CBDCs, or central bank digital currencies, are a new form of money that some countries are considering to adopt. CBDCs are digital tokens that represent the national currency and are issued and controlled by the central bank. CBDCs are different from cryptocurrencies, which are decentralized and operate on a peer-to-peer network. CBDCs are also different from the existing digital money, such as bank deposits and electronic payments, which are intermediated by commercial banks and other financial institutions.
Bad actors could derail the use of CBDCs and affect the userbase in various ways, depending on their motives and capabilities. Here are some possible scenarios:
- A hacker could exploit a vulnerability in the CBDC system or the digital wallets and steal, alter, or destroy the CBDCs of the users, causing financial losses, fraud, or identity theft.
- A criminal could use CBDCs for illicit activities, such as money laundering, terrorism financing, or tax evasion, by using anonymous or pseudonymous accounts, mixing services, or cross-border transfers.
- A terrorist could launch a cyberattack on the CBDC system or the critical infrastructure, such as the power grid, the internet, or the communication networks, and disrupt the CBDC service, causing panic, chaos, or social unrest.
- A state actor could use CBDCs for geopolitical purposes, such as undermining the dominance of the US dollar, influencing the foreign exchange rates, or imposing sanctions or embargoes on other countries .
- A rogue employee or a whistleblower could leak or expose the CBDC data or the CBDC system, revealing the personal and financial information of the users, the technical and operational details of the system, or the policy and regulatory decisions of the central bank.
Privacy
One of the main concerns about CBDCs is the impact on the privacy of the users. Unlike cash, which is anonymous and untraceable, CBDCs would enable the central bank and the government to monitor and record every transaction that the users make. This could create a digital trail of the users’ financial activities, preferences, and behaviors, which could be used for various purposes, such as taxation, law enforcement, surveillance, and social control. For example, the central bank could impose negative interest rates on CBDCs to encourage spending, or the government could restrict or freeze CBDCs for certain individuals or groups based on their political views or affiliations.
Moreover, CBDCs could also expose the users’ personal and financial data to third parties, such as private companies, hackers, or foreign adversaries. CBDCs would require the users to have a digital identity and a digital wallet, which could be vulnerable to data breaches, identity theft, fraud, and cyberattacks. For instance, a hacker could steal the users’ credentials and access their CBDCs, or a foreign adversary could launch a cyberattack on the CBDC system and disrupt the payments or manipulate the data.
Security
Another major challenge for CBDCs is the security of the system and the infrastructure. CBDCs would require a complex and sophisticated technology to operate, which could pose technical and operational risks. For example, the CBDC system could face malfunctions, errors, glitches, or downtime, which could affect the availability and reliability of the service. The CBDC system could also face scalability issues, such as congestion, latency, or capacity limits, which could affect the speed and efficiency of the transactions. The CBDC system could also face compatibility issues, such as interoperability, standardization, or integration, which could affect the usability and accessibility of the service.
Furthermore, CBDCs would require a robust and resilient defense against cyber threats, which could be constantly evolving and adapting. For example, the CBDC system could face attacks from hackers, criminals, terrorists, or state actors, who could try to compromise, sabotage, or destroy the system. The CBDC system could also face threats from quantum computing, which could potentially break the encryption and security protocols of the system. The CBDC system could also face threats from double-spending, which is the risk of spending the same CBDC twice, which could undermine the integrity and trustworthiness of the system.
Stability
A third category of risks and threats for CBDCs is the impact on the stability of the financial system and the economy. CBDCs could have significant implications for the monetary policy, the banking system, and the financial markets. For example, CBDCs could affect the transmission and effectiveness of the monetary policy, by changing the demand and supply of money, the interest rates, the inflation, and the exchange rates. CBDCs could also affect the profitability and viability of the banking system, by reducing the deposits and lending of the commercial banks, and increasing the competition and disintermediation of the financial intermediaries. CBDCs could also affect the liquidity and volatility of the financial markets, by creating new channels and instruments for the flows and shocks of the capital, and increasing the contagion and spillover effects of the crises.
Moreover, CBDCs could also pose social and political risks, by creating new inequalities and conflicts among the users and the stakeholders. For example, CBDCs could create a digital divide between the users who have access and skills to use CBDCs, and those who do not. CBDCs could also create a power imbalance between the central bank and the government, the central bank and the commercial banks, and the central bank and the foreign central banks, which could affect the independence and accountability of the central bank, and the sovereignty and cooperation of the countries.
Innovation
A fourth category of risks and threats for CBDCs is the impact on the innovation and development of the digital currency and the payment industry. CBDCs could have positive or negative effects on the innovation and competition of the existing and emerging players and technologies. For example, CBDCs could foster innovation and competition, by creating new opportunities and incentives for the improvement and diversification of the products and services, and by enhancing the interoperability and collaboration of the platforms and networks. CBDCs could also hinder innovation and competition, by creating barriers and disincentives for the entry and growth of the new entrants and challengers, and by crowding out or displacing the existing and alternative solutions .
Furthermore, CBDCs could also face legal and regulatory risks, by creating new challenges and uncertainties for the governance and oversight of the digital currency and the payment industry. For example, CBDCs could raise legal and regulatory issues, such as the definition and classification of CBDCs, the rights and obligations of the users and the providers, the jurisdiction and enforcement of the laws and rules, and the coordination and harmonization of the standards and frameworks. CBDCs could also face ethical and social issues, such as the fairness and transparency of the CBDC system, the consent and participation of the users and the stakeholders, the accountability and responsibility of the CBDC providers, and the trust and confidence of the public .
Conclusion
In conclusion, CBDCs are a novel and ambitious idea that could bring some benefits, but also some risks and threats, to the users and to the society. CBDCs could affect the privacy, security, stability, and innovation of the digital currency and the payment industry, in ways that are not fully understood or anticipated. Therefore, CBDCs require careful and comprehensive analysis and assessment, as well as prudent and cautious design and implementation, to ensure that they are safe, sound, and beneficial for all.