Financial Inclusion or Surveillance? The CBDC Dilemma

There are approximately 1.4 billion adults in the world who lack access to a bank account. They cannot receive wages digitally, store savings safely, or access credit. They pay more for remittances, are excluded from formal insurance markets, and are more vulnerable to theft and economic shocks. This is the problem that proponents of central bank digital currencies most often invoke.

The argument for CBDCs as a financial inclusion tool is straightforward: a CBDC requires only a smartphone and a government-issued identity, not a relationship with a commercial bank. Central banks can issue CBDC wallets directly to citizens, bypassing the commercial banking infrastructure that excludes the poor. In countries where mobile phone penetration far exceeds bank account penetration — much of sub-Saharan Africa, South Asia, Southeast Asia — a retail CBDC could reach populations that the traditional banking system never will.

This is a real and compelling argument. But CBDCs also represent an unprecedented extension of central bank visibility into individual economic life — and, in the hands of governments willing to use that capability, a tool for surveillance and control that no previous monetary instrument has provided.

The Surveillance Architecture

Every payment made with cash is anonymous. The merchant knows you paid; your bank does not. The government does not. This anonymity is not an accident or a flaw — it is a feature of physical currency that has been understood and valued since coins were first minted.

A CBDC eliminates this anonymity at the infrastructure level. Every transaction is recorded on the central bank’s ledger. The central bank can see, in principle, everything you buy, from whom, when, and where. This data exists regardless of whether the government chooses to use it; the capability is inherent in the architecture.

Programmable money extends this capability further. A programmable CBDC can embed conditions into the currency itself: restrictions on what it can be spent on, when it expires, where it can be used. These features can be implemented as policy instruments — targeted welfare payments that can only be spent on approved categories of goods, for instance. They can also be implemented as tools of control.

China’s e-CNY: The Programmability Experiments

China’s digital yuan, the e-CNY, is the world’s most advanced large-scale CBDC deployment and the one that most clearly illustrates both the inclusion potential and the control capabilities of programmable money.

The People’s Bank of China has used the e-CNY for targeted stimulus payments, distributing digital yuan in lotteries to citizens in pilot cities. These payments have sometimes included expiry dates — the money must be spent within a defined period — and merchant restrictions. These features ensure that stimulus achieves its intended economic purpose of stimulating consumption rather than being saved. From a pure economic policy perspective, this is a legitimate and arguably effective design choice.

The same programmability that creates expiry dates and merchant restrictions could, in principle, create geographically restricted payments, politically restricted payments, or payments that are automatically clawed back upon a change in the recipient’s status. The e-CNY has been integrated with China’s existing digital financial infrastructure, including WeChat Pay and Alipay, which already provide the government with extensive transaction data.

Critics note that the e-CNY pilot was launched in time for the 2022 Beijing Winter Olympics, providing a global showcase. But the most consequential deployment has been domestic, extending reach into populations that previously used cash and thus moved outside the digital transaction record. Financial inclusion, in the e-CNY case, is also financial surveillance inclusion.

Nigeria’s e-Naira: Inclusion That Didn’t Reach the Unbanked

Nigeria launched the e-Naira in October 2021, becoming one of the first countries to deploy a retail CBDC. The stated goal was financial inclusion — Nigeria has a large unbanked population and high mobile phone penetration, the classic conditions for a CBDC inclusion play.

The results have been sobering. Despite the Central Bank of Nigeria’s push for adoption, surveys in the years following launch found e-Naira adoption rates of approximately 0.5% of the Nigerian population. Several factors explain the failure.

First, the e-Naira was designed as a digital version of the naira at a time when the naira was losing value rapidly due to inflation. Nigerians who wanted to store value digitally preferred stablecoins or direct dollars. Second, the e-Naira required a smartphone and a bank verification number — requirements that excluded much of the population it was intended to reach. Third, commercial banks were slow to integrate e-Naira wallets into their existing applications, creating friction in the user experience.

Nigeria’s experience suggests that financial inclusion is not solved by the mere existence of a CBDC. The architecture must be designed from the outset for the specific barriers that exclude target populations, and the macroeconomic conditions must make the CBDC attractive relative to alternatives.

The EU Digital Euro: Privacy as the Political Problem

The European Central Bank’s digital euro project has moved into the preparation phase following the Governing Council’s decision in October 2023. The ECB has been explicit that the digital euro will include privacy protections — offline payments will be anonymous like cash, and online payments will be pseudonymous rather than fully transparent.

But the political debate in the European Parliament has been fierce. Concerns have centered on whether the ECB’s privacy commitments are legally binding and whether they could be overridden by law enforcement or intelligence requirements. The digital euro legislation must navigate the tension between the ECB’s preference for a payment instrument that Europeans will actually use (which requires credible privacy) and member states’ law enforcement interests (which favor transaction visibility).

The EU debate illustrates that even in jurisdictions with strong privacy cultures and legal traditions — GDPR is the global standard-setter for data protection — the surveillance capabilities of CBDCs create genuine political conflict.

The Fundamental Tension

The financial inclusion argument for CBDCs is most compelling in contexts where the barriers to banking are infrastructure-related rather than preference-related. Where commercial banks simply do not serve certain populations because it is not profitable to do so, a central bank with a different mandate can provide services the private market will not.

But financial inclusion and surveillance are not fully separable in the CBDC architecture. A system that reaches the unbanked is a system that records the transactions of the unbanked. The question is not whether to accept some tradeoff between inclusion and privacy — that tradeoff is inherent — but rather what legal and technical safeguards can bound the surveillance capability that inclusion necessarily creates.

The answers to that question will differ by jurisdiction, by political culture, and by the trustworthiness of the governments involved. A digital euro backed by GDPR and ECB independence is a different proposition from a digital yuan backed by the Chinese Communist Party’s Social Credit System.

For policymakers, the CBDC dilemma ultimately comes down to a question about institutional trust: do the populations that need financial inclusion most have governments they trust enough to accept programmable central bank money? In many of the countries where the inclusion need is greatest, the answer to that question is complicated.