Federal Government Crackdown On Virtual Currency Heats Up

by Perkins Coie

Asset Seizures and Arrests Mark Recent Federal Virtual Currency Enforcement Actions

Federal authorities have initiated several recent enforcement actions that are indicative of continuing regulatory changes in the virtual currency industry.  First, on May 14, 2013, the Department of Homeland Security initiated a seizure of the Dwolla account belonging to a leading Japanese-based Bitcoin exchange company, Mt. Gox, taking the position that Mt. Gox's U.S. subsidiary, Mutum Sigillum LLC, operated as an unlicensed money transmitter in violation of 18 U.S.C. § 1960.  Second, a joint investigation conducted by the Department of Justice, the Secret Service, the Internal Revenue Service and Homeland Security ended with an indictment charging a Costa Rican company called Liberty Reserve with laundering more than $6 billion in the last seven years.  Seven current and former company officials were also named in the indictment, five of whom have reportedly been arrested.  These enforcement actions come in the wake of recent guidance from the Financial Crimes Enforcement Network (FinCEN) regarding the regulation of virtual currency (the Virtual Currency Guidance).  Further, FinCEN's discussion of the Liberty Reserve indictment reveals its view of the historic case as related to both the operation of a web-based payment and money transfer system and  the offering of a virtual currency.  In light of the apparent conflation of "web-based money transfer system" with "virtual currency," individuals and companies involved with either type of program should take note of these developments.

The Enforcement Action Against Mt. Gox

While the Virtual Currency Guidance and law enforcement action relating to virtual currency are relatively new, the tools employed in the seizure of assets related to the Mt. Gox action are not.  To effect the seizure, the U.S. government turned to long-standing statutory law, namely 18 U.S.C. § 1960, which declares that any person or entity that “knowingly conducts, controls, manages, supervises, directs, or owns” even part of an “unlicensed money transmitting business” is committing a felony, subject to a fine and five years’ imprisonment.  18 U.S.C. § 1960(a).  The statute expressly provides that an “unlicensed money transmitting business” is one that “transfer[s] funds on behalf of the public by any and all means[,]” in a manner that “affects interstate or foreign commerce” in any way, and that operates in a state requiring a money transmitting license but does not have such a license, or fails to comply with registration requirements of 31 U.S.C. § 5330, or “otherwise involves the transportation or transmission of funds” derived from or intended to support criminal or unlawful activity. 18 U.S.C. § 1960(b)(1), (2).  In short, if a money transmitter does not register with FinCEN, obtain licenses from the applicable state entities and comply with the federal anti-money-laundering regulations of the Bank Secrecy Act, the money transmitter is “unlicensed” and in violation of 18 U.S.C. § 1960.

At this early stage, although no criminal charges have been brought against Mt. Gox or its subsidiary Mutum Sigillum LLC, Mt. Gox, its subsidiaries and the financial institutions that hold their funds must now grapple with how to defend their assets under federal civil asset forfeiture laws.  These laws, many of which have their roots in admiralty practice and require lawyers and parties to follow the rarely used Supplemental Rules for Admiralty or Maritime Claims, are rife with traps for the unwary, any of which could be fatal to attempts to defend and recover seized assets. Similarly for unlicensed money transmission, 18 U.S.C. § 981 specifically declares that "[a]ny property, real or personal, involved in a transaction in violation of section 18 U.S.C. § 1960" is "subject to forfeiture to the United States."

The Enforcement Action Against Liberty Reserve

Federal prosecutors indicted Liberty Reserve and arrested five of its principal corporate officers on charges of money laundering this week.  The indictment charges Liberty Reserve and seven current and former corporate officers and employees with laundering more than $6 billion over seven years through its virtual currency exchange services, thereby facilitating “global criminal conduct.”  Liberty Reserve, which is based in Costa Rica and was incorporated in 2006, offered an anonymous payment system, with low transaction fees (generally 1%,with a maximum of $2.99), through its proprietary gold-backed e-currency, LR.  The investigation into Liberty Reserve involved law enforcement agencies in 17 countries, and the indictment may represent the largest international money-laundering prosecution in history.  Notably, in connection with the indictment and arrests, law enforcement also seized five domain names and seized or restricted the activity of 45 bank accounts. Some of the seized assets belonged to third-party exchangers that interfaced with Liberty Reserve as a way to translate legal tender and other virtual currency into LR.  According to The New York Times, the case is significant because of its size and scope, and also because it evidences intent of federal law enforcement to "attack[] the financial infrastructure utilized by many cybercriminals in much the same way that drug-money-laundering prosecutions unravel the financial underpinnings of the narcotics trade."  

In addition to the size and scope of the operation, and the volume of money allegedly involved, the Liberty Reserve case is also historically significant because the Department of the Treasury invoked its powers under Section 311 of the USA Patriot Act, 31 U.S.C. § 5318A.  On May 28, 2013, the director of FinCEN found that Liberty Reserve is a financial institution of primary money-laundering concern.  This finding, in turn, enables FinCEN to require domestic financial institutions and financial agencies to take "special measures" against Liberty Reserve.  To that end, FinCEN issued a notice of proposed rulemaking offering a rule that, if adopted, would prohibit covered financial institutions from "establishing, maintaining, administering, or managing in the United States" virtually any account "being used to process transactions involving Liberty Reserve, including any of its branches, offices or subsidiaries."  The rule would further require covered institutions to implement additional due diligence and record-keeping measures designed to protect against processing any transactions involving Liberty Reserve.  Section 311 actions are separate from actions instituted by the Department of the Treasury's Office of Foreign Assets Control and have been used sparingly since Section 311’s enactment.  In fact, FinCEN has implemented special measures against just four jurisdictions and 13 financial institutions since 2002.  Importantly, this is the first time FinCEN has used Section 311 against a virtual currency exchange. 

Enforcement Actions Are Not Entirely Novel, Even in the Virtual Currency Space

If this pattern of prosecution and seizure activity sounds familiar, it should.  Other high-profile enforcement actions against Internet-based companies like E-Gold, PokerStars and Neteller all included allegations relating to the unlawful transmission of monies.  The U.S. government seized E-Gold and Neteller assets pursuant to the same statute: 18 U.S.C. § 1960.  Further, just as the government targeted accounts held at small, out-of-the-way SunFirst Bank of St. George, Utah in the poker cases, the government has targeted assets at previously unheralded Veridian Credit Union of Waterloo, Iowa in relation to Mt. Gox.  Finally, at least one of the individuals indicted in the Liberty Reserve case has a previous New York conviction for unlicensed money transmission relating to his prior operation of an E-Gold exchange.  In other words, the use of Patriot Act Section 311 special measures may be novel in the virtual currency space, but the trend of greater regulatory enforcement is not.

Irrespective of the statutory authority used, the clear concern in both the prior and current enforcement actions is that the virtual currency system was designed, promoted and blatantly used as an anonymous payment system that facilitated criminal activity.  E-Gold's indictment in 2008, for example, described the use of false names such as "Mickey Mouse" or "Donald Duck," such that it was clear that the company undertook no identity verification program as required by the Bank Secrecy Act and its implementing regulations.  See, e.g., United States v. E-Gold, Ltd., CR-07-109 (D.D.C. 2008).  Similarly, Liberty Reserve is alleged to have collected a name, address and date of birth from its users, but not verified the information, such that, practically, a user needed to provide only an email address to use the payment system.  Although these are extreme examples, as law enforcement places greater emphasis on transfers using virtual currency, untangling how federal and state regulations apply to each program becomes increasingly imperative.

Importance of These Enforcement Actions

These enforcement actions and the recent FinCEN Virtual Currency Guidance indicate that the government is turning its attention to applying long-standing, wide-ranging and hard-to-interpret money services business laws and regulations to virtual currency businesses.  In light of the complicated legal landscape and the high stakes involved with noncompliance, whether intentional or unintentional, individuals and companies connected to the virtual currency ecosystem should promptly seek guidance as to whether they might be considered “money transmitters” that are required to be registered federally and/or licensed at the state level.  Unfortunately, there is no easy answer, as the analysis is highly fact-sensitive. Proper analysis of a company’s specific business model is necessary to properly apply federal registration and state licensure requirements—slight differences in operations may determine whether an entity is a “money transmitter” or whether an exemption applies.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Perkins Coie | Attorney Advertising

Written by:

Perkins Coie

Perkins Coie on:

Readers' Choice 2017
Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
Privacy Policy (Updated: October 8, 2015):

JD Supra provides users with access to its legal industry publishing services (the "Service") through its website (the "Website") as well as through other sources. Our policies with regard to data collection and use of personal information of users of the Service, regardless of the manner in which users access the Service, and visitors to the Website are set forth in this statement ("Policy"). By using the Service, you signify your acceptance of this Policy.

Information Collection and Use by JD Supra

JD Supra collects users' names, companies, titles, e-mail address and industry. JD Supra also tracks the pages that users visit, logs IP addresses and aggregates non-personally identifiable user data and browser type. This data is gathered using cookies and other technologies.

The information and data collected is used to authenticate users and to send notifications relating to the Service, including email alerts to which users have subscribed; to manage the Service and Website, to improve the Service and to customize the user's experience. This information is also provided to the authors of the content to give them insight into their readership and help them to improve their content, so that it is most useful for our users.

JD Supra does not sell, rent or otherwise provide your details to third parties, other than to the authors of the content on JD Supra.

If you prefer not to enable cookies, you may change your browser settings to disable cookies; however, please note that rejecting cookies while visiting the Website may result in certain parts of the Website not operating correctly or as efficiently as if cookies were allowed.

Email Choice/Opt-out

Users who opt in to receive emails may choose to no longer receive e-mail updates and newsletters by selecting the "opt-out of future email" option in the email they receive from JD Supra or in their JD Supra account management screen.


JD Supra takes reasonable precautions to insure that user information is kept private. We restrict access to user information to those individuals who reasonably need access to perform their job functions, such as our third party email service, customer service personnel and technical staff. However, please note that no method of transmitting or storing data is completely secure and we cannot guarantee the security of user information. Unauthorized entry or use, hardware or software failure, and other factors may compromise the security of user information at any time.

If you have reason to believe that your interaction with us is no longer secure, you must immediately notify us of the problem by contacting us at info@jdsupra.com. In the unlikely event that we believe that the security of your user information in our possession or control may have been compromised, we may seek to notify you of that development and, if so, will endeavor to do so as promptly as practicable under the circumstances.

Sharing and Disclosure of Information JD Supra Collects

Except as otherwise described in this privacy statement, JD Supra will not disclose personal information to any third party unless we believe that disclosure is necessary to: (1) comply with applicable laws; (2) respond to governmental inquiries or requests; (3) comply with valid legal process; (4) protect the rights, privacy, safety or property of JD Supra, users of the Service, Website visitors or the public; (5) permit us to pursue available remedies or limit the damages that we may sustain; and (6) enforce our Terms & Conditions of Use.

In the event there is a change in the corporate structure of JD Supra such as, but not limited to, merger, consolidation, sale, liquidation or transfer of substantial assets, JD Supra may, in its sole discretion, transfer, sell or assign information collected on and through the Service to one or more affiliated or unaffiliated third parties.

Links to Other Websites

This Website and the Service may contain links to other websites. The operator of such other websites may collect information about you, including through cookies or other technologies. If you are using the Service through the Website and link to another site, you will leave the Website and this Policy will not apply to your use of and activity on those other sites. We encourage you to read the legal notices posted on those sites, including their privacy policies. We shall have no responsibility or liability for your visitation to, and the data collection and use practices of, such other sites. This Policy applies solely to the information collected in connection with your use of this Website and does not apply to any practices conducted offline or in connection with any other websites.

Changes in Our Privacy Policy

We reserve the right to change this Policy at any time. Please refer to the date at the top of this page to determine when this Policy was last revised. Any changes to our privacy policy will become effective upon posting of the revised policy on the Website. By continuing to use the Service or Website following such changes, you will be deemed to have agreed to such changes. If you do not agree with the terms of this Policy, as it may be amended from time to time, in whole or part, please do not continue using the Service or the Website.

Contacting JD Supra

If you have any questions about this privacy statement, the practices of this site, your dealings with this Web site, or if you would like to change any of the information you have provided to us, please contact us at: info@jdsupra.com.

- hide
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.