In this issue:
• U.S. Fintech Firm Launches Stablecoin; Circle Launches ‘Programmable Wallets’
• U.S. Central Bank Publishes Supervision Letters Addressing Crypto Activities
• Couple Pleads Guilty to Bitfinex Hack, SEC Enforcement Targets Crypto Fraud
• Blockchain Infrastructure Firm Publishes Notice of Crypto Wallet Vulnerability
U.S. Fintech Firm Launches Stablecoin; Circle Launches ‘Programmable Wallets’
By Robert A. Musiala Jr.
A major U.S. fintech and payments firm recently announced the launch of a U.S. dollar-denominated stablecoin, PYUSD. According to a press release, PYUSD is an ERC-20 token issued on the Ethereum blockchain that is fully backed by U.S. dollar deposits, short-term U.S Treasuries and similar cash equivalents and is redeemable 1:1 for U.S. dollars. The press release further notes that PYUSD is issued by a trust company charted by the State of New York. According to the press release, eligible customers of the fintech and payments firm will be able to use their accounts to purchase PYUSD, transfer PYUSD between crypto wallets, send peer-to-peer PYUSD payments, fund purchases, and convert other cryptocurrencies to PYUSD.
In another recent press release, Circle, the issuer of the USDC stablecoin, announced the launch of its new “Programmable Wallets” cryptocurrency wallet infrastructure, which “is designed for developers to tailor their wallets to the UX that best fits their app” including by offering “the flexibility of choosing the right security controls to customize the wallet experience tailored to their use case.” According to the press release, the Programmable Wallets Beta is currently available for businesses, developers, and builders.
In a final notable item, two major cryptocurrency exchanges recently received regulator approvals in the Asia-Pacific region. According to a press release, Blockchain.com has received a major payment institution (MPI) license from the Monetary Authority of Singapore (MAS). And in Hong Kong, HashKey Exchange announced that it has received “Type 1” and “Type 7” licenses which “allows HashKey Exchange to expand its business scope from serving professional investors to retail users” in Hong Kong.
For more information, please refer to the following links:
U.S. Central Bank Publishes Supervision Letters Addressing Crypto Activities
By Joanna F. Wasick
On August 8, the U.S. central bank published two Supervision and Regulation Letters providing new information on its program to supervise “novel activities” (including activities involving crypto-assets and blockchain technology) undertaken by the banks that it oversees. Of note, the central bank outlined the process for member state banks to follow before engaging in stablecoin activity, including a requirement for state banks to demonstrate that they have appropriate safeguards to conduct the activity safely and soundly. After receiving a written nonobjection, state member banks will continue to be subject to supervisory review as well as heightened monitoring of those activities. In supervising stablecoin activities, the central bank will focus on ensuring state banks demonstrate appropriate risk management practices, including having adequate systems in place to identify, measure, monitor, and control operational, cybersecurity, liquidity, consumer compliance, and illicit finance risks, including compliance with Bank Secrecy Act and Office of Foreign Asset Control requirements.
The stated goal of the novel activities supervision program is to “foster the benefits of financial innovation while recognizing and appropriately addressing risks to ensure the safety and soundness of the banking system.” The program will be integrated into the U.S. central bank's existing supervisory processes, with program experts working alongside current supervisory teams to oversee banks engaged in novel activities. The program will focus on (1) complex, technology-driven partnerships with non-banks to provide banking services; (2) crypto-asset related activities; (3) projects that use distributed ledger technology with the potential for significant impact on the financial system; and (4) concentrated provision of banking services to crypto-asset-related entities and fintechs.
For more information, please refer to the following links:
Couple Pleads Guilty to Bitfinex Hack, SEC Enforcement Targets Crypto Fraud
By Christopher Lamb
According to a recent press release from the U.S. Department of Justice, a married couple from New York City pled guilty to “money laundering conspiracies arising from the hack and theft of approximately 120,000 bitcoin” from Bitfinex, a global cryptocurrency exchange. According to the release, the couple used “a number of advanced hacking tools and techniques to gain and access” the exchange’s network, allowing them to “fraudulently authorize more than 2,000 transactions in which 119,754 bitcoin was transferred” to a wallet in the couple’s control. The couple admitted to using “numerous sophisticated laundering techniques” to launder the stolen bitcoin, “including using fictitious identities to set up online accounts; [and] utilizing computer programs to automate transactions,” among other techniques.
According to a recent press release by the U.S. Securities and Exchange Commission (SEC), the SEC has obtained “a temporary asset freeze, restraining order, and other emergency relief” against Digital Licensing Inc., a Draper, Utah entity, as well as four of the company’s principals, and 13 other defendants in “connection with a fraudulent scheme to sell crypto asset securities to hundreds of U.S. investors that raised approximately $50 million and unspecified amounts of Bitcoin and Ether.” The complaint charged the defendants for involvement in an ongoing scheme to sell unregistered securities called “node licenses” through “DEBT BOX” while promising “exorbitant gains for investors.” The “node licenses” were allegedly promised to “generate various crypto asset tokens through crypto mining activity” but, “[i]n reality, as alleged, the node licenses were a sham intended to obscure the fact that the total supply of each token was created by DEBT Box instantaneously using code on a blockchain.” According to an SEC official quoted in the press release, the SEC alleged “that DEBT Box and its principals lied to investors about virtually every material aspect of their unregistered offering of securities, including by falsely stating that they were engaged in crypto asset mining.”
A third recent press release issued by the U.S. federal entity that supplies commercial bank deposit insurance announced a demand to a company located in Alphareta, Georgia and certain of the company’s officers to “cease and desist from making false and misleading statements about FDIC deposit insurance and to immediately correct these statements.” According to the release, the company “made false representations on its website, in promotional materials, and on social media platforms stating or suggesting its crypto-related products and services are FDIC-insured.”
For more information, please refer to the following links:
Blockchain Infrastructure Firm Publishes Notice of Crypto Wallet Vulnerability
By Keith R. Murphy
According to a recent blog post and press release, blockchain security services company Fireblocks has publicly disclosed a series of vulnerabilities labeled “BitForge” that affects wallets using multi-party computation technology. Fireblocks identified the flaws as “zero-day vulnerabilities,” meaning that they had not previously been identified. According to the press release, “If left unremediated, the exposures would allow attackers and malicious insiders to drain funds from the wallets of millions of retail and institutional customers in seconds, with no knowledge to the user or vendor.” As opposed to multiple entities needing to communicate to unlock a user’s private key, the BitForge vulnerabilities allow a hacker to obtain the complete private key by compromising only one device, according to reports. According to the blog post, “As part of the 90-day responsible disclosure process, the Fireblocks team documented and verified its findings and prepared and delivered a responsible disclosure message and plan for those impacted by BitForge.” The blog post further noted that “The cryptography community responded positively, with multiple wallet providers fixing their implementations.”
For more information, please refer to the following links:
[View source.]
