At the crowded Consensus Miami conference, a panel of blockchain strategists and compliance experts delivered a clear message: the long-standing tension between privacy and accountability on public blockchains is not an either-or proposition. In a session titled “Onchain Privacy and Identity,” speakers from Moody’s Ratings and cryptocurrency exchange ChangeNOW outlined how hybrid blockchain architectures and granular address-level monitoring can satisfy both individual privacy rights and the transparency demands of regulators, financial institutions, and law enforcement.

Rajeev Bamra, a senior strategist at Moody’s Ratings who focuses on digital finance, kicked off the discussion by framing the scale of the opportunity. “Institutional digital finance has grown by over 100 or 150% in the past 18 months,” he said, citing data that Moody’s has tracked across lending, settlement, and asset tokenization platforms. But he immediately tempered the enthusiasm: “Yet the entire market is still only about $35 billion. That’s a fraction of the more than $200 trillion in traditional clearing flows that move through established financial infrastructure every year.” Bamra argued that bridging this gap requires a trust layer that can provide both privacy for end-users and accountability for institutions—something that pure transparency, like a fully public ledger, cannot always deliver.

The core problem is well known to anyone who has followed blockchain development over the past decade. Bitcoin and Ethereum, the two largest public blockchains, record every transaction in plain view. While users are identified only by pseudonymous addresses, the entire history of those addresses—every send, receive, and smart contract interaction—is visible to anyone with an internet connection. Chain analysis firms have turned this into a massive industry, mapping addresses to real-world identities and selling the resulting data to exchanges, banks, and governments. For many privacy advocates, this represents a betrayal of the cypherpunk ethos that gave rise to cryptocurrencies. For regulators, however, it is a feature, not a bug: traceability enables anti-money laundering (AML) and counter-terrorism financing (CTF) compliance.

Pauline Shangett, head of compliance and risk at ChangeNOW—a non-custodial cryptocurrency exchange that allows instant swaps without registration—offered a practitioner’s perspective on how to navigate this tension. “At ChangeNOW, we do not ask for identity documents from our users, but that does not mean we are blind to what happens onchain,” she explained. “We map wallet addresses rather than full identities. When we detect suspicious activity—such as a known-sanctioned wallet interacting with our service—we can freeze that address at the protocol level without needing to know who is behind the keyboard.” Shangett emphasized that this approach respects user privacy by avoiding the collection of personal data, while still providing law enforcement with actionable intelligence in the form of flagged addresses and transaction flows. “Accountability does not require a name; it requires the ability to trace and respond to risk,” she said.

The panelists also explored technical solutions emerging from the broader blockchain ecosystem. Hybrid architectures, for instance, combine the openness of a public blockchain with selective privacy layers—often using zero-knowledge proofs or secure multi-party computation—to allow parties to verify transactions without revealing all underlying data. Bamra noted that Moody’s has been studying such architectures for credit rating purposes. “If we are going to rate a tokenized bond, we need to verify that the asset exists and that the cash flows are legitimate. But we don’t necessarily need to see every holder’s identity,” he said. “A well-designed onchain intelligence layer can give us the assurance we need without violating privacy norms.”

The history of privacy and accountability in crypto is long and often contentious. Early privacy coins like Monero and Zcash were designed from the ground up to hide transaction amounts, sender, and receiver. While these coins have legitimate use cases—protecting activists, journalists, and ordinary people in repressive regimes—they have also been criticized for enabling illicit activity. As a result, several exchanges delisted Monero in recent years, and regulators have increasingly targeted privacy-centric projects. Meanwhile, the rise of decentralized finance (DeFi) and non-fungible tokens (NFTs) on transparent blockchains like Ethereum has created new compliance headaches: a savvy analyst can trace a DAO member’s entire voting history or an NFT collector’s purchase timeline, potentially exposing personal preferences or financial status.

The panel at Consensus Miami represented a middle path. Rather than advocating for full privacy or full transparency, the speakers argued for a nuanced, layered approach. “It’s not about choosing one over the other,” Shangett said. “It’s about designing systems that give individuals control over their own data while still allowing institutions to meet their regulatory obligations.” She pointed to the European Union’s General Data Protection Regulation (GDPR) as an imperfect but useful analogy: “GDPR doesn’t say you can’t process data; it says you must have a lawful basis and respect data subject rights. Onchain privacy can be thought of the same way.”

Bamra expanded on the institutional angle. He noted that the $35 billion figure for institutional digital finance is dominated by stablecoin usage and a handful of tokenized money market funds. But the pipeline is growing. Major banks, asset managers, and clearing houses are actively piloting blockchain-based settlement systems—often on permissioned ledgers that offer built-in privacy controls. The challenge, he said, is that the most liquid and decentralized markets remain on public blockchains. “If institutions want to access the composability and liquidity of DeFi, they have to operate on public chains. That means they need tools to manage the transparency trade-off.”

One such tool is address-level monitoring, as employed by ChangeNOW and many other compliance providers. These services do not rely on know-your-customer (KYC) data for every user. Instead, they use clustering algorithms, heuristics, and third-party threat intelligence to flag high-risk addresses. When a flagged address interacts with a service, the compliance team can block the transaction or freeze the associated smart contract interaction. This creates a form of accountability without requiring a database of personal information. “We are moving from identity-based compliance to behavior-based compliance,” Shangett said.

The panel also touched on the role of decentralized identity (DID) and verifiable credentials. If a user can present a digital credential—issued by a trusted authority, cryptographically signed, and stored offchain—that proves they are not a sanctioned entity without revealing their name, then both privacy and accountability are served. This is the vision behind several projects, including those building on the Ethereum Name Service (ENS) and the Worldcoin initiative. However, Bamra cautioned that universal adoption of such systems is still years away. “We are in the pilot phase. Standards are still being written, and regulatory clarity is evolving,” he said.

The environment at Consensus Miami, held in the heart of Miami Beach’s convention center, reflected the broader maturation of the crypto industry. Two years ago, the same stage might have hosted debates about whether regulation was even necessary. In May 2026, the conversation has shifted to how to implement compliance in a way that preserves the core values of decentralization. The CLARITY Act, a major piece of U.S. crypto legislation that cleared a Senate committee earlier that day, loomed large over the event. Panelists were careful not to comment on pending legislation, but Shangett acknowledged that the direction of travel is clear: “Regulation is coming. The question is whether we design it to work with privacy technologies or against them.”

Bamra added a note of cautious optimism. “The fact that Moody’s is here, that we are actively researching onchain intelligence, shows that the market is demanding solutions that bridge the gap between decentralized technology and traditional risk management. I think we will see significant progress in the next 12 to 18 months.” He pointed to the growing interest in zero-knowledge (ZK) rollups, which not only improve scalability but also provide inherent privacy by batching transactions into a single proof. While ZK rollups are primarily marketed for throughput, their privacy potential is being explored by several layer-2 teams.

The panel concluded with a question from the audience about whether true anonymity is possible or desirable on a public blockchain. Shangett responded diplomatically: “Anonymity is a spectrum. For small everyday transactions, pseudonymity might be enough. For large institutional transfers, you might need a different level of verification. The key is to have options. Rigid systems that enforce one-size-fits-all rules will fail. We need flexible protocols that let users and institutions choose the appropriate level of privacy and accountability for each situation.”

In the bustling corridors of the convention center, after the session ended, attendees continued the discussion. Several startup founders clustered around a whiteboard sketching out ideas for a “compliance oracle” that could feed address-risk data into smart contracts without exposing underlying user data. Meanwhile, representatives from a major bank were overheard comparing notes with a DeFi developer about how to implement onchain credit scoring while respecting privacy. The consensus at Consensus seemed to echo the panel’s conclusion: privacy and accountability are not opposing forces but complementary ones—and the tools to balance them are already being built.

Looking ahead, the panelists emphasized that success will depend on collaboration between technologists, regulators, and financial institutions. Bamra noted that Moody’s is working with several blockchain analytics firms to develop standardized metrics for evaluating the privacy-accountability balance of different protocols. “We need a common language,” he said. “Right now, every project claims to be privacy-preserving, but the definition varies wildly. A rating agency can help bring clarity.” Shangett agreed, adding that industry self-regulation, such as the Travel Rule Universal Solution Technology (TRUST) group, can also play a role in setting best practices.

The broader implications extend beyond crypto. As governments around the world explore central bank digital currencies (CBDCs), the same tension between privacy and accountability will arise. CBDCs can be designed with a range of privacy features, from full transparency to anonymous cash-like tokens. The panel’s message was that the technology already exists to support a middle ground—one that protects individual privacy while still allowing for oversight of illicit activity. “We don’t have to reinvent the wheel,” Bamra said. “We just have to apply the lessons we are learning on public blockchains to other digital payment systems.”

Source: Coindesk News