119 - The Crypto Compatibility Problem
Kenya's digital assets industry has the regulations, the licences, and the roadmap. What it lacks is a language that central banks and compliance officers actually understand.
Illustration by Mary Mogoi
Hi all - This is the 119th edition of Frontier Fintech. A big thanks to my regular readers and subscribers. To those who are yet to subscribe, hit the subscribe button below and share with your colleagues and friends.
I will be taking this week off so there won’t be an article next week neither will there be Frontier Fintech GPS this Wednesday. Consistency is not about posting every week, it’s about doing things in a cadence that allows you to produce for many years.
Introduction
Kenya is making great progress in the establishment of Virtual Asset regulations. It has been really good to see how engaged the ecosystem is and the progress being made. Nonetheless, I’ve been having some conversations with some players in the industry and there seems to be something that is just not adding up.
The first was over coffee with someone whose primary job is building relationships across Kenya’s crypto ecosystem; exchanges, wallets, informal trading networks, the whole stack. The second was a call with someone who spends most of his working life in rooms with regulators, translating between what the industry wants and what supervisory authorities are willing to hear. Both are thoughtful people doing genuinely important work. And from both conversations, I came away with the same quiet unease.
The Central Bank of Kenya, they told me, has maintained a notably standoffish posture toward crypto regulation. Not hostile, exactly, more like a deliberate distance, a studied refusal to be drawn in. When the industry has pushed for engagement, the CBK has pushed back with a question that sounds simple and is actually quite hard: what exactly do you want from us? At worst, the CBK is simply ghosting the industry. Not showing up for meetings, not engaging in dialogue, just a cold calculated distance. The second pressure point was bank compliance. Crypto companies trying to establish banking relationships keep hitting the same wall. They lead with the upside; the six million wallets, the P2P volumes, the cross-border payments story and then a compliance head asks a basic operational question about AML frameworks or CDD procedures, and the room goes quiet.
There’s a scene in The Notebook where Ryan Gosling’s character grabs Allie by the arms and asks her, with some desperation: What do you want? It’s played as a romantic crisis. But the reason the scene has lived in popular culture for two decades is that it isn’t really about romance. It’s about two people who have been communicating around each other rather than with each other, and the accumulated frustration of all that misdirected energy finally breaking the surface. I kept thinking about that scene during both of my conversations. The CBK is asking what the industry wants. The compliance heads are asking what the industry wants. And the industry, for reasons I think are understandable but also structurally damaging, hasn’t had a clean answer. For everything to click, there has to be a clear answer.
In this piece, I want to do three things. First, make the case that crypto in Kenya; and across the continent should be thought of as an alternative banking system, and that most of the confusion in these conversations follows directly from the industry’s reluctance to own that framing. Second, use that framing to examine what the CBK’s regulatory posture actually signals, and what the industry should be asking for instead of what it has been asking for. Third, look at bank compliance and capital requirements through the same lens, because both conversations change substantially once you accept what kind of institution you are actually building.
In essence, there is a compatibility problem. To begin with, let’s talk about what Kenya’s crypto regulations actually enable.
What the Crypto Regulations Actually Enable
The Treasury has drafted the regulations that will govern Digital Assets in Kenya. They are the Virtual Asset Service Providers (VASP)Regulations 2026 and can be found here. At first reading, they are quite onerous in terms of capital requirements. However, the best framing it to look at the from a future capabilities perspective rather than a current constraint perspective. Once we see them this way, it also sets the stage to evaluate what approach matters from a Central Bank perspective.
The regulations create ten distinct licence categories. A Virtual Asset Broker requires KES 30 million in paid-up capital. A Virtual Asset Payment Processor requires KES 50 million. A Virtual Asset Wallet Provider and a Virtual Asset Exchange each require KES 150 million. An Initial Coin Offering Provider, a Tokenisation Provider, and a Token Issuance Platform each require KES 200 million. At the apex sits the Stablecoin Issuer, at KES 500 million.
Read individually, each licence is a permission to operate a specific function within the digital asset ecosystem. Read together, they are the architecture of an alternative financial institution.
Consider what a fully licensed operator; exchange, wallet, payment processor, token issuance and stablecoin issuance; would actually be able to do. It could operate a trading platform for digital assets. It could custody digital assets on behalf of consumers, with holdings segregated from its own on separate blockchain addresses, with mandatory reconciliation of on-chain holdings against internal records. It could process virtual asset payments. And it could issue a stablecoin: a fiat-referenced digital instrument backed 1:1 by reserve assets held in cash, government securities, or short-term repos, fully segregated from the issuer’s operating assets, legally ring-fenced in the event of insolvency, and redeemable at par on demand.
That is a payments system, a custody business, an investment bank and a monetary instrument under one regulatory umbrella.
Two important differences from a bank are worth naming honestly. The first is deposit-taking. A VASP cannot accept customer deposits in the legal sense that a bank can. But custody of digital assets in a wallet is, from a consumer’s perspective, functionally close to a deposit account. The consumer transfers value into the wallet, the operator holds it segregated from its own assets, and the consumer can retrieve it. The crucial differences are that the underlying asset is a digital instrument rather than fiat currency, and the consumer bears the asset risk rather than receiving a deposit guarantee. These are real distinctions. They are also distinctions that millions of people around the world have decided they can live with, which is precisely why six million Kenyans hold crypto wallets without any regulatory framework requiring them to.
The second difference is credit. A VASP cannot lend from its own balance sheet. This is the one genuinely unresolved problem in the alternative banking model, not just in Kenya, but globally. No jurisdiction has yet produced a clean, scalable framework for crypto-native credit intermediation that satisfies both the lending risk and the asset volatility problem simultaneously. The Kenya framework does not solve this either, and the article would be dishonest to pretend otherwise.
What the Kenya framework does offer, however, is a credible path around it. The CBK’s Digital Credit Provider regime, established under the Microfinance Act and extended through the Business Laws (Amendment) Act 2024, licenses entities to extend credit to borrowers across Kenya. A VASP holding a DCP licence alongside its digital asset licences could, in principle, extend loans collateralised against crypto holdings held in custody, the borrower’s wallet position serving as the security, the DCP framework providing the lending permission, and the exchange providing the liquidation mechanism if the collateral value deteriorates. Crypto-backed lending of this kind is operationally live in multiple markets. The Kenyan regulatory stack, read in combination, does not prohibit it. I don’t see the appeal of on-chain lending in and of itself. When someone is borrowing money, what they care about is how that loan is solving a problem. The bigger appeal to me would be to enable me to borrow against my collateral rather than managing a loan book on-chain.
What emerges from this full reading of the framework is a regulated entity that can store value, move value, issue a settlement instrument, and extend credit against digital collateral. It cannot call itself a bank or access the CBK’s lender-of-last-resort facility. Further, it cannot issue current accounts denominated in Kenya shillings. But it can serve a very large share of what consumers and businesses actually use financial services for.
The cost of assembling this stack is real. Wallet plus payment processor alone requires KES 200 million in paid-up capital. Adding exchange and stablecoin issuance brings the aggregate to KES 850 million. The VASP framework is not cheap. For a serious operator with serious capital, it is a significantly more accessible entry point into regulated financial services than the Banking Act has ever offered.
The industry has been reading the regulations as a constraint. The more productive reading is as a capability map.
The CBK Doesn’t Regulate Everything That Looks Like Finance
If the VASP framework creates something that functions like a bank without being one, the natural question is whether that is unusual. The answer, historically, is no.
The United States has an entire parallel financial system operating outside Federal Reserve jurisdiction. Money market funds; regulated by the SEC, not the Fed, take in short-term capital, hold it in liquid instruments, and offer returns that compete directly with bank deposits.They currently hold over US$ 7.2 trillion in assets. The Reserve Primary Fund’s collapse in September 2008, when it “broke the buck” and triggered a bank-run dynamic across the entire money market sector, revealed something that regulators had been slow to name: a system they didn’t regulate had grown large enough to threaten the one they did. The Fed intervened anyway, because it had no choice. They intervened by injecting liquidity into the banking system which is their job as lender of last resort. Private credit in the US tells a similar story. Apollo, Blackstone, Ares and their peers now manage over $1.5 trillion in direct lending assets, extending credit to businesses outside the banking system, under SEC and CFTC oversight, without ever touching a Federal Reserve balance sheet. These are not fringe activities. They are mainstream financial infrastructure operating under a different regulator.
Properties Developed by Evergrande and Financed through Shadow Banking - Image Source
China’s shadow banking system is the most instructive case at scale. Trust companies and wealth management products, formally licensed, supervised by the China Banking and Insurance Regulatory Commission rather than the People’s Bank of China directly, grew to represent an estimated RMB 47.6 trillion in assets (US$ 7 trillion) by 2024, equivalent to a significant share of Chinese GDP. They took in funds from retail and institutional investors, channelled credit into real estate and infrastructure, and offered returns that deposit-regulated banks could not match. The PBOC monitored the system. It did not govern it. When Evergrande collapsed and trust companies began failing, the consequences were severe, but the system’s existence was never the policy error. The policy error was allowing it to grow without adequate reserve and disclosure requirements. The framework, in other words, was the solution, not the problem.
Kenya has its own version of this story, and it sits closer to home. According to SASRA, SACCOs operate across KES 680 billion in member savings, extend credit, and manage deposit-like accounts for millions of Kenyans; all outside CBK jurisdiction, under SASRA, a regulator that has historically operated with materially thinner supervisory capacity. The consequences have been documented. The Kenyan SACCO crisis produced losses running into billions of shillings, governance failures at institutions managing significant member assets, and a persistent consumer protection gap that SASRA has struggled to close. The CBK was not involved, because the CBK’s mandate does not extend to SACCOs. That is not a failure of the CBK. It is a deliberate feature of how Kenya’s financial architecture was designed, the same deliberate feature that the VASP Act is now replicating under the CMA.
The pattern across all three cases is identical. When a new financial category emerges doing bank-adjacent things, the regulatory response is almost never to bring it inside the central bank perimeter. It is to build a parallel, purpose-built framework and assign it to a different supervisor. The SEC for money markets. The CBIRC for trust companies. SASRA for SACCOs. The CMA for VASPs. What’s worth noting is that crypto falls to the nearest regulator outside of the Central Bank. In Europe, crypto regulations fall under the European Securities and Markets Authority, in South Africa it’s FSCA and in the US, there’s a tug of war between the SEC and the commodities regulator.
The CBK’s stated position, that it does not see a natural fit for CBK regulation within the crypto industry, is, viewed through this lens, not a dismissal. It is the standard response. The CBK has never regulated every institution doing bank-like things in Kenya, and the precedent for not doing so is well established.
What the CBK does need to do is narrower and more specific. In 2015, it issued a circular warning commercial banks against facilitating transactions for crypto businesses, a position it has not formally rescinded. That circular is the actual problem. It sits between licensed VASPs and the banking relationships they need to operate; not as regulation, but as institutional caution that has never been updated to reflect a changed legal landscape. The VASP Act exists. The case for the circular’s continued existence has expired. The CBK does not need to regulate crypto. It needs to stop discouraging the banks it does regulate from banking an industry that now has its own regulatory home. Moreover, this circular may be moot because once the regulations are passed because I don’t understand how the CBK would continue placing a ban on something that has a constitutional basis in Kenya.
What the Crypto Industry Wants From Banks
The conversation between Kenya’s crypto industry and its banking sector conflates two separate asks that have different timelines, different decision-makers, and different playbooks. Treating them as one is part of why both keep stalling.
The first ask is simple: open our accounts. Crypto companies need banking relationships to operate; to receive fiat, pay staff, settle with counterparties, and manage treasury. This is not a complex compliance question. It is a basic business banking request from a company that, once the VASP regulations are passed, will hold a CMA licence and operate under a defined regulatory framework. The reason Kenyan banks have not been opening these accounts is not because their compliance teams have evaluated the risk and found it wanting. It is because the CBK’s 2015 circular created institutional cover for refusal. When a regulator tells the banks it supervises to be cautious about an entire category of customer, the compliance function does not need to think further. The circular is the answer.
This means the account-opening problem is not a compliance problem, it is a policy problem. It resolves when the CBK lifts the circular, which becomes difficult to justify once the VASP regulations are passed and licensed VASPs have a constitutional basis for operating in Kenya. At that point, a licensed VASP is a regulated NBFI with a defined supervisor and documented compliance framework. The argument for treating it differently from any other NBFI at account-opening collapses on its own weight.
The second ask is more ambitious and more interesting: enabling banks to offer crypto products and services to their own customers. This is the B2B2C model. the VASP as infrastructure provider, the bank as distribution channel, the bank’s retail or commercial customers as the end beneficiary. This is where a Moreyball framework actually matters.
In 2002, Billy Beane transformed the Oakland Athletics by identifying that certain outcomes were systematically underpriced by the market. His team stopped competing on traditional terms and focused relentlessly on the highest-probability play available. Daryl Morey applied the same logic to basketball. The corner three and the shot at the rim are statistically the most valuable possessions; the mid-range jumper, however aesthetically satisfying, is the least efficient use of a possession. We covered this framework in an earlier Frontier Fintech piece in the context of how Nigerian leaders decide about policy. The logic transfers directly to compliance.
A bank compliance function is a Moreyball operation. It manages a finite team against a stack of defined obligations; CBK inspection findings, FATF mutual evaluation preparation, AML/CFT framework reviews, correspondent banking due diligence cycles. Its efficient shot is always the next item on that existing list. A novel B2B crypto partnership proposal, however commercially attractive, arrives as a mid-range jumper: high effort, uncertain outcome, no established decision framework.
The crypto industry’s pitch for B2B2C partnerships has consistently led with the commercial opportunity, the wallet addressable market, the cross-border payments case, the custody revenue potential. This is the wrong opening. A bank’s compliance function is not evaluated on the revenue its decisions enable. It is evaluated on the risk its decisions avoid. Leading with upside in a compliance conversation is the equivalent of taking that mid-range jumper. It feels compelling and it rarely converts.
The pitch that lands is sequential and maps risk frameworks explicitly. It begins with the VASP licence and what it requires, board governance, a compliance officer, AML/CFT obligations, customer due diligence procedures, transaction monitoring, and suspicious activity reporting. It then demonstrates how each of those requirements maps against the bank’s existing due diligence categories for non-bank financial institution partners. It proceeds through each material risk; AML exposure, settlement risk, asset volatility, consumer liability and shows, at each step, how the VASP framework addresses it. The goal is to convert the compliance officer’s decision from a novel judgment call into a routine one. Not: should we partner with this crypto company? But: does this licensed, regulated entity with a documented risk framework meet our standard NBFI partnership criteria?
The efficient shot in a bank compliance meeting is the one that removes discretion from the equation. The VASP framework has built the architecture to do that. The industry needs to learn to use it.
The Progress is Real, It’s Time to Now Act Like It
Kenya’s crypto industry has more to show for the last decade than it typically acknowledges in its own conversations. Six million wallet holders. A VASP Act on the statute books. Draft regulations that create a credible, if demanding, licensing framework. A CMA that has moved from observer to supervisor. Across the continent, the direction is the same; Nigeria’s SEC, South Africa’s FSCA, Ghana’s BoG are all building frameworks that treat digital assets as a regulated financial institution category rather than a technology experiment. The first step has been taken, in multiple jurisdictions simultaneously. That is not a small thing.
The complaint that capital requirements will stifle the industry is one that would not survive five minutes in any other financial services context. Nobody argues that the KES 10 billion(US$ 80 million) minimum for a commercial banking licence is suppressing banking innovation. Nobody argued that FINRA’s capital requirements were the reason Robinhood hadn’t existed before, Robinhood treated compliance as a design constraint, built around it, and created one of the most consequential retail brokerage businesses of the last two decades. Regulators are not obliged to optimise for early-stage companies. Their mandate is the stability of the financial system and the protection of consumers. Arguing otherwise is not a regulatory critique. It is a request for special treatment that the industry has not earned and should stop making. Similar arguments are not made for insurers nor are they made for Stock Brokers.
The more important question is what comes after licensing; specifically, how the digital assets industry builds the kind of institutional credibility that changes how central banks think about it. And here the industry has significant ground to cover.
Central banks do not change their posture toward new financial categories because of lobby meetings or growth decks. They change because of research; rigorous, technically credible, peer-reviewed work that engages with the questions they actually care about. How does stablecoin issuance interact with monetary policy transmission? Does a widely adopted fiat-referenced stablecoin expand or contract the effective money supply? How should reserve requirements be calibrated for stablecoin issuers operating at scale? What are the second-order effects of crypto-backed lending on credit creation? There are very many unanswered questions in Crypto as Farzam Ehsani of Valr acknowledged in our podcast. For instance, how does fractional reserve banking work with digital assets like Bitcoin? These are not rhetorical questions. They are the questions sitting on the desks of central bank research departments across Africa, largely unanswered by anyone with a genuine stake in the digital assets industry.
What Africa’s crypto industry needs is an Institute of Digital Asset Studies, a genuine research institution producing white papers and working papers on the monetary economics of digital assets in emerging market contexts. The kind of institution whose publications land in the CBK’s research department and get read, argued with, and eventually cited. The kind of institution that creates the shared intellectual vocabulary between central bankers and the digital asset industry that currently does not exist. The compatibility problem at the heart of this article is ultimately a language problem. Regulators speak in frameworks, reserve requirements, monetary aggregates, and systemic risk. The crypto industry speaks in adoption curves, wallet counts, and disruption narratives. Until someone builds the translation infrastructure, the two sides will keep talking past each other in expensive meeting rooms.
The regulations are drafted. The licences are coming. The framework is, by any reasonable comparison, more accessible than what preceded it. What the industry does with that is the only question that remains open.