As we previously have blogged, the Financial Crimes Enforcement Network (“FinCEN”) became one of the first regulators to wade into the regulation of cryptocurrency when it released interpretive guidance in March 2013 stating that an administrator or exchanger of virtual currency is a Money Services Business (“MSB”). As a MSB, and according to FinCEN, an administrator or exchanger of virtual currency therefore is a “financial institution” subject to the Bank Secrecy Act (“BSA”) and its various AML-related requirements, unless a limitation or exemption applies. Accordingly, the Department of Justice has prosecuted operators of cryptocurrency exchanges for a failure to register with FinCEN as a MSB, and FinCEN has brought civil enforcement proceedings against such exchanges for alleged failures to maintain adequate AML programs and file required Suspicious Activity Reports (“SARS”), among other alleged BSA violations.
Recently, regulators of all stripes across the globe have been moving swiftly to regulate cryptocurrency in various ways (see here, here, here, here, here, here, here, here, and here). Indeed, the Securities and Exchange Commission (“SEC”) has been very vocal and aggressive in claiming that many if not all Initial Coin Offerings (“ICOs”) involving cryptocurrency represent securities subject to the jurisdiction and supervision of the SEC, and already has filed several enforcement proceedings involving ICOs. Moreover the SEC just yesterday issued a statement that it considers exchanges for cryptocurrency to also be subject to its jurisdiction. Likewise, the U.S. Commodity Futures Trading Commission (“CFTC”) has asserted that cryptocurrencies are commodities subject to its jurisdiction; this week, a federal court agreed with this assertion in a CFTC enforcement action. The CFTC claims that its jurisdiction reaches beyond cryptocurrency derivative products to fraud and manipulation in the underlying cryptocurrency spot markets.
But there is a potential problem with all of these regulators simultaneously rushing in to assert their respective power over cryptocurrency businesses, and it is a tension that does not seem to have attracted much public attention to date. Specifically, BSA regulations pertaining to the definition of a MSB, at 31 C.F.R. § 1010.100(ff)(8)(ii), flatly state that a MSB does not include the following:
A person registered with, and functionally regulated or examined by, the SEC or the CFTC, or a foreign financial agency that engages in financial activities that, if conducted in the United States, would require the foreign financial agency to be registered with the SEC or CFTC[.]
How can certain cryptocurrency businesses be subject to the claimed jurisdictions of FinCEN as well as the recent regulatory newcomers to this area, the SEC and the CFTC?
The government’s partial response to this apparent tension might be found in a February 13, 2018 letter from FinCEN to U.S. Senator Ron Wyden of the Senate Committee on Finance (“FinCEN Letter”). The FinCEN Letter is styled as a summary of FinCEN’s “oversight and enforcement capabilities” in regards to cryptocurrency, and it dutifully ticks off various regulatory concerns and prior enforcement actions. Although the FinCEN Letter does not refer explicitly to the above BSA regulation regarding MSBs, it appears to talk around the issue in the following language:
FinCEN is working closely with the Securities Exchange Commission (SEC) and the Commodities Futures Trading Commission (CFTC) to clarify and enforce the AML/CFT obligations of businesses engaged in Initial Coin Offering (ICO) activities that implicate the regulatory authorities of these agencies. The application of AML/CFT obligations to participants in ICOs will depend on the nature of lite financial activity involved in any particular ICO. This is a matter of the facts and circumstances of each case.
Generally, under existing regulations and interpretations, a developer that sells convertible virtual currency, including in the form of ICO coins or tokens, in exchange for another type of value that substitutes for currency is a money transmitter and must comply with AML/CFT requirements that apply to this type of MSB. An exchange that sells ICO coins or tokens, or exchanges them for other virtual currency, fiat currency, or other value that substitutes for currency, would typically also be a money transmitter.
However, ICO arrangements vary. To the extent that an ICO is structured in a way that it involves an offering or sale of securities or derivatives, certain participants in the ICO could fail under the authority of the SEC, which regulates brokers and dealers in securities, or under the authority of the CFTC, which regulates merchants and brokers in commodities. In such a case, the AML/CFT requirements imposed by SEC or CFTC regulations would apply to such ICO participants. Treasury expects businesses involved in ICOs to meet the BSA obligations that apply to them.
Thus, the FinCEN Letter appears to suggest that, at least in certain cases, cryptocurrency exchanges are subject to the BSA not because they are MSBs, but because they are broker-dealers, a separate type of “financial institution” subject to the BSA. As we previously have blogged, SEC enforcement against broker-dealers and mutual funds relating to alleged underlying BSA and AML-related violations, and associated private class action lawsuits, is a topic of increasing importance (see here, here, here and here). However, some cryptocurrency exchanges which dutifully have registered with FinCEN under the 2013 FinCEN Guidance as MSBs may be surprised to discover that the government possibly now regards them instead as broker-dealers. Finally, none of the above discusses potential money transmitter licensing requirements for cryptocurrency exchanges under State law, which obviously exist independent of federal law.
The FinCEN Letter’s oblique references to inter-agency collaboration also appear to represent a nod to a cryptocurrency “task force” within U.S. Treasury—involving FinCEN, the CFTC, the SEC and the Federal Reserve—aimed at coordinating the various agencies’ “policing” of the cryptocurrency industry, and which was described by the CFTC Chairperson during his February 6, 2018 testimony before the U.S. Senate about the agencies’ regulatory efforts concerning the cryptocurrency industry, including in regards to AML issues.
This is an extremely complex issue which presents potentially challenging obstacles to businesses interested in cryptocurrency-related enterprises but unsure of their regulatory obligations, particularly when much “regulation” to date in this space has been carried out through enforcement actions, rather than formal regulation. In its Letter, FinCEN states that it is working closely with its fellow regulators to “clarify” this area. Indeed, concrete and clear guidance by all regulators, speaking collectively and consistently, would be greatly appreciated.