Virtual currencies (VCs) are seemingly gaining momentum in terms of usage as a medium for payment and remittances in the country. This is largely attributed to their ability to facilitate the movement of funds at a much faster, cheaper, and convenient way. While recognizing the potential benefits, the Bangko Sentral ng Pilipinas (BSP) is equally cognizant of the attendant risks, particularly, their propensity to be used in illicit activities such as money laundering and terrorist financing.
Following the warning advisory issued by the BSP in March 2014, a formal regulatory approach was adopted through the issuance of Circular No. 944 dated 6 February 2017. Under the said issuance, VC exchanges or businesses engaged in the exchange of VCs for equivalent fiat money in the Philippines, are required to register with the BSP as remittance and transfer companies. In view thereof, BSP-registered VC exchanges are now required to put in place adequate safeguards to address the risks associated with VCs such as basic controls on anti-money laundering and terrorist financing, technology risk management and consumer protection. Notwithstanding said issuance, the BSP does not, in any way, endorse VCs as legal tender, store of value or an investment vehicle.
With the recent price surge of VCs, such as Bitcoins, the BSP has observed that an increasing number of individuals or entities may be tempted to “invest” in VC pyramid schemes disguised as initial coin offerings (ICOs) or VC investment products. The public is therefore advised to exercise caution regarding the acquisition, possession, trading of VCs or dealing with VC-related offers. Unlike stocks or debt issues, VCs are not backed by any company or commodity and the price is purely dependent on market demand and supply. As such, investing in VCs presents a highly speculative and risky undertaking which might result into huge financial losses. To minimize risks, the BSP highly encourages existing and prospective VC users to deal only with BSP-registered VC exchanges and maintain only a sufficient amount of VCs enough to address transaction requirements. VC users should properly secure their VC holdings and observe security tips below to protect the confidentiality and integrity of personal information and transaction details.
Important security considerations for VC users:
- Set-up and use a dedicated email account. Avoid using the same email accounts or username that you have used in public platforms such as social media.
- Keep your VC-related email account to yourself. In any VC transaction, users need their email account and password. Thus, it is important to secure not only your password but also your email account.
- Set a strong password. Use complex and hard-to-guess passwords (i.e. alphanumeric including symbols, lower and upper cases). Avoid re-using the same password for more than one service.
- Observe basic internet security. Exercise caution in accessing your VC wallet especially when using wi-fi connections. Avoid installing software, browser plugins or downloading attachments from unknown or suspicious websites and emails. At the same time, do not leave your device unattended.
- Subscribe to multi-factor authentication (MFA) provided by the VC wallet provider. VC users should enable, whenever available, MFA options to their VC accounts. Adding another layer of authentication can provide increased security to your VC account and transactions.
- Separate your funds and use cold storage. VC funds should be separated in two or more digital wallets for transactional purposes. The main wallet used to store VC funds for future use should be kept offline or popularly known as cold storage wallet to minimize vulnerability to theft, hacking or fraud.