6.1 Introduction

The previous chapter has examined the legal framework with regard to the placement phase of the Metaverse. The placement phase is however the first of the three general stages of MLFT. The second phase is that of layering. Layering is the term used to describe the process of concealing the origins of the funds. The main risk with regard to the Metaverse is a series of transactions with cryptocurrency in particular when these transactions are intended to hide their origins. The following paragraphs will discuss the so-called mixer and exchange services. Mixing services mix cryptocurrencies and redistribute them so that their origins cannot be traced to the original owner or exchanged the cryptocurrencies for other cryptocurrencies. The exchange services are services that exchange one cryptocurrency for the other. This service can be used either to get a different form of currency (the same way you could wish to exchange euros for pounds) or to create a layer between the dirty and clean tokens.

Another risk with the Metaverse is the different forms of currencies currently available. The legislation has to include all virtual currencies within its framework. If it does not include all forms of currency the risk is avoidance of supervision through different types of currency.

6.2 Cryptocurrencies

Cryptocurrencies and MLFT are linked to the point where they are nearly considered synonyms. The reason for the love between cryptocurrencies and MLFT is threefold. Cryptocurrencies can be transferred pseudonymously or anonymously. The transactions are furthermore not automatically screened and are instant. The anonymity was covered in the previous chapter in combination with monitoring possibilities through the wallet systems. The wallet system acts as a gatekeeper thus preventing anonymity at the door, right? Unfortunately, it is not that easy to prevent MLFT. There are possibilities to circumvent the gatekeepers, whether through smurfing, hacking or techniques yet to be invented. Once entered into the Metaverse economy the criminal will aim to layer the cryptocurrency through various transactions. It is at this stage that the AMLD5 exposes a gap in regulation with regard to cryptocurrencies. The AMLD5 aims to prevent MLFT via cryptocurrencies primarily through regulation of exchange services. Exchange services are defined as those exchanging virtual currencies for fiat currencies and vice versa.Footnote 1 The AMLD5 regulates the in- and output but fails to regulate the various crypto-to-crypto conversions. In particular, the AMLD5 regulates neither mixing services nor crypto-to-crypto exchanges.Footnote 2 Tumblers or mixing services act exactly as the name suggests. They mix cryptocurrencies for a fee to increase anonymity. This lack of regulation creates various risks in the approach to MLFT.

Figure 6.1 demonstrates some of the risks associated with crypto-to-crypto exchanges. The first wallet is regulated and sends a supervised transaction to the exchange or tumbler. The payout was made to an unregulated wallet. The unregulated wallet can then conduct various unsupervised transactions with a currency whose origins are nearly impossible to trace. The system that this book proposes in Chap. 5 seriously decreases the use of unregulated wallets. However, that system only works if there is no or little opportunity to exchange the illicit currency for licit currency. If the crypto-to-crypto exchange allows for the unregulated wallets to exchange their cryptocurrency with payout to a regulated wallet, that would provide opportunities for MLFT. In addition, the exchanges and tumbler services can be used to directly pay for goods and services. Lastly, exchange services can be used to facilitate suspicious transactions. Through a peer-to-peer exchange goods and services can be sold which looks like a crypto-to-crypto exchange. I.e. a transaction whereby €500,- worth in cryptocurrency A is sold for a value of €100,- worth in cryptocurrency B is suspicious. It is more likely that the currency exchange is a cover for an illicit transaction worth around €400,-. These gaps in the regulation make it difficult to supervise suspicious activities. The additional layers provided by the mixers and exchanges furthermore increase the difficulty in tracing the origins of the coins. This example only used one exchange but the process could be repeated ten times over. The question is why these mixing and exchange practices are not simply banned.

Fig. 6.1
An illustration of mixing services has 6 elements. Regulated wallet becomes unregulated via tumbler and crypto-to-crypto exchange. While the former provides goods and services, the latter engages in suspicious exchange.

Mixing services

Though mixers and exchanges of cryptocurrencies are generally associated with MLFT, its origins were not illegal. The idea came from the anarchist approach behind the development of cryptocurrencies of fully anonymous payments without government intervention. The bitcoin was considered by its designers as a protest against the commercial influence over legal currency.Footnote 3 The concept of privacy is considered political.Footnote 4 A debate that is furthermore fueled by the notion that data and personal information are a new class of assets.Footnote 5 Nevertheless whilst mixers and the like were perhaps not generated to launder money, these services are notorious for criminal activities.Footnote 6 Therefore providing a strong incentive to prohibit or at least regulate these services.

The difficulty with trying to regulate mixing services is the various alternatives that exist. Such as building an extra layer upon the blockchain that allows anonymization of the coin.Footnote 7 An approach to increase the traceability of transactions therefore has to include all possibilities of layering. The difficulty would be to include all options within the AMLD5. The legislator could try to provide a list prohibiting the different activities. The first obvious flaw within this suggestion is the list would be obsolete by the time it was published. Technology develops faster than the law. The second problem with this approach is that some of these technologies, such as crypto-to-crypto-platforms, promote trade. To avoid this problem the legislator could regulate the intention rather than the technology. The previous chapter discussed regulating digital entities through regulating the intention rather than the technology.Footnote 8 To fill the supervisory gap in the layering process the AMLD5 could include services to reduce traceability. The question is what then? Some suggest the mixing services should be mandated to perform Know-Your-Customer duties.Footnote 9 Considering the concept of mixing services is to increase anonymity and reduce the traceability a KYC duty would either not be adhered to or the mixing would go bankrupt. It is therefore unlikely that the inclusion of such provisions would increase the effectiveness of the AMLD. In particular, because the FIUs are not without possibilities.

In 2018 the FIOD (the Dutch FIU) seized the website Bestmixer.io and took the website down.Footnote 10 The seizure was part of a coordinated investigation into money laundering activities. The investigation furthermore led to the arrest of two suspects.Footnote 11 The investigation was initiated based on a report provided by a cybersecurity company that had located the servers in the Netherlands and Luxembourg.Footnote 12 The resulting seizure had been conducted by the FIOD and the public prosecutor. It is not officially stated but the involvement of the public prosecution’s office implies the foundation for this operation to be Dutch criminal law, not AML legislation. From a supervisory perspective, the lack of legislation on mixers does not have to be a cause for worry. If the criminal code of a country is up to date on aiding and abetting MLFT. It then moves the responsibility to the national FIU as part of a criminal investigation rather than a supervisory one. Nevertheless, this solution is a bit odd. It assumes that mixers are not per se illegal, as mixing is not per definition illegal. If, however, a mixer attracts too much attention from money launderers it will be shut down. Whether a mixer attracts money launderers is fairly arbitrary as they are not required KYC duties. Charging a mixer service with KYC duties is somewhat contrary to its intentions, it would however reduce the arbitrariness. The second danger with regard to layering is that of the crypto-to-crypto exchange services.

The crypto-to-crypto exchange services are more difficult to regulate. Technically the exchange services can be regulated similarly to the fiat-to-crypto exchange services. The difficulty with this approach is that it works only with centralized crypto exchanges. Centralized exchanges work with a central party buying and selling cryptocurrency. The centralized party can be placed within the AML framework and charged with due diligence duties. In addition to centralized exchanges, there are decentralized crypto exchanges or DEX. These exchanges can operate by facilitating a peer-to-peer exchange platform or from purchase and sale to a liquidity pool. The traders do not provide access to their private keys and do not need an account but simply connect their wallet to the DEX. To regulate a DEX is therefore more difficult because traders can automatically connect to the platform without the need for the operator to verify their information.

The primary method for a DEX to function on is that of the automated marker method (AMM) which functions on a liquidity pool. The liquidity pool is a pool of various crypto coins available within the DEX. The DEX then functions upon an algorithm and smart contract that allows a user to buy and sell tokens against those in the store. The more tokens of a kind that are held in the pool, the lower the value. If tokens are being bought the price rises which incentivizes other traders to supply that coin to the pool. This type of transaction means that it will be difficult for two parties to conduct a suspicious transaction. As the transactions are not peer-to-peer but rather peer-to-pool. The only option is that of transferring between wallets through a DEX (wallet A buys and wallet B receives payout). A simple solution would be to legally limit such transactions to a single wallet. The result would be that wallet A buys and wallet A receives a payout. This would not decrease the tracing difficulty but because the transaction remains within the same wallet. Because the currencies remain within the wallet, the wallet’s algorithm would become suspicious if a high frequency of conversions takes place. The second category of DEXs are those that run via the order book method.

The order book method is a type of facilitator whereby one party offers a sale or purchase of coins against a price and another accepts. The DEX thus facilitates a peer-to-peer platform. This type of platform can facilitate a suspicious transaction. It is, however, a risky form of transacting as anyone can accept the terms offered by one of the parties. The order book matches the two parties for the transaction. Furthermore, the wallets directly transact with each other. Therefore the connection between the two parties’ wallets is present. A suspicious swap can therefore be linked to both parties. The order book can be equipped with an algorithm that detects suspicious transactions. Nevertheless, suspicious transaction detection is unfunctional unless it can be reported. Some argue therefore that DEXs should be included in the legal framework as an obliged entity with KYC duties.Footnote 13 This would mean that the DEX would have to redesign its platform and only allow users with an account access. Increasing the scope of the AMLD to include DEXs is not necessarily a bad approach. Including the DEX under the scope of the AMLD would have to be responsive to the level of risk. Different levels of KYC should therefore be applicable.

A DEX that operates through an automated marker method carries lower MLFT risk. In particular, if that wallet is supervised and if the transaction is only between one wallet and the liquidity pool. The value remains within the same wallet which monitors the transactions. A DEX that facilitates the exchange of coins through AMM with unsupervised wallets, should have higher KYC duties. A DEX that facilitates peer-to-peer transactions and two wallets in a single transaction carries the highest MLFT risks. Such a DEX could thus be mandated to always conduct a more thorough KYC duty. This means that a potential exchange first requires those wanting to buy or sell to create a verified account with the DEX. This type of KYC might, however, generate some resistance.

Cryptocurrencies were invented to reduce government supervision and traceability. It is therefore not an unreasonable expectation to consider that a significant amount of users will try to avoid these regulations. Either for malicious activities or under the motto “I have nothing to hide but neither does a third party need to track my behaviour”. To mitigate this behavior an alternative route can be considered.

The alternative considers the wallets as part of the Internet of Things. The wallets contain all the necessary information of their users. These wallets when transacting are connected to a device whether through a USB port or as software. These devices within the IoT are referred to as the perception layer. This layer needs to connect to the internet through a router or other port. This device is sometimes referred to as the “fog layer”. The fog can be equipped with a verifier that verifies the information of the user (location etc.).Footnote 14 The information is stored on the fog layer which encrypts the information and stores it on a blockchain only accessible to law enforcement.Footnote 15 When an investigation requires the decryption the fog layer will verify the request of the law enforcer. Once verified, it will allow it to run forensic applications present on the fog layer.Footnote 16 This data is then stored on a consortium blockchain only accessible to law enforcers.Footnote 17 Thus demonstrating greater transparency for suspects to determine the chain of evidence. Devices can be traded anonymously unless they are under investigation. Though such a system is a middle ground between anonymous and public transactions it requires a few changes. A verification system would be required to ensure that a forensic application can only be triggered in compliance with a court order (or other legal requirement). Secondly, the encrypted information should not be shared with jurisdictions that have little government limitations. In the EU most national courts would not provide an order for forensic investigation unless there is a serious suspicion. This legal protection is not present in all countries and would be very useful to autocratic regimes wishing to spy on their population. Within the EU it would be recommended to operate a consortium blockchain only for the EU Member States. The judicial oversight could be shared between the national courts and in major investigations the new to-be-founded EU MLFT agent. The latter could be overseen by the Court of Justice of the European Union (CJEU). This approach would be effective but difficult. Unlike national Member States, the EU does not have a criminal code of sorts. The EU has a Charter of Fundamental Rights but no rules on criminal procedures. The lack of such rules would create confusion for all parties involved. Technically such rules could be written but at the EU level, it will be difficult to reach a consensus. It would however decrease the amount of user data that is available to third parties.

The current approach to data and privacy protection is that all information on the customer is processed by the entity that is obliged to control suspicious activities. The bank that monitors its client’s bank account has access to all transactions and the full customer profile. The bank is obliged not to use that information without the customer’s consent, other than monitoring for suspicious activity.Footnote 18 Nevertheless, this requires the customer to trust the bank not to use that information, other than for monitoring purposes. The bank furthermore may not legally break that trust. It is, however, exactly that trust in banks (and other intermediaries) that many of the cryptocurrency users lack. The proposed system allows encrypted communication between various wallets, whereby data is only shared when wanted. The financial investigative units can only access the data through a court order. This type of approach is a more bottom-up form of data ownership. The data is owned by the person where it is generated, rather than where the law places the ownership. The approach is legally more sensible because the de facto control of data is present within the individual.Footnote 19 The approach is closer aligned with the original anarchist views behind cryptocurrency development. To generate this type of system data protection should be built into the wallets.Footnote 20

6.3 Centralized Currency Issuers

The more famous cryptocurrencies such as bitcoin are decentralized and operate through a blockchain. To transfer such assets the security keys are necessary. There are, however, centralized currencies as well. These types of currencies would not work through a cryptographic key perse. Typically closed systems and one-directional currencies work through central administration. But also the L$ used in the game Second Life is a centralized currency. Furthermore whilst the attempts of Meta to introduce its own currency remain unsuccessful, it is not unlikely another company will introduce a centralized currency. In particular, within the Metaverse the providers of successful virtual realities can introduce their own currency. These currencies have the potential to be used for MLFT purposes either through (black market) conversion or by a wide-level redemption. These systems operate without cryptographic keys but on ledgers and with customer accounts. A literal interpretation would therefore exclude the wallet and thereby such currencies from supervision. The question is, if a purposive interpretation is used, would such currencies fall under the definition of virtual currency? The AMDL5 defines virtual currencies as:

“virtual currencies” means a digital representation of value that is not issued or guaranteed by a central bank or a public authority, is not necessarily attached to a legally established currency and does not possess a legal status of currency or money, but is accepted by natural or legal persons as a means of exchange and which can be transferred, stored and traded electronically.Footnote 21

This definition is phrased quite broadly and can include many types of currencies. Whilst phrased quite broadly there are several criteria before something can be considered a virtual currency. These criteria are: electronically represented value, not provided by a central bank or government, without the legal status of a currency but accepted as a means of trade and electronically transferable. Within the Metaverse there are likely several forms of currency. It is questionable whether all of these fall within the definition of virtual currency. In particular, whether currencies other than cryptocurrencies are covered by this legislation.

The previous chapter covered wallet providers and discussed the legal differentiation through safeguarding a cryptographic key. Whilst the section concluded that the cryptographic key is not the crucial criterion, it demonstrates another issue. The legislator intended to regulate cryptocurrencies. These currencies are generally provided through a decentralized ledger system. There is no centralized ledger that monitors the transactions as an account-based bank would. So let’s imagine a centralized currency is introduced successfully. The law currently regulates the exchange services and the wallets. The issuer of the centralized currency could provide the wallets and thus monitor the transactions. The currency can however also potentially be held by other wallets than those of the issuer. The current legal framework is circled around exchange and wallet services. It excludes the role of the issuer. Not regulating the issuer risks various issues. A blockchain trail depends on its level of encryption but ledgers can be easily followed. Whilst banks are under supervision and have to comply with EU legislation, the same does not naturally follow for centralized currency issuers. The issuers might not be located in the EU and even when they are they are not regulated. To regulate the issuers the same as wallet providers carries some argument. The issuer would have full access to the transaction ledger and thus be able to supervise transactions. However, when compared to fiat currency there is no such obligation for the central banks as issuers of currency. The task of a central bank with regard to MLFT is to provide guidance and supervise supervising entities.Footnote 22 It therefore raises the question of whether issuers should be given any monitoring duties. Or whether these issuers should be regulated as if they were central banks and therefore be the supervisors of the wallet. This approach may seem logical as issuers are the private law equivalent of central banks. Nevertheless, the question is then who supervises the issuers? Thus perhaps indicating the issuers should be regulated as if they were mere wallet providers. To regulate issuers as wallets would be a difficult task.

The difference between centralized currencies and cryptocurrency is the money trail. The MLFT risk of a blockchain is evaluated through the three questions. Who is in charge of the encryption, can it be decrypted and what is the cost for a third party to decrypt the network?Footnote 23 These questions assess the anonymity of a blockchain. The issuer has direct access to the paper trail through its ledger. It would therefore be prudent to regulate the circumstances under which an issuer has to hand over its ledger to the investigating authorities. However, this raises the question of what responsibilities these issuers have towards the wallets. Defining the role of issuers of private centralized currency is therefore a difficult task. It would be this author’s suggestion to create a new level of responsibility for issuers. One is that they are responsible for monitoring their centralized ledger and any wallet providers. Nevertheless, they should do so under close supervision of the national authorities. Considering the variety of virtual currencies the monitoring duties of the issuer could even be adjusted to fit the currency’s structure. Though this would shape the responsibilities of the issuers of centralized currency it does not provide a comprehensive framework towards all virtual currencies available.

6.4 Legal Tender

The currencies in the Metaverse will all be digital and electronically transferable. However more problematic is whether all of these means of payment possess value and are not provided by a central bank. There are two developments with regard to legal tender and the virtual environment which need to be considered. The first is that of Central Bank Digital Currency (CBDC), a type of electronic currency that is provided by a central bank. The ECB is currently researching the possibility of introducing a digital euro.Footnote 24 The CBDC would be provided by a central bank and therefore not considered a virtual currency. Thus excluding a digital euro from supervision under the AML framework.

6.4.1 The Digital Euro

There are various options on how to design a digital euro. The ECB will first have to decide between a token or an account-based digital euro. The second decision is whether the digital euro will operate through a one-tier or two-tier system. The first is one whereby the consumer is given access to the digital euro directly through the central bank. The two-tier system will involve consumer access through commercial banks or other financial actors. The one-tier system would be the more dangerous choice as it would require the central banks as monitoring entities. Currently in jurisdictions such as the Netherlands the central bank also supervises commercial banks on the compliance of the AMLD. Effectively the supervisor would supervise himself. It is, however, unlikely that the ECB would be able to lawfully introduce a one-tier digital euro.Footnote 25 The more likely choice is that the ECB will introduce a two-tier digital euro. This design option has also been put forward by the EU Commission in its legislative proposal concerning the digital euro.Footnote 26 The second choice is whether the ECB will introduce the digital euro token or account-based. A token or bearer-based digital euro would allow the owner of the digital euro to transfer the token through wallet options, not unlike cash or the current cryptocurrency.Footnote 27 An account-based digital euro would resemble the current bank accounts.

Account-based digital euros rely on the identification of customers. They are therefore considered less risky.Footnote 28 Concerning supervision, the token-based option is arguably the most risky, in particular if the transactions are not recorded on a central ledger.Footnote 29 A token, like cash, could be traded without the need for identification. Similar to cash, tokens run the risk of being traded without verification.Footnote 30 This risk is present but does not seem like a substantial danger when considering the digital euro. In particular, the ECB writes that if a token-based design is chosen for the digital euro it would be traded through a device capable of identifying the holder.Footnote 31 It is thus unlikely that a token-based digital euro would be traded in full anonymity. This likelihood is further decreased because the current proposal is to incorporate the digital euro with the EU digital identity wallet.Footnote 32 The current proposal of the Commission considers a two-tier system whereby the public has access to the digital euro.Footnote 33 Because the public has access to the digital euro it can be used for MLFT purposes.Footnote 34 The Commission proposes that the AML requirements remain the responsibility of the intermediaries.Footnote 35 It therefore creates a similar system to that of the bank accounts. The main difference between regular bank accounts and CBDC is that of offline payments. The digital euro will incorporate the possibility to pay offline. This type of payment, however, will require the transacting parties to be in close physical proximity to each other.Footnote 36 The requirement for close physical proximity makes this possibility low risk with regard to the Metaverse.

Whilst there is still some uncertainty concerning the digital euro, it is not likely to become an AML loophole. The ECB report does not provide conclusions on the AMLD framework.Footnote 37 The report, however, does consider the risks of MLFT and considers these should be addressed appropriately. Considering that the ECB is taking these risks on board it is unlikely the digital euro will not be supervised. The current legislative proposal furthermore addresses MLFT and brings the digital euro under the supervisory framework through commercial banks. The introduction of CBDC is therefore not the biggest threat facing the Metaverse as it is likely to be incorporated into the heavily regulated banking sector.

The digital euro is, however, not the only digital central bank currency. More countries have introduced or are investigating the introduction of central bank digital currencies. The BIS found that in 2022 93% of central banks are working on some form of central bank digital currency.Footnote 38 One of such countries to have introduced a central bank digital currency is Nigeria. The eNaira is, unlike the proposed digital euro, based upon a blockchain. The currency can be accessed through a virtual wallet called the “eNaira Speed App”.Footnote 39 This virtual wallet makes use of various remote identifyers. Users without bank account must upload their passport in order to use the app.Footnote 40 Nevertheless there are concerns with regard to MLFT. The compliance with MLFT regulations in Nigeria is considered lacking.Footnote 41 The eNaira is build upon a private blockchain called Hyperledger Fabric.Footnote 42 The private blockchain is limited to communicate with the eNaira wallets.Footnote 43 This means that using the eNaira wallet in the Metaverse comes with significant limitations. A person from Nigeria living in the EU can access and use an eNaira wallet in the EU. In theory this transfers MLFT risks to the EU. At present the adoption of the eNaira however is limited, thus limiting MLFT risks for the EU. In the future however it is likely that the central bank digital currencies can interoperate with each other. This could highly increase the risk of MLFT as some CBDCs will be better supervised than others.

There are several possibilities to reduce the risk of MLFT via foreign currencies. One option is to ensure that virtual wallets can only host CBDCs of the jurisdiction in which they are located. Before entering the virtual wallet all foreign currencies will be first converted. The only currency within the EU registered wallets would then be digital euros. The wallet should register the conversions as foreign transactions. If such transactions become suspicious the same legal framework applies as described in Sect. 5.6.

Another likely problem to be is that countries will recognize cryptocurrency as a legal tender. Therefore potentially excluding these currencies from the definition of virtual currencies.

6.4.2 Cryptocurrencies As Legal Tender

Globally speaking there are many regions where people are either un or underbanked. The reasons vary from no physical access to banks or the costs involved with a bank account.Footnote 44 Digital currencies can provide financial inclusion when people have internet access. Financial inclusion has its benefits to the extent that countries consider recognizing them as legal tender. Recognizing a cryptocurrency as legal tender would conflict with the virtual currency criterion of “value that is not issued or guaranteed by a central bank” and “does not possess a legal status of currency or money”. If a virtual currency does not qualify as virtual currency and can be accessed without the need for a bank, this risks exclusion from the supervisory framework. The first country to have recognized a cryptocurrency as a legal tender is El Salvador. The recognition is widely believed as a marketing stunt, as few people have access to the internet. Nevertheless, there are some economic reasons as to why El Salvador introduced Bitcoin as a legal tender.

It is estimated that roughly 24% of El Salvador’s GDP consists of remittances sent home from abroad.Footnote 45 Sending remittances through traditional channels is a very costly and lengthy process. Cryptocurrencies can be sent internationally at much greater speed against much lower costs.Footnote 46 The economy of El Salvador would therefore stand to benefit from introducing Bitcoin as a legal tender. The volatility of the cryptocurrency is of little consequence to the costs of remittance if the cryptocurrency can be exchanged for fiat currency immediately. Remittance workers have therefore discovered the benefits of using cryptocurrency.Footnote 47 The recognition of Bitcoin as legal tender in El Salvador, however, has cost the country millions and El Salvador faces pressure to abolish its use.Footnote 48 This was largely due to the poor implementation of the wallet system. Furthermore, many people in El Salvador do not understand Bitcoin technology.Footnote 49 Using Bitcoin furthermore makes it difficult for people to save as the currency is so volatile.Footnote 50

Another reason to introduce cryptocurrency as legal tender is to achieve monetary sovereignty. The Central African Republic (CAR) did not have its own currency. Instead, it used a currency introduced by the French which was pegged to the Euro. This has as disadvantage that the country cannot conduct its own monetary policy.Footnote 51 The introduction of a cryptocurrency has the advantage that it can cheaply introduce a monetary system. It does not require the setting up of a printing press or to back up the money with a stable value such as gold. It is however difficult to introduce such a system as it requires widespread internet and electricity access in combination with a high level of digital skills. Additionally, whilst Furthermore in such cases it is more likely that a country would turn to the earlier discussed CBDC, rather than cryptocurrencies. Currently, the danger that cryptocurrencies will be widely recognized as legal tender is therefore limited. There are however instances where virtual currencies would be preferential to the legal tender.

In Venezuela, hyperinflation severely damaged the economy and there was little trust in the national currency. The Venezuelans en masse started to play a virtual game called Old School Rune Scape (ORS). Within this game, they would collect ORS gold through farming and beating warriors. They would then sell the gold to other players worldwide for fiat currency, in particular for US Dollars.Footnote 52 These dollars were exchanged into the Venezuelan Bolivar when needed for groceries. Thus allowing the Venezuelan to generate a stable income of roughly $100 per month. An income far above the minimum wage which was about $5 a month.Footnote 53 Earning and saving their income in gaming currency which could be converted to dollars furthermore allowed them to avoid the high inflation. The inflation rate in 2018 in Venezuela was estimated to be between 100.000 and 150.000%.Footnote 54 The US Dollars and ORS gold were more stable in value and thus preferred to the national currency. As a result over 50% of transactions in Venezuela were conducted in dollars.Footnote 55 The adaptation whether officially or unofficially, of a foreign currency as a national currency brings risks.

The first risk is that the currency is physically not available. Physical bills are often scarce and the technology to verify the authenticity of the currency is often not available. Zimbabwe experienced this issue during its time of hyperinflation whereby worn and torn dollar bills were used.Footnote 56 Adapting a virtual currency would solve the scarcity of bills. The ORS gold was not used by shopkeepers in Venezuela, as it would require both parties to log in to their Rune Scape account to conduct payment for a transaction. The Metaverse, however, would be able to facilitate the use of such virtual currencies for day-to-day transactions. The shopkeeper and customer would need to have a virtual account with a wallet. The customer upon buying groceries would only need to enter the virtual reality through his or her phone and pay the shopkeeper. Technically such transactions can already be facilitated through wallet services. The Metaverse, however, will have another advantage. Hyperinflation is often associated with the scarcity of goods.Footnote 57 In Venezuela, people had to wait in line for basic supplies, and often waiting was in vain.Footnote 58 Shops furthermore risked looting, as people were desperate for supplies.Footnote 59 The Metaverse can facilitate online grocery shopping thus preventing the need for long lineups. It furthermore can increase safety as shopkeepers do not need to provide physical locations but can deliver. Thus limiting the possibility of robberies and looting of their shops. This type of infrastructure in combination with virtual currency earned online can mitigate some of the effects of hyperinflation. In the case of Venezuela, people could transfer their ORS gold to virtual currency and use it to buy basic goods in the local Metaverse shops. The Metaverse shop owners can then deliver the goods during the day, without providing a physical location of their shop. In such a scenario a virtual currency will become the de facto legal tender. This could materialize in different ways. The first is whereby a foreign fiat currency, a (combination of) cryptocurrencies or a virtual currency is recognized as legal tender. Whilst a fiat currency will require some form of bank, virtual currencies do not. Thus raising the question of whether these will be supervised.

When comparing cryptocurrencies with CBDC there is a clear difference between virtual currencies managed by a central bank or government and those that are not. The criterion of legal tender should be read in conjunction with the criterion of issued or guaranteed by a government or central bank. The EBA further considers that a virtual currency is not necessarily pegged to a fiat currency or redeemable at par by the issuer.Footnote 60 The recognition of virtual currencies by governments does not mean the government will consider them redeemable at par or even is the issuer. Recognition would therefore not necessarily interfere with the possibility of supervision. This legal tender criterion, however, is also approached from the functionality of money perspective. Money serves three functions, means of trade, store of value and unit of account. It is then argued that virtual currency does not fulfil the criteria of money because they are not accepted by the government. Thus they cannot be used as a unit of trade.Footnote 61 From this perspective, the cryptocurrency would be considered legal tender equal to that of ‘normal’ fiat currency. If the cryptocurrency is recognized as legal tender and de facto used as legal tender this fulfills the criteria for money. The definition of money then relies on whether it is considered and used as legal tender. Whilst technically easy to define, the scenario of Venezuela and El Salvador proves the opposite. Bitcoin might be recognized in El Salvador as a legal tender but is not used as such. In situations such as those with Venezuela, virtual currency can be used as legal tender but not recognized as such. Whilst most of these scenarios play out outside the EU, it is relevant to the European framework. When a cryptocurrency is considered as legal tender this renders it outside the definition of ‘virtual currency’ under AMLD5. Thus raising the question of the monitoring duties of the wallets storing the currency.

As stated above there are two approaches to interpretation of legal tender. The first is reading the criterion in combination with issued and/or guaranteed by a government or central bank. The second is according to the functionality of money. If the first approach is used in situations such as those described above would not change the definition of i.e. Bitcoin as a virtual currency. The status of legal tender does not change that it is not issued nor guaranteed by a central bank or government. If the second approach, that of the functionality of money, is used it provides two difficulties. The first is when to consider a currency to be accepted as legal tender. When the government recognizes the currency or when it is generally accepted? Secondly, if such currencies are recognized and used as legal tender would they fall under AMLD supervision? The AMLD framework covers virtual currencies and various institutes of payment services such as banks. These institutions function as the ‘gatekeepers’ to the financial system.Footnote 62 The financial institutions monitor the fiat currency transactions. The legal tender cryptocurrencies would not need such an institution to be transferred. Nor would they fall under the definition of virtual currency.

To avoid this loophole the most straightforward approach is to consider a currency not a virtual currency only when it is both legal tender and issued by a central bank or government. The central bank or government issuing the currency would be responsible for bringing it under AML supervision. A country with little supervision would qualify as risky and those with high supervision as less risky. Thus creating a situation that is not very different from the current approach to transactions abroad. Whereby the EU has drafted a list of high-risk countries. Under the current circumstances, however, transferring/holding money in a foreign currency requires either cash exchange or an account abroad. The legal exchange of cash is monitored and going abroad to open an account is difficult and the transfer of funds from the EU to the account is monitored by banks. Under the current AMLD5, the exchange of fiat currency to virtual currency is regulated. The transfer of a legal tender virtual currency to a non-official virtual currency would fall under supervision. Buying virtual legal tender with fiat currency would be likely considered a currency exchange institution. Once in the wallet, the wallet would need either to be classified as a payment institution or remain part of the AMLD as a wallet provider. Both would have monitoring duties but clarity is recommendable, as payment institutions require a permit and wallets only require registration. Whilst the definition of payment institutions is aimed at the EER, there is nothing in the Directive on payment services to prevent something from classifying as a payment service when the transactions occur in non-EER currencies.Footnote 63 The regulatory danger is therefore not so much in the lack of regulation but rather in the unclarity. To avoid any confusion it would be wise for the EU legislator to consider a statement on this topic. In particular, it would be this book’s recommendation to keep all wallets under the same supervisory definition, without differentiation between virtual currency that is recognized and that is not recognized as legal tender. Thus avoiding any potential unclarity and loopholes.

Legal tender disserves attention from the EU legislator. Though the risks are not as high from legal tender in comparison with non-custodian wallets, there is some unclarity in the framework. The risks of the Metaverse, however, will extend beyond the currencies considered legal tender. The second criterion that may create exclusion is that of the ‘accepted as means of exchange’. In particular when the currency has a (theoretically) limited redemption rate.

6.5 Conclusion and Recommendations

The layering of funds through the Metaverse is a real risk. It seems that the current legal framework is not yet adapted to respond to the new technologies available. The law focuses on the entrance of the funds to the Metaverse through the exchange providers. The law does regulate wallets which were discussed in the previous chapter, but does little to regulate the possibilities of layering through other means. It would therefore be recommended to increase the scope of the AMLD to include layering technologies such as mixing services and crypto-to-crypto exchanges. Though it may result in criminal mixing and exchange services, regulating the services makes it easier for law enforcement to act against criminal sites.

Additionally, there are various types of currency that are or are likely to exist in the Metaverse. Some of these currencies such as CBDCs are likely to be designed with an MLFT framework. These CBDCs carry lower risks than for example the centralized virtual currencies. Additionally, it is not clear what legal framework applies to virtual currencies when recognized as legal tender. It would be recommendable for these issues to be crystalized before the Metaverse increases its user base.

These suggestions would increase the effectiveness of the supervision of the layering phase. The layering phase however is only the second phase out of three. The next chapter will therefore continue with the third phase of MLFT, namely that of the integration.