Digital Euro – No Full Anonymity. Why Not?

Digital Euro - No Full Anonymity. Why Not? | Annerton

A contribution to the hearing in the Finance Committee of the German Bundestag on the digital euro on February 19, 2024

On November 8, 2023, the German Bundestag deliberated on the digital euro, engaging in a lively and intriguing debate [1]. There was bipartisan consensus that the German Bundestag desires to have a say in this planned epochal change to our monetary system, which is a legitimate and democratic aspiration. The decision regarding the introduction of the digital euro (D€), or perhaps its rejection, is not made by national parliaments or the European Parliament but solely by the ECB Governing Council, a small body consisting of ECB executives and national central bank presidents from the eurozone. On the parliamentary level, decisions are only made concerning the modalities of how the D€ and its introduction should be structured. To this end, the European Commission presented a draft European Regulation [2] at the end of June 2023. In this draft, the European Commission largely adheres to the design concepts of the ECB, including those regarding the privacy concept. This point, along with other contentious modalities (such as the non-functional and incomplete compensation model [3]), should be the subject of democratic debate and voting. The German Bundestag has referred two motions (CDU/CSU and AfD) to the Finance Committee, which will convene for a hearing with the participation of several experts on February 19, 2024 [4].

The Privacy Concept

The privacy concept of the D€ will certainly be a topic of discussion during the hearing. After all, during the ECB consultation phase, it was the most important topic for participating individuals. According to statements from the ECB and the Commission, users (both payers and payees) should be able to enjoy a cash-like “highest possible” or “high-level” anonymity with the offline variant. However, according to the ECB and the European Commission, the offline variant can only be used for small-value payments for in-person transactions. At least the FDP expressed a desire during the November debate for “far-reaching regulations to ensure that the digital euro does not represent a deterioration compared to cash” (Dr. Volker Redder [5]).

No “full anonymity”

However, there is one stumbling block that was set by the ECB at an early stage, which has so far prevented any discussion on privacy: there must not and cannot be full anonymity (as with cash), not even for offline low-value payments. [6] The European Commission has also adopted this “excluding full anonymity” requirement without justification and refers to the consistency with European regulatory provisions in relation to AML and CFT. [7] Complete anonymity would only be guaranteed if the user (or at least the payer) is not identified, as is the case with cash. However, according to the ECB, the user of the D€ should be subject to the usual KYC process for all cases of use and account types (online and offline).

An alternative would be identification only for the centrally managed D€ account, which can be used to make online payments (payment settlement in the ECB central system). Beyond that, there would be an anonymous (issued without identification) bearer instrument (e.g. a chip card or chip in a smartphone) in which digital euros are stored (as value units or as a decentralized account). Settlement takes place between these “local storage devices” (offline variant). The anonymous offline exchange, equipped with technical limits for the storage and/or transaction amounts, could be used with reduced risks for money laundering and terrorist financing.

The ECB cites two reasons why this fully anonymous offline variant is a no-go for them:

  • It is not compatible with European AML/CFT regulations for digital payments,
  • It prevents monitoring of the intended inventory limit per person.

In the ECB’s own words:

Full anonymity is not considered a viable option from a public policy perspective. It would raise concerns about the digital euro potentially being used for illicit purposes (e.g. money laundering and the financing of terrorism). In addition, it would make it virtually impossible to limit the use of the digital euro as a form of investment – a limitation that is essential from a financial stability perspective.” [8]

Argument 1: Lack of compliance with AML/CFT legislation

According to the ECB, there is currently no exception to the obligation to identify users of digital payment services: “Users of any digital payment services currently need to identify themselves to their PSP before they can start making use of such services.” [9] (underlined by author)

The ECB has obviously overlooked something here: Art. 12 of the AMLD5, which is still valid today, continues to allow the issuance of anonymous e-money with amount limits of 150 euros in face-to-face transactions and 50 euros for remote payments (e-commerce). These limits would be a good basis for the fully anonymous offline variant described above. There are several such anonymous products in the low-value segment in the EU. Significant AML/CFT risks have not yet been proven.

Argument 2: Inability to monitor holding limit

Here, the ECB introduces the personal limit for the allowable total amount of D€ into the discussion. The holding limit is intended to prevent a run on the D€ if private bank money loses trust during a banking crisis. Additionally, the stability of the current monetary system would be jeopardized by excessive withdrawal of private money towards the D€. It is not implausible that the D€ could unexpectedly become popular.

A maximum amount of 3,000 euros is often mentioned. This limit would only be relevant for individuals; for all other users (companies, merchants, governmental and public entities), the ECB envisions the holding limit being zero anyway. The limit refers to the sum of all D€ account balances (central/online and decentralized/offline) that an individual holds and which may be managed by different intermediaries (banks and other PSPs). Monitoring a personal limit requires KYC for all D€ holdings. Now, if in addition to the central account with identification, one were to have an anonymous holder instrument (“local storage device”) on which, for example, up to 150 euros could be stored, how would the ECB or an authorized third party monitor the personal limit (e.g., 3,000 euros)? One could hold the 3,000 euros in the account and also order storage media (such as cards) anonymously in any amount, each storing up to 150 euros to capacity. The ECB is correct: the prescribed limit could be circumvented.

But why should I do that?

Even after lengthy consideration, I cannot think of a reason why I should acquire additional storage devices and fill them with D€ small change. In the event of loss, damage, or theft, my euros would be lost for good. These digital offline euros can only be used in the low-value segment, such as buying bread at the bakery or paying my daughter her pocket money. If, for whatever reason, I were keen on ECB money, I would hoard the analogue version (banknotes) instead.

Disincentives instead of monitoring

There are simple ways to counteract the irrational hoarding of anonymous D€ devices. For example, by implementing a deposit rule (e.g., 25 euros per storage medium). Or each bank may only provide me with one anonymous storage devices per user. The bank would only record that a specific person received an unnamed storage device under their name. If one wanted multiple devices, they would have to visit multiple banks. Alternatively, one could introduce an expiry date for the storage media, etc. Some preppers may certainly not be deterred by this and will hoard these storage media filled with offline euros alongside their stockpile of toilet paper and canned food. Yes, they might hoard twice the allowed amount (20 storage devices at 150 euros each). However, this certainly wouldn’t undermine the stability of the financial system.

By the way, even in the case of the planned bearer instrument with mandatory identification, exceeding the limit is possible – based on today’s design concepts. Since the holder instrument only needs to appear online occasionally (for security reasons), one could keep the 3,000 euros in a centrally managed D€ account and accumulate additional D€ on the decentralized storage device, which a third party transfers with its device. As long as the device doesn’t go online, the limit violation remains undetected. If the central account wasn’t linked to a non-digital-euro current account, the unauthorized excess wouldn’t even be intercepted by the waterfall mechanism. Additionally, one could “lose” the storage medium more frequently, apply for a new one, and then conveniently find the old storage medium again.

Additional Benefits

The absence of KYC for the additional offline instrument not only guarantees “full anonymity” for small-value payments (completely in line with current AML/CFT legislation) and thus higher acceptance of the D€ but would also bring further systemic advantages:

  • -Monitoring account balances would be much simpler if the system didn’t also have to constantly reconcile the balance of the offline holder instrument. The ECB already sees technical issues with limit monitoring if multiple D€ central accounts were maintained per person. Therefore, it advocates for the one-account-per-person rule. [10]
  • Data from offline transactions, if KYC is waived, can be collected again without compromising the privacy level, contrary to the current concept (see Article 37 of the planned D€ regulation). This allows transaction monitoring for AML/CFT purposes. Additionally, the planned inter-PSP fee can be charged not only for online but also for offline transactions, as the system can identify the distributor to be compensated.

Both reasons given by the ECB for foregoing a fully anonymous offline variant of the D€, in my opinion, are not plausible. The issue should be reopened, considering all arguments.

[1] https://www.bundestag.de/dokumente/textarchiv/2023/kw45-de-digitaler-euro-973148
[2] https://finance.ec.europa.eu/publications/digital-euro-package_en
[3] Please refer to the analysis “The Compensation Model of the Digital Euro: Mission Impossible” in the PaySys Report No. 4 (2023) for further insights on this matter.
[4] https://www.bundestag.de/ausschuesse/a07_finanzen/Anhoerungen/988892-988892
[5] https://dserver.bundestag.de/btp/20/20133.pdf#P.16746, p. 16746; original speech: „weit gehende Regelungen, damit der digitale Euro keine Verschlechterung im Vergleich zum Bargeld darstellt“.
[6] See for a more detailed analysis “Digital euro: The concept and implications for privacy”, PaySys Report No. 1 (2023)
[7] See European Commission, Proposal for a Regulation of the European Parliament and of the Council on the establishment of the digital euro, COM(2023) 369 final, 28.6.2023, Context of the Proposal, p. 4
[8] ECB, Progress on the investigation phase of a digital euro, 29.09.22 (first progress report), p. 7
[9] ECB, A stocktake on the digital euro, 18.10.23, p. 37.
[10] see ECB, Opinion of the European Central Bank of 31 October 2023 on the digital euro (CON/2023/34), p. 9 (section 9.2 und 9.3)



By continuing, you accept our privacy policy.
You May Also Like