Image Privacy in crypto: compliance is possible
HomeInsightsKnowledge

Privacy in crypto: compliance is possible

Timer11 min read

  • Finance
  • Legal

The debate around privacy in cryptocurrency has long been framed as binary: transparent transactions satisfy regulators; private ones threaten compliance. That framing has shaped a decade of policy, driven exchange delistings, and left institutions treating privacy-preserving technology as inherently suspect. 

The tools to reconcile privacy with compliance have existed since 1985. The infrastructure to deploy that reconciliation at institutional scale exists in 2026. This article traces how regulatory fear became blanket exchange policy, examines the technical solutions already in production (zero-knowledge proofs, selective disclosure, Canton Network, Litecoin MWEB), and assesses where regulation is heading in Europe versus the US landscape.

Crypto privacy, sanctions, and regulation: how privacy coins became a target

The regulatory crackdown on crypto privacy began with events that gave authorities legitimate concern. In August 2022, OFAC sanctioned Tornado Cash, a mixing protocol on Ethereum, citing $7 billion in laundered currency since 2019, including $455 million stolen by North Korea's Lazarus Group.

The legal challenge was direct: November 2024, the Fifth Circuit ruled that immutable smart contracts could not constitute "property" subject to sanctions. In March 2025, the sanctions were lifted entirely.

Yet between sanction and reversal, the political message reshaped exchange behavior decisively. Monero delistings accelerated. Binance removed XMR in February 2024; Kraken delisted it across the European Economic Area in October 2024, citing MiCA and new EU anti-money laundering rules. 

The mismatch: what regulators needed vs. What exchanges did

Industry data shows close to 60 privacy token delistings across centralised exchanges in 2024 alone. The distinction matters: Exchanges prioritized risk aversion over understanding, and removing assets that might draw scrutiny despite no proven non-compliance. But this response solved the wrong problem.

Regulators asked for the ability to trace specific transactions when the law requires it, and does not request visibility into everything, for everyone, all the time. What mass delisting actually accomplished: 

  • Removed privacy: For everyone not just bad actors 

  • Bad actors: Simply moved elsewhere the targeted threat went unaddressed

  • Eliminated: A tool that could have been made compliant

  • Solved: Neither the regulator's problem nor preserved the technology.

  • The core mismatch: Regulators have not articulated a framework for compliance-gated privacy, and the industry responded with blanket bans instead of seeking architectural solutions.

Zero-knowledge proofs have already changed the architecture

The tools to reconcile privacy with compliance already exist. A zero-knowledge proof lets a person prove something is true without revealing underlying details. Think of it as a sealed audit: an accountant confirms solvency without revealing client lists, margins, or positions.

At cryptographic scale, the applications are concrete: 

  • Transaction validity: proven without disclosure

  • Sanctions screening: cleared without history revealed

  • Balance thresholds: confirmed without amounts shown

The verifier gains certainty. The prover's privacy remains intact. This differs fundamentally from mandatory-privacy coins like Monero, which hide all transaction data by default.

Monero and Zcash: more compliant than they appear

Monero's view key allows selective disclosure of transaction history to designated parties at the holder's discretion. Zcash's zk-SNARK architecture shields sender, receiver, and amount by default, but viewing keys enable selective transparency. Both represent serious architectural thinking about confidentiality and accountability coexisting. Neither is yet a complete institutional compliance solution and Zcash's shielded transactions remain a minority of network activity, narrowing the anonymity set; Monero cannot satisfy the FATF Travel Rule without holder involvement. 

Importantly, the regulatory picture is more nuanced than blanket delistings suggest. The Electric Coin Company (Zcash) has engaged directly with compliance bodies, and the conversation with regulators remains ongoing rather than closed. Both protocols are more compliant-capable than their market treatment indicates. But protocol-level solutions, however well-designed, face adoption and governance constraints. The most mature answer to the privacy-compliance question is running in production at institutional scale.

Canton Network: institutional infrastructure with privacy by design

Canton provides shared coordination infrastructure for regulated institutions without requiring shared visibility.

Participants operate independent applications with individual privacy boundaries. The Global Synchronizer orders and timestamps transactions across those applications without accessing their content. Atomic settlement ensures transactions complete in full for all parties or fail cleanly.

Privacy is enforced at the contract level through Daml smart contracts defining precisely who can observe what:

  • Regulators: Confirmation that settlement occurred and compliance conditions were met, without visibility into commercial terms

  • Counterparties: Only what contract logic explicitly permits

  • Validators: Contribute to network security without privileged access to participant data.

The network currently supports over $6 trillion in tokenised assets, with daily US Treasury repo trades exceeding $280 billion. This is production infrastructure operating at institutional scale in regulated markets.

Litecoin MWEB: optional privacy as a design principle

Litecoin's MimbleWimble Extension Blocks (activated May 2022) offer a parallel model: opt-in privacy attached to a transparent base chain. Amounts are obscured, sender identity replaced with stealth addresses, transaction graphs broken. The base chain remains fully transparent for those who do not engage MWEB, preserving auditability for regulated businesses. 

MWEB balance (March 2026): ~302,000 LTC, though adoption remains a small fraction of total network activity. South Korean exchanges delisted Litecoin in June 2022 following MWEB's activation, a reminder that opt-in privacy is not automatically accepted in high-compliance jurisdictions. 

The design principle is what matters: Optional privacy preserves exchange accessibility while offering meaningful confidentiality to those with legitimate need. Regulators have shown considerably more tolerance toward this model than toward mandatory anonymity. It points toward an emerging pattern, confidentiality as a user choice rather than a protocol default, that may define the next generation of privacy infrastructure.

Where regulation is heading: Europe has a framework, the US does not yet

The EU has moved furthest toward a coherent framework. MiCA established harmonised transparency and AML requirements. The 2024 AML Package tightens obligations further, requiring detailed transaction monitoring and strengthened cross-border enforcement.

Critically, neither framework blanket-prohibits privacy-enhancing technologies. The regulatory logic is precise: anonymity that cannot be selectively lifted is the target, not confidentiality itself.

The US position remains structurally unsettled. The Fifth Circuit's ruling on Tornado Cash drew a meaningful boundary: sanctions law reaches people and entities, not autonomous code. Whether this translates into a coherent framework for compliance-gated confidentiality remains open.

Conclusion: infrastructure ahead of policy

Canton demonstrates that institutional settlement can occur with full confidentiality between counterparties and scoped access for regulators. Zero-knowledge proofs demonstrate that transaction validity can be proven without disclosure. Viewing keys in Zcash and Monero demonstrate that selective transparency is cryptographically achievable.

What does not yet exist at equivalent maturity is regulatory standardisation to recognise and certify these mechanisms. Compliance professionals cannot readily audit a ZK proof without specialised expertise. Regulators across jurisdictions have not converged on which selective disclosure implementations satisfy their requirements.

The question now leans on which architectures will define that coexistence and which institutions will have built fluency with them before the standards arrive.

Published onJun 3rd, 2026

Welcome to CoinShares

Personal Data

0102

When you visit CoinShares website, cookies enhance your experience. They help us to show you more relevant content. Some cookies are necessary for the site to work and will always be active. Blocking some types of cookies may impact your experience of the website and the services which we offer on our website.

We use cookies on our site to optimize our services. Learn more about our EU cookie policy or US cookie policy.

  • Necessary
    Question circle icon
  • Preferences
    Question circle icon
  • Statistical
    Question circle icon
  • Marketing
    Question circle icon

Don't invest unless you're prepared to lose all the money you invest. This is a high-risk investment, and you should not expect to be protected if something goes wrong. Take 2 mins to learn more. Approved by Archax 19/12/2025

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
Preference cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in.
Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.
Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.