.
Like why is this so, right? travel rule is applicable when two financial institutions are communicating, are like sending, whether it’s wire transfer, whether it’s like fiat or whether it’s crypto, right? Between each other. And then you have someone to actually communicate with. And then I can actually send a data message.
That’s how travel rule works, right? Where for your traditional finance and then subsequently your Web3 as well, right? Between like the crypto exchange. But when it comes to an unhosted wallet, I can’t send a message to someone who is holding a unhosted wallet or someone like, yeah, I can’t send a message or receive a message from them basically, right? when I interact with an unhosted wallet, what MAS has actually set up for the institutions, for the crypto service providers to do, would be actually that you have to verify the control of all these unhosted wallets that you interact with, right? like why is this so? Why has MAS like set up something like that? Unhosted wallets have been deemed to be like high risk by MAS and many other jurisdictions. Like the reason for this is that like, as you know, crypto transactions are cross-border and they can happen almost instantaneously.
And for an unhosted wallet, basically anyone can own it, right? Like you don’t do any customer due diligence. You don’t get verified by a financial institution that is regulated by a financial body before like accessing these services. Right now, I can just go and create a Web3 wallet already, like a metamask wallet.
It’s like so simple. Like metamask doesn’t even verify me, right? when I do any deposits prior to it, like any deposit or withdrawal transactions with a crypto service provider in Singapore, they would request for a verification of this unhosted wallet that I’m using, right? some more commonly observed methods of verifying these unhosted wallets would be like something called a Satoshi test, right? in traditional finance, they call this the penny deposit whereby like the crypto service provider would like give you an instruction in the asset that you want to like transact with, right? Like I want to do Bitcoin, for example, I want to do Bitcoin transactions. They will tell me to deposit say 0.0001 Bitcoin into my deposit address with the crypto service provider.
Once you have done this transfer, and then the crypto service provider can verify this, then okay, they will whitelist this particular unhosted wallet, they will deem it that you have control over this particular unhosted wallet then in that case, right? Same thing for like your Etherelike your Solana, basically any of this, it will work the same way as well, right? I think one of the challenge with this particular method that like how the crypto service providers do is that, hey, what if I have a new unhosted wallet, like my whole point of getting into crypto is so that I can gain, is so that I can get my hands on some crypto, right? if I don’t have any crypto, how do I actually then like comply with this by sending a crypto based on the instructions of like the crypto service providers. Some ways around it that I’ve tried personally would be something called a reverse Satoshi test in that case, whereby like, instead of the customer depositing into the crypto service provider, it will be the crypto service provider sending it the other way then into the wallet address that the customer owns. But you know, there are challenges to this as well.
What’s the point of a reverse Satoshi test? To, for you to show me that you have control. Upon the crypto service provider sending it over, the customer would then show a screenshot of them on their private wallet, having received this particular crypto that the service provider has sent over. Wouldn’t they be able to do that screenshot before I send, why do I need to send it to them for them to show the screenshot? They could have shown the screenshot before I send it to them.
Right. So sending the screenshot, uh, proves nothing, right? Because like, actually you, anyone can get their hands on that particular screenshot when no… How does sending a token over prove anything? As in, I agree that the screenshot is valid. Let’s assume that it’s not doctored first.
So how does the exchange sending, you know, tokens into that, that wallet prove and how does it help with proving it? Wouldn’t the screenshot have the same value before and after that transfer? No. So I need to sho, I need to verify control by way of showing that I have access to these funds. When you deposit in, I can show that I can actually like log into this particular wallet address and show that I’ve actually received these funds from the crypto service provider.
But prior to that, if I just log in and then I just show, basically, I’m not so sure what you’re showing. Actually, I don’t think you’re actually showing anything that proves that you have control to this wallet actually. Right.
Okay. Yeah. yeah, because what you will show is that you will show the particular page that I have received the transaction from the crypto service provider.
But prior to that, I would technically have nothing inside the wallet. I wouldn’t be able to show anything to the crypto service provider that it would just be a blank wallet.
It would be a wallet with the wallet address. Yeah.
It would just be the wallet with the wallet address. But I think like, uh, I don’t think you can actually tell much about that information there. Yeah.
Right. Uh, yeah. So that’s one way.
I don’t know, before we go, further, I think on this podcast, other than, you know, hearing about professional knowledge itself, thanks a lot for sharing. Yeah. The other side is, I think we want to know the other side of you that is not easily available in the public space.
Before we go on further, can we hand the time over to Diana? Okay. Let’s move to the free session.
Okay. In this session, I have a few questions, very curious about. The first question is why did you decide to enter the Web3 space? Uh, yeah.
I think sometime in 2020 or 2021, I actually, had some exposure to crypto, like personally as a retail customer, did it for a bit, didn’t really understand it. And then I left, uh, like being a crypto investor then, sometime on later, when I was like with Wallex as a compliance analyst, an opportunity came up for me to like enter the crypto space, like due to my experience as like a compliance analyst previously, being a bit familiar with the payment services act in Singapore. someone actually offered me the opportunity to join Sparrow as a compliance officer back then.
I’m very, very grateful for the opportunity. I think that, back then it was like the payment services act with regards to crypto was still very early. It was like, I think it was only 2022.
The payment services act was only enforced about two years in at that point of time. so like, what really like stood out to me was that like being a, for having a first mover advantage in this space, in this particular space, right. I think, I’ve already spent like two and a half years in like, the crypto compliance space in Singapore already.
Uh, I do think that this has been really particularly beneficial to me, having this, niche experience, as compared to like maybe some of my other compliance officers, for example. Yeah. During these years that you’re working with crypto, can you maybe share one key experience or lessons that you have learned in this space? Yeah.
Uh, I think that what made a difference to me as a crypto compliance officer, I think is that you really have to like get your hands dirty in that sense, get some, I would say get some skin in the game. Right. I don’t think you can just like, for example, if you’re coming from the traditional finance space or like, for example, me who didn’t have, who didn’t come from the traditional finance space, I don’t have any experience in compliance prior to that.
I would think that, to really stand out as a crypto compliance officer, apart from like, being familiar with like the regulations, I would think is, go and set up your own wallets, go and create accounts with crypto exchanges, go and, invest in crypto, actually try and understand what is this industry that what is a private key. yeah, like what are layer tools, for example, I would, I would think that like, it’s really very difficult for you to like, gain any advantages or actually like do really well in this space. If you don’t actually, dabble in this yourself on a personal capacity, you know, yeah.
And as a compliance officer, I believe that you will get in touch with a lot of rules of about the crypto compliance. So why are you looking forward to in the compliance aspect? I think that of course everyone is waiting for the bull market to happen now, right? I mean, like everyone is expecting, waiting for the bull market now, uh, and they expect it to come in 2025 with Bitcoin just hitting like, 73K USD now. So I think of course for Bitstamp is like, we are looking forward to our license, but with the space itself, I think that, MAS has like implemented certain regulations in place now with consumer protection, with, custody segregation in place, that wasn’t there in the past.
I think that we, like for Singapore regulations itself, I think that it has really come a very, very long way, as compared to other jurisdictions as well. I think a lot of other jurisdictions like look at Singapore as like a leader in this particular space. So I think, there’s nothing specific really, but I think that, uh, I hope that Singapore continues to be a leader in like the crypto space for regulations.
Yeah. Okay. So, uh, Raynold, maybe can you share with us, what is the Bitstamp specialty? I understand you guys, you guys are coming in.
I also understand that you guys are the, longest running, crypto exchange. Yeah. So, so what would be the biggest difference between, Bitstamp and the other, you know, 20 over MPI license exchange holders already in Singapore? Right.
I think that like what I said, right, Bitstamp is the longest serving exchange in the world. I think like how I’ll sell Bitstamp is that, uh, you must be doing something right. If you’re around for that long, right.
I mean, for those like OG crypto people, you have known like so many of those other crypto exchanges that have like fallen, fallen aside along the way. Right. So for us to have like, been here since like the early, uh, 2013, we must be doing something right.
I would think that like, I think to add on like Bitstamp has over 50 licenses throughout multiple jurisdictions in the world. If you’re looking for a compliant exchange, I think this is where you want to be.
I think, crypto is not, no longer the wild, wild west anymore. customers are actually looking to be with a compliant exchange.
They know that their assets are safe. and this is where you will want to be, right. Yeah.
Uh, very well said. So the other one that, I want to discuss with you is, you know, looking at your long span of, different, experience in the crypto compliance space, what words or comments would you give to, uh, non Web3 compliance officer thinking, you know, if they have been approached by a headhunter or, you know, if they are currently out of job looking to enter into the Web3 payment services firm as a compliance officer? I think two questions.
Any comments from you and how do you think, where can they start? Yeah. Uh, yeah, so definitely. Right.
I think that it’s not just people who are not in this space. I think that for people who are in this space as well, like, for compliance people, right. I think my word of advice would be like, just not mentioned, get some skin in the game, go and create your own private wallet.
Go and understand how that works. create multiple private wallets, get onto different assets, different networks, go and open accounts with exchanges, understand how crypto actually works, right. If as what they have said that they are like, if you are really interested in this space, it’s not just compliance.
It’s not just a compliance officer. It’s actually like, I will tell myself as a crypto compliance officer, like why, what I bring different to the table is that I have some understanding of how crypto works as well. So when, like my superiors or like my peers require me to, understand something like about the business, right.
I understand it much faster than others because like, of my understanding of how crypto works, for example, right. What are deposit addresses? What is a hot wallet? What is a cold wallet? What is a warm wallet? yeah, stuff like that. Right.
I think it’s liquidity pools, for example. Yeah. I do think that it’s very difficult to like go find this space.
If like you do not understand all this. Yeah. Okay.
One last question for me is, you know, for the web3 compliance officers in Singapore, I know you guys are very busy, you know, there’s so much to do at work already, but in terms of networking, you know, going out to know your peers, for those who are, who are very new or are not in certain, uh, associations or groups or network, would there be a certain newsletter or a certain group that you want to give a shout out to so that, you know, people can, refer to them for content or to join them for, you know, I believe you have gone through many groups within these two years. Which are some, which you will recommend to somebody who is like very new? Yeah. Uh, so I don’t actually have anything much to recommend here, but I think that, uh, like, some of the organizations that I’ve been subscribing to on LinkedIn would be like, uh, Singapore FinTech Association, for example, uh, Singapore block, uh, I think Blockchain Association Singapore.
Yeah. I think, yep. I think there’s Digital Asset Association as well.
I subscribe to like these various ones on my LinkedIn. I look out for like their posts, whenever they have something interesting to share. They do updates to like, whenever there’s a consultation paper, for example, or a response to a consultation paper, when MAS releases a new update, uh, in terms of the regulatory framework in Singapore with regards to like crypto.
I attend this webinars or this like talks in like, in person as well to like, understand more about like the different approaches and the different understanding from like this different organizations. Yeah. Uh, I do think that apart from this, they do host networking, uh, the whole networking events from time to time as well.
Yeah. These are some examples. Nice.
Nice. I think myself, I also enjoy the, the, the times where the SFA or even BAS or DAA, they will invite, you know, lawyers, uh, from top tier law firms to actually give a breakdown into the new updates itself. as the, the lawyers would have joined in the discussion to craft out, the update itself.
So, yeah, I, I think the, the three organizations that you mentioned are very, useful. Yes. I think this is something that I want to, give a shout out and, you know, yeah, you can try a Web3 Accountant.
We have a newsletter. Yeah. I will share with you, shortly.
Okay. Yeah. Any other questions from you, Diana or Raynold? No, it’s my honor to have to, talk today because I learned a lot about the, uh, travel rule and the compliance, uh, crypto compliance.
Thank you very much. Yeah. Thank you.
Thanks for having me. Raynold, just, one last comment from me. Diana has gone through more than 15 episodes of Web3 Accountant Radio, and that is the first time I’m hearing that from her.
Thanks a lot for sharing. Yeah. Thanks.
Thanks. I really appreciate it. Yeah.