Keyword: Other Regulatory Issues (tax, anti-money laundering, OFAC, and antitrust)

2022 Is the Year of Sweeping Changes for Cryptocurrency and Other Digital Asset Transfers

What to look out for in the proposed new Chapter 12 of the Uniform Commercial Code (UCC)

The world of cryptocurrencies and other forms of digital assets (such as non-fungible tokens) is exploding. While Bitcoin is the largest and best-known cryptocurrency in the global economy, it is far from the only one. The combined total value of Bitcoin, Litecoin, Monero, Ethereum, and all the other significant cryptocurrencies exceeds $2.4 trillion. In 2021, El Salvador enacted legislation to recognize Bitcoin as a medium of exchange. Other countries are also considering adopting similar legislation. Some countries even contemplate adopting their own blockchain-based currency as a form of legal tender.

Questions have emerged among regulators and market participants whether Bitcoin and other cryptocurrencies constitute “money” and how to perfect a security interest in such virtual currency (to ensure that it can’t be claimed by another party). Other questions relate to how interests in cryptocurrencies, NFTs, and other digital assets can be transferred or monetized and how purchasers of digital assets can be protected from adverse claims.

2022 will bring major changes to commercial law in a sweeping mission to answer some of these questions and to facilitate transactions in these emerging technologies. The proposed new Chapter 12 of the UCC will govern essentially any transfer (whether intended as a sale or a financing) of virtual currencies, NFTs, and other digital assets. These provisions will affect cryptocurrency startups and companies as they purchase and sell cryptocurrency, as well as financial institutions and fintech companies interested in financing cryptoassets and investment banks underwriting issuances of securities underpinned by crypto assets.

2021 and Earlier

By current definition, Bitcoin is not money because it is not a medium of exchange created, authorized, or adopted by a domestic or foreign government, or by an intergovernmental organization or by an agreement between two or more countries. Moreover, since Bitcoin, NFTs, and other digital assets are intangible and therefore not capable of possession, under the UCC as it is currently in effect, a security interest in them can currently only be perfected (as a general intangible) by the filing of a financing statement describing the digital asset. Under the UCC as it is currently in effect, it is uncertain that control of the digital wallet for a digital asset is insufficient to perfect a security interest.

Nevertheless, some practitioners have proposed a practical “workaround” to perfect a security interest in Bitcoin by “control” if the Bitcoin is held in a “securities account,” and the secured party has control over the financial assets (including the Bitcoin) held in the securities account. In this manner, a secured party will have control if the secured party, the debtor, and a securities intermediary (holding the account in which the Bitcoin is held) enter into an agreement in which the securities intermediary agrees to comply with the instructions originated by the secured party directing disposition of the funds and other property in the account without consent by the debtor. The securities intermediary must be a person, including a financial institution, custodian, or broker that in the ordinary course of its business maintains securities accounts for others and is acting in that capacity. The workaround provides the secured party with the amount of control that, as a practical matter, it would need to foreclose upon, and exercise its remedies with regard to the digital asset, but that control itself would not necessarily perfect the secured party’s security interest in the digital asset under the current UCC.

What is New

The proposed new Chapter 12 to the UCC will:

  1. address the transfer of digital assets/virtual currencies and also provide conforming changes to Article 9 of the UCC to address secured transactions in these assets
    • Chapter 12 is designed to govern the transfer (both outright and for security) of interests in some, but not all, electronic records (adopting a new term “controllable electronic records”) (e.g., Bitcoin/NFTs)
  2. facilitate secured lending against digital assets (e.g., virtual currency, NFTs, and electronic fiat money (i.e., central bank digital currency))
  3. provide protections for certain qualifying purchasers to take interests in virtual currency and digital assets free of conflicting property claims
  4. provide rules regarding the assignment of controllable accounts and controllable payment intangibles
  5. provide other changes including updates to the definition of chattel paper and revisions to the requirements for the transfer and perfection of security interest in chattel paper, and revisions to some rules regarding negotiable instruments and payment systems

How Will These Changes Affect Different Players in the Industry

Blockchain and Cryptocurrency Startups

Chapter 12 will impact blockchain and cryptocurrency startups and companies involved in purchasing, selling, and financing virtual currencies, NFTs, and other digital assets. Chapter 12 will govern the transfer of property rights in intangible digital assets (defined as “controllable electronic records”) that can be subjected to control. Control is the functional equivalent of “possession” of the digital asset. Companies are currently using digital assets in exchange for payment, rights to receive services, for goods or interests in personal or real property. Chapter 12 will reduce the risks among claimants to, and specify the rights in, the digital assets that the purchaser acquires and to facilitate these transactions.

Financial Institutions

Financial institutions, banks, and other lenders who finance virtual currencies and other digital assets will find it easier to arrange secured lending transactions under Chapter 12 (and conforming changes under UCC Chapter 9). A lender will have a perfected security interest if the lender has “control” over the digital asset (or the system on which the digital asset is recorded). In addition, financial institutions, lenders, and other secured parties should consider amending existing security documents. Many existing revolving credit facilities are secured by blanket or broad liens on substantially all assets of the debtor, including its general intangibles. Lenders may want to amend their security documents to provide for a security interest in virtual currencies and other digital assets to provide (a) an express grant of a security interest in “controllable electronic records”, “controllable accounts” and “controllable payment intangibles” and (b) for the lenders to obtain control over controllable electronic records, controllable accounts, and controllable payment intangibles. The amendment will mitigate the risk that the lender will lose its priority position if another party obtains control over the controllable electronic records, controllable accounts and controllable payment intangibles, and the lender has only perfected by filing a financing statement.

Investment Banks

Many securities are issued secured by rights to payment arising from the sale of amounts due under credit cards, accounts, instruments, student loans, and other lines of credit. Underwriters and investors in structured finance and securitization transactions involved in assignment of accounts and payment intangibles will want to review the Chapter 12 provisions regarding the payment obligations and conditions for discharge of obligors on digital assets (controllable accounts and controllable payment obligations). Underwriters and investors should also review the ability under Chapter 12 of a purchaser to acquire special protection as a good faith purchaser for value (a qualifying purchaser) of a controllable electronic record, controllable account and controllable payment intangible.

Parties in Equipment Finance/Lease Transactions

Parties involved in equipment finance/lease finance transactions, underwriters and investors (such as auto finance and auto securitization transactions) will want to review the other proposed changes to UCC Article 9, including the proposed changes to chattel paper. For example, the definition has been amended to provide that chattel paper is a monetary obligation that is either secured by specific goods (such as a car or furniture) or arises in connection with a lease of specific goods (such as a car or furniture). The rule regarding perfection of a security interest in chattel paper has also been revised. Under the old rule—if you had tangible chattel paper (evidenced by writing), the secured party was required to have possession of the writing, and there was confusion if there were multiple copies or what constituted a writing. If electronic chattel paper, the secured party was required to have control of the single authoritative copy, and there was confusion of what it meant to have a single authoritative copy. Under the new rule, the secured party:

  1. Can perfect its security interest by taking possession of all tangible authoritative copies and obtaining control of all electronic authoritative copies.
  2. The secured party can produce the copies in its possession and provide evidence that these are the authoritative copies.
    • Need not prove that no other tangible authoritative copies exist.
  3. For electronic chattel paper, the secured party must:
    • be able to identify each electronic copy of electronic chattel paper as authoritative or nonauthoritative,
    • identify the secured party as the assignee of each authoritative copy,
    • have the exclusive power to prevent others from adding or changing an identified assignee and to transfer control of the authoritative copies.

What’s Excluded

UCC Chapter 12 is limited in scope—it only applies to controllable electronic records (i.e., a virtual currency and other digital asset) and payment rights that are evidenced by a controllable electronic record. Chapter 12 does not address a number of federal, state, and local laws and regulatory issues that will undoubtedly interplay with these emerging technologies, including anticipated new regulations from regulators like the SEC, OCC, and the IRS. These laws and regulations are rapidly changing. We will be providing periodic updates.

Also Excluded:

  • Who has title to or rights in the digital assets
  • Federal and state securities, data privacy, cybersecurity, and other regulation
  • Banking laws
  • Taxation of digital assets
  • Anti-money laundering laws
  • Transferable records under UETA or E-SIGN

Schedule for Approval of Changes

Date Event
January 2022 Drafting committee submits draft proposed recommendations to ALI counsel
May 2022 ALI approval of draft proposed recommendations
July 2022 Uniform Law Commission approves proposed recommendations
Post-July 2022 Submission to states for adoption of proposed recommendations

Industry Comments

The drafting committee of Chapter 12 and the conforming changes to the other changes to the UCC are in the process of meeting with industry groups and other stakeholders to continue advising industry leaders and other stakeholders regarding these proposed changes. The drafting committee is continuing to work on finalizing the proposed recommendations prior to the May 2022 meeting. We would be happy to meet with you to discuss any comments or concerns that you may have with the proposed changes.

Infrastructure Law Adds Important Crypto Provisions

The Infrastructure Investment and Jobs Act, enacted on November 15, 2021, also known as the Bipartisan Infrastructure Law (the “BIL”), adds many important provisions regarding the development of the United States’ infrastructure network. These provisions are sorely overdue and are welcomed by many.

But lesser attention has been given to several provisions related to the taxation of cryptocurrency transactions. Unlike prior IRS guidance, the provisions all deal with the reporting of crypto transactions. The proper reporting of crypto transactions is important to the U.S. Treasury, as it serves to ensure that taxpayers properly report and pay tax on crypto-related income.

Three crypto-related tax provisions were added to the Internal Revenue Code (the “Code”). While each of the provisions has a delayed effective date, the information gathering required by some of the provisions will take place beginning January 1, 2023, less than 12 months from now.

1. Amendment to Broker Reporting. Code Section 6045 deals with reporting requirements imposed on brokers to the IRS. Brokers are required to report the gross proceeds from transactions in which they are involved to both the taxpayer and the IRS. The reporting is made on Form 1099-B, “Proceeds From Broker and Barter Exchange Transactions.” The definition of broker is very broad under Code Section 6045, and includes a dealer, a barter exchange and any person acting as a middleman. If the item subject to reporting is a “covered security,” the broker must report the customer’s adjusted basis in such security and whether any gain or loss with respect to such security is long-term or short-term. Covered securities are further defined to include “specified securities.” These include stocks, bonds, commodities and any financial instruments with respect to which the Secretary of the Treasury determines that adjusted basis reporting is appropriate.

The purpose of reporting under this provision is to allow the IRS to cross-check the information filed by the broker with the information filed by the taxpayer. The failure to report or the failure to provide the statements to the named taxpayer may subject the broker to penalties of up to $3 million a year, or more, if the failure is due to the intentional disregard of filing requirements. Willful failure to file is a misdemeanor.

The BIL makes two significant changes to Code Section 6045. First, the BIL modifies the definition of broker to include “any person who (for consideration) is responsible for regularly providing any service effectuating transfers of digital assets on behalf of another person.” The use of the phrase “on behalf another person” is perplexing because the broker already includes a “middleman” concept. On its face, the updated provision would require miners, software developers, transaction validators and node operators to provide the required information as such parties provide services in connection with crypto transactions.

The BIL also amends Code Section 6045 by including “digital assets” in the list of specified securities. Under the BIL, the term “digital asset” means “any digital representation of value which is recorded on a cryptographically secured distributed ledger or any similar technology as specified by the Secretary.” As enacted, the provision would include a fairly broad category of digital assets, including traditional cryptocurrencies, such as bitcoin, as well as non-fungible tokens. The Secretary of the Treasury has broad authority to exempt types of transactions.

The definition of digital asset is significant as that term is used in a number of other provisions in the Code.

The amendments to this provision have a delayed effective date. The amendments are effective for returns required to be filed, and statements required to be furnished, after December 31, 2023. However, the information gathering will need to commence beginning January 1, 2023.

2. Amendment to Broker-to-Broker Reporting. Code Section 6045, discussed above, deals with broker transactions with customers. Code Section 6045A, in turn, deals with the reporting of transactions between brokers. It is designed to allow the transferee broker to report the information that the originating broker would otherwise be required to report. It requires every applicable person who transfers to a broker a security which is a covered security to furnish information so that the transferee can provide the gain or loss and basis reporting information that is required under Code Section 6045. The BIL includes an amendment to Code Section 6045A providing that returns shall be furnished with respect to any transfer (which is not a part of a sale or exchange executed by such broker) which is a digital asset from an account maintained by such broker to an account not maintained by, or an address not associated with, a person that such broker knows or has reason to know is also a broker. Thus, the provision expands the reporting to “broker-to-non-broker” transactions.

The amendment is effective for returns required to be filed, and statements required to be furnished, after December 31, 2023. But, once again, the information gathering systems must be in place for transactions taking place beginning January 1, 2023.

3. Reporting of Cash Transactions. Code Section 6050I requires any person receiving cash to report the receipt of the cash to the IRS. It applies when a person in the course of a “trade or business” receives cash of $10,000 of more. Cash includes foreign currency. It also includes, “to the extent provided in regulations,” any monetary instrument (whether or not in bearer form) with a face amount of not more than $10,000. The provision would apply, when say, a person goes into a car dealer and buys a car for cash. The person receiving the cash is required to file a Form 8300, Report of Cash Payments Over $10,000 in a Trade or Business, within 15 days of receipt of the cash. The return requires the reporting of the name of the person from whom the cash is received, the taxpayer identification number, the person’s address and occupation. Form 8300 may be filed with the IRS or electronically through FINCEN. The person making the return must also provide a copy of the return to the person whose name is on the return.

The requirement to report cash transactions is buttressed with fairly steep penalties. Penalties apply for the failure to file Form 8300 with the IRS and the failure to provide a copy to the named taxpayer. Failure to comply can result in penalties of up to $3 million a year, or the greater of $25,000 or the amount received if the failure is due to the intentional disregard of filing requirements. Willful failure is a felony.

The BIL amends Code Section 6050I to apply to persons receiving digital assets, cross-referencing the definition contained in Code Section 6045. On its face, this would include digital assets received for validating transactions or other services relating to crypto transactions. One of the problems that this introduces in the world of decentralized finance transactions is the difficulty of identifying the purchaser if the transaction is made through a smart contract rather than from an identifiable person.

Here, again, the amendment is effective for returns required to be filed, and statements required to be furnished, after December 31, 2023.

* * * *

Several legislators, including Senator Wyden, Chair of the Finance Committee, have introduced bills seeking to narrow the provisions, most notably the definition of “broker,” but these bills did not gain traction. As matters now stand, the impact of these provisions is uncertain, as much will depend on whether Treasury issues regulations seeking to narrow the scope of the provisions.

The Next Step: FinCEN Proposes to Require Reporting of Cryptocurrency Positions Held in Foreign Accounts

FinCEN recently took another important step toward bringing virtual currency into the financial assets reporting scheme.

Taxpayers that have $10,000 or more in a foreign bank account have long been required to file a foreign bank account report (or “FBAR”) on FinCEN Form 114. The penalties for failing to report foreign bank accounts are significant: $10,000 for a non-willful failure and the greater of $100,000 and up to 50 percent of the unreported account balance for willful failures. While the rules requiring the reporting are issued under the authority of the Bank Secrecy Act, the IRS administers the rules—and the IRS has been aggressive in assessing penalties for failures to report such holdings.

The application of the filing requirement to cryptocurrency has been the subject of some uncertainty. The uncertainty arises because the reporting requirement only applies to a “financial account.” A financial account includes, but is not limited to, a se­curities, brokerage, savings, demand, checking, deposit, time deposit or other account maintained with a financial institution (or other person performing the services of a financial institution). A financial account (per 31 CFR 1010.350(c)) also includes a commodity futures or options account, an insurance policy with a cash value (such as a whole life insurance policy), an annuity policy with a cash value and shares in a mutual fund or similar pooled fund (i.e., a fund that is available to the general public with a regular net asset value determination and regular redemptions). The regulations reserve “other investment fund,” presumably for a definition to come. However, in response to questions raised by the AICPA Virtual Currency Task Force in 2019, FinCEN stated that virtual currency was not subject to FBAR reporting. This was confirmed by FinCEN in 2020 as well.

Whether or not cryptocurrencies are subject to FBAR filing, such holdings may have to be included on the IRS’s Form 8938, Statement of Specified Foreign Financial Assets. Form 8938 is the counterpart to FinCEN 114.

Recent FinCEN Proposed Rule

On December 31, 2020, FinCEN issued Notice 2020-2 that announced a proposed rule that would amend the regulations implementing the Bank Secrecy Act regarding reports of foreign financial accounts (FBAR) to include virtual currency as a type of reportable account under 31 CFR 1010.350. The proposed rule does not specify an effective date.

The decision to treat cryptocurrency as subject to FBAR reporting significantly increases the potential penalties against those who fail to properly identify these accounts. Holders of virtual currency in foreign accounts should review this rule and prepare to report such holdings once the rule becomes effective.

Word on the Street Is That Virtual Currency Is the “New Gold,” and it’s Swiftly Moving Up the IRS Watchlist

The IRS has been increasingly active in its effort to ensure that virtual currency does not become a tool for tax evasion. This is not surprising, given that—as we started the last month of 2020—the value of Bitcoin, by far the most well-known cryptocurrency in the world, reached its highest level since 2017. Between June 2019 and July 2020, about 3.1 million active accounts were estimated to use bitcoin in the U.S.

Guidance

The IRS first started publishing guidance and notices on the federal income tax treatment of virtual currency in 2014. The first one among many was Notice 2014-21, which concluded that convertible virtual currency (virtual currencies that can be used to make purchases in the real economy and can be converted into government-issued currencies) should be treated as property for tax purposes. The next Notice, Rev. Rul. 2019-24, addressed the tax treatment of more specific types of virtual currency transactions, “hard fork” and “airdrop.” The IRS has also posted answers to frequently asked questions about virtual-currency transactions on its website. Starting with taxable year 2019, the IRS revised Schedule 1 to Form 1040 to require taxpayers to identify whether they engaged in any transaction involving virtual currency. The IRS plans on going even further as shown in a released draft of the revised Form 1040 for 2020, where it proposed placing the question about cryptocurrencies in a very prominent location—immediately below the taxpayer’s name and address.

More guidance might be forthcoming. One issue is whether the rules for broker reporting should apply to cryptocurrency transactions in the same way that they apply to trades in stocks and securities. The IRS believes that increased reporting leads to greater compliance. Earlier this year, the Chamber of Digital Commerce (the “Chamber”) submitted a comment letter to the IRS and the Department of Treasury to provide its views on potential forthcoming guidance on the reporting issue. The letter pointed out there is still some lack of clarity on the tax information reporting requirement for digital asset transactions, and that further instruction is needed for taxpayers to accurately interpret existing tax rules in the digital currency context. Some of the key areas on which the Chamber had requested clarification are: how “broker” is defined in the virtual currency context—which is critical for analyzing basis reporting requirements and certain information return filing obligations—and what factors are relevant for determining the location transactions take place, which can be a critical factor for cross-border transactions.

Enforcement Efforts

At the same time that it has been providing such guidance, the IRS has begun efforts to investigate possible tax evasion using virtual currency. The agency started its enforcement efforts in as early as 2016 when it served a “John Doe” Summons on one of the largest cryptocurrency exchanges in the country. The IRS demanded that the exchange produce a wide range of taxpayer identifying information and historical transaction records, and when the exchange refused to comply, the U.S. District Court for the Northern District of California ordered the exchange to turn over taxpayer information for those who conducted transactions worth more than $20,000 on its platform for the 2013 – 2015 period.

As part of its virtual currency compliance campaign announced in 2018 to address tax noncompliance related to virtual currency, in 2019 and again in 2020, the IRS sent thousands of warning letters to cryptocurrency holders whose tax returns did not match their virtual currency transaction records. While the IRS has not made it clear where it obtained the information about taxpayers’ transactions, one possible source of data could be Form 1099 reports from virtual currency exchanges. The IRS sent three different types of letters, varying in severity. The first type, Letter 6173, raised the possibility of an examination or enforcement activity if the taxpayer didn’t respond by a specific date and noncompliance persists. The other two, Letters 6174 and 6174-A, reminded taxpayers of their obligation to report.

According to the Internal Revenue Manual (IRM 5.1.18.20.3 (7-17-19)), the IRS uses normal investigative techniques to identify virtual currency including interviews, bank or credit card analysis, summonses of exchanges and financial institutions, review of Forms 1099-K, review of FinCEN Query reports, tracking and internet searches. While this set of instructions may appear relatively old-fashioned, the IRS’ latest moves demonstrate that it is upgrading its crypto-investigation toolbox. According to published reports, in September 2020, the IRS spent approximately $250,000 on a contract with Blockchain Analytics and Tax Services LLC, which will give the IRS access to blockchain analysis tools to track cryptocurrency transactions. Earlier in the summer, the IRS also signed a deal to purchase access to certain blockchain-tracing software for a year.

Despite the industrywide complaint that the IRS’s expectations with regards to holders of virtual currency are vague and unclear, this year, the IRS and the Department of Justice have started taking more proactive actions to prosecute taxpayers who allegedly committed a greater scale of tax evasion related to the use and trade of virtual currency. In October 2020, the Department of Justice charged software pioneer John McAfee with alleged evasion of tax by using cryptocurrency. In addition, on December 9, 2020, the SEC charged Amir Bruno Elmaani, founder of cryptocurrency called Oyster Pearl, with tax evasion. Elmaani allegedly evaded tax on millions of dollars of profits from cryptocurrency transactions and using shell companies and pseudonyms to conceal his income.

Increasing Regulation and Enforcement

All indications are that regulation and enforcement of the law with respect to virtual currency is increasing. On the regulatory side, earlier this month, a new U.S. congressional bill called the “Stablecoin Tethering and Bank Licensing Enforcement Act” was introduced that aims to regulate digital currencies by requiring certain digital currency issuers to obtain a banking charter and obtain approval from the Federal Reserve. Different government agencies are working in parallel to clarify tax payment and reporting obligations with respect to cryptocurrency, and the latest movements indicate that the enforcement actions are continuing.

We expect to see more enforcement actions in the upcoming administration. In November, the president-elect Joe Biden appointed Gary Gensler, a former Commodity Futures Trading Commission Chair under the Obama administration, to its presidential transition team. Gensler has testified before Congress about virtual currency and blockchain on several occasions, and while little information is known about Biden’s stance on cryptocurrency, Gensler called blockchain technology a “change catalyst” in a 2019 CoinDesk opinion and is generally considered to be “Bitcoin-friendly.” While it is generally unclear what Gensler’s long-term official position under the Biden administration will be, he is also on top of a list of potential picks for the SEC chair. Another clue that may provide some insight with regards to Gensler’s attitude towards cryptocurrency is his 2019 statement that Facebook’s proposed digital token, Libra, should be treated as a “security,” which establishes the basis for increasing regulatory oversight. (Cryptocurrency’s uncertain status as a security for tax purposes raises other tax issues.) The general industry consensus is that, while there is a growing acceptance of the legitimacy of cryptocurrency, it is likely that more regulatory and enforcement actions will continue by the SEC against issuers and intermediaries, and by the IRS against taxpayers. More regulation is not necessarily negative—it can create clearer guidelines and landscape for exchanges and virtual currency holders and enable them to better understand the regulatory and tax authorities’ expectations. That being said, it will be important for exchanges and taxpayers to closely follow the latest government guidelines with respect to virtual currency and ensure they comply with reporting and tax payment obligations.

A “Key” OCC Interpretation – National Banks Can Provide Cryptocurrency Custody Services

Banking regulators took a significant step toward the mainstreaming of cryptocurrency recently when the Office of the Comptroller of the Currency (OCC) provided guidance about how a bank can provide custody services for cryptocurrency. In Interpretive Letter #1170, published on July 22, the OCC concludes that “a national bank may provide these cryptocurrency custody services on behalf of customers, including by holding the unique cryptographic keys associated with cryptocurrency.”

The OCC’s Letter arrives at an opportune time, when, according to CipherTrace’s recently published findings, the majority of cryptocurrency transactions are cross-border and, on average, each of the top ten U.S. retail banks unknowingly processes an average of $2 billion in crypto-related transactions per year. Providing custody services might help bring more of these transactions in to the open.

The OCC Interpretive Letter

The Interpretive Letter—which was issued just a few short months after the former Coinbase chief legal officer Brian Brooks became the Acting Comptroller of the Currency—is a breakthrough in terms of bringing cryptocurrency within a regulated environment. The OCC outlined three sources of market demand for banks to provide cryptocurrency custody services: (1) cryptocurrency owners who hold private keys want to store them securely because private keys are irreplaceable if lost—misplacement can mean the loss of a significant amount of value; (2) banks may offer more secure storage services than existing options; and (3) investment advisors may wish to manage cryptocurrencies on behalf of customers and use national banks as custodians.

The OCC recognized that, as the financial markets become increasingly technological, there will likely be increasing need for banks and other service providers to leverage new technology and innovative ways to provide traditional services on behalf of customers. The OCC pointed out that cryptocurrency custody services fit neatly into the long-authorized safekeeping and custody services national banks provide for both physical and digital assets.

With respect to cryptocurrency, the Letter states that national banks may provide fiduciary and non-fiduciary custody services. Non-fiduciary custodial services typically entail providing safekeeping services for electronic keys, which, as discussed above, fit neatly into the types of activities national banks have historically performed. Specifically, the OCC explains that a bank that provides custody for cryptocurrency in a non-fiduciary capacity typically would not involve physical possession of the cryptocurrency but rather “essentially provide safekeeping for the cryptographic key that allows for control and transfer of the customer’s cryptocurrency.” Fiduciary cryptocurrency custody services (such as those where the service provider acts as trustee, administrator, transfer agent, or receiver, or receives a fee for providing investment advice) are permissible if conducted in compliance with the National Bank Act and other applicable laws and regulations (such as 12 CFR Part 9 and 12 U.S.C. Ch. 2). Banks are authorized to manage cryptocurrency assets in a fiduciary capacity just as they manage other types of assets in a fiduciary capacity.

Banks that provide cryptocurrency custody services have to comply with existing policies, laws, and regulations, and conduct its custody services in a safe and sound manner, including having adequate systems in place to identify, measure, monitor, and control the risks of its custody services. In particular, banks should ensure they assess the anti-money laundering (AML) risk of any cryptocurrency custodial services and update their AML programs to address that risk. It would be advisable for AML compliance personnel to be well-integrated in the development of cryptocurrency custodial services. Banks must also implement effective risk management programs and legal and regulatory reporting practices for these services. Cryptocurrency custody services may raise unique issues identified by the OCC, including the treatment of blockchain forks, and consideration of whether technical differences between cryptocurrencies (for example, those backed by commodities, those backed by fiat, or those designed to execute smart contracts) may require different risk management practices.

The OCC Letter points out that different cryptocurrencies may be subject to different regulations and guidance. For example, some cryptocurrencies are deemed securities and therefore are subject to federal securities laws and regulations. In addition, because crypto assets are thought of as offering a greater level of anonymity or as falling beyond the ken of centralized banking systems, they have been associated with illicit activity including money laundering. Consequently, banks must ensure that their AML programs are appropriately tailored to effectively assess customer risk and monitor crypto-related transactions. Just yesterday, the Financial Crimes Enforcement Network published an advisory warning that “[f]inancial institutions dealing in [cryptocurrency] should be especially alert to the potential use of their institutions to launder proceeds affiliated with cybercrime, illicit darknet marketplace activity, and other [cryptocurrency]-related schemes and take appropriate risk mitigating steps consistent with their BSA obligations.”

While there has been limited enforcement of federal law against banks for crypto-currency related activity, earlier this year, the OCC brought its first crypto-related enforcement action, against M.Y. Safra Bank for deficient AML processes for digital asset customers. The OCC concluded that the Bank’s deficiencies included its failure to: (1) appropriately assess and monitor customer activity flowing to or from high-risk jurisdictions; (2) conduct ongoing testing of its due diligence processes; (3) implement sufficient controls for its digital assets customers, including cryptocurrency money service businesses (MSBs); (4) address the risk created by the significant increase in wire and clearing transactions created by the cryptocurrency MSB customers; and (5) notify the OCC of its significant deviation from its previous business plan. In the Matter of M.Y. Safra Bank, SFB, AA-NE-2020-5, Consent Order (Jan. 30, 2020).

The OCC’s Letter should give comfort to many banks that have been bystanders to the growth of the cryptocurrency market. Now banks can offer more cryptocurrency-based financial services with more certainty, although many questions will likely be answered through greater participation. More marketplace involvement by traditional banks will in turn have a beneficial effect. Smaller businesses wishing to engage in cryptocurrency-based transactions now may do so by interacting with large, stable, and well-regulated banking institutions.

OCC’s Consideration of an MSB Regime

OCC’s Interpretive Letter may be part of a broader movement by the OCC to promote greater integration of cryptocurrencies into mainstream financial services. Acting Comptroller of the Currency Brooks announced on a podcast on June 25 that the OCC intends to unveil a new bank charter including a national payments charter that will pave the way for nationwide participation by cryptocurrency payments companies. As contemplated, that charter would be equivalent to FinCEN’s MSB registration process and stand in (under the doctrine of preemption) for individual state-level MSB licensing requirements. It also should answer questions like how the Community Reinvestment Act might apply to banks that do not take deposits and how the OCC will impose capital standards on companies that do not bear credit risk.

New York Looks Like it Might Loosen Up on Its Virtual Currency Regulation

On June 25, the New York State Department of Financial Services (NYDFS) published a “Conditional BitLicense” proposal for reforming its licensing framework that would make it easier for virtual currency businesses to obtain permission to operate in New York. The proposal was developed as part of a broader effort to respond to industry changes and concerns that NYDFS identified in its five-year review of its cryptocurrency licensing regime (which originally took effect in June 2015) under which more than two dozen cryptocurrency companies have been approved to do business in New York. Under the proposed regulations, a virtual currency firm will be authorized to operate in New York even if it does not have a full BitLicense from the state if it obtains a “conditional BitLicense” and partners with a firm that does have a full license. (To note, the conditional BitLicense has always existed, but this is the first time that the NYDFS has announced clear rules to help companies access the license.)

The NYDFS’s proposal is likely a welcome development. New York’s process for obtaining a full BitLicense is considered one of the toughest in the country and has long been unpopular with blockchain startups. Among the complaints: steep paperwork requirements and lengthy approval times. Under the proposed conditional licensing regulation, a cryptocurrency firm that wishes to operate in New York can bypass the difficulties of applying for a full license and instead apply for a conditional BitLicense, which would grant it operational privileges so long as it partners with another cryptocurrency firm that is fully licensed. Currently, the NYDFS envisions that under such a partnership, the licensed firm can assist in providing various services and support, including “those relating to structure, capital, systems, personnel, or any other support needed.”

The proposed application process is simple: In order to apply for such a license, the unlicensed cryptocurrency firm would need to inform the NYDFS of its intention to apply and provide a copy of the service agreement between the unlicensed cryptocurrency firm and the licensed cryptocurrency firm, as well as additional documentation. It is clear, however, that the NYDFS views this licensing framework as a temporary stepping stone; the NYDFS stated that it expects firms who obtain such conditional licenses to then apply for a full license within 2 years.

It is not entirely clear how the conditional license will operate in practice. It does not appear that any other state makes conditional licenses available. To that end, the NYDFS is inviting comments on its proposed regulation, including:

  1. What type of cryptocurrency firms would benefit the most from such a conditional license?
  2. What type of licensed firms would be best and most effectively able to partner with unlicensed firms under the terms of a conditional license?
  3. What types of services and support should a licensed firm provide for the firm with the conditional license?
  4. Should there be limits placed on the types of services that a licensed firm can provide?
  5. Should there be caps and limits on the total number of conditional arrangements that a licensed firm can enter? What other checks should be in place?
  6. Should the licensed firm be held accountable for initial due diligence of the firm wishing to obtain a conditional license and to what extent?
  7. Should ongoing due diligence be required?
  8. How should the licensed firm and firm with the conditional license divide responsibilities and obligations for ensuring compliance with legal and regulatory requirements?
  9. What is the best way to check for and resolve conflicts of interest between the two firms involved?
  10. What is the best way to structure such collaboration to limit any potential adverse effect on the markets?
  11. Are there other methods besides a conditional license that the NYDFS should consider?

NYDFS requests that all comments by submitted by August 10, 2020. Given that cryptocurrency regulation is generally uncharted territory, virtual currency firms should consider submitting comment to the NYDFS to assist it in developing this regulation further so that it is effective and workable.

FinCEN Sends Message to the Virtual Currency Industry: The Travel Rule Applies to You, Too

FinCEN Director Ken Blanco addressed this year’s Consensus Blockchain Conference on May 13, 2020. In a set of prepared remarks, Blanco recognized the unprecedented challenges that the COVID-19 pandemic has created for anti-money laundering compliance personnel, particularly in addressing virtual currency transactions. To meet those challenges and combat the increased risk of criminal exploitation of virtual currency markets, Blanco emphasized that U.S. authorities continue to expect that financial institutions comply with the “Travel Rule” – that is, the requirement to transmit certain identifying information regarding transaction counterparties to the next financial institution in the transaction chain – with respect to virtual currency transactions, among others.

Cybercriminals Have Adapted to the Pandemic – You Need to as Well

Blanco recited the principal ways in which cybercriminals have adapted to exploit vulnerabilities created by COVID-19. For example, cybercriminals have taken advantage of security vulnerabilities in remote working applications, including VPNs and remote desktop protocols, that are central to the new work-from-home paradigm. Scams intended to undermine “know your customer” processes, including deep-fake and credential-stuffing attacks, have also increased in recent months, as have scams involving virtual currency payments, extortion, ransomware, fraudulent medical products sales, and initial coin offerings. Blanco expects this illegal conduct to continue to increase during the pandemic, and he advised financial institutions to calibrate their security measures to those threats.

Blanco explained that the “entire AML community has been adapting in real time” to the COVID-19 pandemic and its economic fallout, and he urged financial institutions to stay alert for malicious or fraudulent transactions. FinCEN issued notices on March 16 and April 3 advising financial institutions of their AML obligations during the COVID-19 pandemic and provided a direct contact mechanism to report urgent COVID-19 related issues. Blanco also advised that FinCEN is publishing advisories highlighting common types of fraud, theft, and money laundering activities related to the pandemic. Orrick’s May 27, 2020 Client Alert details steps that the Financial Action Task Force (“FATF”) – the global money laundering and terrorist financing watchdog – has advised that financial institutions consider taking to ensure continued compliance with their AML obligations.

The End of an Era? Regulators Expect to Know Who Is Transacting in Virtual Currencies

Turning to his “primary theme,” Blanco stated that the United States expects financial institutions to comply with the Travel Rule – full stop. There is no exception for virtual currency transactions. The Rule requires institutions processing virtual currency transactions valued at $3,000 or more to pass on and retain certain identifying information – including names, addresses, and account numbers – of both transaction counterparties to the next financial institution in the transaction chain. Blanco praised steps taken by FATF last June to establish international standards that are consistent with the U.S. Travel Rule.

The Travel Rule’s application to virtual currency transactions has been a source of resentment for Blockchain advocates who view the technology’s unique ability to facilitate anonymous transactions as one of its most revolutionary attributes. However, others have embraced the Rule for the role it has played in legitimizing the use of virtual currencies by law-abiding, mainstream actors as a safe alternative to traditional currencies.

Blanco’s comments make clear that FinCEN is firmly in the latter camp and views the Travel Rule as a key enforcement tool to prevent the proliferation of black markets and other illicit uses of Blockchain technology. In his words, “[a]ny asset that allows the instant, anonymized transmission of value around the world with no diligence or recordkeeping is a magnet for criminals, including terrorists, money launderers, rogue states, and sanctions evaders.”

Blanco reported that recordkeeping violations – such as violations of the Travel Rule – are the most common violations that FinCEN’s delegated IRS examiners have found being committed by money services businesses engaged in virtual currency transmission. Nevertheless, he stated that he is optimistic about the growth of cross-sector organizations and working groups focused on improving compliance with the Travel Rule and developing complementary international standards. Blanco stressed the importance of collaboration between government, law enforcement, and private companies, both during the COVID-19 pandemic and beyond. Blanco explained that it is the shared responsibility of the public and private sectors to ensure that virtual currency “technology does not get hijacked by criminals” to become a “conduit for crime, hate, and harm.”

Help Us to Help You

Blanco closed with an invitation to the private sector to strengthen its collaboration with regulators and law enforcement to combat illegal uses of virtual currencies. Since 2013, FinCEN has received nearly 70,000 Suspicious Activity Reports (“SARs”) involving virtual currency exploitation, over half of which came from the virtual currency industry. Those SARs are critical to FinCEN’s and law enforcement’s efforts to combat criminality and FinCEN’s efforts to educate industry participants about trends in illicit virtual currency use through its advisory and FinCEN Exchange programs.

Despite these efforts, Blanco explained that “[r]isks associated with anonymity-enhanced cryptocurrencies, or AECs, remain unmitigated across many virtual currency financial institutions.” FinCEN and its delegated IRS examiners are taking a close look at the AML/CFT controls on transactions in virtual currencies, and Blanco advised his audience to consider whether their controls are adequate to fulfill their duties to maintain risk-based AML programs. Blanco explained that FinCEN is also taking seriously the rise in foreign money services businesses seeking to do business with U.S. persons or operating in the U.S. without complying with U.S. AML regulations. Put simply, “[i]f you want access to the U.S. financial system and the U.S. market, you must abide by the rules.”

Cryptocurrency and OFAC: Beware of the Sanctions Risks

A recent federal criminal action shows the depth of the U.S. government’s concern about the use of cryptocurrency (or virtual currency) to violate economic sanctions laws and the lengths to which it will go to charge such violations. The U.S. government is particularly concerned that sanctioned countries and parties have used cryptocurrency to avoid sanctions designed to isolate them, and to facilitate illicit activities, including money laundering and ransomware attacks. The U.S. Office of Foreign Assets Control of the Treasury Department (OFAC), which administers U.S. economic sanctions programs, indicated recently that it intends to devote more resources to cryptocurrency issues. Over the past year or so, OFAC has issued a number of subpoenas to virtual currency businesses, such as exchanges, regarding possible customers and transactions involving parties in sanctioned countries. OFAC will probably announce its first enforcement actions involving virtual currency at some point this year. In addition, as discussed in Orrick’s recent blog post, the U.S. Commodity Futures Trading Commission, the Treasury Department’s Financial Crimes Enforcement Network (FinCEN), and the U.S. Securities and Exchange Commission remain focused on AML risks presented by cryptocurrency.

In an unusual application of economic sanctions law, in November 2019 a U.S. citizen was arrested and charged by the U.S. Attorney for the Southern District of New York with violating U.S. sanctions after he traveled to North Korea and delivered a presentation and technical advice related to the use of cryptocurrency and blockchain technology. In the case, which did not involve cryptocurrency transactions, the U.S. Attorney charged Virgil Griffith, an Ethereum Foundation staff member, with conspiring to violate U.S. sanctions laws that generally prohibit the provision of unlicensed services to North Korea. According to the U.S. Attorney’s Office, Mr. Griffith had traveled to North Korea to attend and speak at the Pyongyang Blockchain and Cryptocurrency Conference, despite the U.S. government’s denial of his request for authorization to attend. The U.S. government alleges that at the conference Mr. Griffith and other attendees discussed how North Korea could use blockchain and cryptocurrency technology to launder money and evade sanctions.

OFAC has issued frequently asked questions emphasizing that compliance obligations remain the same regardless whether transactions are denominated in virtual currency or fiat, and has started to include in its Specially Designated Nationals and Blocked Persons List (SDN List) virtual currency addresses that are linked to sanctioned persons. Sanctions are enforced with the help of U.S. businesses, in particular banks and other financial institutions, which have implemented systems and internal controls to detect the involvement of designated persons or prohibited jurisdictions in transactions. The U.S. government expects a similar level of commitment from entities dealing in cryptocurrency. It is critical that U.S. virtual currency users, exchangers, administrators and other persons engaging in virtual currency transactions with any U.S. nexus take steps designed to ensure that they do not deal with U.S. sanctions targets, which include providing financial or other services to such parties. OFAC has advised technology companies, administrators, exchangers, and users of virtual currencies, and other payment processors, to implement risk-based compliance programs, which generally should include sanctions list screening. This is consistent with OFAC’s recommendations included in A Framework for OFAC Compliance Commitments issued in June 2019.

Because a strict liability standard applies to unauthorized dealings with sanctioned parties and jurisdictions, U.S. persons dealing in cryptocurrency cannot avoid potential liability simply because they do not know the identity of the person with whom they are interacting. And the risk of dealing with sanctioned persons and jurisdictions when conducting virtual currency transactions will likely increase should nations like Iran and Russia further embrace cryptocurrency to try to avoid sanctions. In 2018, Iran reportedly acknowledged cryptocurrency mining as a legitimate industry, and in December 2019, Iran’s President reportedly proposed creation of a Muslim cryptocurrency to decrease reliance on the U.S. dollar. The U.S. government acted in 2018 to prohibit transactions involving Venezuela’s state virtual currency, the “Petro.”

To protect against potential sanctions violations, there are key steps that cryptocurrency users and exchanges can take. Crypto exchanges operating in the United States are required to register with FinCEN as money services businesses, to license themselves in the states in which they operate, and to exclude users in sanctioned jurisdictions and those on OFAC’s SDN List from transacting on the exchange. These exchanges should adopt and implement Know Your Customer procedures, including sanctions screening, to identify parties trading on their exchanges, and can employ geo-IP blocking to prohibit access by parties from sanctioned jurisdictions. They should perform transaction monitoring to detect suspicious activity and file required reports with FinCEN. U.S. persons trading in cryptocurrency should use exchanges committed to complying with U.S. sanctions requirements. If the exchange allows sanctioned parties to participate, a U.S. person could end up unknowingly trading with such a party and thus violating U.S. law. Exchanges operating outside the United States that want to attract U.S. users should also consider implementing such measures, to exclude targets of U.S. sanctions from trading. Non-U.S. exchanges that permit access to certain U.S. sanctions targets may risk imposition of U.S. “secondary sanctions” designed to deter non-U.S. persons from engaging in business with targets of U.S. sanctions.

IRS Hints at Form 8938 Requirements for Reporting Crypto Assets Held at a Foreign Exchange

With the emergence of digital assets, the question has arisen whether digital assets held in “wallets” in foreign exchanges need to be reported on Internal Revenue Service (IRS) Form 8938, Statement of Specified Foreign Financial Assets. Form 8938 is the IRS counterpart for the FBAR, or Foreign Bank Report, which certain holders of foreign bank accounts must file with FinCEN. Form 8938 was added as part of the HIRE Act at the same time the Foreign Account Tax Compliance Act (commonly known as FATCA) was adopted in 2010. The penalty for a failure to file Form 8938 is $10,000. However, it is not clear that Form 8938 applies to digital assets.

The answer requires one to dig through the underlying statutes and the instructions to Form 8938. We start with Internal Revenue Code Section 6038D, which requires reporting of “specified foreign financial assets.” Under Code Section 6038D, a “specified foreign financial asset” is (1) a financial account maintained by a foreign financial institution and (2) one of the following foreign financial assets if they are held for investment and not held in an account maintained by a financial institution: (a) any stock or security issued by a person other than a United States person; (b) any financial instrument or contract held for investment that has an issuer or counterparty other than a United States person, and (c) any interest in a foreign entity. The term “financial account” means, with respect to any financial institution, (a) any depository account, (b) any custodial account and (c) any equity or debt interest in such financial institution (other than interests regularly traded on an established securities market).

One issue for digital asset holders is whether a person who holds such assets in a wallet maintained at a foreign exchange is holding an asset in a “foreign financial institution.” What is a financial institution? This is defined in Code Section 1471(d)(5) as an entity that (a) accepts deposits in the ordinary course of a banking or a similar business, (b) as a substantial portion of its business, holds “financial assets” for the account of the others, or (c) is engaged (or holds itself out as being engaged) primarily in the business of investing, reinvesting or trading in securities, partnership interests, commodities or any interests in such securities, partnership interests or commodities. A foreign financial institution includes investment vehicles such as foreign mutual funds, foreign hedge funds and foreign private equity funds. Very generally, financial assets are securities, commodities, notional principal contracts, insurance contracts, or annuity contracts or interests in any of the foregoing. Both the terms “security” and “commodity” are defined by reference to Code Section 475, a section of the Code that was adopted in 1993, preceding the emergence of digital assets. For example, gold is a commodity under this provision, and anyone holding gold in an offshore account would need to report the account. Should the same rules apply to bitcoin or bitcoin gold held in a wallet in an offshore exchange? The IRS has not yet taken a position on whether cryptocurrency is a security or a commodity, which it could do by a regulation or a notice. This is key to the analysis of whether or not the crypto exchange is a foreign financial institution.

At least one recent, unofficial statement provides insight into the IRS’s thinking on the reporting obligation on Form 8938. Recently, according to Tax Notes, an IRS official was asked if the IRS will assess penalties against taxpayers who haven’t been disclosing digital assets on Form 8938, and the official responded that, if taxpayers had been reporting taxable cryptocurrency transactions on their returns during prior years and properly filed Form 8938 going forward, the IRS probably would not pursue them for prior tax years. Of course, this is merely an unofficial statement, and the IRS could formally decide otherwise or examiners could take different positions during the course of an exam. Either way, taxpayers that have not been reporting their cryptocurrency transactions should file Form 8938 as soon as possible and consider filing amended returns.

Information reporting is certainly a key issue for the IRS that will drive the tax compliance process. In a sign of the attention that the IRS is giving to the reporting, the draft version of IRS Form 1040, Schedule 1, now includes a question regarding financial interests in “virtual currencies,” much like the question relating to ownership of foreign bank accounts presently on Schedule B.

Wyoming, the “Equality State,” Seeks to Level the Playing Field for Digital Assets Businesses

In its continued effort to establish itself as the go-to jurisdiction for digital asset businesses, Wyoming, through its Department of Audit, Division of Banking, recently published a digital asset custody regime for its newly created, special purpose depository institutions (SPDIs). SPDIs are banking institutions authorized to take custody of digital assets. If they function as intended, SPDIs may prove to be a solution to, among other things, digital asset companies’ money transmitter licensing woes.

One major impediment to entering the U.S. market for digital asset companies is the requirement to obtain money transmitter licenses from individual states. Applying for these licenses state by state can be expensive and burdensome, and some states have created additional hurdles for digital asset companies. New York, for example, requires digital asset companies to obtain a “BitLicense,” which is notoriously difficult to obtain, to operate in the state. California may soon follow suit, imposing substantial licensing requirements under Assembly Bill 1489, which has been introduced in the legislature.

Wyoming is trying a different approach. In establishing SPDIs, Wyoming is helping blockchain companies avoid the costs of these burdensome licensing regimes while still protecting customers by taking advantage of a regulatory benefit enjoyed by banking institutions like SPDIs. Per the Bank Secrecy Act, banks are exempt, as a general matter, from needing money transmitter licenses.

Further, advocates argue that the SPDIs will provide a solution for startups seeking to operate in New York without a BitLicense. Federal law, through the Riegle-Neal Amendments Act, protects the parity of national banks and the state-chartered banks of other states. Accordingly, if a state exempts a national bank from a regulation, then other state-chartered banks must be exempt from that regulation as well. Because New York exempts national banks from the requirement to obtain a BitLicense to operate, so the argument goes, Wyoming’s SPDIs – which are state-chartered banks – should be exempted from that requirement as well. This theory remains untested, and New York has not taken a position on whether it will exempt SPDIs from needing a BitLicense to operate there. Perhaps Wyoming’s status as “The Equality State” will prompt New York to provide its state-chartered banks with “equal” treatment.

While the first new SPDIs could become operational by early 2020, which might provide a work-around for the current money transmitter licensing barriers facing digital asset companies, there remain a few obstacles for a company desiring to take advantage of the law, albeit surmountable ones.

First, SPDIs are required to maintain a minimum capital requirement of $5 million – making it prohibitive for most startups to charter their own SPDI. However, multiple companies may partner with one unaffiliated SPDI to pool assets. Assuming cooperation among market players, startups should be able to find enough capital among other SPDIs to satisfy the capital requirement. Second, SPDIs are required to maintain the principal operating headquarters and the primary office of its CEO in Wyoming, but – as we know – the excellent skiing, beautiful vistas and abundant wildlife in Wyoming provide ample justification for setting up shop there.

Wyoming’s creation of SPDIs comes on the heels of other pro-blockchain moves by the state, including authorizing corporations to issue securities via “certificate tokens in lieu of stock certificates,” creating a FinTech sandbox that enables startups to receive waivers from laws or regulations that may unnecessarily burden their ability to test new products and services, and classifying digital assets as property.

Wyoming’s small population and limited infrastructure may make it difficult to attract personnel and capital to create a competitive SPDI market. But with sufficient incentives, and the opportunity to engage in a potentially lucrative and groundbreaking industry, Wyoming is making a bid to become the crypto capital of the U.S.