Regulatory compliance needs smart privacy | Opinion
Disclosure: The views and opinions expressed here belong solely to the author and do not represent the views and opinions of crypto.news’ editorial.
Let’s bury a tired narrative: blockchains are the internet’s Wild West, a digital frontier beyond the reach of law. Late last year, when Deutsche Bank—a giant of modern finance worth approximately $32 billion—announced its own layer-2 network, it confirmed what many of us have long known. Traditional finance isn’t fighting the blockchain revolution; it’s trying to use it and tame it. The challenge, as Deutsche Bank is discovering, lies in reconciling the radical transparency of public ledgers with the discretion that serious money demands without going back to the permissioned network route.
With its own purpose-built blockchain, the bank aims to develop solutions for regulatory compliance issues that banks and other financial institutions encounter when they work with public blockchain networks. A key challenge is ensuring they don’t accidentally engage in transactions with bad actors or entities under sanctions. A problem that is only growing as global assets move onchain.
The numbers tell their own story. With Bitcoin (BTC) commanding six figures and the broader crypto market worth north of $3 trillion, blockchain’s move from the margins to the mainstream isn’t just complete—it’s irreversible. Gone are the days when on-chain transactions were effectively invisible simply because few had the tools or inclination to look. Today’s blockchains are glass houses under constant surveillance, scrutinized by a growing army of analysts armed with increasingly sophisticated tools.
Regulators, predictably, have noticed. By 2024, every major financial center from Singapore to Switzerland has assembled dedicated crypto-crime units. The EU’s new Anti-Money Laundering Authority, operational since June, aims to keep a watchful eye on crypto-asset providers. Other jurisdictions are racing to follow Brussels’ lead.
Privacy doesn’t mean complete anonymity
Many early Bitcoiners, like Hal Finney, were prominent figures in the privacy and cryptography space. As the space has professionalized and financialized, this has certainly become less the case. But to see crypto’s past and its present as at odds is to fundamentally misunderstand what we mean when we talk about privacy. In 1993’s Cypherpunk Manifesto, Eric Hughe wrote that “privacy is the power to selectively reveal oneself to the world.” Not to hide from it completely.
The answer in practice is “smart privacy,” a form of selective disclosure that allows organizations and individuals to choose precisely what information they share and with whom. Unlike earlier privacy solutions that offered only binary choices—complete transparency or total opacity—smart privacy leverages trusted execution environments (TEEs) to enable customizable confidentiality within blockchain applications.
Through our confidential EVM chain called Sapphire, developers can designate certain smart contract and transaction data as confidential while keeping other elements public, all secured by hardware-based encryption that ensures data remains private even during processing. This isn’t theoretical—it’s already being deployed. Outside of web3, major tech companies are already implementing TEEs at scale, with Apple using Secure Enclave technology in their Private Cloud Compute nodes for securing AI processing and NVIDIA deploying hardware-based TEEs in their H100 GPUs to protect both AI models and sensitive data during computation.
This evolution in privacy architecture mirrors broader shifts in institutional thinking. Where once banks viewed blockchain’s transparency as an insurmountable obstacle, they now see customizable disclosure as the key to unlocking its potential. It’s a subtle but crucial distinction—the goal isn’t to obscure information wholesale but to engineer systems that can distinguish between necessary oversight and needless exposure.
Critically, this approach differs from the anonymity tools that have drawn regulatory scrutiny. Smart privacy isn’t about obscuring identity or ownership but about enabling legitimate business and personal privacy in an increasingly digital world. When a company processes payroll through a blockchain, their employees shouldn’t have to broadcast their salaries. When a person makes a routine purchase, they shouldn’t have to expose their entire transaction history. It’s about providing verification without vulnerability—trust without total exposure.
Selective disclosure as a public good
This selective disclosure isn’t just good theory—it’s good practice. When blockchain sleuths traced the Harmony bridge hack last year, following $100 million through a labyrinth of transactions, they demonstrated why transparency matters. And yet the same radical openness that helps catch criminals can imperil legitimate business. Every transaction on a public blockchain is a potential trade secret exposed, a competitive advantage surrendered. Just ask the institutional traders whose positions are routinely front-run by bots monitoring their every move.
The answer isn’t to retreat into the shadows but to build smarter systems. Confidential computing tools like TEEs or cryptographic tools like zero-knowledge proofs enable selective disclosure protocols that offer a middle path: verification without exposure. A bank can prove it meets capital requirements without revealing its entire balance sheet. A trader can demonstrate compliance with anti-money laundering rules without broadcasting their strategy to competitors. This isn’t about erecting walls—it’s about installing doors with proper locks.
The crypto industry’s early battle cry of “don’t trust, verify” was never meant to mean “verify everything, all the time, by everyone.” What we need is targeted transparency: visibility where it serves the public good and privacy where it protects legitimate interests. The technology exists. What’s required now is the regulatory framework to embrace it.
