Keyword: Other Regulatory Issues (tax, anti-money laundering, OFAC, and antitrust)

California: The Next Frontier in Digital Asset Regulation

Update: Governor Newsom signed Assembly Bill 39, establishing the Digital Financial Assets Law on October 13, 2023. In signing, he called for more clarification in the regulatory process and in legislation. See his signing statement here.

The California Department of Financial Protection and Innovation (DFPI) may soon have another regulatory regime under its belt—answering the long-open question of digital asset regulation in California.

California legislators have passed the Digital Financial Assets Law that would require a license to “engage in digital financial asset business activity” with or on behalf of any Californians. Gov. Gavin Newsom is expected to sign it into law. If he does, the law will take effect July 1, 2025.

California will join with New York and Louisiana in requiring licenses for certain digital asset activities

Who Needs a License?

The California bill would require a license to engage in or imply the ability to engage in “digital financial asset business activity,” which the bill defines as:

  • Exchanging, transferring or storing a digital financial asset or engaging in digital financial asset administration directly or through a vendor.
  • Holding electronic precious metals or electronic certificates representing interests in precious metals on behalf of another person or issuing shares or electronic certificates representing interests in precious metals.
  • Exchanging one or more digital representations of value used within one or more online games, game platforms or family of games for:
  • A digital financial asset offered by or on behalf of the publisher from which the original digital representation of value was received.
  • Legal tender or bank or credit union credit outside the game, platform or family of games offered by or on behalf of the publisher from which the original digital representation of value was received.

Exemptions, Conditional Licenses and Penalties

The proposed bill excludes:

  • Most government entities.
  • Certain financial institutions.
  • Most people who solely provide connectivity software, computing power, data storage or security services.
  • People engaging with digital assets for personal, family, household or academic use—or people whose digital financial asset business activity is reasonably expected to be valued at no more than $50,000 per year.

The bill also exempts a significant amount of activity covered by laws such as the Securities Exchange Act of 1934 and the Electronic Fund Transfer Act of 1978.

A conditional license may be available for people who were licensed under New York’s BitLicense regime before January 1, 2023, as long as the person pays all appropriate fees and complies with the Digital Financial Assets Law.

Conditional licenses expire upon issuance of an unconditional license, denial of a license application or certain disapprovals or revocations in connection with New York virtual currency business approvals.

The state may impose civil penalties of up to $100,000 per day for unlicensed activity and $20,000 per day for material violations by a licensee or covered person.

Application Requirements

Much of the application process is similar to the process for a money transmitter license—business plan, corporate background information, disclosure questions, personal information about control persons and an application fee.

The law also requires the DFPI to investigate whether the applicant “has a reasonable promise of success in engaging in digital financial business activity” and is likely to comply with applicable laws and regulations.

The law permits use of the Nationwide Multistate Licensing System (NMLS) to collect and maintain records and process fees in connection with the license. As most states use NMLS for money transmission and digital asset licenses, this will likely streamline the application process for an established entity with a robust NMLS profile.

Approvals may be conditional, requiring an applicant to accept conditions the DFPI specifies.

Ongoing Compliance

As with money transmission, digital asset licensees must maintain surety bonds and meet capital and liquidity requirements. In addition, a licensee must show compliance with multiple requirements in an annual report and request renewal each fall. Failure to timely comply may lead to enforcement actions, possibly including suspension or revocation of a license.

Licensees will also be subject to periodic examination, at their own expense. The law allows regulators at various agencies to share information with other regulators and regulatory agencies. This information sharing may minimize individual examinations as regulators have been doing in the money transmission space, lessening costs and administrative burdens for both licensees and regulators.

Securing Digital Finance

Following the New York Department of Financial Services’ Cybersecurity Regulations—arguably the most robust state cybersecurity framework imposed on nonbank financial services—California plans to impose a similar expansion of cyber-related requirements on digital finance asset business activity.

Traditional cybersecurity regulations mandate a comprehensive written information security (INFOSEC) program, as in the case of the Digital Financial Assets Law. Unlike other cybersecurity regulations, the California law would focus on the technological aspects of digital assets. It also would require the development and implementation of an operations security (OPSEC) program.

  • INFOSEC programs focus on mitigating the risks associated with information technology assets, such as preventing unauthorized access to information systems.
  • OPSEC programs integrate daily information technology development and information security processes into a single operational unit. OPSEC programs:
  • Focus on collaboration, shared responsibility and agility in applying security concepts to each stage of the software development life cycle.
  • Are in the early stages of development in financial services but have been extensively discussed by technology firms and government contractors.

The new law requires a licensee’s information security and operational security policies and programs to:

  • Include reasonable and appropriate administrative, physical and technical safeguards to protect the confidentiality, integrity and availability of nonpublic personal information or digital financial assets it receives, maintains or transmits.
  • Incorporate traditional cybersecurity goals and objectives instead of the more limited goal of protecting “security” and “confidentiality.” That means INFOSEC programs that only cover data breaches would no longer be compliant.
  • Be informed by a “comprehensive risk assessment designed to ensure consumers are adequately protected from cybersecurity risk, risk of malfeasance, including theft, risks related to code or protocol defects, or market-related risks, including price manipulation and fraud.”
  • The risk assessment must cover more than just cybersecurity risk; it must also cover concepts such as account takeover and, potentially, fraudulent activity designed to cause a loss of digital assets.

OPSEC programs must:

  • Address “code or protocol defects,” i.e., vulnerabilities introduced in development, which can be a critical component of digital asset exchanges.
  • Consider digital manipulations that could influence the value of the digital assets.

These concepts are all relatively new, generally untested as to robustness and lacking in any third-party standards, unlike traditional cybersecurity frameworks such as NIST Cybersecurity Framework and ISO 27001.

Finally, in addition to introducing an OPSEC requirement, California has created a catch-all rule, requiring INFOSEC programs to comply with relevant state or federal laws. In other words, the heightened standards of the amended Safeguards Rule will also apply to digital finance asset business activity (the Safeguards Rule requires certain financial institutions to implement measures to keep customer information secure).

All of these new concepts require digital asset businesses to consider investments in cybersecurity processes, infrastructure and people. A failure to fully capture operational and cybersecurity risk and implement reasonable security controls may ultimately put the license at risk.

For companies doing business in digital financial assets, California’s law may help fill the gap between regulating with legislation and with enforcement. However, given the increased scrutiny on digital assets, it remains to be seen whether the law walks the line between regulation that provides a viable way to operate successfully while providing sufficient consumer protection to achieve the state’s goals.

6 Questions Blockchain Founders Should Ask When Launching a Product or Token

As any founder knows, operating in the blockchain space requires navigating a myriad of regulatory regimes. While every product and token are different, below are 6 key questions that any founder should ask themselves as they launch their product or token:

  1. Are you advertising to the public? If a company advertises to the public, anti-fraud and consumer protection laws are relevant. Regulators in the U.S. from the Federal Trade Commission and the Consumer Financial Protection Bureau, along with state attorneys-general, enforce rules to ensure advertisements and public statements do not contain (among other things) statements or promises that are false, misleading, or deceptive. Companies should screen public messages with their counsel before publishing them.
  2. Where do you plan to launch your product or token? Companies should be aware of sanctions programs in jurisdictions in which they plan to operate. In the U.S., the Office of Foreign Asset Control (“OFAC”) enforces compliance with U.S. sanctions programs. Conducting transactions with sanctioned persons or in a sanctioned jurisdiction is an offense and OFAC may impose penalties on a “strict liability standard.”  This means that OFAC can hold violators civilly liable regardless of whether they knew they participated in a transaction with a sanctioned person or entity. Many companies have policies and internal controls (e.g., customer screening and IP address blocking) meant to prevent prohibited transactions.
  3. Would a person reasonably rely on the Company’s efforts to profit from their purchase? If a blockchain company issues or plans to issue tokens or other digital assets, it is imperative that the company complies with securities laws. The lodestar for determining whether a token is an “investment contract” (one type of security) is the Howey Test. In short, pursuant to the Howey Test, a token is a security if a purchaser could reasonably depend on the efforts of a third party (i.e., the company) to generate a profit. While the interpretation of the Howey Test is more nuanced than that, understanding how consumers are going to think about your token is important in assessing the level of risk that launching the token might impose. The actual application of the Howey Test is fact intensive, and therefore requires comprehensive review and application of the token and the Company’s distribution plans.
  4. Will employees have access to sensitive information that could impact prices? If a company’s employees will have access to material, non-public information regarding prices of the company’s publicly traded digital asset or any other asset trading on a platform controlled by the company, the company should implement policies to prevent employees or other insiders from profiting off of that information (by implementing, for example, insider trading policies). These policies should dictate how and when an employee, consultant, or director is allowed to buy and sell the company’s digital assets or any other asset trading on the company’s platform.
  5. Will the Company transmit someone’s money? Blockchain companies acting as an “administrator” or “exchanger” of “convertible virtual currency” (“CVC”) may be deemed a money transmitter under federal law. In short, if a company has the authority or power to issue, remove, or exchange a cryptocurrency or virtual currency, the company may be required to register as a “money services business” under the federal Bank Secrecy Act, which requires companies to assist the U.S. government in detecting and preventing money laundering. In addition, 49 states also have “money transmission laws.” Each state has different laws with respect to CVC, so a state-by-state analysis will be required to determine where the company should file for money transmission licenses.
  6. Will the Company collect customer information? Consumer data protection has received a sizable amount of attention from both legislatures and regulators over the past several years, including the implementation of GDPR in the EU and the CCPA in California (just to name a couple prominent laws).  Any company that is collecting, storing, or transmitting consumer information should review its online privacy policy and terms of use, as well as its internal policies around how that information is stored and where that information is transmitted.  Even if still under the control of the company, data transferred from one jurisdiction to another may violate applicable data privacy laws.

The 6 questions above will help frame some of the more common regulatory issues that companies in the blockchain space need to pay attention to, but that list is certainly not exhaustive.  With an increased focus on blockchain companies by regulatory agencies, it’s important that founders operate within and understand existing regulations, and also make a plan for how they will adapt as those regulations change.

Crypto Regulation Marches On With Potential Consequences for Trading Systems

A flurry of recent activity has reinforced the SEC’s commitment to regulate crypto assets, including trading systems that trade crypto asset securities.

WHAT HAPPENED?

The SEC shared additional information in April 2023 on whether and how its proposal to expand the definition of “exchange” would affect trading systems for crypto asset securities. The SEC initially issued the proposal in January 2022. This revised proposal responds to comments the agency received requesting clarity on the application of existing rules and the proposal related to crypto asset security trading platforms that meet the proposed definition of an exchange or trading systems that use distributed ledger or blockchain technology, including DeFi systems.

WHAT DOES IT MEAN?

If the proposals take effect, they may require many crypto asset security trading platforms to register as national securities exchanges or as broker-dealers that must comply with Regulation ATS, which governs alternative trading systems. As currently drafted in the proposal, this would include decentralized exchanges operating on order book or automated-market-maker models.

WHAT DOES THE PROPOSAL SAY?

Current regulations say that a trading system must bring together “orders” to qualify as an exchange. The proposal would categorize a trading system as an exchange if it brings together “trading interest.”

Also, the rule now says an exchange must have “established, non-discretionary methods … under which such orders interact with each other, and the buyers and sellers entering such orders agree to the terms of a trade.” The SEC’s proposal would require only that an exchange include “communication protocols” for the interaction of trading interest.

WHAT’S THE CONTEXT?

When the SEC shared additional information on how expanding the definition of “exchange” could affect trading systems, it was just the latest of several signs of the SEC’s stance on regulating crypto assets.

  • SEC Chair Gary Gensler said in a statement that “many crypto trading platforms already come under the current definition of an exchange and thus have an existing duty to comply with the securities laws.”
  • In a statement at a House Financial Services Committee hearing on SEC oversight, Chair Gensler also reiterated his view that, “given that most crypto tokens are securities, it follows that many crypto intermediaries are transacting in securities and have to register with the SEC.”
  • The hearing also touched on the SEC’s proposed $2.15 billion budget for fiscal year 2023, which represents an increase of almost $240 million to what it sought in fiscal year 2022. Notably, fintech accounted for half of the six key areas identified in its budget justification, including goals to:
    • prevent fraud concerning crypto assets.
    • ensure crypto assets register and comply with securities laws where appropriate.
    • craft the right regulatory and enforcement approach to fintech startups.

The SEC’s focus on enforcement of crypto matters does not appear to be slowing. Its Crypto Asset and Cyber Unit was initially envisioned as a 20-person operation but has doubled in size. Moreover, just a few weeks ago, the SEC also shared job postings for additional positions in the unit.

Federal Reserve Requires Banks to Provide Notice Regarding Crypto-Asset-Related Activities

Federal Reserve Requires Banks to Provide Notice Regarding Crypto-Asset-Related Activities

The Federal Reserve Board (“FRB”) announced a significant shift requiring FRB-supervised banking organizations to disclose any current crypto-asset-related activity and to notify FRB in advance of entering into any such business activities in the future. This notification requirement may add some friction to the bank adoption of crypto-asset activities. This announcement follows the OCC’s previous direction to its supervised entities to “notify its supervisory office, in writing of its intention to engage in a range of crypto related activities.” With similar direction aimed at Federal Reserve banks that more regularly interact with crypto projects, legal and regulatory compliance diligence will be even more important.

What Happened

  • On August 16, 2022, FRB issued a letter to all of its supervised banking organizations requiring those institutions to notify their lead FRB supervisory point of contact if such banking organization is engaged in or intend to engage in “crypto-asset-related activities” in order to “ensure such activity is legally permissible and determine whether any filings are required under applicable federal or state laws.”
  • “Crypto-asset-related activities” include crypto-asset safekeeping and traditional custody services; ancillary custody services; facilitation of customer purchases and sales of crypto-assets; loans collateralized by crypto-assets; and issuance and distribution of stablecoins.
  • The letter also specifically referenced stablecoins as potentially posing risks to financial stability if adopted at large scale.

How Will This Affect Banking Organizations?

Supervised banking organizations must:

  • Ensure the Activities Are Legally Permissible
    • Supervised banking organizations must assess the legality of the proposed crypto-asset-related activities under state and federal laws and determine whether any filings are required under federal banking laws, including The Bank Holding Company Act, Home Owners’ Loan Act, Federal Reserve Act, and Federal Deposit Insurance Act.
    • If permissibility is not clear, supervised banking organizations are directed to consult their point of contact at the FRB prior to the commencement of such activities.
  • Notify the Federal Reserve
    • If a supervised banking organization is already engaged in crypto-asset-related activity, it should disclose all activities to its lead supervisory point of contact promptly.
    • Supervised banking organizations must notify their lead supervisory point of contact prior to engaging in crypto-asset-related activity.
  • Enact and Maintain Proper Controls
    • FRB’s letter emphasizes the importance of supervised banking organizations enacting and maintaining adequate risk management and controls related to crypto-asset-related activities, including:
      • Having adequate systems in place to identify, measure, monitor, and control the risks associated with crypto-related activities on an ongoing basis; and
      • Ensuring that these systems cover “operational risks (for example, the risks of new, evolving technologies; the risk of hacking, fraud and theft; and the risk of third-party relationships), financial risk, legal risk, compliance risk (including, but not limited to, compliance with the Bank Secrecy Act, anti-money laundering requirements, and sanctions requirements), and any other risk necessary to ensure the activities are conducted in a manner that is consistent with safe and sound banking and in compliance with applicable law, including applicable consumer protection statutes and regulations.”
    • Consider Notifying State Regulators
      • FRB encourages state member banks to also notify their state regulators prior to engaging in crypto-asset-related activity.

Why Does This Matter?

  • If you are a supervised banking organization that is currently involved in active crypto-asset activities, re-confirm that your activities are compliant and take another look at your service providers to ensure their compliance;
  • If you are a potential partner of a supervised banking organization, expect an even more robust diligence process, time to execution may be extended, and you may face increased ongoing reporting and information disclosure requirements; and
  • For all participants in the crypto-asset space, this is another example of the growing all-hands on deck approach to the regulation of crypto spurred by the Executive Order from earlier this year. The Executive Order’s first objective was to “protect consumer, investors, and businesses,” and we expect to see further action from the FRB and other regulators.

Non-U.S. Crypto and Other Money Services Businesses: Have Customers in the U.S.? Beware of AML and Sanctions Compliance Risk

Two recent guilty pleas involving a cryptocurrency exchange serve as a reminder to all money services businesses (“MSBs”)—including those ostensibly located outside the United States but that conduct business there—of the importance of implementing anti-money laundering (“AML”) programs and registering as MSBs with the U.S. Treasury Department’s Financial Crimes Enforcement Network (“FinCEN”). Last week, two founders and executives of BitMEX—a virtual currency derivatives exchange whose parent company was registered in the Seychelles but operated globally, including in the United States—pled guilty to criminal Bank Secrecy Act (“BSA”) violations stemming from the company’s willful failure to establish, implement, and maintain an AML program.[1]

The BitMEX enforcement action also highlights sanctions non-compliance risks. Without a Know Your Customer (“KYC”) program, BitMEX carried out transactions for customers based in Iran, a jurisdiction comprehensively sanctioned by the U.S. Treasury Department’s Office of Foreign Assets Control (“OFAC”). As OFAC has made clear, sanctions compliance obligations remain the same regardless of whether transactions are denominated in virtual currency or fiat. A focus on sanctions compliance may become even more critical for cryptocurrency companies in the wake of the new far-reaching Russia-related sanctions imposed by the United States, the EU, and the UK, among other governments, in response to Russia’s invasion of Ukraine. OFAC and the New York State Department of Financial Services (“NYSDFS”) have warned that as sanctioned persons and jurisdictions “become more desperate for access to the U.S. financial system,” they are likely to turn to cryptocurrency to minimize the crippling effect of sanctions.

BitMEX Founders’ Guilty Pleas

The two BitMEX founders’ guilty pleas on February 24, 2022 follow the company’s settlement with U.S. regulators in August 2021, which was one of the largest-ever resolutions with a cryptocurrency exchange. While BitMEX was incorporated in the Seychelles, it had connections to the United States, including maintaining offices there and soliciting and accepting orders from U.S. customers. FinCEN and the Commodity Futures Trading Commission found that BitMEX was operating as an unregistered futures commission merchant under the BSA, and that it failed to comply with the BSA’s AML program requirements, including by failing to maintain an adequate customer identification program.  BitMEX resolved the allegations for $100 million, with a $20 million suspended penalty pending the company’s remediation and prevention measures, including ending all operations within the United States and no longer serving any U.S. customers.

The Department of Justice charged four of the company’s founders and executives in October 2020. In announcing that two of them, Arthur Hayes and Benjamin Delo, had pled guilty to willfully violating the BSA, the Department of Justice alleged that these two founders “closely” followed the U.S. regulatory developments and were aware of their BSA obligations due to U.S. customers’ trading on BitMEX. Yet, they allegedly took affirmative steps purportedly designed to exempt BitMEX from the application of U.S. laws like AML requirements and KYC requirements. For example, according to prosecutors, “the defendants caused BitMEX to formally incorporate in the Seychelles, a jurisdiction they believed had less stringent regulation, and from which they could still serve U.S. customers and operate within the United States without performing AML and KYC.” Without “even basic” AML policies in place, BitMEX became “in effect a money laundering platform” and a “vehicle for sanctions violations.”

Takeaways

This development illustrates the significant risks to which foreign-located MSBs expose themselves if they have U.S. customers but fail to comply with the BSA. Incorporating in a “friendlier” jurisdiction, like the Seychelles in the BitMEX case, does not protect an MSB from BSA liability if it operates in the United States. The BSA applies to MSBs “wherever located” if they conduct business “wholly or in substantial part within the United States.” Thus, all MSBs, including those transmitting cryptocurrency—with any U.S. nexus—should take note of the BSA requirements. Those include registering with FinCEN; implementing a written AML program with policies, procedures, and internal controls, including regarding customer identification and verification; and controls to detect and report suspicious activity. The AML programs must be commensurate with the risks posed by the location, size, nature and volume of the services provided by the MSB and be effective in preventing the MSB from being used to facilitate money laundering and the financing of terrorist activities.

An effective AML/KYC program will also help ensure compliance with sanctions regulations. As noted, cryptocurrency exchanges will likely face increased sanctions risks due to the sweeping sanctions recently imposed against Russian banks, entities, and individuals by the United States, EU, UK, and other governments, and additional measures that may be imposed in the coming days or weeks. As such, cryptocurrency exchanges may face, and must address, “unique risks.”

By implementing a KYC program, which includes sanctions screening, cryptocurrency companies can help ensure they do not engage, directly or indirectly, in transactions prohibited by sanctions, such as dealings with blocked persons or property, or engaging in prohibited trade- or investment-related transactions. To ensure compliance, cryptocurrency exchanges should also employ geolocation and IP-address blocking to prohibit access by parties from sanctioned jurisdictions, perform transaction monitoring to detect suspicious activity, and file required reports with FinCEN and OFAC. Exchanges operating outside the United States that do not yet have but want to attract U.S. users should also consider implementing such measures.

[1] Also last week, on February 25, 2022, BitConnect founder Satish Kumbhani was indicted in a cryptocurrency Ponzi scheme, which the government alleges deprived investors worldwide, including in the United States, of over $2 billion. According to the indictment, to avoid regulatory scrutiny and conceal BitConnect’s fraudulent scheme, Kumbhani evaded and circumvented U.S. regulations, including those enforced by the FinCEN. Among other things, BitConnect never registered with FinCEN, as required under the BSA.

Proof-of-Stake Rewards: Payment for Services or a Baked Cake?

Against the backdrop of rapidly evolving blockchain technology, the IRS has oftentimes been slow to update its related tax guidance, leaving participants in the blockchain ecosystem uncertain about their tax obligations. Perhaps nowhere is this lethargy more pronounced than in the context of the consensus mechanisms that drives the entire blockchain network. Whereas, traditionally, coins rewarded pursuant to proof-of-work mechanisms have been treated as payment for services, an alternative class of consensus mechanisms, called proof-of-stake, may just be different enough to result in deferred taxation. Whether this is true is the subject of a recent legal claim that may, once resolved, shed light on the tax treatment of the increasingly popular proof-of-stake consensus mechanism.

Proof-of-Work Taxation

In 2014, an IRS Notice stated that a person that mines new blocks in a blockchain through a proof-of-work consensus mechanism must include any virtual currency received in connection with such activities in the miner’s gross income at the virtual currency’s fair market value. The ruling had an immediate impact on blockchains, such as Ethereum and Bitcoin, that depend on miners to add new data or ‘blocks’ to the chain. Through the proof-of-work consensus mechanism, miners are challenged to be the first to identify the missing number needed to solve a staggeringly complex hashing algorithm. For the lucky few who succeed, thousands of dollars’ worth of Ether or Bitcoin are awarded and—according to the IRS—taxable on receipt.

In the years following the IRS’s ruling, however, the taxation of mining has been complicated by the gradual adoption of an alternative consensus mechanism referred to as proof-of-stake. Under this method, miners—now typically called validators—are required to “stake” their holdings of a blockchain’s native coin in order to be eligible to win the right to add a new block to the chain. The more coins that a validator stakes, the greater the chance that they will be selected by the blockchain’s validation algorithm to add a new block to the chain. If the selected validator proposes an invalid block, however, the validator’s coins (or portion thereof) will be destroyed. This risk of loss in proof-of-stake validation adds a layer of complexity that is not present under the proof-of-work model, which simply involves the payment of virtual currency in exchange for the use of raw computational power to solve the mathematical puzzle. In addition, token holders will often stake their holdings to allow a third party, a validator, to use their tokens to validate the transaction as part of the proof-of-stake consensus mechanism. A welcome feature of proof-of-stake validation is that it requires considerably less energy than proof-of-work validation.

Whether this new feature is enough to challenge the taxability of any tokens or coins generated by the validation process has remained an open question that has only recently been publicly considered by the IRS.

The Jarretts—Answers at Last?

Sometime in 2019, Joshua Jarrett decided to participate on the Tezos blockchain as a validator. Jarrett staked his holdings in the native coin—Tezos—and as luck would have it, he won the right to propose new blocks on the Tezos chain. In return for validating the next block on the Tezos chain via the proof-of-stake consensus mechanism, Jarrett received 8,876 Tezos coins and dutifully paid $3,293 in federal taxes on the gain reported on his and his spouse’s joint federal income tax return.

A year later, the Jarretts had a change of heart and sought a $3,293 refund by filing an amended tax return. The Jarretts took the belated position that the coins were not taxable, using the “creation of an asset” theory. They argued that “new property—property not received as payment or compensation from another person but created by the taxpayer—is not and has never been income under U.S. federal tax law.” The Jarretts further reckoned that “[l]ike the baker or the writer, Mr. Jarrett will realize taxable income when he first sells or exchanges the new property he created, but the federal income tax law does not permit the taxation of the Jarrett’s [sic] simply because Mr. Jarrett created new property.”  The IRS denied the Jarretts’ refund claim, and the Jarretts filed a refund suit in the Middle District of Tennessee. Had the Jarretts taken the position on their original return that the reward was not taxable upon receipt, the IRS would have had been required to assess the unpaid tax. If the Jarretts wanted to challenge the assessment, they would have had to do so in the Tax Court. The IRS (and often many taxpayers) prefers to litigate technical issues in the Tax Court because of the court’s technical expertise.

The government countered that Joshua Jarrett never created new Tezos coins. Rather, in line with the tax treatment applicable to proof-of-work, the government argued that “Jarrett exchanged Tezos tokens for goods and/or services during 2019.” As such, Jarrett received the coins as payment for successfully proposing new blocks to the Tezos chain, and those coins were indeed taxable on receipt.

In something of an about-face, at the start of 2022, the government relented and offered to refund the Jarretts, as they had initially requested. However, unwilling to accept the government’s offer, the Jarretts have since elected to press on in order to force a definitive ruling on the taxability of virtual currency generated from proof-of-stake consensus mechanisms. The case is scheduled for trial in March 2023, and a final ruling may not take place until then.

Nonetheless, the Jarretts’ case is important to the blockchain industry as many chains have adopted, or are in the process of migrating toward, a proof-of-stake consensus mechanism, including Ethereum. The government’s initial concession appears to provide some basis to argue that perhaps an alternative tax treatment is appropriate, but the IRS may simply want to identify a taxpayer that did not report the tokens as taxable, assess a deficiency and force the taxpayer to sue in Tax Court. Blockchain participants, however, will have to wait for a firmer, and much needed, answer.

2022 Is the Year of Sweeping Changes for Cryptocurrency and Other Digital Asset Transfers

What to look out for in the proposed new Chapter 12 of the Uniform Commercial Code (UCC)

The world of cryptocurrencies and other forms of digital assets (such as non-fungible tokens) is exploding. While Bitcoin is the largest and best-known cryptocurrency in the global economy, it is far from the only one. The combined total value of Bitcoin, Litecoin, Monero, Ethereum, and all the other significant cryptocurrencies exceeds $2.4 trillion. In 2021, El Salvador enacted legislation to recognize Bitcoin as a medium of exchange. Other countries are also considering adopting similar legislation. Some countries even contemplate adopting their own blockchain-based currency as a form of legal tender.

Questions have emerged among regulators and market participants whether Bitcoin and other cryptocurrencies constitute “money” and how to perfect a security interest in such virtual currency (to ensure that it can’t be claimed by another party). Other questions relate to how interests in cryptocurrencies, NFTs, and other digital assets can be transferred or monetized and how purchasers of digital assets can be protected from adverse claims.

2022 will bring major changes to commercial law in a sweeping mission to answer some of these questions and to facilitate transactions in these emerging technologies. The proposed new Chapter 12 of the UCC will govern essentially any transfer (whether intended as a sale or a financing) of virtual currencies, NFTs, and other digital assets. These provisions will affect cryptocurrency startups and companies as they purchase and sell cryptocurrency, as well as financial institutions and fintech companies interested in financing cryptoassets and investment banks underwriting issuances of securities underpinned by crypto assets.

2021 and Earlier

By current definition, Bitcoin is not money because it is not a medium of exchange created, authorized, or adopted by a domestic or foreign government, or by an intergovernmental organization or by an agreement between two or more countries. Moreover, since Bitcoin, NFTs, and other digital assets are intangible and therefore not capable of possession, under the UCC as it is currently in effect, a security interest in them can currently only be perfected (as a general intangible) by the filing of a financing statement describing the digital asset. Under the UCC as it is currently in effect, it is uncertain that control of the digital wallet for a digital asset is sufficient to perfect a security interest.

Nevertheless, some practitioners have proposed a practical “workaround” to perfect a security interest in Bitcoin by “control” if the Bitcoin is held in a “securities account,” and the secured party has control over the financial assets (including the Bitcoin) held in the securities account. In this manner, a secured party will have control if the secured party, the debtor, and a securities intermediary (holding the account in which the Bitcoin is held) enter into an agreement in which the securities intermediary agrees to comply with the instructions originated by the secured party directing disposition of the funds and other property in the account without consent by the debtor. The securities intermediary must be a person, including a financial institution, custodian, or broker that in the ordinary course of its business maintains securities accounts for others and is acting in that capacity. The workaround provides the secured party with the amount of control that, as a practical matter, it would need to foreclose upon, and exercise its remedies with regard to the digital asset, but that control itself would not necessarily perfect the secured party’s security interest in the digital asset under the current UCC.

What is New

The proposed new Chapter 12 to the UCC will:

  1. address the transfer of digital assets/virtual currencies and also provide conforming changes to Article 9 of the UCC to address secured transactions in these assets
    • Chapter 12 is designed to govern the transfer (both outright and for security) of interests in some, but not all, electronic records (adopting a new term “controllable electronic records”) (e.g., Bitcoin/NFTs)
  2. facilitate secured lending against digital assets (e.g., virtual currency, NFTs, and electronic fiat money (i.e., central bank digital currency))
  3. provide protections for certain qualifying purchasers to take interests in virtual currency and digital assets free of conflicting property claims
  4. provide rules regarding the assignment of controllable accounts and controllable payment intangibles
  5. provide other changes including updates to the definition of chattel paper and revisions to the requirements for the transfer and perfection of security interest in chattel paper, and revisions to some rules regarding negotiable instruments and payment systems

How Will These Changes Affect Different Players in the Industry

Blockchain and Cryptocurrency Startups

Chapter 12 will impact blockchain and cryptocurrency startups and companies involved in purchasing, selling, and financing virtual currencies, NFTs, and other digital assets. Chapter 12 will govern the transfer of property rights in intangible digital assets (defined as “controllable electronic records”) that can be subjected to control. Control is the functional equivalent of “possession” of the digital asset. Companies are currently using digital assets in exchange for payment, rights to receive services, for goods or interests in personal or real property. Chapter 12 will reduce the risks among claimants to, and specify the rights in, the digital assets that the purchaser acquires and to facilitate these transactions.

Financial Institutions

Financial institutions, banks, and other lenders who finance virtual currencies and other digital assets will find it easier to arrange secured lending transactions under Chapter 12 (and conforming changes under UCC Chapter 9). A lender will have a perfected security interest if the lender has “control” over the digital asset (or the system on which the digital asset is recorded). In addition, financial institutions, lenders, and other secured parties should consider amending existing security documents. Many existing revolving credit facilities are secured by blanket or broad liens on substantially all assets of the debtor, including its general intangibles. Lenders may want to amend their security documents to provide for a security interest in virtual currencies and other digital assets to provide (a) an express grant of a security interest in “controllable electronic records”, “controllable accounts” and “controllable payment intangibles” and (b) for the lenders to obtain control over controllable electronic records, controllable accounts, and controllable payment intangibles. The amendment will mitigate the risk that the lender will lose its priority position if another party obtains control over the controllable electronic records, controllable accounts and controllable payment intangibles, and the lender has only perfected by filing a financing statement.

Investment Banks

Many securities are issued secured by rights to payment arising from the sale of amounts due under credit cards, accounts, instruments, student loans, and other lines of credit. Underwriters and investors in structured finance and securitization transactions involved in assignment of accounts and payment intangibles will want to review the Chapter 12 provisions regarding the payment obligations and conditions for discharge of obligors on digital assets (controllable accounts and controllable payment obligations). Underwriters and investors should also review the ability under Chapter 12 of a purchaser to acquire special protection as a good faith purchaser for value (a qualifying purchaser) of a controllable electronic record, controllable account and controllable payment intangible.

Parties in Equipment Finance/Lease Transactions

Parties involved in equipment finance/lease finance transactions, underwriters and investors (such as auto finance and auto securitization transactions) will want to review the other proposed changes to UCC Article 9, including the proposed changes to chattel paper. For example, the definition has been amended to provide that chattel paper is a monetary obligation that is either secured by specific goods (such as a car or furniture) or arises in connection with a lease of specific goods (such as a car or furniture). The rule regarding perfection of a security interest in chattel paper has also been revised. Under the old rule—if you had tangible chattel paper (evidenced by writing), the secured party was required to have possession of the writing, and there was confusion if there were multiple copies or what constituted a writing. If electronic chattel paper, the secured party was required to have control of the single authoritative copy, and there was confusion of what it meant to have a single authoritative copy. Under the new rule, the secured party:

  1. Can perfect its security interest by taking possession of all tangible authoritative copies and obtaining control of all electronic authoritative copies.
  2. The secured party can produce the copies in its possession and provide evidence that these are the authoritative copies.
    • Need not prove that no other tangible authoritative copies exist.
  3. For electronic chattel paper, the secured party must:
    • be able to identify each electronic copy of electronic chattel paper as authoritative or nonauthoritative,
    • identify the secured party as the assignee of each authoritative copy,
    • have the exclusive power to prevent others from adding or changing an identified assignee and to transfer control of the authoritative copies.

What’s Excluded

UCC Chapter 12 is limited in scope—it only applies to controllable electronic records (i.e., a virtual currency and other digital asset) and payment rights that are evidenced by a controllable electronic record. Chapter 12 does not address a number of federal, state, and local laws and regulatory issues that will undoubtedly interplay with these emerging technologies, including anticipated new regulations from regulators like the SEC, OCC, and the IRS. These laws and regulations are rapidly changing. We will be providing periodic updates.

Also Excluded:

  • Who has title to or rights in the digital assets
  • Federal and state securities, data privacy, cybersecurity, and other regulation
  • Banking laws
  • Taxation of digital assets
  • Anti-money laundering laws
  • Transferable records under UETA or E-SIGN

Schedule for Approval of Changes

Date Event
January 2022 Drafting committee submits draft proposed recommendations to ALI counsel
May 2022 ALI approval of draft proposed recommendations
July 2022 Uniform Law Commission approves proposed recommendations
Post-July 2022 Submission to states for adoption of proposed recommendations

Industry Comments

The drafting committee of Chapter 12 and the conforming changes to the other changes to the UCC are in the process of meeting with industry groups and other stakeholders to continue advising industry leaders and other stakeholders regarding these proposed changes. The drafting committee is continuing to work on finalizing the proposed recommendations prior to the May 2022 meeting. We would be happy to meet with you to discuss any comments or concerns that you may have with the proposed changes.

Cryptocurrency Transactions and Taxes: 5 Things to Know

The $1.2 trillion Infrastructure Investment and Jobs Act – also called the Bipartisan Infrastructure Law –garnered attention with its promise to tackle an array of projects, from rebuilding roads and bridges to broadening high-speed internet access.

Provisions in the law that relate to taxing cryptocurrency transactions, however, received less notice. Those measures seek to ensure that taxpayers properly report and pay tax on crypto-related income.

Here’s what you need to know:

1. The law redefines “broker” and views digital assets as “specified securities”

The Infrastructure Act makes two significant changes to Section 6045 of the Internal Revenue Code (IRC). That section requires brokers to report gross proceeds from transactions to the taxpayer and to the IRS. If the item subject to reporting is a “covered security,” the broker must report the customer’s adjusted basis in the security and say whether a gain or loss is long- or short-term. Covered securities are further defined to include “specified securities,” such as stocks, bonds, commodities and other financial instruments.

The Infrastructure Act:

  • Includes digital assets in a list of specified securities. The law defines “digital asset” as “any digital representation of value which is recorded on a cryptographically secured distributed ledger” or similar technology. The definition of digital asset is significant as that term is used in a number of other provisions in the Internal Revenue Code.
  • The provision covers a broad category of digital assets, including traditional cryptocurrencies like bitcoin as well as non-fungible tokens. The Treasury Secretary has authority to exempt types of transactions.
  • Modifies the definition of “broker” to include “any person who (for consideration) is responsible for regularly providing any service effectuating transfers of digital assets on behalf of another person.”
    • The use of “on behalf another person” is perplexing because the broker already includes a “middleman” concept. On its face, the updated provision would require miners, software developers, transaction validators and node operators to provide information because they provide services in connection with crypto transactions on behalf of users of the software.

2. The law expands reporting requirements to encompass “broker-to-non-broker” transactions

IRC Section 6045A deals with reporting transactions between brokers. It requires every “applicable person” who transfers a covered security (including the “specified securities” discussed above) to a broker to furnish information so the transferee can provide required gain or loss and basis reporting information. The Infrastructure Act expands reporting to cover “broker-to-non-broker” transactions.

3. People receiving more than $10K in digital assets now need to report

IRC Section 6050I requires anyone receiving more than $10,000 in cash in a “trade or business” to report it to the IRS via Form 8300, and to provide a written statement to the payer. It also covers “to the extent provided in regulations” any monetary instrument (whether or not in bearer form) with a face amount of not more than $10,000. Failure to report cash transactions can trigger steep penalties.

The Infrastructure Act amends the Code so that the reporting requirement also applies to people receiving digital assets.

4. It’s not always easy to identify someone who buys a digital asset

Broadening IRC Section 6050I to apply to people receiving digital assets is consistent with the changes described above to Section 6045: viewing digital assets as a specified security and requiring brokers to report information on certain digital transactions.

On the surface, the law’s reporting requirement would apply to people receiving digital assets for validating transactions or other services relating to crypto transactions.

One of the problems this introduces in the world of decentralized finance transactions is the difficulty of identifying the purchaser if the transaction is made through a smart contract rather than from an identifiable person.  Often times these transactions are entered into on an “open” and “trust-less” basis (meaning that there are no limits as to who can participate in the transaction) making it difficult or impossible to report on who the counterparty is (other than by identifying the blockchain wallet address involved in the transaction).

5. Information-gathering starts Jan. 1, 2023

The changes take effect for returns that must be filed and statements that must be furnished after Dec. 31, 2023. Gathering information for that, though, should start Jan. 1, 2023.

The Next Step: FinCEN Proposes to Require Reporting of Cryptocurrency Positions Held in Foreign Accounts

FinCEN recently took another important step toward bringing virtual currency into the financial assets reporting scheme.

Taxpayers that have $10,000 or more in a foreign bank account have long been required to file a foreign bank account report (or “FBAR”) on FinCEN Form 114. The penalties for failing to report foreign bank accounts are significant: $10,000 for a non-willful failure and the greater of $100,000 and up to 50 percent of the unreported account balance for willful failures. While the rules requiring the reporting are issued under the authority of the Bank Secrecy Act, the IRS administers the rules—and the IRS has been aggressive in assessing penalties for failures to report such holdings.

The application of the filing requirement to cryptocurrency has been the subject of some uncertainty. The uncertainty arises because the reporting requirement only applies to a “financial account.” A financial account includes, but is not limited to, a se­curities, brokerage, savings, demand, checking, deposit, time deposit or other account maintained with a financial institution (or other person performing the services of a financial institution). A financial account (per 31 CFR 1010.350(c)) also includes a commodity futures or options account, an insurance policy with a cash value (such as a whole life insurance policy), an annuity policy with a cash value and shares in a mutual fund or similar pooled fund (i.e., a fund that is available to the general public with a regular net asset value determination and regular redemptions). The regulations reserve “other investment fund,” presumably for a definition to come. However, in response to questions raised by the AICPA Virtual Currency Task Force in 2019, FinCEN stated that virtual currency was not subject to FBAR reporting. This was confirmed by FinCEN in 2020 as well.

Whether or not cryptocurrencies are subject to FBAR filing, such holdings may have to be included on the IRS’s Form 8938, Statement of Specified Foreign Financial Assets. Form 8938 is the counterpart to FinCEN 114.

Recent FinCEN Proposed Rule

On December 31, 2020, FinCEN issued Notice 2020-2 that announced a proposed rule that would amend the regulations implementing the Bank Secrecy Act regarding reports of foreign financial accounts (FBAR) to include virtual currency as a type of reportable account under 31 CFR 1010.350. The proposed rule does not specify an effective date.

The decision to treat cryptocurrency as subject to FBAR reporting significantly increases the potential penalties against those who fail to properly identify these accounts. Holders of virtual currency in foreign accounts should review this rule and prepare to report such holdings once the rule becomes effective.

Word on the Street Is That Virtual Currency Is the “New Gold,” and it’s Swiftly Moving Up the IRS Watchlist

The IRS has been increasingly active in its effort to ensure that virtual currency does not become a tool for tax evasion. This is not surprising, given that—as we started the last month of 2020—the value of Bitcoin, by far the most well-known cryptocurrency in the world, reached its highest level since 2017. Between June 2019 and July 2020, about 3.1 million active accounts were estimated to use bitcoin in the U.S.

Guidance

The IRS first started publishing guidance and notices on the federal income tax treatment of virtual currency in 2014. The first one among many was Notice 2014-21, which concluded that convertible virtual currency (virtual currencies that can be used to make purchases in the real economy and can be converted into government-issued currencies) should be treated as property for tax purposes. The next Notice, Rev. Rul. 2019-24, addressed the tax treatment of more specific types of virtual currency transactions, “hard fork” and “airdrop.” The IRS has also posted answers to frequently asked questions about virtual-currency transactions on its website. Starting with taxable year 2019, the IRS revised Schedule 1 to Form 1040 to require taxpayers to identify whether they engaged in any transaction involving virtual currency. The IRS plans on going even further as shown in a released draft of the revised Form 1040 for 2020, where it proposed placing the question about cryptocurrencies in a very prominent location—immediately below the taxpayer’s name and address.

More guidance might be forthcoming. One issue is whether the rules for broker reporting should apply to cryptocurrency transactions in the same way that they apply to trades in stocks and securities. The IRS believes that increased reporting leads to greater compliance. Earlier this year, the Chamber of Digital Commerce (the “Chamber”) submitted a comment letter to the IRS and the Department of Treasury to provide its views on potential forthcoming guidance on the reporting issue. The letter pointed out there is still some lack of clarity on the tax information reporting requirement for digital asset transactions, and that further instruction is needed for taxpayers to accurately interpret existing tax rules in the digital currency context. Some of the key areas on which the Chamber had requested clarification are: how “broker” is defined in the virtual currency context—which is critical for analyzing basis reporting requirements and certain information return filing obligations—and what factors are relevant for determining the location transactions take place, which can be a critical factor for cross-border transactions.

Enforcement Efforts

At the same time that it has been providing such guidance, the IRS has begun efforts to investigate possible tax evasion using virtual currency. The agency started its enforcement efforts in as early as 2016 when it served a “John Doe” Summons on one of the largest cryptocurrency exchanges in the country. The IRS demanded that the exchange produce a wide range of taxpayer identifying information and historical transaction records, and when the exchange refused to comply, the U.S. District Court for the Northern District of California ordered the exchange to turn over taxpayer information for those who conducted transactions worth more than $20,000 on its platform for the 2013 – 2015 period.

As part of its virtual currency compliance campaign announced in 2018 to address tax noncompliance related to virtual currency, in 2019 and again in 2020, the IRS sent thousands of warning letters to cryptocurrency holders whose tax returns did not match their virtual currency transaction records. While the IRS has not made it clear where it obtained the information about taxpayers’ transactions, one possible source of data could be Form 1099 reports from virtual currency exchanges. The IRS sent three different types of letters, varying in severity. The first type, Letter 6173, raised the possibility of an examination or enforcement activity if the taxpayer didn’t respond by a specific date and noncompliance persists. The other two, Letters 6174 and 6174-A, reminded taxpayers of their obligation to report.

According to the Internal Revenue Manual (IRM 5.1.18.20.3 (7-17-19)), the IRS uses normal investigative techniques to identify virtual currency including interviews, bank or credit card analysis, summonses of exchanges and financial institutions, review of Forms 1099-K, review of FinCEN Query reports, tracking and internet searches. While this set of instructions may appear relatively old-fashioned, the IRS’ latest moves demonstrate that it is upgrading its crypto-investigation toolbox. According to published reports, in September 2020, the IRS spent approximately $250,000 on a contract with Blockchain Analytics and Tax Services LLC, which will give the IRS access to blockchain analysis tools to track cryptocurrency transactions. Earlier in the summer, the IRS also signed a deal to purchase access to certain blockchain-tracing software for a year.

Despite the industrywide complaint that the IRS’s expectations with regards to holders of virtual currency are vague and unclear, this year, the IRS and the Department of Justice have started taking more proactive actions to prosecute taxpayers who allegedly committed a greater scale of tax evasion related to the use and trade of virtual currency. In October 2020, the Department of Justice charged software pioneer John McAfee with alleged evasion of tax by using cryptocurrency. In addition, on December 9, 2020, the SEC charged Amir Bruno Elmaani, founder of cryptocurrency called Oyster Pearl, with tax evasion. Elmaani allegedly evaded tax on millions of dollars of profits from cryptocurrency transactions and using shell companies and pseudonyms to conceal his income.

Increasing Regulation and Enforcement

All indications are that regulation and enforcement of the law with respect to virtual currency is increasing. On the regulatory side, earlier this month, a new U.S. congressional bill called the “Stablecoin Tethering and Bank Licensing Enforcement Act” was introduced that aims to regulate digital currencies by requiring certain digital currency issuers to obtain a banking charter and obtain approval from the Federal Reserve. Different government agencies are working in parallel to clarify tax payment and reporting obligations with respect to cryptocurrency, and the latest movements indicate that the enforcement actions are continuing.

We expect to see more enforcement actions in the upcoming administration. In November, the president-elect Joe Biden appointed Gary Gensler, a former Commodity Futures Trading Commission Chair under the Obama administration, to its presidential transition team. Gensler has testified before Congress about virtual currency and blockchain on several occasions, and while little information is known about Biden’s stance on cryptocurrency, Gensler called blockchain technology a “change catalyst” in a 2019 CoinDesk opinion and is generally considered to be “Bitcoin-friendly.” While it is generally unclear what Gensler’s long-term official position under the Biden administration will be, he is also on top of a list of potential picks for the SEC chair. Another clue that may provide some insight with regards to Gensler’s attitude towards cryptocurrency is his 2019 statement that Facebook’s proposed digital token, Libra, should be treated as a “security,” which establishes the basis for increasing regulatory oversight. (Cryptocurrency’s uncertain status as a security for tax purposes raises other tax issues.) The general industry consensus is that, while there is a growing acceptance of the legitimacy of cryptocurrency, it is likely that more regulatory and enforcement actions will continue by the SEC against issuers and intermediaries, and by the IRS against taxpayers. More regulation is not necessarily negative—it can create clearer guidelines and landscape for exchanges and virtual currency holders and enable them to better understand the regulatory and tax authorities’ expectations. That being said, it will be important for exchanges and taxpayers to closely follow the latest government guidelines with respect to virtual currency and ensure they comply with reporting and tax payment obligations.