(Upbeat music) >> From the Hard Rock hotel in Las Vegas, its theCUBE! Covering the Hosho Con 2018, brought to you by Hosho. >> Okay, welcome back every one, this is theCUBE's exclusive coverage here live in Las Vegas for Hosho Con, the first inaugural event where security and block chain conferences is happening, it's the first of its kind where practitioners and experts get together to talk about the future, and solve some of the problems in massive growth coming they got a lot of them. Its good new and bad news but I guess the most important thing is security again, the first time ever security conference has been dedicated to all the top shelf conversations that need to be had and the news here are covering. Our next guest Greg Pinn who's the head of strategy and products for iComply Investor Services. Great to have you thanks for joining us. >> Very nice to be here >> So, we were just talking before we came on camera about you know all the kind of new things that are emerging with compliance and all these kind of in between your toes details and nuances and trip wires that have been solved in the traditional commercial world, that have gotten quite boring if you will, boring's good, boring means it works. It's a system. But the new model with Block Chain and Token Economics is, whole new models. >> Yeah I think what's so exciting about this is that in the Fiat world, from the traditional financial market, everyone is so entrenched in what they've been doing for 20, 30, 40 years. And the costs are enormous. And Block Chain, Crypto coming in now is like we don't have to do it that way. We have to do compliance. Compliance matters, it's important and it's your legal obligation. But you don't have to do it in the same sort of very expensive, very human way that people have been doing it in the past. >> And Cloud Computing, DevOps model of software proved that automations a wonderful thing >> Right >> So now you have automation and you have potentially AI opportunities to automate things. >> And what we've seen is huge increases in technology, in around machine learning and clustering of data, to eliminate a lot of the human process of doing AML, KYC verification, and that's driving down costs significantly. We can take advantage of that in the Crypto Space because we don't have thousands of people and millions of millions of dollars of infrastructure that we've built up, we're starting fresh, we can learn from the past and throw away all the stuff that doesn't work, or isn't needed anymore. >> Alright let's talk about the emerging state of regulation in the Block Chain community and industry. Where are we? What's the current state of the union? If you had to describe the progress bar you know with zero meaning negative to ten being it's working, where are we? What is the state of >> I think if you'd asked me a year ago I think negative would've been the answer. A year ago there was still a big fight in Crypto about do we even want to be part of Compliance, we don't want to have any involvement in that. Because it was still that sort of, Crypto goes beyond global borders, it goes beyond any of that. What's happened now is people have realized, it doesn't matter if you're dealing in Crypto Currency or traditional currency, or donkeys or mules or computers or whatever, if you're trading goods for value, that falls under Regulatory Landscape and that's what we're hearing from the SCC, from FinCEN, from all the regulators. It's not the form it's the function. So if you've got a security token, that's a security, whether you want it to be or not. You can call it whatever you want, but you're still going to be regulated just like a security. >> And I think most entrepreneurs welcome clarity. People want clarity, they don't want to have to be zigging when they should be zagging. And this is where we see domicile problem. Today it's Malta, tomorrow it's Bermuda. Where is it? I mean no one knows it's a moving train, the big countries have to get this right. >> A hundred percent. And beyond that what we're seeing, what's very, very frustrating for a market as global as this is it's not just country-level jurisdiction, the US you've got State-level jurisdiction as well. Makes it very, very hard when you're running a global business if you're an exchange, if you're any sort of global, with a global client reach. Managing that regulation is very, very difficult. >> You know I interviewed Grant Fondo who's with Goodwin Law Firm, Goodwin Proctor they call it Goodwin now, he's a regulatory guy, and they've been very on the right side of this whole SCC thing in the US. But it points to the issue at hand which is there's a set of people in the communities, that are there to be service providers. Law Firms, Tax, Accounting, Compliance. Then you got technology regulation. Not just financial you have GDPR, it's a nightmare! So okay, do we even need GDPR with Block Chain? So again you have this framework of this growth of internet society, now overlaid to a technical shift. That's going to impact not only technology standards and regulations but the business side of it where you have these needed service providers. Which is automated? Which isn't automated? What's your take on all of this? >> I agree with you a hundred percent, and I think what's helpful is to take a step back and realize while compliance is expensive and a pain and a distraction for a lot of businesses. The end of the day it saves people's lives. And this is what, just like if someone was shooting a gun as you were running down the street, in your house, you're going to call the police, that is what financial institutions are doing to save these industries and individuals that are impacted by this. A lot of it from a Crypto Currency perspective, we have a responsibility because so much of what the average person perception is, is Ross Ulbricht and Silk Road. And we have to dig our way out of that sort of mentality of Crypto being used for negative things. And so that makes it even more important that we are ultra, ultra compliant and what's great about this is there's a lot great opportunities for new vendors to come into the space and harness what existed whether that's harnessing data, different data channels, different IDDent verification channels and creating integrated solutions that enable businesses to just pull this in as a service. It shouldn't be your business, if you're in exchange, compliance is something you have to do. It should not become your business. >> Yeah I totally agree, and it becomes table stakes not a differentiator. >> Exactly >> That's the big thing I learned this week it's people saying security's a differentiator, compliance is a, nah, nah, I have standards. Alright so I got to ask you about the, you know I always had been on the biased side of entrepreneurship which is when you hear regulations and you go whoa, that's going to really stunt the growth of organic innovation. >> Right. But in this case the regulatory peace has been a driver for innovation. Can you share some opinions and commentary on that because I think there's a big disconnect. And I used to be the one saying regulation sucks, let the entrepreneurs do their thing. But now more than ever there's a dynamic, can you just share your thoughts on this? >> Yeah, I mean regulators are not here to drive innovation. That's not what their job is. What's been so interesting about this is that because of regulations coming to Crypto along with these other things, it's allowing businesses to solve the problem of compliance in very exciting, interesting ways. And it's driving a lot of technologies around machine learning, what people like IBM Watson are doing around machine learning is becoming very, very powerful in compliance to reduce that cost. The cost is enormous. An average financial institution is spending 15 percent. Upwards of 15 percent of their revenue per year on compliance. So anything they can do to reduce that is huge. >> Huge numbers >> And we don't want Crypto to get to that point. >> Yeah and I would also love to get the percentage of how much fraud is being eaten into the equation too. I'm sure there's a big number there. Okay so on the compliance side, what are the hard problems that the industry is solving, trying to solve? Could you stack rank the >> I think number one: complexity. Complexity is the biggest. Because you're talking about verifying against sanctions, verifying against politically exposed persons, law enforcement lists, different geographical distributions, doing address verification, Block Chain forensics. The list just stacks and stacks and stacks on the complexity >> It's a huge list. >> It's a huge list >> And it's not easy either. These are hard problems. >> Right, these are very, very difficult problems and there's no one expert for all of these things. And so it's a matter of bringing those things together, and figuring out how can you combine the different levels of expertise into a single platform? And that's where we're going. We're going to that point where it's a single shop, you want to release an ICO? You're an exchange and you need to do compliance? All of that should be able to be handled as a single interface where it takes it off of your hands. The liability is still with the issuer. It's still with the exchange, they can't step away from their regulatory liability, but there's a lot that they can do to ease that burden. And to also just ignore and down-risk people that just don't matter. So many people are in Crypto, not the people here, but there's so many people in Crypto, you buy one tenth of a Bitcoin, you buy a couple of Ether, and you're like okay that was fine. Do we really need to focus our time on those people? Probably not. And a lot of the >> There's a lot big money moving from big players acting in concert. >> And that's where we need to be focused. Is the big money, we need to be focused on where terrorists are acting within Block Chain. That's not to say that Block Chain and Crypto is a terrorist vehicle. But we can't ignore the reality. >> And I think the other thing too is also the adversary side of it is interesting because if you look at what's happening with all these hacks, you're talking about billions of dollars in the hands now of these groups that are highly funded, highly coordinated, funded basically underbelly companies. They get their hands on a quantum computer, I was just talking to another guy earlier today he's like if you don't have a sixteen character password, you're toast. And now it's twenty four so, at what point do they have the resources as the fly wheel of profit rolls in on the hacks. >> You know, one of the interesting things we talk about a lot is we have to rely on the larger community. We can't, I can't, you can't solve all of the problems. Quantum computing's a great example. That's where we look for things like two-factor authentication and other technologies that are coming out to solve those problems. And we need to, as a community, acknowledge That these are real problems and we've identified potential solutions. Whether that's in academia, whether it's in something like a foundation like the Ethereum Foundation, or in the private sector. And it's a combination of those things that are really driving a lot of it's innovation. >> Alright so what's the agenda for the industry if you had to have a list this long, how do you see this playing out tactically over the next twelve months or so as people start to get clarity. Certainly SCC is really being proactive not trying to step on everybody at the same time put some guard rails down and bumpers to let people kind of bounce around within some frame work. >> I think the SCC has taken a very cautious approach. We've seen cease and desist letters, we've seen notifications we haven't seen enormous finds like we see in Fiat. Look at HSBC, look at Deutsche Bank, billions of dollars in fines from the SCC. We're not seeing that I think the SCC understands that we're all sort of moving together. At the same time their responsibility is to protect the investor. And to make sure that people aren't being >> Duped. >> Duped. I was trying to find an appropriate term. >> Suckered >> Suckered, duped. And we've seen that a lot in ICOs but we're not seeing it, the headlines are so often wrong. You see this is an ICO scam. Often it's not a scam, it's just the project failed. Like lots of businesses fail. That doesn't mean it's a scam, it means it was a business fail. >> Well if institutional investors have the maturity to handle they can deal with failures, but not the average individual investor. >> Right, which is why in the US we have the credit investor, where you have to be wealthy enough to be able to sustain the loss. They don't have that anywhere else. So globally the SCC care and the other financial intelligence units globally are monitoring this so we make that we're protecting the investor. To get back to your question, where do I see this going? I think we're going to need to fast track our way towards a more compliant regime. And this I see as being a step-wise approach. Starting with sanctions making sure everyone is screened against the sanction list. Then we're going to start getting more into politically exposed persons, more adverse media, more enhanced due diligence. Where we really have that suite of products and identify the risk based on the type of business and the type of relationship. And that's where we need to get fast. And I don't think the SCC is going to say yeah be there by 2024, it's going to be be there by next year. I was talking to Hartej, he was one of the co founders of Hosho and we were talking on TheCUBE about self-regulation and some self-policing. I think this was self-governed, certainly in the short term. And we were talking about the hallway conversations and this is one of the things that he's been hearing. So the question for you Greg is: What hallway conversations have you overheard, that you kind of wanted to jump into or you found interesting. And what hallway conversations that you've been involved in here. >> I think the most interesting, I mentioned this on a panel and got into a great conversation afterwards, about the importance of the Crypto community reaching out to the traditional financial services community. Because it's almost like looking across the aisle, and saying look we're trying to solve real business problems, we're trying to create great innovative things, you don't have to be scared. And I was speaking at a traditional financial conference last week and there it was all people like this Crypto is scary and it's I don't understand it. >> You see Warren Buffett and Bill Gates poopooing it and freak out. >> But we have an obligation then, we can't wait for them to realize what needs to be done. We need to go to them and say, look we're not scary, look let's sit down. If you can get a seat at a table with a head of compliance at a top tier bank, sit down with them and say let me explain what my Crypto ATM is doing and why it's not a vehicle for money laundering, and how it can be used safely. Those sorts of things are so critical and as a community for us to reach across the aisle, and bring those people over. >> Yeah bridge the cultures. >> Exactly. Because it's night and day cultures but I think there's a lot more in common. >> And both need each other. >> Exactly. >> Alright so great job, thanks for coming on and sharing your insights. >> Thank you so much. >> If you have a quick plug on what you're working on, give the plug for the company. >> Sure, so iComply Investor Services is here to help people who want to issue ICOs, do that in a very compliant way. Because you shouldn't have to worry about all of your compliance and KYC and Block Chain Forensics and all that, you should be worried about raising money for your company and building a product. >> Alright final question since I got you here 'cause this is on my mind. Security token, has got traction, people like it 'cause no problem being security. What are they putting against that these days, what trend are you seeing in the security token? Are they doing equity? I'm hearing from hedge funds and other investors they'll want a little bit of equity preferred and or common, plus the token. Or should the token be equity conversion? What is some of the strings you're seeing? >> You know I think it' really just a matter of do you want paper or do you want a token? Just like a stock certificate is worth nothing without the legal framework behind it. A security token is the same way. So we're seeing where some people are wanting to do equity, where some of their investors want the traditional certificate. And some are fine with the token. We're seeing people do hybrid tokens where it morphs from security to utility or back. Where they're doing very creative things. It's what's so great about the Ethereum Network and the Smart Contracts, is there are all of these great options. The hard part then is, how do you fit those options into regular framework. >> And defending that against being a security, and this is interesting because if it converts to a utility, isn't that what security is? >> So that's the question. >> Then an IPO is an, again this is new territory. >> Right, and very exciting territory. It's an exciting time to be involved in this industry. >> In fact I just had an AE3B Election on tokens, first time ever. >> Yeah it's an amazing state that we're in. Where serious investors are saying yeah token's great for me. Give me the RC20 I'll stick it in my MetaMask Wallet, it's unbelievable where we are. And only more exciting things to come. >> Greg Pinn, thanks for coming on and sharing your insights. TheCUBE covers live here in Las Vegas, Hoshocon, the first security conference in the industry of its kind where everyone's getting together talking about security. Not a big ICO thing, in fact it's all technical, all business all people shaping the industry, it's a community it's TheCUBE coverage here in Las Vegas. Stay with us for more after this short break. (Upbeat music)