Keyword: digital assets

California: The Next Frontier in Digital Asset Regulation

Katy Ryan, Samantha Goldberg-Seder and James Chou

Update: Governor Newsom signed Assembly Bill 39, establishing the Digital Financial Assets Law on October 13, 2023. In signing, he called for more clarification in the regulatory process and in legislation. See his signing statement here.

The California Department of Financial Protection and Innovation (DFPI) may soon have another regulatory regime under its belt—answering the long-open question of digital asset regulation in California.

California legislators have passed the Digital Financial Assets Law that would require a license to “engage in digital financial asset business activity” with or on behalf of any Californians. Gov. Gavin Newsom is expected to sign it into law. If he does, the law will take effect July 1, 2025.

California will join with New York and Louisiana in requiring licenses for certain digital asset activities

Who Needs a License?

The California bill would require a license to engage in or imply the ability to engage in “digital financial asset business activity,” which the bill defines as:

Exchanging, transferring or storing a digital financial asset or engaging in digital financial asset administration directly or through a vendor.
Holding electronic precious metals or electronic certificates representing interests in precious metals on behalf of another person or issuing shares or electronic certificates representing interests in precious metals.
Exchanging one or more digital representations of value used within one or more online games, game platforms or family of games for:
A digital financial asset offered by or on behalf of the publisher from which the original digital representation of value was received.
Legal tender or bank or credit union credit outside the game, platform or family of games offered by or on behalf of the publisher from which the original digital representation of value was received.

Exemptions, Conditional Licenses and Penalties

The proposed bill excludes:

Most government entities.
Certain financial institutions.
Most people who solely provide connectivity software, computing power, data storage or security services.
People engaging with digital assets for personal, family, household or academic use—or people whose digital financial asset business activity is reasonably expected to be valued at no more than $50,000 per year.

The bill also exempts a significant amount of activity covered by laws such as the Securities Exchange Act of 1934 and the Electronic Fund Transfer Act of 1978.

A conditional license may be available for people who were licensed under New York’s BitLicense regime before January 1, 2023, as long as the person pays all appropriate fees and complies with the Digital Financial Assets Law.

Conditional licenses expire upon issuance of an unconditional license, denial of a license application or certain disapprovals or revocations in connection with New York virtual currency business approvals.

The state may impose civil penalties of up to $100,000 per day for unlicensed activity and $20,000 per day for material violations by a licensee or covered person.

Application Requirements

Much of the application process is similar to the process for a money transmitter license—business plan, corporate background information, disclosure questions, personal information about control persons and an application fee.

The law also requires the DFPI to investigate whether the applicant “has a reasonable promise of success in engaging in digital financial business activity” and is likely to comply with applicable laws and regulations.

The law permits use of the Nationwide Multistate Licensing System (NMLS) to collect and maintain records and process fees in connection with the license. As most states use NMLS for money transmission and digital asset licenses, this will likely streamline the application process for an established entity with a robust NMLS profile.

Approvals may be conditional, requiring an applicant to accept conditions the DFPI specifies.

Ongoing Compliance

As with money transmission, digital asset licensees must maintain surety bonds and meet capital and liquidity requirements. In addition, a licensee must show compliance with multiple requirements in an annual report and request renewal each fall. Failure to timely comply may lead to enforcement actions, possibly including suspension or revocation of a license.

Licensees will also be subject to periodic examination, at their own expense. The law allows regulators at various agencies to share information with other regulators and regulatory agencies. This information sharing may minimize individual examinations as regulators have been doing in the money transmission space, lessening costs and administrative burdens for both licensees and regulators.

Securing Digital Finance

Following the New York Department of Financial Services’ Cybersecurity Regulations—arguably the most robust state cybersecurity framework imposed on nonbank financial services—California plans to impose a similar expansion of cyber-related requirements on digital finance asset business activity.

Traditional cybersecurity regulations mandate a comprehensive written information security (INFOSEC) program, as in the case of the Digital Financial Assets Law. Unlike other cybersecurity regulations, the California law would focus on the technological aspects of digital assets. It also would require the development and implementation of an operations security (OPSEC) program.

INFOSEC programs focus on mitigating the risks associated with information technology assets, such as preventing unauthorized access to information systems.
OPSEC programs integrate daily information technology development and information security processes into a single operational unit. OPSEC programs:
Focus on collaboration, shared responsibility and agility in applying security concepts to each stage of the software development life cycle.
Are in the early stages of development in financial services but have been extensively discussed by technology firms and government contractors.

The new law requires a licensee’s information security and operational security policies and programs to:

Include reasonable and appropriate administrative, physical and technical safeguards to protect the confidentiality, integrity and availability of nonpublic personal information or digital financial assets it receives, maintains or transmits.
Incorporate traditional cybersecurity goals and objectives instead of the more limited goal of protecting “security” and “confidentiality.” That means INFOSEC programs that only cover data breaches would no longer be compliant.
Be informed by a “comprehensive risk assessment designed to ensure consumers are adequately protected from cybersecurity risk, risk of malfeasance, including theft, risks related to code or protocol defects, or market-related risks, including price manipulation and fraud.”
The risk assessment must cover more than just cybersecurity risk; it must also cover concepts such as account takeover and, potentially, fraudulent activity designed to cause a loss of digital assets.

OPSEC programs must:

Address “code or protocol defects,” i.e., vulnerabilities introduced in development, which can be a critical component of digital asset exchanges.
Consider digital manipulations that could influence the value of the digital assets.

These concepts are all relatively new, generally untested as to robustness and lacking in any third-party standards, unlike traditional cybersecurity frameworks such as NIST Cybersecurity Framework and ISO 27001.

Finally, in addition to introducing an OPSEC requirement, California has created a catch-all rule, requiring INFOSEC programs to comply with relevant state or federal laws. In other words, the heightened standards of the amended Safeguards Rule will also apply to digital finance asset business activity (the Safeguards Rule requires certain financial institutions to implement measures to keep customer information secure).

All of these new concepts require digital asset businesses to consider investments in cybersecurity processes, infrastructure and people. A failure to fully capture operational and cybersecurity risk and implement reasonable security controls may ultimately put the license at risk.

For companies doing business in digital financial assets, California’s law may help fill the gap between regulating with legislation and with enforcement. However, given the increased scrutiny on digital assets, it remains to be seen whether the law walks the line between regulation that provides a viable way to operate successfully while providing sufficient consumer protection to achieve the state’s goals.

Cooperatives: An Ownership Model for Digital Networks

James Wigginton, Mark Janoff and Joseph Perkins

Japanese: 協同組合――デジタル・ネットワークのオーナーシップのモデル
Chinese: 合作社：数字经济的新所有权模式

Turbulence in crypto and blockchain has shed light on a question that has received increasing attention: how web3 companies share ownership in digital networks, including through tokens.

As the industry wrestles with this question, builders and investors should consider adding cooperatives to their ownership structures. A handful of web3 projects have done so, but the model is not widely understood in the web3 context.

Credit unions, rural utilities, insurance companies, and agriculture producers often organize as cooperatives. In web3, projects that add cooperatives to their ownership structures could boost participation and reduce regulatory risk while giving users more control of the digital networks they use and a share of the value they create.

The SEC has consistently declined to classify cooperative memberships as securities, enabling cooperatives to distribute ownership to users quickly and easily, while also offering important protections to their members.

A new white paper from Orrick, KPMG and Upside Cooperative explores whether a legal structure common to credit unions and rural utilities could help revitalize blockchain and realize the web3 vision of a new digital world.

DOWNLOAD THE FULL REPORT

European Crypto Regulation on the Verge of Enactment

Daniel Jones, Melissa Baal Guidorizzi, Daniel Forester and Guy Stevenson

The EU’s Markets in Crypto-Assets (MiCA) regulations are now all but final and may take effect this year. MiCA will provide new regulatory frameworks, including licensing and disclosure obligations, for participants in the cryptocurrency ecosystem, including token issuers, financial intermediaries (exchanges, brokers, etc.) and custodians.

What Happened

The Economic and Monetary Affairs Committee of the European Parliament gave its approval to MiCA on October 10, 2022, the latest step in a process that has lasted more than two years.

What’s Next

This paves the way for the larger European Parliament plenary to approve the regulations, a step that often is merely procedural. Once the plenary approves MiCA, it will become effective and mark the beginning of 18 months in which firms must become compliant, with the regulations coming into full effect in the second or third quarter of 2024.

While the text of MiCA helps provide regulatory certainty for crypto-asset businesses and consumers in the EU, additional practical guidelines for implementation will also be drafted to further elaborate MiCA.

MiCA’s Goals

MiCA’s main objective is to provide a level of regulatory and economic harmonization to crypto-asset businesses and consumers across Europe. Guiding principles of MiCA include:

Providing legal certainty through clear definitions of crypto assets and activities in relation to those crypto assets that are in scope;
Providing for consumer protection and market integrity alongside financial stability of crypto-asset businesses; and
Encouraging innovation and fair competition in the European crypto-assets markets and avoiding regulatory arbitrage between member states.

Businesses engaged in activities that are within the scope of MiCA will, at a minimum, be required to register with the competent regulatory authorities and produce a detailed white paper for their business, in a form and content specified by MiCA.

MiCA will not apply in the United Kingdom or Switzerland as they are not member states of the European Union. While similar principles of regulation may apply in these two jurisdictions, separate analysis is needed to understand what crypto-asset businesses must do to achieve compliance with local regulation.

What MiCA Missed

The final text of MiCA omits treatment of Non-Fungible Tokens, Decentralised Finance, Decentralized Autonomous Organizations and Proof of Work consensus mechanisms. European regulators are expected, however, to treat fractionalized NFTs as utility tokens governed by MiCA.

How Will MiCA Impact the U.S. Market?

MiCA reflects the EU’s acknowledgement that digital assets are a persistent part of a modern financial system. Whether the EU’s steps to define and regulate digital assets will influence U.S. regulators remains to be seen.

The Biden Administration’s March 2022 Executive Order on Ensuring Responsible Development of Digital Assets remains the most comprehensive U.S. policy statement on the topic. While there are numerous proposed legislative efforts in the U.S. Congress, the U.S. has yet to produce comprehensive legislation or regulatory guidance. Instead, regulators have relied on enforcement actions and individual agency guidance to inform market participants. We expect the U.S. regulatory regime to continue, at least in the short term, to take coordinated but separate action aligned with the Executive Order’s primary objectives of protecting consumers and investors.

The Orrick fintech team takes an international approach to digital asset markets. We will continue to monitor regulatory developments in both the U.S. and Europe to support our clients and innovation in crypto.

2022 Is the Year of Sweeping Changes for Cryptocurrency and Other Digital Asset Transfers

Lorraine McGowen

What to look out for in the proposed new Chapter 12 of the Uniform Commercial Code (UCC)

The world of cryptocurrencies and other forms of digital assets (such as non-fungible tokens) is exploding. While Bitcoin is the largest and best-known cryptocurrency in the global economy, it is far from the only one. The combined total value of Bitcoin, Litecoin, Monero, Ethereum, and all the other significant cryptocurrencies exceeds $2.4 trillion. In 2021, El Salvador enacted legislation to recognize Bitcoin as a medium of exchange. Other countries are also considering adopting similar legislation. Some countries even contemplate adopting their own blockchain-based currency as a form of legal tender.

Questions have emerged among regulators and market participants whether Bitcoin and other cryptocurrencies constitute “money” and how to perfect a security interest in such virtual currency (to ensure that it can’t be claimed by another party). Other questions relate to how interests in cryptocurrencies, NFTs, and other digital assets can be transferred or monetized and how purchasers of digital assets can be protected from adverse claims.

2022 will bring major changes to commercial law in a sweeping mission to answer some of these questions and to facilitate transactions in these emerging technologies. The proposed new Chapter 12 of the UCC will govern essentially any transfer (whether intended as a sale or a financing) of virtual currencies, NFTs, and other digital assets. These provisions will affect cryptocurrency startups and companies as they purchase and sell cryptocurrency, as well as financial institutions and fintech companies interested in financing cryptoassets and investment banks underwriting issuances of securities underpinned by crypto assets.

2021 and Earlier

By current definition, Bitcoin is not money because it is not a medium of exchange created, authorized, or adopted by a domestic or foreign government, or by an intergovernmental organization or by an agreement between two or more countries. Moreover, since Bitcoin, NFTs, and other digital assets are intangible and therefore not capable of possession, under the UCC as it is currently in effect, a security interest in them can currently only be perfected (as a general intangible) by the filing of a financing statement describing the digital asset. Under the UCC as it is currently in effect, it is uncertain that control of the digital wallet for a digital asset is sufficient to perfect a security interest.

Nevertheless, some practitioners have proposed a practical “workaround” to perfect a security interest in Bitcoin by “control” if the Bitcoin is held in a “securities account,” and the secured party has control over the financial assets (including the Bitcoin) held in the securities account. In this manner, a secured party will have control if the secured party, the debtor, and a securities intermediary (holding the account in which the Bitcoin is held) enter into an agreement in which the securities intermediary agrees to comply with the instructions originated by the secured party directing disposition of the funds and other property in the account without consent by the debtor. The securities intermediary must be a person, including a financial institution, custodian, or broker that in the ordinary course of its business maintains securities accounts for others and is acting in that capacity. The workaround provides the secured party with the amount of control that, as a practical matter, it would need to foreclose upon, and exercise its remedies with regard to the digital asset, but that control itself would not necessarily perfect the secured party’s security interest in the digital asset under the current UCC.

What is New

The proposed new Chapter 12 to the UCC will:

address the transfer of digital assets/virtual currencies and also provide conforming changes to Article 9 of the UCC to address secured transactions in these assets
- Chapter 12 is designed to govern the transfer (both outright and for security) of interests in some, but not all, electronic records (adopting a new term “controllable electronic records”) (e.g., Bitcoin/NFTs)
facilitate secured lending against digital assets (e.g., virtual currency, NFTs, and electronic fiat money (i.e., central bank digital currency))
provide protections for certain qualifying purchasers to take interests in virtual currency and digital assets free of conflicting property claims
provide rules regarding the assignment of controllable accounts and controllable payment intangibles
provide other changes including updates to the definition of chattel paper and revisions to the requirements for the transfer and perfection of security interest in chattel paper, and revisions to some rules regarding negotiable instruments and payment systems

How Will These Changes Affect Different Players in the Industry

Blockchain and Cryptocurrency Startups

Chapter 12 will impact blockchain and cryptocurrency startups and companies involved in purchasing, selling, and financing virtual currencies, NFTs, and other digital assets. Chapter 12 will govern the transfer of property rights in intangible digital assets (defined as “controllable electronic records”) that can be subjected to control. Control is the functional equivalent of “possession” of the digital asset. Companies are currently using digital assets in exchange for payment, rights to receive services, for goods or interests in personal or real property. Chapter 12 will reduce the risks among claimants to, and specify the rights in, the digital assets that the purchaser acquires and to facilitate these transactions.

Financial Institutions

Financial institutions, banks, and other lenders who finance virtual currencies and other digital assets will find it easier to arrange secured lending transactions under Chapter 12 (and conforming changes under UCC Chapter 9). A lender will have a perfected security interest if the lender has “control” over the digital asset (or the system on which the digital asset is recorded). In addition, financial institutions, lenders, and other secured parties should consider amending existing security documents. Many existing revolving credit facilities are secured by blanket or broad liens on substantially all assets of the debtor, including its general intangibles. Lenders may want to amend their security documents to provide for a security interest in virtual currencies and other digital assets to provide (a) an express grant of a security interest in “controllable electronic records”, “controllable accounts” and “controllable payment intangibles” and (b) for the lenders to obtain control over controllable electronic records, controllable accounts, and controllable payment intangibles. The amendment will mitigate the risk that the lender will lose its priority position if another party obtains control over the controllable electronic records, controllable accounts and controllable payment intangibles, and the lender has only perfected by filing a financing statement.

Investment Banks

Many securities are issued secured by rights to payment arising from the sale of amounts due under credit cards, accounts, instruments, student loans, and other lines of credit. Underwriters and investors in structured finance and securitization transactions involved in assignment of accounts and payment intangibles will want to review the Chapter 12 provisions regarding the payment obligations and conditions for discharge of obligors on digital assets (controllable accounts and controllable payment obligations). Underwriters and investors should also review the ability under Chapter 12 of a purchaser to acquire special protection as a good faith purchaser for value (a qualifying purchaser) of a controllable electronic record, controllable account and controllable payment intangible.

Parties in Equipment Finance/Lease Transactions

Parties involved in equipment finance/lease finance transactions, underwriters and investors (such as auto finance and auto securitization transactions) will want to review the other proposed changes to UCC Article 9, including the proposed changes to chattel paper. For example, the definition has been amended to provide that chattel paper is a monetary obligation that is either secured by specific goods (such as a car or furniture) or arises in connection with a lease of specific goods (such as a car or furniture). The rule regarding perfection of a security interest in chattel paper has also been revised. Under the old rule—if you had tangible chattel paper (evidenced by writing), the secured party was required to have possession of the writing, and there was confusion if there were multiple copies or what constituted a writing. If electronic chattel paper, the secured party was required to have control of the single authoritative copy, and there was confusion of what it meant to have a single authoritative copy. Under the new rule, the secured party:

Can perfect its security interest by taking possession of all tangible authoritative copies and obtaining control of all electronic authoritative copies.
The secured party can produce the copies in its possession and provide evidence that these are the authoritative copies.
- Need not prove that no other tangible authoritative copies exist.
For electronic chattel paper, the secured party must:
- be able to identify each electronic copy of electronic chattel paper as authoritative or nonauthoritative,
- identify the secured party as the assignee of each authoritative copy,
- have the exclusive power to prevent others from adding or changing an identified assignee and to transfer control of the authoritative copies.

What’s Excluded

UCC Chapter 12 is limited in scope—it only applies to controllable electronic records (i.e., a virtual currency and other digital asset) and payment rights that are evidenced by a controllable electronic record. Chapter 12 does not address a number of federal, state, and local laws and regulatory issues that will undoubtedly interplay with these emerging technologies, including anticipated new regulations from regulators like the SEC, OCC, and the IRS. These laws and regulations are rapidly changing. We will be providing periodic updates.

Also Excluded:

Who has title to or rights in the digital assets
Federal and state securities, data privacy, cybersecurity, and other regulation
Banking laws
Taxation of digital assets
Anti-money laundering laws
Transferable records under UETA or E-SIGN

Schedule for Approval of Changes

Date	Event
January 2022	Drafting committee submits draft proposed recommendations to ALI counsel
May 2022	ALI approval of draft proposed recommendations
July 2022	Uniform Law Commission approves proposed recommendations
Post-July 2022	Submission to states for adoption of proposed recommendations

Industry Comments

The drafting committee of Chapter 12 and the conforming changes to the other changes to the UCC are in the process of meeting with industry groups and other stakeholders to continue advising industry leaders and other stakeholders regarding these proposed changes. The drafting committee is continuing to work on finalizing the proposed recommendations prior to the May 2022 meeting. We would be happy to meet with you to discuss any comments or concerns that you may have with the proposed changes.

Orrick Hosts Fireside Chat with SEC Commissioner Hester Peirce

Brian Bloomer and Ken Herzinger

On March 2, Orrick had the pleasure of hosting SEC Commissioner Hester Peirce for a fireside chat discussion at our San Francisco office on the state of blockchain and cryptocurrency, the emerging regulatory landscape and her safe harbor proposal. Commissioner Peirce was joined by Orrick partner Ken Herzinger and CipherTrace CEO David Jevans, and moderated by Mark Friedler.[1] To view a recording of the full discussion, please click here. Read on for key takeaways from the panel discussion.

Providing Clarity to the Crypto Community

Commissioner Peirce sees signs of progress at the SEC and believes that her colleagues have the best intentions. She’s hopeful and optimistic that the SEC can continue to make progress and both protect investors and allow innovation to move forward.

Commissioner Peirce believes that regulators have provided more clarity regarding blockchain and cryptocurrency regulation, but there’s a long way to go. Regulators struggle because there’s great variation across digital assets, so it’s hard to lump them together and produce a regulatory framework that works for everything. Furthermore, she acknowledged the fact that often the clarity that comes from the SEC is provided in the format of a facts-and-circumstances discussion, which can be frustrating for people who want to be given straightforward bright line rules. However, she says, U.S. securities laws just typically don’t work that way.

While she is hopeful that the SEC can provide more clarity, she does not know if we will ever get to a point where people feel there are no questions that they need to hire lawyers to help them figure out.

Insights into Commissioner Peirce’s Token Safe Harbor Proposal

Commissioner Peirce said her February 6, 2020 Token Safe Harbor Proposal is solely her own, and her colleagues at the SEC need to be convinced to put it forward as a formal proposed SEC rule pursuant to the SEC’s normal rulemaking process. The theory behind the safe harbor is that the regulatory framework, as currently applied, serves as an obstacle to launching token networks and giving them the time to mature into decentralized networks. Token project creators are afraid that if they launch their network it will be treated as a securities offering. The purpose of the safe harbor proposal is to find a way for people to feel comfortable releasing tokens under an exemption that works for tokens specifically.

Commissioner Peirce explained that one reason you would want securities laws to cover token offerings would be so that the people who are purchasing tokens are receiving the information they need to make good purchasing decisions, so the disclosure requirement was tailored to meet the needs of token purchasers.

Commissioner Peirce published the proposal because she wants to solicit feedback to refine it, and encourages people to contact her with thoughts and ideas to improve upon it.

Section (f) and the Application of the Safe Harbor to Tokens that Have Already Been Distributed

Section (f) of the Safe Harbor provides for how the safe harbor would apply to digital assets previously sold pursuant to an exemption. Commissioner Peirce said those who have already launched and distributed tokens have to think about whether the token sales were done pursuant to an exemption – i.e., tokens sold pursuant to an exemption could rely on the safe harbor to then do a future token distribution. Projects would have to consider on a case-by-case basis if they could take advantage of the safe harbor and if it would be meaningful. For example, if a promoter used the Reg A exemption (which applies to public offerings that do not exceed $50 million in any one-year period), the safe harbor may still be useful for having a wider distribution and allowing the tokens to trade more freely.

Tokens Wrapped in Investment Contracts

Commissioner Peirce highlighted the unique problem that arises with certain token launches, where tokens wrapped in investment contracts are sold, thus creating what looks like a traditional offering, but then when the tokens start being used in the network they no longer look like securities. At that point, it is a stretch to argue the securities laws should still apply.

Interestingly, in the SEC v. Telegraph case currently pending before Judge Kevin Castel in the U.S. District Court for the Southern District of New York, the SEC Enforcement Staff is arguing that the Judge should conflate the investment contract and proposed token launch and view the sale of an investment contract and subsequent token distribution as “one transaction.” Enforcement and Commissioner Peirce do not appear to be on the same page regarding this issue.

“Network Maturity” and the Meaning of “Decentralized” and “Functional”

Commissioner Peirce acknowledged that she needed to do more work defining what it means to be “decentralized.” She thinks it will be easier to tell if a network meets that definition after having been in existence for three years.

She also noted that the functionality test is there because the safe harbor is also trying to protect networks that are intended to remain centralized. There are companies that have created token-based economies that exist on centralized networks. She pointed to the “no action” letters issued to Pocketful of Quarters and TurnKey Jet. In her view, issuing no action letters about things that are clearly not securities is not helpful, because the letters contain conditions, thereby placing constraints on the ability of the companies to run their networks in certain ways.

Section (a)(4) and the Liquidity Requirement

Commissioner Peirce noted that some had suggested that it may be premature to assume that a secondary market would enable trading of a nascent token, and that, initially, the liquidity may need to be found elsewhere. She indicated that some liquidity could be found through non-U.S. decentralized exchanges which could also play a role in creating liquidity in the beginning stages of a token network. Only, later would the token be traded on an exchange with an intermediary that could then conduct the AML/KYC requirements. The issuer could also find ways to create liquidity in the beginning, which is something she has seen centralized projects do. That said, there are clearly unanswered mechanical questions about how a token promoter would generate liquidity.

Section (b)(6) Disclosures Regarding the Initial Development Team and Certain Token Holders

Commissioner Peirce indicated that the type of person covered in Section (b)(6) of the safe harbor is similar to those individuals who fall under Section 16 of the Securities Exchange Act of 1934. Project teams should ask themselves, when they talk about their project, who do they say is working on the project? The people that are being advertised are likely to be the ones who should be disclosed. She wants to be sure that project teams are not intentionally hiding a team member who has been previously arrested for securities fraud, for example.

Stablecoins

Commissioner Peirce said stablecoins are a unique category of tokens, but there is enough variation among them that they may not all fall into a single previously established category. Each one should be judged on its own facts, and there are potential implications for the securities laws depending on how they are set up. They could function like securities or they could function like money market funds. Commissioner Peirce encouraged people interested in launching a stablecoin to think through the implications and reach out to the SEC and other regulators.

Educating Lawmakers and Regulators

Commissioner Peirce said lawmakers and regulators are extremely busy and they have to deal with a wide variety of different issues. The crypto community should try to educate regulators and help them understand the basics of the technology; creating familiarity amongst regulators will generate better regulation. Technologists should not expect regulators to know as much as them, but they can help regulators get to a place of understanding, where the technology does not seem as scary as it might otherwise.

Changing the Accredited Investor Regime

Commissioner Peirce noted that the SEC has issued proposed amendments to expand the definition of “accredited investor” in Rule 501(a) of Regulation D and soliciting comments on whether the accredited investor regime should change. [The formal rule proposal amending Regulation D was published on March 4 which followed the publication of the Commission’s concept release in June]. While the amendments propose modest changes, they raise questions about broader changes that would open up accredited investor status to a wider range of individuals. Personally, she agrees that the correlation currently in use today – i.e., the use of wealth and income as a rough proxy for sophistication – is not perfect. There are also liberty concerns with the regime: people work very hard to earn their money and then the government places constraints on how they can spend it; however, she recognized that issue runs throughout our securities laws. Improving upon the accredited investor regime will help the problem, but Commissioner Peirce is doubtful we will see a radical shift in the accredited investor regulations.

[1] Commissioner Peirce prefaced her remarks by stating that the views she expressed were her own and do not necessarily represent those of the Securities and Exchange Commission or her fellow Commissioners.

IRS Hints at Form 8938 Requirements for Reporting Crypto Assets Held at a Foreign Exchange

Peter Connors

With the emergence of digital assets, the question has arisen whether digital assets held in “wallets” in foreign exchanges need to be reported on Internal Revenue Service (IRS) Form 8938, Statement of Specified Foreign Financial Assets. Form 8938 is the IRS counterpart for the FBAR, or Foreign Bank Report, which certain holders of foreign bank accounts must file with FinCEN. Form 8938 was added as part of the HIRE Act at the same time the Foreign Account Tax Compliance Act (commonly known as FATCA) was adopted in 2010. The penalty for a failure to file Form 8938 is $10,000. However, it is not clear that Form 8938 applies to digital assets.

The answer requires one to dig through the underlying statutes and the instructions to Form 8938. We start with Internal Revenue Code Section 6038D, which requires reporting of “specified foreign financial assets.” Under Code Section 6038D, a “specified foreign financial asset” is (1) a financial account maintained by a foreign financial institution and (2) one of the following foreign financial assets if they are held for investment and not held in an account maintained by a financial institution: (a) any stock or security issued by a person other than a United States person; (b) any financial instrument or contract held for investment that has an issuer or counterparty other than a United States person, and (c) any interest in a foreign entity. The term “financial account” means, with respect to any financial institution, (a) any depository account, (b) any custodial account and (c) any equity or debt interest in such financial institution (other than interests regularly traded on an established securities market).

One issue for digital asset holders is whether a person who holds such assets in a wallet maintained at a foreign exchange is holding an asset in a “foreign financial institution.” What is a financial institution? This is defined in Code Section 1471(d)(5) as an entity that (a) accepts deposits in the ordinary course of a banking or a similar business, (b) as a substantial portion of its business, holds “financial assets” for the account of the others, or (c) is engaged (or holds itself out as being engaged) primarily in the business of investing, reinvesting or trading in securities, partnership interests, commodities or any interests in such securities, partnership interests or commodities. A foreign financial institution includes investment vehicles such as foreign mutual funds, foreign hedge funds and foreign private equity funds. Very generally, financial assets are securities, commodities, notional principal contracts, insurance contracts, or annuity contracts or interests in any of the foregoing. Both the terms “security” and “commodity” are defined by reference to Code Section 475, a section of the Code that was adopted in 1993, preceding the emergence of digital assets. For example, gold is a commodity under this provision, and anyone holding gold in an offshore account would need to report the account. Should the same rules apply to bitcoin or bitcoin gold held in a wallet in an offshore exchange? The IRS has not yet taken a position on whether cryptocurrency is a security or a commodity, which it could do by a regulation or a notice. This is key to the analysis of whether or not the crypto exchange is a foreign financial institution.

At least one recent, unofficial statement provides insight into the IRS’s thinking on the reporting obligation on Form 8938. Recently, according to Tax Notes, an IRS official was asked if the IRS will assess penalties against taxpayers who haven’t been disclosing digital assets on Form 8938, and the official responded that, if taxpayers had been reporting taxable cryptocurrency transactions on their returns during prior years and properly filed Form 8938 going forward, the IRS probably would not pursue them for prior tax years. Of course, this is merely an unofficial statement, and the IRS could formally decide otherwise or examiners could take different positions during the course of an exam. Either way, taxpayers that have not been reporting their cryptocurrency transactions should file Form 8938 as soon as possible and consider filing amended returns.

Information reporting is certainly a key issue for the IRS that will drive the tax compliance process. In a sign of the attention that the IRS is giving to the reporting, the draft version of IRS Form 1040, Schedule 1, now includes a question regarding financial interests in “virtual currencies,” much like the question relating to ownership of foreign bank accounts presently on Schedule B.

Fraud is Fraud – Sales of Unregistered Digital Securities Resemble Classic Microcap Fraud

Daniel Nathan

A Complaint filed by the SEC in the Southern District of New York last week reminds us that in the area of securities law violations there is not much new under the sun. Even though the action against Eran Eyal and UnitedData, Inc. d/b/a “Shopin” involves the sale of digital assets, and the business of the issuer of those digital assets purportedly involves a blockchain application, the alleged wrongful conduct bears the hallmarks of a traditional securities offering scheme; one can substitute “unregistered securities” for the tokens offered, “private placement” for the token pre-sale, and a speculative venture – such as the “self-cooling can” that was the subject of an SEC offering fraud case years ago – for the blockchain applications touted by the issuer, and the Complaint is one that could have been drafted thirty years ago. To the extent that certain recent cases involving offerings of cryptocurrencies have presented novel applications of the securities laws and the Howey test of whether a digital currency is a security, this case isn’t one of them.

A description of the alleged misconduct makes the parallels clear. The SEC alleges that the issuer, Shopin, and its CEO, Mr. Eyal, conducted a fraudulent and unregistered offering of digital securities. The company’s business plan involved the creation of personal online shopping profiles that would track customers’ purchase histories across numerous online retailers, and link those profiles to the blockchain. However, Shopin allegedly never had a functioning product. The company’s pivot to the blockchain and rebranding resulted from its struggles to stay in business as a non-blockchain business.

The company apparently commenced its digital securities offering with a “pre-sale” of tokens through an unregistered offering, not unlike the private placement of securities that is often alleged as the first step in an offering fraud. Shopin’s initial sales of investment interests were made pursuant to a SAFT – a simple agreement for future tokens – in which initial investors paid bitcoin or ether in exchange for an interest in tokens at a discount that would be delivered once Shopin created the tokens at the completion of the public ICO. The proceeds of this pre-sale purportedly would be used to develop, launch and market the Shopin network, similar to the types of promises made in microcap or blind pool offerings. Unsold tokens in the pre-sale would go to insiders at Shopin and its advisors. The SEC determined that the Shopin tokes were investment contracts under the Howey test, because the purchasers invested money in the form of digital currency, the investors’ funds would be pooled in a common enterprise, and the defendants led the token purchasers to expect profits from their purchases because of the defendants’ efforts.

In its complaint, the SEC treated the token sale – which, again, was not registered under the securities laws – as a private placement subject to Regulation D, and alleged that the defendants failed to ensure that the purchasers of the tokens were accredited investors. Indeed, the SEC alleged that certain investors tried to satisfy the minimum investment requirements by pooling their investments in syndicates. This is a variant of the artifices employed by microcap issuers to artificially achieve a minimum offering level by making nominee purchases. The defendants also, in another resemblance to a microcap scheme, allegedly told investors they intended to have the Shopin tokens listed on digital-asset trading platforms – analogous to a promise to list penny stocks on an exchange – which purportedly would enable investors to realize profits on their positions by selling the tokens at a premium.

Having established that the ICO had the elements of a securities offering, the SEC described the material misrepresentations that the defendants made to investors: that the company had participated in successful pilot programs with prominent retailers; that the defendants had partnerships with numerous retailers; and that it was advised by a prominent individual in the digital asset field, who in fact had asked the company to remove his name as an advisor. Finally, and most serious, the SEC alleged that the defendants had misused portions of the offering proceeds, including for personal expenses, such as an individual’s rent, shopping and entertainment and – the type of salacious detail the SEC likes to include – to pay for a dating service.

Securities schemes tend to fall into certain patterns that involve the use of unregistered securities and misrepresentations to separate investors from their money, and schemes involving digital currency that resembles a security often fall into the same patterns. Perhaps recognizing that those patterns are recognizable to triers of fact and the public, the SEC alleges violations involving digital currency in similar terms. SEC Chairman Jay Clayton has repeatedly emphasized that the regulator will use its traditional tools and standards in treating sales of digital assets that conform to the definition of a security: for example, as he stated last year, “A token, a digital asset, where I give you my money and you go off and make a venture, and in return for giving you my money I say ‘you can get a return’ that is a security and we regulate that. We [the SEC] regulate the offering of that security and regulate the trading of that security.” Legitimate sales and offerings of digital currency might use a different vocabulary and analysis but, as the allegations in the case discussed here show, fraud is fraud.

Wyoming, the “Equality State,” Seeks to Level the Playing Field for Digital Assets Businesses

Andrew Wallach and Brian Bloomer

In its continued effort to establish itself as the go-to jurisdiction for digital asset businesses, Wyoming, through its Department of Audit, Division of Banking, recently published a digital asset custody regime for its newly created, special purpose depository institutions (SPDIs). SPDIs are banking institutions authorized to take custody of digital assets. If they function as intended, SPDIs may prove to be a solution to, among other things, digital asset companies’ money transmitter licensing woes.

One major impediment to entering the U.S. market for digital asset companies is the requirement to obtain money transmitter licenses from individual states. Applying for these licenses state by state can be expensive and burdensome, and some states have created additional hurdles for digital asset companies. New York, for example, requires digital asset companies to obtain a “BitLicense,” which is notoriously difficult to obtain, to operate in the state. California may soon follow suit, imposing substantial licensing requirements under Assembly Bill 1489, which has been introduced in the legislature.

Wyoming is trying a different approach. In establishing SPDIs, Wyoming is helping blockchain companies avoid the costs of these burdensome licensing regimes while still protecting customers by taking advantage of a regulatory benefit enjoyed by banking institutions like SPDIs. Per the Bank Secrecy Act, banks are exempt, as a general matter, from needing money transmitter licenses.

Further, advocates argue that the SPDIs will provide a solution for startups seeking to operate in New York without a BitLicense. Federal law, through the Riegle-Neal Amendments Act, protects the parity of national banks and the state-chartered banks of other states. Accordingly, if a state exempts a national bank from a regulation, then other state-chartered banks must be exempt from that regulation as well. Because New York exempts national banks from the requirement to obtain a BitLicense to operate, so the argument goes, Wyoming’s SPDIs – which are state-chartered banks – should be exempted from that requirement as well. This theory remains untested, and New York has not taken a position on whether it will exempt SPDIs from needing a BitLicense to operate there. Perhaps Wyoming’s status as “The Equality State” will prompt New York to provide its state-chartered banks with “equal” treatment.

While the first new SPDIs could become operational by early 2020, which might provide a work-around for the current money transmitter licensing barriers facing digital asset companies, there remain a few obstacles for a company desiring to take advantage of the law, albeit surmountable ones.

First, SPDIs are required to maintain a minimum capital requirement of $5 million – making it prohibitive for most startups to charter their own SPDI. However, multiple companies may partner with one unaffiliated SPDI to pool assets. Assuming cooperation among market players, startups should be able to find enough capital among other SPDIs to satisfy the capital requirement. Second, SPDIs are required to maintain the principal operating headquarters and the primary office of its CEO in Wyoming, but – as we know – the excellent skiing, beautiful vistas and abundant wildlife in Wyoming provide ample justification for setting up shop there.

Wyoming’s creation of SPDIs comes on the heels of other pro-blockchain moves by the state, including authorizing corporations to issue securities via “certificate tokens in lieu of stock certificates,” creating a FinTech sandbox that enables startups to receive waivers from laws or regulations that may unnecessarily burden their ability to test new products and services, and classifying digital assets as property.

Wyoming’s small population and limited infrastructure may make it difficult to attract personnel and capital to create a competitive SPDI market. But with sufficient incentives, and the opportunity to engage in a potentially lucrative and groundbreaking industry, Wyoming is making a bid to become the crypto capital of the U.S.

In Case You Needed A Reminder – AML/CFT Regulations Apply to Transactions in Cryptocurrencies

Christine Hanley

Earlier this month, the leaders of the U.S. Commodity Futures Trading Commission, the Financial Crimes Enforcement Network, and the U.S. Securities and Exchange Commission released a joint statement reminding individuals engaged in transactions involving digital assets of their obligations under the Bank Secrecy Act (BSA) to guard against money laundering and counter the financing of terrorism.

Anti-Money Laundering/Countering the Financing of Terrorism (AML/CFT) regulations apply to all entities that the BSA defines as “financial institutions,” including futures commission merchants and introducing brokers obligated to register with the CFTC, money services businesses as defined by FinCEN, and broker-dealers and mutual funds obligated to register with the SEC. To comply with AML/CFT regulations, financial institutions are required to, among other things, implement anti-money laundering programs and comply with recording keeping and reporting requirements, including suspicious activity reporting (SAR) requirements.

The joint statement emphasized that AML/CFT regulations apply to financial institutions engaged in activities involving “digital assets,” including instruments that may qualify under applicable U.S. laws as securities, commodities, and security- or commodity-based instruments such as futures or swaps. Because digital assets and financial transactions in digital assets are referred to by many names – including “cryptocurrencies,” “digital tokens,” “virtual assets” and “initial coin offerings” – the regulators issuing the joint statement reminded financial institutions that commonly used labels may not necessarily align with how an asset, activity or service is defined under the BSA or under laws and rules administered by the CFTC and the SEC. The nature of the digital asset, activity or service, including underlying “facts and circumstances” and the asset’s “economic reality and use,” determines how it is regulated under federal laws and regulations.

By reminding industry participants that the nature of a digital asset and the manner in which it is used – and not industry lingo – determines how the digital asset is regulated, the CFTC, FinCEN and the SEC signaled that they are adopting the same framework courts already use to determine how to classify other types of assets under the federal securities laws. The joint statement indicates that regulators are continuing to take steps toward applying existing federal securities laws and regulations to digital currencies.

Playing Catch-Up: Commissioner Peirce Proposes a Safe Harbor for Certain Token Offerings

Daniel Nathan

SEC Commissioner Hester Peirce has once again earned her title as “Crypto Mom” by expressing support for building a “non-exclusive safe harbor” for the offer and sale of certain cryptocurrency tokens. Peirce explained that the concept of a safe harbor is still in its infancy and did not propose a timeline for the project. Nevertheless, her support is welcome news for the industry, which can hope that her well-stated views will influence the rest of the Commission to move to adopting a separate securities regulatory framework for cryptocurrency.

We expect that the SEC will take its time in moving forward with the development and implementation of a safe harbor for token offerings. Peirce previously defended the SEC’s slow approach to crypto regulation, indicating that delays in establishing crypto regulations “may actually allow more freedom for the technology to come into its own.” Peirce is cognizant of the repercussions of moving too slowly and seems to be trying to balance the need for regulatory certainty with the need to get the regulatory framework right.

Peirce explained that in developing its crypto regulatory regime, the SEC can learn from other countries that have taken the lead in developing a regulatory framework for token offerings. For example, Peirce explained that the “nebulous” definition of a security in the U.S., coupled with the difficulty of determining the precise nature of a digital asset – is it a currency, commodity, security or derivative? – has slowed our regulatory progress. Peirce suggests looking at the approach taken by Singapore for the classification of offerings as non-securities, since Singapore does not treat every token offering as a securities offering. Similarly, earlier this month the SEC and FINRA issued a joint statement explaining that there are still unanswered questions regarding custody of digital assets that have led to delays in approving ATS applications. Peirce recommends reviewing Bermuda’s guidance on the subject because “Bermuda is one of the only jurisdictions to address the custody question in detail.”

With so many countries so far ahead of the U.S. in developing regulatory regimes for token offerings, the SEC has an abundance of approaches to review. Ideally this will speed up the development and implementation of the safe harbor. If, however, the SEC continues to drag its feet, token projects that would otherwise prefer to launch in the U.S. might be expected to continue to choose jurisdictions with clearer regulatory regimes.