Keyword: CFTC

6 Questions Blockchain Founders Should Ask When Launching a Product or Token

, , and

As any founder knows, operating in the blockchain space requires navigating a myriad of regulatory regimes. While every product and token are different, below are 6 key questions that any founder should ask themselves as they launch their product or token:

  1. Are you advertising to the public? If a company advertises to the public, anti-fraud and consumer protection laws are relevant. Regulators in the U.S. from the Federal Trade Commission and the Consumer Financial Protection Bureau, along with state attorneys-general, enforce rules to ensure advertisements and public statements do not contain (among other things) statements or promises that are false, misleading, or deceptive. Companies should screen public messages with their counsel before publishing them.
  2. Where do you plan to launch your product or token? Companies should be aware of sanctions programs in jurisdictions in which they plan to operate. In the U.S., the Office of Foreign Asset Control (“OFAC”) enforces compliance with U.S. sanctions programs. Conducting transactions with sanctioned persons or in a sanctioned jurisdiction is an offense and OFAC may impose penalties on a “strict liability standard.”  This means that OFAC can hold violators civilly liable regardless of whether they knew they participated in a transaction with a sanctioned person or entity. Many companies have policies and internal controls (e.g., customer screening and IP address blocking) meant to prevent prohibited transactions.
  3. Would a person reasonably rely on the Company’s efforts to profit from their purchase? If a blockchain company issues or plans to issue tokens or other digital assets, it is imperative that the company complies with securities laws. The lodestar for determining whether a token is an “investment contract” (one type of security) is the Howey Test. In short, pursuant to the Howey Test, a token is a security if a purchaser could reasonably depend on the efforts of a third party (i.e., the company) to generate a profit. While the interpretation of the Howey Test is more nuanced than that, understanding how consumers are going to think about your token is important in assessing the level of risk that launching the token might impose. The actual application of the Howey Test is fact intensive, and therefore requires comprehensive review and application of the token and the Company’s distribution plans.
  4. Will employees have access to sensitive information that could impact prices? If a company’s employees will have access to material, non-public information regarding prices of the company’s publicly traded digital asset or any other asset trading on a platform controlled by the company, the company should implement policies to prevent employees or other insiders from profiting off of that information (by implementing, for example, insider trading policies). These policies should dictate how and when an employee, consultant, or director is allowed to buy and sell the company’s digital assets or any other asset trading on the company’s platform.
  5. Will the Company transmit someone’s money? Blockchain companies acting as an “administrator” or “exchanger” of “convertible virtual currency” (“CVC”) may be deemed a money transmitter under federal law. In short, if a company has the authority or power to issue, remove, or exchange a cryptocurrency or virtual currency, the company may be required to register as a “money services business” under the federal Bank Secrecy Act, which requires companies to assist the U.S. government in detecting and preventing money laundering. In addition, 49 states also have “money transmission laws.” Each state has different laws with respect to CVC, so a state-by-state analysis will be required to determine where the company should file for money transmission licenses.
  6. Will the Company collect customer information? Consumer data protection has received a sizable amount of attention from both legislatures and regulators over the past several years, including the implementation of GDPR in the EU and the CCPA in California (just to name a couple prominent laws).  Any company that is collecting, storing, or transmitting consumer information should review its online privacy policy and terms of use, as well as its internal policies around how that information is stored and where that information is transmitted.  Even if still under the control of the company, data transferred from one jurisdiction to another may violate applicable data privacy laws.

The 6 questions above will help frame some of the more common regulatory issues that companies in the blockchain space need to pay attention to, but that list is certainly not exhaustive.  With an increased focus on blockchain companies by regulatory agencies, it’s important that founders operate within and understand existing regulations, and also make a plan for how they will adapt as those regulations change.

CFTC: Virtual Currency Creates Real Segregation Risks

Virtual currency presents risks to futures commission merchants (FCMs) when deposited by futures customers or cleared swaps customers to margin futures, options on futures, or cleared swap transactions, according to an Advisory issued last week by the Director of the CFTC’s Division of Swap Dealer and Intermediary Oversight (DSIO). The CFTC staff Advisory is intended to provide guidance to FCMs on developing risk management programs for holding virtual currency as futures customer funds.

One of the most important principles underlying commodity futures regulation is the “segregation” requirement, that is, the requirement that all customer funds for trading must be treated as belonging to the futures customer and kept apart from the FCM’s own funds. These funds include cash deposits and any securities or other property deposited by customers to margin or guarantee futures trading. FCMs must hold sufficient funds in segregated accounts to be able to meet all of their customer obligations. The segregation requirement also applies to funds of customers engaged in swap transaction that are cleared through a registered derivatives clearing organization. (These requirements can be found in Sections 4d(a)(2) and 4d(f) of the Commodity Exchange Act.)

The Advisory reports DSIO’s determination that receiving virtual currency from a customer and holding that currency as segregated funds creates additional risks for the other customers in the same origin. This is because custodians of virtual currencies are “typically not subject to a system of comprehensive federal or state regulation and oversight.” Examples of such risks include: the owner or custodian’s failure to effectively safeguard virtual assets or digital keys or loss of digital keys; misappropriation of those key, hacking of systems designed to hold virtual currencies; and the limited commercial insurance to cover virtual currency losses.

To address these risks, the Advisory “reminds” FCMs to adhere to certain requirements when holding virtual currency as customer funds, including the following:

  • FCMs must deposit such virtual currency only with a bank, trust company, another FCM, or with a clearing organization that clears virtual currency futures, options on futures, or cleared swap contracts;
  • The virtual currency must be held under an account name that clearly identifies the funds as customer funds and shows that the funds are segregated;
  • FCMs must report virtual currency on their daily and month-end segregation statements at fair market value, in U.S. dollars, and reflect the FCM’s reasoned judgment based on spot market or other appropriate market transactions;
  • In their daily calculation of segregated funds, FCMs may not use the value of a customer’s virtual currency to offset a deficit in a future customer’s account, since they are not considered “readily marketable securities;”
  • FCMs may not invest any segregated futures customer or segregated cleared swap customer funds in virtual currency to be held on behalf of customers.

Further, when designing and maintaining its risk management program (required under CFTC Regulation 1.11), an FCM that accepts virtual currency as customer funds should limit its acceptance of virtual currency into segregated accounts to particular types of virtual currency that relate solely to trading of futures or options on futures or cleared swaps contracts that provide for physical delivery of those virtual currencies. The Advisory mentions bitcoin and ether as examples. Moreover, the virtual currency accepted by an FCM should only provide margin value to futures and options contracts related to virtual currency (although the FCM could use virtual currency to cover a customer default from losses on any types of futures or cleared swap transactions).

In a further recognition of these risks, the Advisory specifies that before an FCM even begins to accept any virtual currency into segregation, it should provide 45 days written notice to all futures and cleared swaps customers of the practice.

The Advisory concludes chillingly by stating that, notwithstanding the guidance, the DSIO is free to refer to the Division of Enforcement “the FCM’s practices involving virtual currencies, specific transactions involving virtual currencies or related contracts, or for any other reason.”

Our Takeaway

The DSIO’s Advisory highlights the implications for an FCM of dealing in virtual currency and, specifically, whether to accept virtual currency as futures customer funds. Virtual currency cannot be treated in the same was as fiat currency or other more traditional and stable sources of value, such as securities. A firm that decides to accept virtual currency needs to adopt policies and procedures that go beyond typical segregation funds and which, among other things, limit which types of virtual currency it can accept, how to value the virtual currency for margin purposes, and how to protect the currency against hacks and loss of keys.

In or Out? – The CFTC Explains When Virtual Currencies Come Within Its Jurisdiction

and

On March 24, the Commodity Futures Trading Commission (CFTC) issued final interpretive guidance (the Guidance) regarding retail commodity transactions involving virtual currency. In short, this Guidance clarifies when “actual delivery” of virtual currency (such as bitcoin and ether) occurs under the test determining whether a leveraged arrangement is exempt from regulation by the CFTC as, effectively, a futures contract. This important Guidance demonstrates the proactive and leading role that the CFTC has taken in connection with understanding and addressing developments in the fintech sector. In the Guidance, the CFTC explains the exemption clearly and places it in the context of the CFTC’s regulatory mandate, its somewhat tortured history in obtaining jurisdiction over leveraged retail transactions in commodities, and its interest in preventing abusive practices. As part of its commitment to assisting the industry in adjusting to the evolving interpretations, the CFTC also announced that it would impose a 90-day moratorium on initiating enforcement actions that address aspects of the Guidance that, according to Chairman Tarbert’s accompanying statement, “were not plainly evident from prior CFTC guidance, enforcement actions, and case law.”

The Guidance in effect enables those transacting in leveraged virtual currency (often referred to as “cryptocurrency”) to understand whether they are subject to CFTC jurisdiction. As noted in the release, the CFTC has exclusive jurisdiction over commodity futures, options and swaps – which encompasses a broad range of derivatives – and has broad anti-fraud and anti-manipulation authority over any contract of sale of any commodity in interstate commerce, as well as swaps and futures. This jurisdiction includes certain speculative commodity transactions involving leverage or margin, which are also treated by the CFTC as futures. The CFTC’s jurisdiction over leveraged retail transactions remained uncertain until passage of the Dodd-Frank Act in 2010.

Before the Dodd-Frank Act, it was possible that a retail transaction in a commodity entered on a leveraged or margined basis, or financed by the counterparty, could avoid regulation by the CFTC even though it was economically indistinguishable from a futures contract. In his statement, Chairman Tarbert offers this example: suppose that someone decides to purchase a commodity with some money down, with delivery and final payment to be made at some future date, but is also able to trade out of the position at any time to lock in any gains or losses incurred to date; “that starts to look an awful lot like a futures contract—with identical economics but without any regulation.” The Dodd-Frank Act addressed this regulatory gap, with a particular application to abusive sales practices involving foreign currency and precious metals, and now the Guidance provides interpretation to apply the same principles to virtual currency.

The important exception to the CFTC’s jurisdiction over leveraged retail commodity transactions is for a contract of sale that “results in actual delivery within 28 days…” The determinative factor as to whether a transaction in virtual currency is subject to CFTC jurisdiction is whether actual delivery occurs within 28 days of trade execution. (Note that, for retail foreign currency transactions, the delivery period is only two days.) In its 2015 Coinflip Order, the CFTC clarified that virtual currency constitutes a “commodity” under the Commodity Exchange Act. Although virtual currency is an intangible commodity, the CFTC has jurisdiction over other types of intangible commodities, including rate indices and renewable energy credits. Multiple federal courts have also held that virtual currencies are commodities under the Commodity Exchange Act. The CFTC broadly defines virtual currencies as follows:

a digital asset that encompasses any digital representation of value or unit of account that is or can be used as a form of currency (i.e., transferred from one party to another as a medium of exchange); may be manifested through units, tokens, or coins, among other things; and may be distributed by way of digital “smart contracts,” among other structures.

In the Guidance, the Commission interprets “actual delivery” in the context of virtual currency as taking place when (a) a customer (i) secures possession and control of the entire quantity of the commodity – whether it was purchased on margin, or using leverage, or any other financing arrangement – and (ii) has ability to use the entire quantity of the commodity freely in commerce, no later than 28 days from the date of the transaction; and (b) the offeror and counterparty seller do not retain any interest in, legal right, or control over any of the purchased commodity after 28 days from the date of the transaction. While this interpretation is carefully drafted to avoid permitting any “sham delivery” to qualify, the Guidance states that the simplest definition of actual delivery is the ability of a purchaser to use the virtual currency immediately as a unit of exchange. And while the 28-day period is provided as the outside time limit to constitute actual delivery, as a practical matter, it typically takes much fewer than 28 days for a virtual currency transfer to complete. To determine whether the seller no longer retains any interest in the virtual currency, the CFTC may look to whether the seller retains any ability to access or withdraw any quantity of the virtual currency from the purchaser’s account or virtual wallet. The Guidance essentially reaffirms guidance that the CFTC provided in 2013, in a non-virtual currency context, as to the “functional approach” that the CFTC would apply in determining whether actual delivery had occurred.

In the Guidance, the CFTC emphasizes the importance of virtual currencies and their underlying blockchain technologies, and highlights its efforts to take a “deliberative and measured approach” in this area, to avoid stifling technological innovation. The CFTC points to its efforts in this area, including the LabCFTC initiative, which seeks to promote market-enhancing innovation. It also notes that several derivatives contracts based on virtual currency are listed on CFTC registered entities. The Guidance also reports that the CFTC continues to follow the evolution of the cash market for virtual currencies, since cash markets affect related derivatives markets. It is because the technology, market structures and law are evolving so quickly that, as discussed by several Commissioners in their accompanying statements, issuing interpretive guidance is more appropriate than rulemaking at this time. We encourage readers to refer to the CFTC’s full Guidance, which is clearly written with helpful examples.

Cryptocurrency and OFAC: Beware of the Sanctions Risks

, and

A recent federal criminal action shows the depth of the U.S. government’s concern about the use of cryptocurrency (or virtual currency) to violate economic sanctions laws and the lengths to which it will go to charge such violations. The U.S. government is particularly concerned that sanctioned countries and parties have used cryptocurrency to avoid sanctions designed to isolate them, and to facilitate illicit activities, including money laundering and ransomware attacks. The U.S. Office of Foreign Assets Control of the Treasury Department (OFAC), which administers U.S. economic sanctions programs, indicated recently that it intends to devote more resources to cryptocurrency issues. Over the past year or so, OFAC has issued a number of subpoenas to virtual currency businesses, such as exchanges, regarding possible customers and transactions involving parties in sanctioned countries. OFAC will probably announce its first enforcement actions involving virtual currency at some point this year. In addition, as discussed in Orrick’s recent blog post, the U.S. Commodity Futures Trading Commission, the Treasury Department’s Financial Crimes Enforcement Network (FinCEN), and the U.S. Securities and Exchange Commission remain focused on AML risks presented by cryptocurrency.

In an unusual application of economic sanctions law, in November 2019 a U.S. citizen was arrested and charged by the U.S. Attorney for the Southern District of New York with violating U.S. sanctions after he traveled to North Korea and delivered a presentation and technical advice related to the use of cryptocurrency and blockchain technology. In the case, which did not involve cryptocurrency transactions, the U.S. Attorney charged Virgil Griffith, an Ethereum Foundation staff member, with conspiring to violate U.S. sanctions laws that generally prohibit the provision of unlicensed services to North Korea. According to the U.S. Attorney’s Office, Mr. Griffith had traveled to North Korea to attend and speak at the Pyongyang Blockchain and Cryptocurrency Conference, despite the U.S. government’s denial of his request for authorization to attend. The U.S. government alleges that at the conference Mr. Griffith and other attendees discussed how North Korea could use blockchain and cryptocurrency technology to launder money and evade sanctions.

OFAC has issued frequently asked questions emphasizing that compliance obligations remain the same regardless whether transactions are denominated in virtual currency or fiat, and has started to include in its Specially Designated Nationals and Blocked Persons List (SDN List) virtual currency addresses that are linked to sanctioned persons. Sanctions are enforced with the help of U.S. businesses, in particular banks and other financial institutions, which have implemented systems and internal controls to detect the involvement of designated persons or prohibited jurisdictions in transactions. The U.S. government expects a similar level of commitment from entities dealing in cryptocurrency. It is critical that U.S. virtual currency users, exchangers, administrators and other persons engaging in virtual currency transactions with any U.S. nexus take steps designed to ensure that they do not deal with U.S. sanctions targets, which include providing financial or other services to such parties. OFAC has advised technology companies, administrators, exchangers, and users of virtual currencies, and other payment processors, to implement risk-based compliance programs, which generally should include sanctions list screening. This is consistent with OFAC’s recommendations included in A Framework for OFAC Compliance Commitments issued in June 2019.

Because a strict liability standard applies to unauthorized dealings with sanctioned parties and jurisdictions, U.S. persons dealing in cryptocurrency cannot avoid potential liability simply because they do not know the identity of the person with whom they are interacting. And the risk of dealing with sanctioned persons and jurisdictions when conducting virtual currency transactions will likely increase should nations like Iran and Russia further embrace cryptocurrency to try to avoid sanctions. In 2018, Iran reportedly acknowledged cryptocurrency mining as a legitimate industry, and in December 2019, Iran’s President reportedly proposed creation of a Muslim cryptocurrency to decrease reliance on the U.S. dollar. The U.S. government acted in 2018 to prohibit transactions involving Venezuela’s state virtual currency, the “Petro.”

To protect against potential sanctions violations, there are key steps that cryptocurrency users and exchanges can take. Crypto exchanges operating in the United States are required to register with FinCEN as money services businesses, to license themselves in the states in which they operate, and to exclude users in sanctioned jurisdictions and those on OFAC’s SDN List from transacting on the exchange. These exchanges should adopt and implement Know Your Customer procedures, including sanctions screening, to identify parties trading on their exchanges, and can employ geo-IP blocking to prohibit access by parties from sanctioned jurisdictions. They should perform transaction monitoring to detect suspicious activity and file required reports with FinCEN. U.S. persons trading in cryptocurrency should use exchanges committed to complying with U.S. sanctions requirements. If the exchange allows sanctioned parties to participate, a U.S. person could end up unknowingly trading with such a party and thus violating U.S. law. Exchanges operating outside the United States that want to attract U.S. users should also consider implementing such measures, to exclude targets of U.S. sanctions from trading. Non-U.S. exchanges that permit access to certain U.S. sanctions targets may risk imposition of U.S. “secondary sanctions” designed to deter non-U.S. persons from engaging in business with targets of U.S. sanctions.

In Case You Needed A Reminder – AML/CFT Regulations Apply to Transactions in Cryptocurrencies

Earlier this month, the leaders of the U.S. Commodity Futures Trading Commission, the Financial Crimes Enforcement Network, and the U.S. Securities and Exchange Commission released a joint statement reminding individuals engaged in transactions involving digital assets of their obligations under the Bank Secrecy Act (BSA) to guard against money laundering and counter the financing of terrorism.

Anti-Money Laundering/Countering the Financing of Terrorism (AML/CFT) regulations apply to all entities that the BSA defines as “financial institutions,” including futures commission merchants and introducing brokers obligated to register with the CFTC, money services businesses as defined by FinCEN, and broker-dealers and mutual funds obligated to register with the SEC. To comply with AML/CFT regulations, financial institutions are required to, among other things, implement anti-money laundering programs and comply with recording keeping and reporting requirements, including suspicious activity reporting (SAR) requirements.

The joint statement emphasized that AML/CFT regulations apply to financial institutions engaged in activities involving “digital assets,” including instruments that may qualify under applicable U.S. laws as securities, commodities, and security- or commodity-based instruments such as futures or swaps. Because digital assets and financial transactions in digital assets are referred to by many names – including “cryptocurrencies,” “digital tokens,” “virtual assets” and “initial coin offerings” – the regulators issuing the joint statement reminded financial institutions that commonly used labels may not necessarily align with how an asset, activity or service is defined under the BSA or under laws and rules administered by the CFTC and the SEC. The nature of the digital asset, activity or service, including underlying “facts and circumstances” and the asset’s “economic reality and use,” determines how it is regulated under federal laws and regulations.

By reminding industry participants that the nature of a digital asset and the manner in which it is used – and not industry lingo – determines how the digital asset is regulated, the CFTC, FinCEN and the SEC signaled that they are adopting the same framework courts already use to determine how to classify other types of assets under the federal securities laws. The joint statement indicates that regulators are continuing to take steps toward applying existing federal securities laws and regulations to digital currencies.

The CFTC Wants to Know More About Ether: Your Feedback Could Impact Ether Futures in 2019

The CFTC is giving the public an opportunity to influence its views as they relate to Ethereum, Ether or similar virtual currencies or projects. On December 11, 2018 the CFTC issued a Request for Information (the “Request”) seeking public comments and feedback on Ether and the Ethereum Network. The Request “seeks to understand similarities and distinctions between certain virtual currencies, including Ether and Bitcoin, as well as Ether-specific opportunities, challenges, and risks,” according to the accompanying press release. The version of the Request published in the Federal Register states that public comments must be received on or before February 15, 2019.

Individuals and companies involved in cryptocurrency, especially if related to the Ethereum Network or one of its competitors, should consider making a submission. The Request states that information submitted to the CFTC will be used to inform the work of LabCFTC (a dedicated function of the CFTC, launched in 2017 to “make the CFTC more accessible to FinTech innovators”) and the CFTC as a whole. It appears likely that the CFTC will look to the submissions to assist it in deciding whether to green light Ether futures trading.

Of the over 2,000 cryptocurrencies currently in circulation, Bitcoin is the only one for which futures contracts are traded on regulated futures exchanges. Bitcoin is also the only cryptocurrency which the SEC (through Chairman Clayton’s testimony) has officially deemed not to be a security. As mentioned in the Request, a certain SEC senior official recently stated that offers and sales of Ether, in its current state, are not securities transactions. The SEC’s stance on Ether likely paves the way for the CFTC to green-light regulated futures exchanges, such as the Chicago Board Options Exchange, to offer Ether futures contracts.

The cryptocurrency market is desperate for some good news to pull it out of the prolonged bear market it is currently enduring. Many had hoped that the announcement of Ether futures would be the catalyst that turns the market around. It appears possible that the CFTC will authorize Ether futures contracts, once it has reviewed the comments submitted in response to this request.

 

Getting Smarter: CFTC Publishes Smart Contracts Primer

The Commodity Futures Trading Commission (CFTC) has joined other agencies in explaining the crypto-related products potentially within its jurisdiction. LabCFTC recently released “A Primer on Smart Contracts” as part of LabCFTC’s effort to “engage with innovators and market participants on a range of financial technology (FinTech) topics.” (LabCFTC itself is a “dedicated function” of the CFTC, launched in 2017 to “make the CFTC more accessible to FinTech innovators.”) As summarized below, the Primer provides (i) a high-level overview of smart contract technology and applications, (ii) a discussion of the potential role of the CFTC in smart contract regulation and (iii) a discussion of the unique risks and governance challenges posed by smart contracts.

The Primer describes smart contracts, fundamentally, as coded computer functions that may either incorporate elements of a binding contract (e.g. offer, acceptance and consideration) or simply execute certain terms of an external contract. Smart contracts allow self-executing computer code to take actions at specified times or based on the occurrence or non-occurrence of an action or event. The Primer also notes that smart contracts can be stored and executed on a distributed ledger, which effectively prevents modifications not authorized or agreed by the parties. It describes distributed ledgers as electronic records that are updated in real time and intended to be maintained on geographically disperse servers or “nodes.” (Distributed ledger technology is the innovation underlying blockchains generally, including the bitcoin blockchain.) As an example of a smart contract in the derivatives context, the Primer describes a credit default swap encoded as a smart contract, whereby the code would (i) automatically make quarterly premium payments from an end-user to a dealer, (ii) check an external financial information source (known as an “oracle”) daily to monitor for credit events with respect to the relevant reference assets, and (iii) if the oracle indicates that a credit event has occurred, calculate and transfer payment from the dealer to the end-user. “Oracle” commonly refers to an external source of information, which the Primer describes as “a mutually agreed upon network authenticated reference data provider (potentially a third-party); this is a source of information to determine actions and/or contractual outcomes, for example, commodity prices, weather data, interest rates, or an event occurrence.”

Regarding the role of the CFTC in regulating smart contracts, the Primer does not state or suggest that the CFTC intends to impose any requirements that would be specific to smart contracts. Rather, noting that derivatives in many cases “may be readily digitized and coded,” the Primer then lists the following types of derivatives products that are subject to CFTC jurisdiction, and states that a given smart contract could constitute any one of them “[d]epending on its structure, operation, and relevant facts and circumstances”: commodities, forward contracts, futures contracts, options on futures contracts and swaps.

The Commodity Exchange Act and related CFTC regulations impose various requirements and restrictions on such transactions, depending on product type. A credit default swap based on a “broad-based” security index, for example, constitutes a “swap” and, as such, may implicate or be subject to swap dealer registration, clearing and execution, reporting and recordkeeping, and other CFTC requirements. Accordingly, absent further guidance or regulations from the CFTC specific to smart contracts, it appears that the Primer’s credit default swap smart contract example described above (assuming it was based on a broad-based security index) would be regulated by the CFTC as a swap, similar to an ordinary, non-smart contract credit default swap based on a broad-based security index. The Primer further clarifies that: “Existing law and regulation apply equally regardless what form a contract takes. Contracts or constituent parts of contracts that are written in code are subject to otherwise applicable law and regulation.”

The Primer also notes that, depending on their “application or product characterization,” smart contracts may be subject to various other legal frameworks, including, among others, federal and state securities laws and regulations; federal, state, and local tax laws and regulations; the Uniform Commercial Code (UCC), the Uniform Electronic Transactions Act (UETA), and the Electronic Signatures in Global and National Commerce Act (ESIGN Act); the Bank Secrecy Act; etc. Finally, the Primer discusses operational, technical, cyber security, and fraud and manipulation risks unique to smart contracts, as well as possible governance standards and frameworks (such as assigning responsibility for smart contract design and operation and establishing mechanisms for dispute resolution).

A Foreboding View of Smart Contract Developer Liability

At least one regulator is attempting to provide clarity regarding the potential liability of actors who violate regulations through the use of smart contracts. On October 16, 2018, Commissioner Brian Quintenz of the Commodity Futures Trading Commission explained his belief that smart contract developers can be held liable for aiding and abetting CFTC rule violations if it was reasonably foreseeable that U.S. persons could use the smart contract they created to violate CFTC rules. As is typical, the Commissioner spoke for himself, but it seems likely that his views reflect the CFTC’s philosophy.

Generally speaking, smart contracts are code-based, self-executing contractual provisions. Smart contracts that run on top of blockchain protocols, like ethereum, are increasingly being used by companies in a wide variety of businesses to create autonomous, decentralized applications. Some of these applications might run afoul of CFTC regulations if they have the features of swaps, futures, options, or other CFTC-regulated products, but do not comply with the requisite regulatory requirements. The fact that smart contracts support disintermediated markets – a departure from the market intermediaries traditionally regulated by the CFTC – does not change the CFTC’s ability to extend its jurisdiction to them.

To identify where culpability might lie, Commissioner Quintenz identified the parties he believes to be essential to the functioning of the smart contract blockchain ecosystem:

  1. the core developers of the blockchain software;
  2. the miners that validate transactions;
  3. the developers of the smart contract applications; and
  4. users of the smart contracts.

Commissioner Quintenz dismissed the core developers and the miners as potential culpable parties by reasoning that while they both play a vital role in creating or administering the underlying blockchain code, they have no involvement in creating the smart contracts. He also limited the possibility of the CFTC pursuing enforcement against individual users because, as he explained, although individual users are culpable for their actions, “going after users may be an unsatisfactory, ineffective course of action.”

That leaves the developers of the smart contract code. Commissioner Quintenz stated that to ascertain the culpability of the smart contract code developers, the “appropriate question is whether these code developers could reasonably foresee, at the time they created the code, that it would likely be used by U.S. persons in a manner violative of CFTC regulations.” If such a use is foreseeable, Commissioner Quintenz believes that a “strong case could be made that the code developers aided and abetted violations of CFTC regulations.”

Commissioner Quintenz expressed that he would much rather pursue engagement than enforcement, “but in the absence of engagement, enforcement is the only option.” The Commissioner recommended that smart contract developers engage and collaborate with the CFTC prior to releasing their code to ensure that the code will be compliant with the law. The Commissioner even suggested that the CFTC is willing to rethink its existing regulations or provide regulatory relief, depending on the technology in question.

As blockchain and smart contract technology matures, we expect decentralized and disintermediated applications to come to market in increasing volumes. In his speech, Commissioner Quintenz provided valuable insight into how one regulator is thinking about applying existing laws to this new market. His remarks will be especially valuable if they influence other regulators, such as the Securities and Exchange Commission or the Financial Crimes Enforcement Network, to take a similar approach.

EtherDelta Founder’s Settlement with the SEC Has Grim Implications for Smart Contract Developers

and

The SEC recently brought its first enforcement action against the creator of a “decentralized” digital token trading platform for operating as an unregistered national securities exchange, and in doing so joined the CFTC in putting a scare into smart contract developers.

On November 8, 2018, the SEC issued a cease-and-desist order settling charges against Zachary Coburn, the creator of EtherDelta, an online “decentralized” digital token trading platform running on the Ethereum blockchain. The SEC charged only Coburn, the individual who founded EtherDelta, but no longer owns or operates it. Note that the SEC press release states that the investigation is continuing.

The SEC announced its action against Coburn a month after a CFTC Commissioner stated in a speech that smart contract developers could be found liable for aiding and abetting violations of commodity futures laws. Both agencies appear to be putting smart contract developers on notice that by releasing code into the ether, they are inviting potential liability for any rule violations, even if they sever their connections with the code.

The SEC found that EtherDelta provides a marketplace to bring together buyers and sellers of digital tokens. The platform facilitates these transactions through the use of a smart contract, which carries out the responsibilities generally assumed by an intermediary: the smart contract validates the order messages, confirms the terms and conditions of orders, executes paired orders, and directs the distributed ledger to be updated to reflect a trade. The SEC employed a “functional test” to determine whether EtherDelta constitutes an exchange and to hold Coburn, who “wrote and deployed the EtherDelta smart contract . . . and exercised complete and sole control over EtherDelta’s operations,” responsible. As the Chief of the SEC’s cyber unit stated in the press release, “[w]hether it’s decentralized or not, whether it’s on smart contract or not, what matters is it’s an exchange.”

EtherDelta is one example of the innovation that smart contracts can facilitate. Innovation, however, is not a substitute for compliance. Indeed, in the SEC’s press release announcing the settlement, Co-Director of Enforcement Steven Peiken acknowledged that blockchain technology is ushering in significant innovation to the securities markets, but cautioned that “to protect investors, this innovation necessitates the SEC’s thoughtful oversight of digital markets and enforcement of existing laws.”

Significantly, the SEC found that certain transactions on the platform involved digital tokens that constitute securities, but declined to identify those tokens. Senior SEC officials have previously stated that ether is not a security, but this case shows that the SEC has not reached the same determination for all tokens issued on the Ethereum blockchain.

CFTC Chairman Includes Fintech and Virtual Currency in Agency’s Priorities

and

On July 25th, 2018, CFTC Chairman Giancarlo addressed the House Committee on Agriculture regarding the agency’s priorities and recent work. A significant portion of his testimony focused on the CFTC’s oversight of fintech and cryptocurrencies.

Learn about the CFTC’s regulatory approach to cryptocurrency and distributed ledger technology in this recent derivatives post.