To counter the cryptocurrency craze, central banks around the world are taking a closer, keener look at introducing central bank digital currencies (CBDC). The Reserve Bank of India (RBI) too is considering its own trial of CBDCs with a pilot in December.
If the pilot is successful, the adoption of CBDCs will have major implications, which will not be restricted to just the financial world, but also extend to data protection challenges.
CBDCs are a digital form of a paper currency and unlike cryptocurrencies that operate in a regulatory vacuum, these are legal tender issued and backed by a central bank.
The introduction of CBDCs pose three important challenges that need to be addressed: first, the increased threats to privacy of individuals; second, choosing the privacy- and security-enhancing technology that needs to be employed; and third, the regulatory architecture that has to be set up to combat an issue such as a data breach.
The first issue to tackle is the heightened risk to the privacy of users—given that the central bank could potentially end up handling an enormous amount of data regarding user transactions. This has serious implications given that digital currencies will not offer users the level of privacy and anonymity offered by transacting in cash. Besides, the data stored with the central bank in a centralized system will hold grave security risks, and robust data security systems will have to be set up to prevent data breaches. Thus, it is important to employ the right technology that will back the issue of CBDCs.
The second concern of the choice of technology employed for CBDCs is critical as it should be scalable, with almost zero latency, secure and, needless to add, privacy preserving. However, if the central bank deploys a system akin to a core banking solution, the transactions will not be private and the RBI would be privy to all settlements and raise privacy risks. The most logical candidate for CBDCs should be a traditional multi-tier web architecture but this too has a potential downside. The sizing for the infrastructure required for the CBDC will remain tricky if payment transactions are carried out using the same system. The RBI will have to map the technology landscape thoroughly and proceed cautiously with picking the correct technology for introducing CBDCs.
Finally, the regulatory architecture that India needs to start issuing a digital currency is not in place. India is yet to pass the data protection bill and set up the Data Protection Authority that would oversee the range of privacy compliance by institutions, including grievance redressal in case of violations of personal data.
The financial data collected on digital currency transactions will be sensitive in nature, and the government will have to carefully think through the regulatory design. This would require close interaction between the banking and data protection regulators, where turf battles between authorities may also become an issue. The institutional mechanisms would need to ensure that there is no overlap between different regulators and chart out a clear course of action in case there is a data breach of digital currencies.
In past decades, India has seen many clashes between regulators—between the RBI and the Competition Commission of India (CCI) over control on mergers, and between the Securities and Exchange Board of India (Sebi) and the Insurance Regulatory and Development Authority of India (Irdai) on the Ulips (unit-linked insurance plans) issue. This pitfall needs to be avoided as such battles have created an enormous amount of uncertainty and delays, with costs to the regulator as well as the regulated entities.
Despite all these challenges, it would be prudent not to drop the idea of CBDCs altogether given that they would reduce transaction costs, and help with instantaneous cross-border transaction settlements and an easier transmission of monetary policy. The centralized network of data collection and storage, and the data collected on these digital transactions by central banks could spur innovative practices and make it easier to chart the credit history of individuals, issue loans and track their spending and prevent fraudulent transactions.
Hence, it is important that we address the various risks so as to introduce CBDCs in a manner that is beneficial to the whole system.
Hemant Adarkar is technology adviser and Resident Senior Fellow and Sharmadha Srinivasan is Senior Associate with IDFC Institute, affiliated with the Data Governance Network.
Catch all the Business News, Market News, Breaking News Events and Latest News Updates on Live Mint. Download The Mint News App to get Daily Market Updates.