Not your coin: Design considerations for central bank digital currencies and private money

Ellie Rennie
12 min readJun 14, 2020


An overview of how money is changing and why it matters.

[Note: The following article was my first dip into CBDCs. I did more research on this topic with Associate Professor Stacey Steel from University of Melbourne Law School. The article from that work is available open access in the journal Law, Technology and Humans here].

The saying ‘Not your keys, not your coin’ is used within cryptocurrency online forums and social media to remind people that their cryptocurrency is not secure unless stored in a wallet that only they hold the private cryptographic key to. Leaving cryptocurrency in an exchange account, for instance, means the exchange can move that value as and when it chooses.

‘Not your keys, not your coin’ also encapsulates how the infrastructure of money is changing — a shift that could allow you to hold dollars, euros or yuan in a digital wallet in the same way you might hold Bitcoins (BTC) or Ethers (ETH).

Almost all money exists as information transmitted across digital infrastructure rather than as physical cash. When we use cards and electronic transfers, this is not central bank money but commercial bank money — a liability that private sector financial institutions hold to the central bank (responsible for money supply, interest rates and other policy instruments). The commercial bank or authorised financial provider will convert this electronic IOU into cash at a customer’s command and honour customer payments, as long as it has sufficient balances to do so. Within this highly regulated system, technologies such as card payment networks interact with base technological infrastructures that are maintained by central banks and intergovernmental organisations. Cash, on the other hand, is central bank money that can be carried in your purse, hidden under a mattress, or given to another person, remaining traceless until it is converted back into digital form through a bank deposit.

Digital currencies shift the dependencies in this system. A digital currency is issued only in digital form and can theoretically be held by the owner and stored in a software or hardware wallet without the need for a financial services provider. Cryptocurrencies such as Bitcoin were designed with this intention. These are money in that they are a ledger of account and a store of value. They can also be more than money, providing infrastructure for applications to run where exchange of value is required and replacing some of the roles of institutions by overcoming trust problems (Hayes 2019; Berg et al 2019).

These digital infrastructures are being discussed by officials in forums such as Davos and the World Economic Forum with increasing intensity. A survey published by the Bank for International Services (BIS) found that 10% of the central banks surveyed are likely to issue a CBDC for the general public in the short term, representing 20% of the world’s population (Boar, Holden and Wadsworth 2020). Meanwhile, the Libra Association, established by Facebook, has stepped back from its original intention to be a distributed cryptocurrency and is positioning itself to work with regulators. These government and big tech proposals are happening in the context of a rapidly evolving decentralised financial instruments on public blockchains, offering immediate high-risk yet accessible alternatives to traditional payments, trading, investment and loans.

The design choices underpinning digital currencies are still being worked through. These centre on who issues the currency, other roles and constraints within the system, and whether the underlying infrastructure consists of a centralised or distributed ledger. There are significant implications for monetary policy, which are beyond the scope of this short piece. My concern is at the level of the user, and in particular what these choices mean for privacy, financial inclusion and payments. How these play out comes down to two key variables: who issues the currency and the infrastructure it is built on.

Central Bank Digital Currencies

Central Bank Digital Currencies (CBDCs) are digital currencies where the only party issuing and redeeming the currency is a central bank. China has been exploring digital cash since 2014 and is already piloting its DCEP (Digital Currency Electronic Payment) in four large cities. Within the broad category of CBDCs there are three models emerging:

Direct digital banknotes: In designing a CBDC, the central bank may opt for a system in which “regular savers are granted accounts with the Federal Reserve so the government can frictionlessly remit them new digital dollars” (Carter 2020), effectively creating a retail arm between central banks and the public. The benefit of this for consumers is that digital money would be more like cash in its peer-to-peer usability. It would offer convenient real-time payments, be widely accessible by not requiring credit checks, and provide easy cross-border payments (Aurer and Bohme 2020). As it would work like cash, credit facilities would not be attached to accounts held by members of the public.

What is the likelihood of this model? While this may be attractive for emerging economies, in advanced liberal economies, government provision of private goods and services generally only occurs when there is market failure. As the US Library of Congress points out, “[i]t is unclear whether the U.S. payment or banking systems suffer from market failures that a CBDC could address” (Congressional Research Service 2020, 2). A few jurisdictions, including Denmark and Switzerland, have determined that, currently, the costs of this model of CBDC would outweigh the benefits. The Bank of England (central bank of the UK) also makes a case against this model:

This approach does not play to the [Bank of England’s] comparative advantage, as it involves building services for large numbers of retail customers rather than for financial institutions. Building user-friendly services for the general public is a strength of the UK private sector, which can also build on this experience to ensure they provide inclusive services (Bank of England 2020, 25).

Platform CBDC: The Bank of England has instead proposed what they call a “platform model”, whereby the central bank would provide a core ledger, which would record CBDC and process payments. Private sector “payment interface providers” would be licenced to provide customer-facing services and to access the API of the central bank ledger. These providers would be the interface between the user and the ledger, performing Know Your Customer identity checks, and gathering anti-money laundering and sanctions information. The private sector would issue customer accounts, which means that these could remain pseudonymous on the core ledger providing some level of assurance against state surveillance. A similar model is proposed by the Digital Dollar Project in the US (Digital Dollar Project 2020).

Synthetic CBDC: A third model is where the private financial services industry is given even greater scope to create services and products through what is called a synthetic CBDC. In this scenario, a government would licence financial service providers who would store their customer’s funds in a central bank account. The company then receives a central bank liability in return that they could ‘package’ as a stablecoin, fully-backed by the central bank reserves (Mancini-Griffoli 2020). Multiple private companies could issue their own stablecoins (all backed by the same CBDC) and compete with one another.

Private sector digital currencies

When Facebook first announced that it was establishing the Libra Association in June 2019, its intention was to build a cryptocurrency with a stable price (known as a stablecoin), pegged to the US dollar and other currencies via a basket of assets. Libra would be a private proof-of-authority blockchain, meaning that an approved group of companies would run nodes, maintaining the ledger. Facebook itself would be just one node among many. The original Libra Whitepaper suggested that the Libra blockchain would become decentralised over time, effectively becoming a fully-distributed public blockchain. Since it was first announced, Libra has attracted criticism from regulators in a number of countries, and seven of the original partners have cut ties with the Association.

In April 2020, Libra released a new Whitepaper stepping back from its original vision. The new Libra will remain a private entity rather than a distributed blockchain, intending to comply with regulatory requirements in the countries where it will be used (Libra Association 2020). Shortly after the revised Whitepaper, the Association also appointed its first CEO, Stuart Levey, former US Dept of Treasury as the first Under Secretary for Terrorism and Financial Intelligence under Bush and Obama, sending a strong signal that Libra intends to work with regulators. Facebook’s Mark Zuckerberg told shareholders that one of the ways in which the company will profit from its Libra wallet (Novi, formerly Calibra) is for payments related to advertising auctions, noting that “payments is an area that the core infrastructure hasn’t been updated in a very long time” (Facebook 2020, 16). It is possible that Facebook’s plan align with the synthetic CBDCs model described by Mancini-Griffoli, or a similar environment within which multiple approved, privately-issued stablecoins exist, approved and regulated by government authorities, interacting with revamped central bank infrastructure.

Cryptocurrency stablecoins

There are a number of stablecoins already in existence and accessible to anyone with basic computing equipment and cryptocurrency literacy. Stablecoins were developed so that those possessing cryptocurrency could exchange volatile assets into a token that maintains the same value as a fiat currency (such as the US Dollar), thereby enabling them to enter into exchange using a recognisable and reliable value.

Various mechanisms can keep stablecoins close to the value of a fiat currency. Some, such as Tether (USDT which operates on the Bitcoin and Ethereum blockchains) purportedly holds 1USD in a bank account for each Tether issued, meaning that it should be redeemable at any time for $1. Other stablecoins use complex algorithms to maintain price. MakerDAO’s DAI, for instance, is pegged to the US dollar using smart contract enforced collatoralised debt positions (whereby a user deposits assets into a smart contract for a loan). The price of DAI is maintained through smart contracts that respond to market supply and demand dynamics, with some parameters and protections set by Maker token holders (who have voting powers).

Cryptocurrency stablecoins have so far mostly been used in the decentralised finance (defi) domain, consisting of loans for leveraged trading, as well as providing traders with a constant value from which to play futures markets and enact arbitrage across cryptocurrency exchanges. They have also been used successfully for cash transfer programs in the humanitarian sector, such as Oxfam’s Unblocked Cash project.


CBDCs are pitched as providing benefits, including efficiencies in interbank transfers, anti-money laundering and anti-terrorism, and greater financial inclusion. However, achieving one benefit may come at the expense of another.

Cash-like usability: As mentioned earlier, CBDCs could be cash-like in their usability, including merchants receiving money instantly rather than waiting for card payment providers. As the design of the CBDC can undermine private financial services business models, this may be a determining factor in the form these take. If commercial banking infrastructure goes down, a CBDC system could provide people with access to their money directly.

Financial inclusion: Over 1 billion people worldwide are defined as unbanked or underbanked, unable to set up bank accounts because they lack identification, or are excluded through high fees. Mobile financial services such as M-Pesa have filled this gap in some places. CBDCs might also assist those who are excluded from commercial banking, although this will depend on whether there are fees attached to CBDC services; the platform and synthetic models of CBDCs outlined above could reproduce existing bank and payment provider barriers for those who do not have legal identity documents or are excluded due to bank fees. Digital exclusion is also rarely considered in these debates. The WEF notes that “Policy-makers must seek to encourage the unbanked to participate in any new digital currency regime. They must be aware of hurdles to adoption such as usability challenges, access, or insufficient government identity documentation” (World Economic Forum 2019). Facebook and Libra have consistently asserted that Libra will enhance financial inclusion. One possibility is that tech companies will choose to develop their CBDC-related services as loss-leaders (Facebook anticipating their benefit as supporting advertising auctions, for instance).

Steering consumers away from cryptocurrency: New payment infrastructures for CBDCs exist because of cryptocurrencies. The invention of Bitcoin proved that value could be exchanged in a peer-to-peer manner across the internet. However, a clear motivation for the establishment of CBDCs is to avoid new private money undermining central bank power and the various instruments they use to keep economies stable. CBDCs might also avoid the risk that consumers bear by using cryptocurrency stablecoins or other private money. For instance, in March 2020, a confluence of factors related to the COVID-19 market crash caused problems for MakerDAO, with a number of vaults being auctioned for near zero ETH (MakerDAO 2020).

Efficiencies in interbank transfers: The infrastructures upon which the banking system relies are often referred to as out-of-date, slow computing systems, even though they can seem fast, safe and convenient for consumers. Remittance payments incur costs related to cross-border payments, including “correspondent banking fees, FX costs, telecommunication costs, scheme fees and interchange fees. Additionally, legal, regulatory and compliance costs are perceived as being significantly higher than for domestic retail payments” (G7 2019, 4).

Interoperability of CBDCs will be an important for remittances, defined by the Digital Dollar Project as a digital currency being able to “function and coexist with current and future financial infrastructure systems both domestically and abroad” (8). Without this, it is possible that a CBDC of one nation could gain widespread adoption in another, similar to the USD being accepted in some foreign countries.

Emerging systems and smart contracts: Digital money can be used for payments, including micropayments, within automated systems. A smart contract is “a contract-like arrangement expressed in code, where the behavior of the program enforces the terms of the contract” (Sills 2019). A CBDC token could be used as programmable money, designed for transferring value on for Internet of Things platforms, energy grids, government services, taxation and myriad other uses. China has been piloting a national blockchain called the BSN (Blockchain Services Network), which Digital Currency Electronic Payments (DCEP) will likely be used on. The BSN is intended for trade and supply chains (the digital silk road), smart cities and government services.

Illicit markets and geopolitical implications: A significant appeal of CBDCs is that they could make it easier for governments to combat money laundering, terrorism financing and to enforce sanctions. However, CBDCs can also be used by governments to avoid sanctions. Currently the vast majority of international payments are managed through the Society for Worldwide Interbank Financial Telecommunication (SWIFT). Information-sharing between SWIFT and corresponding banks means that authorities can track illicit payments such as money laundering and terrorist financing. Countries that are excluded from SWIFT cannot pay for imports or receive payments for exports. Russia, China and the EU have created alternatives, but CBDCs would further the process.

Venezuela’s petro, supposedly backed by state-owned oil and mineral reserves was developed at least partly to support sanctions circumvention, as was Iran’s plan to issue a state-backed “crypto-rial” currency (WEF, 12). Kumar and Rosenbach from the Harvard Kennedy School write that US policymakers are unprepared for the consequences of CBDCs: “The advent of digital currencies will degrade the efficacy of U.S. sanctions, limiting the country’s options to respond to national security threats from Iran, North Korea, Russia, and others. It will also hamper the ability of U.S. authorities to track illicit financial flows” (Kumar and Rosenbach, 2020). Moreover, emerging economies that have relied on loans from China for development activities may find that they are pressured into using the digital yuan if their own currencies are destabilised.

Privacy and CBDCs: As the Library of Congress notes, “A CBDC that provided complete anonymity would seemingly be incompatible with current policies designed to curb money laundering and other illicit activities. Thus, the Fed may be required to track and store information about CBDC users and their transactions. This would reduce individuals’ privacy, but might be more effective at preventing illicit activity” (Congressional Research Services 2020, 2). This level of total financial monitoring would also benefit public finance by making tax avoidance much more difficult and costly. CBDCs increase the capacity for state surveillance, enabling governments to access information about payments that could undermine public trust in the state. Governments could also coerce citizens and firms by stopping payments.

Researchers at MIT believe that cryptographic techniques could be used to maintain a level of privacy: “Legitimate public policy goals relating to combating criminal activity can be fulfilled while preserving the privacy of the public and preventing a central bank being drawn into the commercial surveillance models which are now prevalent in the private sector” (Ali and Nerula 2020, 11). Compliance with privacy laws, including the GDPR in Europe and the Consumer Data Right in Australia will influence the design of CBDCs. For instance, public and private entities would need the consent of the user before collecting or accessing financial data.

As consumers will often forgo privacy and provide consent for use of their data in return for convenience, existing privacy laws may not be adequate. Private tech companies gain dominance through what the BIS calls the data-network-activities loop or “DNA” loop (Gensler 2019). Facebook has a clear lead over Bitcoin (the most well-known cryptocurrency) when it comes to onboarding users to their wallet, and a dubious record when it comes to privacy.


The arrival of Bitcoin was a catalyst for governments and private firms to rebuild the infrastructures of money. Public blockchains continue to evolve, providing developers with the means to create new applications and tokens tailored for different privacy and efficiency needs.

Central banks, by contrast, need to balance competing extrinsic demands, from geopolitical power to the viability of existing domestic financial services industries. Design considerations include whether to use a centralised database or a distributed ledger and whether access is based on identification (accounts) or cryptographic knowledge (digital tokens).



Ellie Rennie

Professor at RMIT University, Melbourne. Australian Research Council Future Fellow 2020–2025: “Cooperation Through Code” (FT190100372) Twitter: @elinorrennie