Cyberattacks show the risks of digital currencies and centralised control – we need a return to community banking
That a cyberattack in Florida can cause 800 stores to close in Sweden is proof that our financial system is already too interconnected and susceptible to attack, yet what do central banks call for? More centralisation.
The Miami, Florida-based IT company Kaseya found at the beginning of July that its IT management software Virtual System Administrator (VSA) had been hijacked by hackers with ransomware, asking for US$70 million to release its grip. Kaseya serviced around 1,500 customers across the globe, according to Reuters, and, when faced with the prospect that all could be exposed to this extortion attempt via the bug called “REvil,” it urgently asked them to shut down their IT systems on Friday, July 2.Also on rt.com Cyberattack blame games are closer to nuclear war than it might seem – which is why a cyber-security treaty is essential
Likely the most noted fallout occurred 5,000 miles away in Sweden, where about 800 Coop supermarkets shut their doors on the same Friday, and throughout the weekend, because they could not process digital payments. In New Zealand, schools and kindergartens were also affected. By Tuesday, July 6, Kaseya had not yet rebooted its systems.
Since Swedish supermarket chain Coop (in Swedish, Kooperativa Förbundet) provides groceries, a lot of fresh food must have gone bad, while local communities could not obtain the food. The impact was likely significant, because the Coop group and its related consumer stores were estimated to account for about 20% of Swedish grocery retail trade (data from 2010). But did the shops really have to close? Historically, the Coop had consisted of many independent local co-operative shops, which then merged themselves into one large co-operative supermarket chain. The core co-operative principles are self-help, self-responsibility and self-reliance. “‘Self-responsibility’ means that members assume responsibility for their co-operative – for its establishment and its continuing vitality,” we learn from the co-operative movement. “‘Self-responsibility’ means that members are responsible for ensuring their co-operative remains independent from other public or private organisations,” as the supporters of co-operatives explain. The closure of its 800 shops demonstrated that the centralisation of the Coop group was betraying the fundamental co-operative principles.
What do we learn from this?
We learn at least two things from this episode: Firstly, the co-operative principles are wise and, if organisations stick to them, they are more likely to be resilient to shocks and crises. It would appear that the Swedish Coop had abandoned its co-operative roots, become like any other centrally-run corporation, and was now paying the price. It is thus ironic that Coop shops had to close down. Apparently its local store managers were unable to take self-responsibility for their respective shops and keep their doors open, allowing customers to pay with cash, or even with ad hoc credit notes that they could issue (perhaps together with allowing a copy of their ID cards or passports to be taken) for the credit transaction to take place. After all, to pay with credit is standard practice: When a shop deducts funds from our bank account via the electronic payment system, we have used the credit provided by the banks to us, not official money.
So centralisation renders systems fragile. Instead, institutional designs consisting of many small, independent units, such as local grocery stores, would be far less susceptible to IT hacking and would deliver an overall far more stable and resilient economic system.
Secondly, centrally-operated digital payment systems are more fragile than decentralised cash-based payment systems. It is ironic that the attack on digital payment systems happened on Friday, July 2 2021, as this is when an international think tank with Swedish roots, the Renaissance Institute, launched its “Cash Fridays” campaign, asking everyone to use cash as means of payment on Fridays, in a day and age when cash has been increasingly marginalised – especially in Sweden. The cyberattack drove home the message that digital payments are far less robust and reliable than good old cash.
The vulnerability of digital payments
The great vulnerability of digital payments demonstrated by this cyberattack is highly topical, because at the very moment the central banks in many countries, including in Sweden and the Eurozone, are working hard to prepare the launch of their own ‘Central Bank Digital Currencies.’ These CBDCs appear to be high-tech solutions, but in reality many of their features are old: Without most people being aware of this, we have been using “BDCs” (bank digital currencies) for decades, namely whenever we pay by debit or credit card or bank transfer. Such digital money is simply the balance in our bank account. These are credit balances that exist in digital form only. So far, central banks only issue paper money, which accounts for only 3% of the money supply in many major economies. The rest, namely 97% of the money supply, has been bank digital currency.
In other words, the central banks want to move in on the banks’ dominant position in the market for digital currencies. So the biggest difference with the CBDCs that the Riksbank and the ECB want to introduce, compared to our existing money, is therefore that it would not be commercial banks that issue this new digital currency, but the central banks. In other words, despite the complicated-sounding name ‘CBDC,’ what is really about to happen is that central banks, despite being the regulators of the banks, are now preparing to compete head-on with the banks, by offering retail current accounts to the public. CBDC means that we can have a current account directly at the central bank. What we are witnessing is that central banks have ripped up the centuries-old agreement with the banks that the central banks, in return for being the regulators, would leave any business with the general public to the banks. This raises questions about whether fair competition by players on a level playing field is possible if one of them is the all-powerful central bank, and even whether there are conflicts of interest if a regulator decides to compete against those it regulates. Should we re-consider the past two decades of monetary policies in the light of the present knowledge that central banks want to compete against the banks? Could this explain the central bank policies that have killed thousands of banks during this time – 4,800 in the Eurozone under the watch of the ECB alone?
It is clear that banks stand little chance if faced with such unequal competition by their regulators: If we can all deposit money at the central bank, then at the first sign of economic or financial crisis, all bank deposits will shift to the central bank. Such a shift of bank deposits to a safe haven was indeed seen in Germany in October 2008, when the financial crisis hit North America and Europe. Ordinary German savers pulled their money out of the big banks and – read carefully – transferred it to the over one thousand small, local co-operative community banks, which they knew were safe and had not engaged in the large-scale financial speculation that brought down big banks in many countries in 2008. This assessment was correct: the small community banks, which make up 80% of all banks in Germany and over 90% of all lending to small and medium-sized enterprises, had not been affected by the so-called “Global Financial Crisis” of 2008, since they had not engaged in the international speculative lending for asset purchases that caused the asset bubble and bust in 2008. Instead, these community banks until then lent primarily to small, local businesses in the real economy. Such lending requires good knowledge of local firms and the ability to kick the tires when evaluating them – something large banks feel is too much work. Hence, the larger the banks, the less likely they are to lend to small firms and the more they are prone to lend for asset purchases, such as providing loans to hedge funds and private equity funds.
Banks, bubbles, and boom and bust
The reason why the big banks’ preferred financial lending for asset purchases is so dangerous, is that when banks lend, they do not actually lend out existing funds. Instead, as recent academic research has demonstrated beyond doubt, they are allowed to newly create the money that is provided as a loan. New money creation will have an impact on other parts of the economy. If a whole lot of money is created to purchase real estate and properties, for instance, property prices must rise, while GDP will not grow (asset transactions do not contribute to GDP). In other words, the bank lending for asset purchases is the reason for the asset price bubbles that precede banking crises.
We also learn that concentration of banking systems is dangerous: countries with a small number of large banks, such as the UK, are prone to boom-bust cycles and crises. But when the 2008 crisis hit, unemployment barely rose in Germany and there was no recession. That was thanks to its almost 1,500 community banks dominating the banking landscape – most of which are in fact independent local co-operatives. Like with independent local grocery shops, a banking sector dominated by many local community banks is far more resilient to shocks and crises.
At a time when central bank policies have reduced the number of banks in many countries – especially the US and the Eurozone (and fortunately not in the UK, where the Bank of England wants to help the establishment of new challenger banks) – the introduction of central bank current accounts for the public (CBDCs) is likely to result in a further concentration of financial systems, and hence greater fragility. Resilience comes from the ability to use cash and deal with independent and locally accountable organisations. Thus the recent cyberattack delivers valuable food for thought. And remember on Fridays: Pay with cash!
Like this story? Share it with a friend!
The statements, views and opinions expressed in this column are solely those of the author and do not necessarily represent those of RT.