commit 11d1a811a527aef1160180f90d669c380778c6a8
parent c005aee083e7fc255d128752e3ceecbac9f00e6c
Author: Christian Grothoff <grothoff@gnunet.org>
Date: Mon, 19 May 2025 09:48:48 +0200
update presi
Diffstat:
11 files changed, 484 insertions(+), 0 deletions(-)
diff --git a/presentations/2025-sandbox/2025-sandbox.tex b/presentations/2025-sandbox/2025-sandbox.tex
@@ -0,0 +1,379 @@
+\documentclass[aspectratio=169,t]{beamer}
+\input taler-macros
+\usepackage{eurosym}
+\usepackage[normalem]{ulem}
+\newcommand{\TITLE}{NEXT \\ GENERATION \\ INTERNET}
+\newcommand{\SUB}{The FINMA Sandbox Exception}
+\newcommand{\AUTHOR}{Christian Grothoff}
+\newcommand{\SPEAKER}{Christian Grothoff}
+\newcommand{\INST}{Bern University of Applied Sciences}
+\newcommand{\DATE}{Rethinking Money Symposium}
+\usepackage{amsmath}
+\usepackage{multimedia}
+\usepackage[percent]{overpic}
+\usepackage{framed,color,ragged2e}
+\usepackage[absolute,overlay]{textpos}
+\definecolor{shadecolor}{rgb}{0.8,0.8,0.8}
+\usetheme{boxes}
+\setbeamertemplate{navigation symbols}{}
+\usepackage{colortbl}
+\usepackage{booktabs}
+\usepackage{url}
+\usepackage{pifont}
+\newcommand{\cmark}{\ding{51}}%
+\newcommand{\xmark}{\ding{55}}%
+\usepackage{array, adjustbox,url}
+\usepackage{pifont} % wasysym
+\usepackage{rotating,subfig}
+\usepackage{xspace}
+\ifpdf\usepackage{tikz}\fi
+\usepackage{xcolor}
+\usetikzlibrary{shapes,arrows}
+\usetikzlibrary{positioning}
+\usetikzlibrary{calc}
+
+\usepackage{FiraMono}
+\usepackage{fontawesome}
+\usepackage[absolute,overlay]{textpos}
+
+\usepackage{array, adjustbox,url}
+
+\setlength{\TPHorizModule}{1mm}
+\setlength{\TPVertModule}{1mm}
+\usepackage[labelformat=empty, font=small]{caption}
+\captionsetup[figure]{font=small}
+
+
+\definecolor{tumblue}{RGB}{0,101,189}
+\definecolor{shadecolor}{rgb}{0.8,0.8,0.8}
+\definecolor{MidnightBlue}{rgb}{0.1, 0.1, 0.44}
+\definecolor{CornflowerBlue}{rgb}{0.39, 0.58, 0.93}
+\definecolor{Black}{rgb}{0, 0, 0}
+
+
+% Do not edit this part
+\title{\TITLE}
+\subtitle{\SUB}
+\date{\DATE}
+\author[\SPEAKER]{\AUTHOR}
+\institute{\INST}
+
+% 15 minutes
+\begin{document}
+
+\begin{frame}[plain]
+\maketitle
+\end{frame}
+
+
+\section{Introduction}
+
+
+\begin{frame}{FINMA Licenses}
+
+``An activity pursuant to Art. 1b Banking Act may only be carried out
+ after FINMA has granted a license.''
+\vfill
+\begin{itemize}
+ \item Full banking license (10M capital, major paperwork)
+ \item FinTech license (1M capital, no loans)
+ \item {\bf Sandbox exception}
+\end{itemize}
+\vfill
+\begin{center}
+ \tiny
+ \url{https://www.finma.ch/en/documentation/dossier/dossier-fintech/entwicklungen-im-bereich-fintech/}
+\end{center}
+\end{frame}
+
+
+\begin{frame}{The BankV Art. 6}
+\vspace{-0.2cm}
+ {\small
+\begin{enumerate}
+\item Gewerbsmässig im Sinne des BankG handelt, wer:
+\begin{enumerate}
+\item[a.] dauernd mehr als 20 Publikumseinlagen oder sammelverwahrte kryptobasierte Vermögenswerte entgegennimmt; oder
+\item[b.] sich öffentlich zur Entgegennahme von Publikumseinlagen oder sammelverwahrten kryptobasierten Vermögenswerten empfiehlt (...)
+\end{enumerate}
+\item Nicht gewerbsmässig im Sinne des BankG handelt, wer dauernd mehr als 20 Publikumseinlagen oder sammelverwahrte kryptobasierte Vermögenswerte entgegennimmt (...), wenn er:
+\begin{enumerate}
+\item[a.] Publikumseinlagen oder sammelverwahrte kryptobasierte Vermögenswerte von gesamthaft höchstens 1M CHF entgegennimmt;
+\item[b.] kein Zinsdifferenzgeschäft betreibt; und
+\item[c.] die Einlegerinnen und Einleger, bevor sie die Einlage tätigen, schriftlich oder in einer anderen Form, die den Nachweis durch Text ermöglicht, darüber informiert, dass:
+ (1) er von der FINMA nicht beaufsichtigt wird, und (2) die Einlage nicht von der Einlagensicherung erfasst wird.
+\end{enumerate}
+\end{enumerate}
+}
+\end{frame}
+
+
+\begin{frame}{The GwG Art. 2}
+ Finanzintermedi\"are sind:
+ \begin{enumerate}
+ \item[3] Finanzintermediäre sind auch Personen, die berufsmässig fremde Vermögenswerte annehmen oder aufbewahren oder helfen, sie anzulegen oder zu übertragen; insbesondere Personen, die:
+ \begin{enumerate}
+ \item[b.] {\bf Dienstleistungen für den Zahlungsverkehr} erbringen, namentlich für Dritte elektronische Überweisungen vornehmen oder {\bf Zahlungsmittel} wie Kreditkarten und Reiseschecks {\bf ausgeben oder verwalten};
+ \item[c.] für eigene oder fremde Rechnung mit Banknoten und Münzen, Geldmarktinstrumenten, Devisen, Edelmetallen, Rohwaren und Effekten (Wertpapiere und Wertrechte) sowie deren Derivaten handeln;
+ \end{enumerate}
+ \end{enumerate}
+\end{frame}
+
+
+\begin{frame}{The GwG Art. 14}
+ \begin{enumerate}
+ \item Finanzintermediäre nach Artikel 2 Absatz 3 müssen sich einer Selbstregulierungsorganisation anschliessen.
+ \end{enumerate}
+\end{frame}
+
+
+\begin{frame}{Supervision via SROs (example: VQF)}
+\begin{center}
+ \includegraphics[width=0.70\textwidth]{supervision.png}
+
+ (from VQF training materials)
+\end{center}
+\end{frame}
+
+
+\begin{frame}{Compliance processes}
+ \begin{itemize}
+\item Customer identification (know-your-customer (KYC) and know-your-business (KYB)), including
+ risk classification
+\item Transaction monitoring, plausibilization and reporting of suspicious activities
+\item Enforcement of financial sanctions
+ \end{itemize}
+\end{frame}
+
+
+\begin{frame}{Know-Your-Customer}
+\framesubtitle{Identification process of the economic beneficiary}
+\begin{center}
+ \includegraphics[width=0.8\textwidth]{cascade.png}
+
+ (from VQF training materials)
+\end{center}
+\end{frame}
+
+
+\begin{frame}{Who is a customer?}
+ A high-level approach is to restrict the business model
+ to minimize customer identification. For example, do not accept:
+\begin{itemize}
+\item Customers from outside of Switzerland
+\item Customers without Swiss bank accounts, phone numbers or addresses
+\item Customers to withdraw significant amounts
+\item Customers to receive significant P2P transfers
+\item Large transactions
+\end{itemize}
+\end{frame}
+
+
+\begin{frame}{What are ``large'' transactions?}
+ \begin{center}
+ \begin{tabular}{l|r|l}
+ {\bf Operation} & {\bf Amount} & {\bf Period} \\ \hline \hline
+ Withdraw & $\le$ 2.500 CHF & per month \\ \hline
+ Withdraw & $\le$ 15.000 CHF & per year \\ \hline
+ P2P receive & $\le$ 2.500 CHF & per month \\ \hline
+ P2P receive & $\le$ 15.000 CHF & per year \\ \hline
+ Deposit & $\le$ 2.500 CHF & per month \\ \hline
+ Deposit & $\le$ 15.000 CHF & per year \\ \hline
+ Transact & $\le$ 1.000 CHF & per transaction \\
+ \end{tabular}
+ \end{center}
+\end{frame}
+
+
+\begin{frame}[fragile]{VQF KYB process}
+\begin{center}
+\begin{tikzpicture}[scale=0.33, transform shape]
+ \tikzstyle{def} = [node distance=2.5em and 0.5em, inner sep=1em, outer sep=.3em];
+ \node (zero) [def,draw] at (0,0){Deposit limit: zero};
+ \node (dummy4) [left=of zero] {};
+ \node (dummy5) [left=of dummy4] {};
+ \node (origin) [left=of dummy5] {$\circ$};
+ \node (tos) [def,below=of zero,draw]{Limited relationship};
+ \node (vqf1) [def, draw, below=of tos] {\shortstack{VQF 902.1\\(Identification)}};
+ \node (dummy0) [below=of vqf1]{};
+ \node (vqf12) [def, draw, below=of dummy0] {VQF 902.12};
+ \node (vqf13) [def, draw, left=of vqf12] {VQF 902.13};
+ \node (addr) [def, draw, left=of vqf13] {\shortstack{Address\\validation}};
+ \node (vqf15) [def, draw, right=of vqf12] {VQF 902.15};
+ \node (vqf11) [def, draw, right=of vqf15] {\shortstack{VQF 902.11\\(Controlling\\person)}};
+ \node (vqf9) [def, draw, below=of vqf11] {\shortstack{VQF 902.9\\(Beneficial\\owner)}};
+ \node (dummy1) [below=of vqf12]{};
+ \node (man) [def, draw, below=of dummy1]{Investigation};
+ \node (complete) [def, draw, below=of man]{\shortstack{VQF 902.4\\(Risk Profile)}};
+ \node (risk) [def, draw, below=of complete]{KYC complete};
+ \node (dummy2) [right=of risk]{};
+ \node (dummy3) [right=of dummy2]{};
+ \node (good) [def, draw, right=of dummy3]{Regular account};
+% \node (customer) [def, draw, below left=of origin] {Customer};
+% \node (customer) [def, draw, below left=of origin] {Customer};
+% \node (merchant) [def, draw, below right=of origin] {Merchant};
+% \node (auditor) [def, draw, above right=of origin]{Auditor};
+% \node (regulator) [def, draw, above=of auditor]{CSSF};
+
+ \tikzstyle{C} = [color=black, line width=1pt]
+ \tikzstyle{D} = [color=black, line width=1pt, dotted]
+ \draw [<-, C] (zero) -- (origin) node [midway, below] (TextNode) {KYC auth};
+ \draw [<-, C] (tos) -- (zero) node [midway, right] (TextNode) {Accept Terms of Service};
+ \draw [<-, C] (vqf1) -- (tos) node [midway, right] (TextNode) {Cross limits?};
+ \draw [<-, C] (addr) -- (vqf1) node [midway, above, sloped] (TextNode) {Natural person?};
+ \draw [<-, C] (vqf9) -- (vqf11) node [midway, right] (TextNode) {\shortstack{3rd party \\ control?}};
+ \draw [<-, C] (vqf12) -- (vqf1) node [midway, above, sloped] (TextNode) {Foundation?};
+ \draw [<-, C] (vqf13) -- (vqf1) node [midway, above, sloped] (TextNode) {Trust?};
+ \draw [<-, C] (vqf15) -- (vqf1) node [midway, above, sloped] (TextNode) {Life insurance?};
+ \draw [<-, C] (vqf11) -- (vqf1) node [midway, above, sloped] (TextNode) {Operational entity?};
+% \draw [<-, C] (vqf9) -- (vqf1) node [midway, above, sloped] (TextNode) {Other};
+ \draw [->, D, bend left=20] (man) -| (addr) node [midway, below] (TextNode) {as needed};
+ \draw [<-, C, bend right=20] (man) -- (addr) node [midway, below] (TextNode) {};
+ \draw [<-, C] (man) -- (vqf12) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (man) -- (vqf13) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (man) -- (vqf15) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (man) -- (vqf11) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (man) -- (vqf9) node [midway, above, sloped] (TextNode) {};
+ \draw [<-, C] (complete) -- (man) node [midway, right] (TextNode) {Document check};
+ \draw [<-, C] (risk) -- (complete) node [midway, right] (TextNode) {Risk assessment};
+ \draw [<-, C] (good) -- (risk) node [midway, below] (TextNode) {No sanctions?};
+\end{tikzpicture}
+\end{center}
+\end{frame}
+
+
+\begin{frame}{Information to be collected}
+\begin{itemize}
+\item Business register excerpt;
+\item Contact person identity;
+\item List of beneficial owners with names and IDs;
+\item Proof of ownership / authorization to act on behalf of the
+ business
+\end{itemize}
+Based on this, you need to make a risk-assessment of each customer:
+\begin{itemize}
+\item Establish if customer is a PEP
+\item Establish additional risk factors (business domain, country risk, etc.)
+\end{itemize}
+There is no official list of PEPs, only rules for establishing if someone
+is a PEP! $\Rightarrow$ Consult {\url https://opensanctions.org/datasets/peps/}
+\end{frame}
+
+
+\begin{frame}{Digital records: OK!}
+\begin{center}
+ \includegraphics[width=0.75\textwidth]{vqf902.1.png}
+\end{center}\pause
+But: you still must have either seen the originals or received
+certified copies on paper!
+\end{frame}
+
+
+\begin{frame}{Address validation: required!}
+\begin{center}
+ \includegraphics[width=0.75\textwidth]{challenger.png}
+\end{center}
+\end{frame}
+
+
+\begin{frame}{Transaction monitoring}
+ \begin{itemize}
+ \item You {\bf must} monitor for ``suspicious'' transactions
+ \item There is no legal definition of what is ``suspicious''
+ \item You {\bf must} write your own risk-based rules!
+ \end{itemize}
+
+ \begin{center}
+ \includegraphics[width=0.5\textwidth]{newrules.png}
+ \end{center}
+\vfill
+ Incident? $\Rightarrow$ Report to MROS!
+\end{frame}
+
+
+\begin{frame}{Sanction list enforcement}
+ \begin{itemize}
+ \item There is an official sanctions list you can download
+ \item The list is machine readable, but contains sometimes only approximate information
+ \item[$\Rightarrow$] Manual checks required in some cases
+ \end{itemize}
+\end{frame}
+
+
+\begin{frame}{VQF requirements}
+ \begin{itemize}
+ \item GwG trained staff
+ \item Independent audits (GwG + finances)
+ \item Statistical reports
+ \end{itemize}
+\begin{center}
+ \includegraphics[width=0.66\textwidth]{vqfstats.png}
+\end{center}
+\end{frame}
+
+
+\begin{frame}{Onboarding: Terms of Service}
+ \begin{center}
+ \includegraphics[width=0.3\textwidth]{tos.png}
+ \end{center}
+\end{frame}
+
+
+\begin{frame}{Hosting}
+ \begin{itemize}
+ \item In Switzerland
+ \end{itemize}
+\end{frame}
+
+
+\begin{frame}{Compliance cost}
+ \begin{itemize}
+ \item VQF membership + training: $\approx$ 2000 CHF/year
+ \item GwG paperwork: $\approx$ 4000 CHF/year
+ \item External audit: $\approx$ 5000 CHF/year
+ \end{itemize}
+ Note that these are minimal costs for a tiny operation, they
+ increase with customer and transaction volume!
+\end{frame}
+
+
+\begin{frame}{Final Remarks}
+ \begin{itemize}
+ \item This is not legal advice.
+ \item I am not a laywer.
+ \end{itemize}
+\end{frame}
+
+
+% This should be last...
+\begin{frame}{Acknowledgements}
+
+ \begin{minipage}{0.45\textwidth} \ \\
+ {\tiny Funded by the European Union (Project 101135475).}
+
+ \begin{center}
+ \includegraphics[width=0.5\textwidth]{../bandera.jpg}
+ \end{center}
+ \end{minipage}
+ \hfill
+ \begin{minipage}{0.45\textwidth}
+ {\tiny Funded by SERI (HEU-Projekt 101135475-TALER).}
+
+ \begin{center}
+ \includegraphics[width=0.65\textwidth]{../sbfi.jpg}
+ \end{center}
+ \end{minipage}
+
+ \vfill
+
+ {\tiny
+
+ Views and opinions expressed are however those of the author(s) only
+ and do not necessarily reflect those of the European Union. Neither the
+ European Union nor the granting authority can be held responsible for
+ them.
+
+ }
+\end{frame}
+
+\end{document}
diff --git a/presentations/2025-sandbox/cascade.png b/presentations/2025-sandbox/cascade.png
Binary files differ.
diff --git a/presentations/2025-sandbox/challenger.png b/presentations/2025-sandbox/challenger.png
Binary files differ.
diff --git a/presentations/2025-sandbox/logo-NGI_TALER_Bold.png b/presentations/2025-sandbox/logo-NGI_TALER_Bold.png
Binary files differ.
diff --git a/presentations/2025-sandbox/newrules.png b/presentations/2025-sandbox/newrules.png
Binary files differ.
diff --git a/presentations/2025-sandbox/operations.png b/presentations/2025-sandbox/operations.png
Binary files differ.
diff --git a/presentations/2025-sandbox/supervision.png b/presentations/2025-sandbox/supervision.png
Binary files differ.
diff --git a/presentations/2025-sandbox/taler-macros.tex b/presentations/2025-sandbox/taler-macros.tex
@@ -0,0 +1,105 @@
+\usepackage[utf8]{inputenc}
+
+% fonts and colors
+\usepackage[defaultfam,tabular,lining]{montserrat}
+
+\setbeamercolor{normal text}{fg=black,bg=white}
+\setbeamercolor{alerted text}{fg=red!50!black}
+\setbeamercolor{example text}{fg=green!50!black}
+
+\setbeamercolor{title}{fg=white}
+\setbeamerfont{title}{size=\Huge}
+\setbeamerfont{title}{series=\bfseries}
+
+\setbeamercolor{subtitle}{fg=white}
+\setbeamerfont{subtitle}{size=\Large}
+
+\setbeamercolor{author}{fg=white}
+\setbeamerfont{author}{size=\Large}
+
+\setbeamercolor{institute}{fg=white}
+\setbeamerfont{institute}{size=\large}
+
+\setbeamercolor{date}{fg=black}
+\setbeamerfont{date}{size=\large}
+
+\setbeamercolor{frametitle}{fg=white}
+\setbeamerfont{frametitle}{size=\LARGE}
+\setbeamerfont{framesubtitle}{size=\large}
+
+\makeatletter
+\setbeamertemplate{frametitle}{%
+ \vbox{}\vskip-0.5em%
+ \begin{beamercolorbox}[wd=.7\paperwidth]{frametitle}
+ \usebeamerfont{frametitle}%
+ \strut\insertframetitle\strut\par%
+ \end{beamercolorbox}
+ \ifx\insertframesubtitle\@empty%
+ \vskip.9em
+ \else%
+ \vskip-0.3em
+ \begin{beamercolorbox}[wd=.68\paperwidth]{frametitle}
+ \usebeamerfont{framesubtitle}%
+ \strut\insertframesubtitle\strut\par%
+ \end{beamercolorbox}
+ \fi
+}
+\makeatother
+
+\usepackage{tikz}
+\usetikzlibrary{calc,intersections,positioning,fadings,through}
+
+% footline
+\setbeamertemplate{navigation symbols}{}
+\setbeamertemplate{footline}{%
+ \leavevmode%
+ \hskip3pt%
+ \insertframenumber
+ \hfill
+ \SPEAKER
+ \hfill
+ \TITLE
+ \hfill
+ \includegraphics[height=0.7cm]{../logo-NGI_TALER_Bold.png}
+ \vskip0pt%
+}
+
+% background
+
+\usepackage{xcolor}
+\definecolor{left}{RGB}{0,66,179}
+
+\setbeamertemplate{title page}
+{%\leavemode%
+ \begin{beamercolorbox}[wd=\the\paperwidth, ht=\the\paperheight,ignorebg,center]{}
+ \begin{tikzpicture}[overlay, remember picture]
+ \fill [left color=left, right color=left!50!black] (current page.north west) -- (current page.north east) -- ($(current page.north east)+(0,-6.5)$) -- ($(current page.north west)+(5,-6.5)$) -- ($(current page.north west)+(4.5,-6.8)$) -- ($(current page.north west)+(4,-6.5)$) -- ($(current page.north west)+(0,-6.5)$);
+ \end{tikzpicture}
+ \end{beamercolorbox}%
+ \vspace*{-8cm}
+
+ \begin{beamercolorbox}[sep=8pt,left]{title}
+ {\usebeamerfont{title}\inserttitle\par}%
+ {\usebeamerfont{subtitle}\insertsubtitle\par}%
+ \end{beamercolorbox}%
+ \vskip1em\par
+ \begin{beamercolorbox}[sep=8pt,left]{author}
+ \usebeamerfont{author}\insertauthor
+ \end{beamercolorbox}
+ \begin{beamercolorbox}[sep=8pt,left]{institute}
+ \usebeamerfont{inst}\insertinstitute\\
+ \end{beamercolorbox}%
+
+ \begin{beamercolorbox}[sep=5pt,left]{date}
+ \usebeamerfont{date}\insertdate
+ \end{beamercolorbox}
+ \vspace*{2.5cm}
+}
+
+\setbeamertemplate{background canvas}
+{%\leavemode%
+ \begin{tikzpicture}[overlay, remember picture]
+ \fill [left color=left, right color=left!50!black] (current page.north west) -- (current page.north east) -- ($(current page.north east)+(0,-2)$) -- ($(current page.north west)+(5,-2)$) -- ($(current page.north west)+(4.5,-2.3)$) -- ($(current page.north west)+(4,-2)$) -- ($(current page.north west)+(0,-2)$);
+ \end{tikzpicture}
+}
+
diff --git a/presentations/2025-sandbox/tos.png b/presentations/2025-sandbox/tos.png
Binary files differ.
diff --git a/presentations/2025-sandbox/vqf902.1.png b/presentations/2025-sandbox/vqf902.1.png
Binary files differ.
diff --git a/presentations/2025-sandbox/vqfstats.png b/presentations/2025-sandbox/vqfstats.png
Binary files differ.
