Contributed By DLx Law
The blockchain market in the USA is comprised of a number of different components, each with their own status and level of development. Overall, each of these components saw significant activity in 2019. The United States is home to many global, market-leading blockchain companies, including:
The USA has also been a centre of innovation with respect to integrating blockchain and digital assets into traditional financial services with the development of JP Coin and the use of the Symbiont Assembly platform by Vanguard for both ABS issuances as well as programmatic rebalancing of index funds. In addition, we are seeing a growth in interest in decentralised finance and the use of blockchain technology to tokenise previously illiquid assets so that dormant value may be unlocked, accessed, and used.
Regulatory treatment with respect to blockchain and digital assets will continue to have a significant impact on the above-mentioned sectors over the next 12 months. We expect that US regulators will continue to be focused on stablecoins and will also begin to focus on decentralised finance. In addition, there are a number of judicial decisions anticipated in the coming year that could have a significant impact on how digital assets are categorised for regulatory purposes.
US businesses are using blockchain technology in a wide variety of ways, including:
There are multiple regulatory regimes that may apply to the use of blockchain technology in the USA. Depending on the business model and the classification of associated digital assets, blockchain technology and associated digital assets may be regulated pursuant to securities law, commodities law, money transmission law, or consumer protection law. These are all existing regulatory regimes that have not been specifically tailored to blockchain technology or digital assets.
The USA has implemented international standards in several areas impacting blockchain. Of particular note, the USA has been a proponent of applying a corollary to the funds travel rule (the Funds Travel Rule) to entities known as virtual asset service providers (VASPs) that process transactions involving virtual assets. In traditional finance, the Funds Travel Rule applies when money transmitters process transactions that constitute a “transmittal of funds”. The Funds Travel Rule requires that each of the financial institutions in a chain of transmittal orders, involved in a transmittal of funds of USD3,000 or more, originated by customers and non-customers, maintain accurate records relating to the funds transferred and verify the identity of non-customers originating funds transfers. The information required to be maintained depends on the role of the financial institution in the payment chain, ie, originator, intermediary, or beneficiary institution. Financial institutions acting as originator or intermediary financial institutions must cause the information to “travel” to the next financial institution.
The issue of information reporting in connection with virtual asset transfers is also centre stage internationally. The Financial Action Task Force (FATF), a multi-governmental organisation that sets global standards related to anti-money laundering, recently finalised an Interpretive Note to Recommendation 15, which addresses new technologies. Recommendation 15 was revised in autumn 2018 to clarify how the FATF standards apply to activities or operations involving virtual assets. Paragraph 7(b) of the interpretive note seeks to impose a corollary to the Funds Travel Rule on VASPs which process virtual asset transfers. This paragraph of the interpretive note was finalised after private sector consultation regarding practical questions and concerns.
It is not surprising that the US delegation to FATF pushed for a global Funds Travel Rule corollary. In strongly supporting an amendment to Recommendation 15 imposing similar requirements to the Funds Travel Rule, the USA was attempting to promote compliance through global standard setting, which would make it easier for the USA to enforce the laws in place domestically in this area. Without a global standard, US-based money transmitters would have to determine whether or not they would process transmittal orders originating from outside the USA that may not include the information required by the funds travel rule. If they were to process such orders, they would need to do their own diligence to obtain the information required to fill any gaps, which would require additional cost and time.
There are a number of regulatory bodies in the United States that are relevant to blockchain and digital assets.
The Securities and Exchange Commission
The Securities and Exchange Commission (SEC) has broad regulatory authority over securities transactions and securities professionals and intermediaries in the United States. The threshold question which determines whether the SEC has authority with respect to blockchain or digital assets is whether a “security” is involved. Within the definition of the term "security" in both the Securities Act of 1933 and the Securities Exchange Act of 1934 is an “investment contract”. When commercial arrangements do not fall plainly within the other enumerated types of securities in the definitions of the term security, they may still be treated as securities if these arrangements are deemed to constitute investment contracts. The test for whether a particular scheme is an investment contract was established in the Supreme Court’s Howey decision. The test looks to “whether the scheme involves an investment of money in a common enterprise with profits to come solely from the efforts of others”. In the Summer of 2017, the SEC issued a Report of Investigation Pursuant to Section 21(a) of the Securities Exchange Act of 1934: The DAO (SEC DAO Report), applying the Howey test to an offering of cryptographic tokens for sale and concluding it was an offering of securities. The DAO report noted that “[w]hether or not a particular transaction involves the offer and sale of a security—regardless of the terminology used—will depend on the facts and circumstances, including the economic realities of the transaction.” This continues to be the SEC’s position.
The Commodities Futures Trading Commission
The Commodities Futures Trading Commission (the CFTC) has broad regulatory authority over derivative markets for commodities and general anti-fraud and anti-manipulation authority over the spot markets for commodities pursuant to the Commodities Exchange Act (the CEA). The CFTC has asserted jurisdiction over transactions in virtual currencies as “commodities”. Numerous courts have found that the CFTC’s jurisdiction extends to virtual currencies in this context. The CFTC has explicitly taken the position that bitcoin and ether are commodities subject to their jurisdiction under the CEA. Accordingly, it is widely accepted that bitcoin and ether are commodities subject to CFTC jurisdiction.
CFTC jurisdiction is primarily with respect to derivatives transactions. Derivatives transactions subject to CFTC jurisdiction include futures, options, swaps, and leveraged retail commodities transactions under the CEA.
The Treasury Department and the Financial Crimes Enforcement Network
The Financial Crimes Enforcement Network is a division of the US Treasury Department (FinCEN). FinCEN is the arm of the Treasury Department responsible, in the first instance, for enforcing the US federal laws and regulations relating to crimes involving the transmission of money, frequently working in conjunction with other federal agencies and bureaus, including the Federal Bureau of Investigation and the National Security Agency. This includes enforcing the Bank Secrecy Act (BSA), which is a comprehensive anti-money laundering and counter-terrorism financing (AML/CFT) statute. The BSA mandates that “financial institutions” must collect and retain information about their customers and share that information with FinCEN. “Money services business” are included within the definition of “financial institutions” and “money transmitters” are money services businesses. FinCEN guidance from May 2019 examined a number of hypothetical business models involving digital assets to provide guidance with respect to the application of the BSA. Not surprisingly, many businesses engaging in activity involving convertible virtual currency, a subset of digital assets, have an obligation to comply with the BSA.
State Money Transmission Regulators
Historically, states rather than the federal government have been the primary regulators of “money transmitters.” State money transmission regulations are, on the balance, non-uniform. Each state has independently passed a statute that defines the activities that constitute money transmission in their state. It is impossible to synthesise a uniform definition of money transmission across all state jurisdictions. State laws generally define a money transmitter very broadly and typically include an entity that engages in “receiving money for transmission” or “transmitting money” or issuing or selling stored value. As a result, the handling of funds or the facilitation of payments – either as a core component of a product or service or, incidentally, as a result of providing some other non-payments-related product or service – can be subject to state-by-state regulation as money transmission. While federal law requires mere registration of money transmitters, state law requires licensing. It is significant to note that money transmission regulations are extraterritorial; a person must have a licence in every state in which they have customers. What matters from a jurisdictional standpoint is the location of the customer, not the location of the transmitter.
It is important to note and understand that classification as a money transmitter under US federal law does not necessarily mean that one will be classified as a money transmitter in a particular state. States have taken different positions with respect to whether convertible virtual currency activities fall within the definition of money transmission. The scope of each state’s law is dependent on how broadly the definitions of money and money transmission are interpreted by the applicable state regulator.
State Securities Regulators
State securities regulators enforce and administer state-specific securities laws. These laws, often referred to as “blue sky” laws, are generally similar, but certain aspects vary significantly from state to state. Many state securities statutes are derived from either the 1956 or 2002 version of the Uniform Securities Act.
State securities regulators have been very active in regulating cryptocurrency related investment products and the sale of digital asset securities. The threshold question to determine whether state securities laws apply to the offer or sale of a digital asset is whether it involves the offer or sale of a “security.” Many state securities laws specifically include “investment contracts” in the definition of security and have adopted some form of the Howey test, discussed in this section above, to determine when a particular scheme constitutes an investment contract.
“Operation Cryptosweep” was a co-ordinated series of enforcement actions and public outreach undertaken by state securities regulators focused on Initial Coin Offerings (ICOs) and other investment schemes involving digital assets. The co-ordinated action focused on the protection of retail investors and raising public awareness with respect to ICOs and other risky digital asset related investment schemes.
There are no self-regulatory organisations in the USA specifically dedicated to blockchain or digital assets. There are a variety of trade groups, but none of them perform a formal regulatory or even quasi-regulatory function. Instead, these trade groups advocate on behalf of their members with respect to the adoption and regulation of blockchain technology and digital assets. There are, however, self-regulatory organisations associated with the securities and commodities industries that do have regulatory authority relevant to blockchain and digital assets and we discuss those below.
The Financial Industry Regulatory Authority (FINRA) is a government-authorised organisation tasked with the oversight of US-registered securities broker-dealers to ensure they operate fairly and honestly. FINRA works under the supervision of the SEC and writes rules governing the activities of broker-dealers, examines broker-dealers for compliance with those rules, promotes market transparency to protect market integrity, and provides for investor education.
FINRA has taken a specific interest in activity involving digital assets. FINRA joined the SEC in putting out a joint statement regarding broker-dealer custody of digital asset securities in July of 2019. The release dealt with the application of the customer protection rule pursuant to the Securities Exchange Act of 1934, and the related rules, to digital asset securities. The joint statement provided guidance with respect to how digital asset securities may be custodied by broker-dealers, indicating several areas of concern. FINRA has also asked broker-dealers to notify them if they engage in activities related to digital assets and has made digital assets an exam priority.
The National Futures Association (NFA) is an industry-wide self-regulatory organisation for the derivatives industry. The NFA is a registered futures association designated by the CFTC. The NFA registers a number of different participants in the commodities derivatives markets.
Several important judicial decisions have played a role in interpreting the laws applicable to blockchain technology and digital assets.
In October of 2019 the SEC filed a complaint against Telegram and related entities seeking a preliminary injunction to prevent Telegram from distributing the digital tokens native to the Telegram Open Network (TON) blockchain, known as GRAM tokens, and other relief. The SEC complaint alleged that the intended distribution of GRAMs was just one part of a larger scheme to engage in a public distribution of securities that should have been registered. The scheme started with the sale of purchase agreements to accredited investors, providing them the right to receive GRAMs in the future, and included the representations, undertakings and understandings with respect to the GRAMs. The components of the scheme collectively amounted to an investment contract that was intended to be sold to the public according to the SEC. The court ultimately agreed, granting the preliminary injunction sought by the SEC on 24 March 2020 and finding that the SEC had shown a substantial likelihood of success in proving that the resale of GRAMs into the secondary market would be an integral part of a scheme to publicly distribute securities that were not registered. On 12 May 2020, Telegram announced that it had cancelled the TON blockchain project as a result of the court’s decision.
In June of 2019 the SEC charged Kik Interactive Inc with selling unregistered securities in connection with its offer of digital tokens known as Kin. The SEC complaint alleges that Kik violated Section 5 of the Securities Act of 1933 by selling token purchase agreements providing the right to receive Kin in the future as well as by publicly selling Kin without registering those sales, which the SEC believes should be considered a single transaction with multiple stages. The complaint alleges that offer and sale of Kin tokens constituted the offer and sale of investment contracts because all of the elements of the Howey test were met. Kik has denied the allegations in the complaint and contends that the SEC is stretching the definition of a security far beyond its plain language.
The parties filed cross motions for summary judgment and the briefing on those motions was recently completed and totals more than 400 pages. The court’s decision with respect to these motions and the ultimate outcome in the case will be closely watched and will likely further clarify the law with respect to blockchain-based digital assets.
The New York Attorney General (NYAG) is investigating the digital asset exchange, Bitfinex and related entities (Bitfinex) to determine whether the stablecoin known as Tether is backed by sufficient cash reserves. Tether was purportedly backed 100% by US dollars, a claim that has been amended to backed by cash and cash equivalents representing approximately 74% of the current outstanding tethers. In connection with the investigation, the NYAG took the extraordinary step of bringing an ex-parte action pursuant to the New York General Business Law Section 354 seeking that the court order Bitfinex to produce documents and information and enter a preliminary injunction prohibiting the movement of funds between Tether and Bitfinex. Ultimately the New York Supreme Court ordered Bitfinex to turn over documents and entered the injunction. Bitfinex has appealed arguing that the NYAG should have been required to personally serve Bitfinex company executives with the ex parte order obtained from the Court, that the NYAG does not have jurisdiction over Bitfinex and Tether, and that the Court must determine wither tethers are securities or commodities before allowing the matter to proceed. The appeal remains ongoing. This case raises important questions about jurisdiction, the scope of authority of the Martin Act (New York’s state-level securities law), and the regulatory treatment of stablecoins backed by assets.
Class Action Lawsuits
There are several civil (private party) lawsuits involving blockchain and digital assets that are pending in the USA and are expected to be significant. In April 2020, eleven different private class action lawsuits were filed simultaneously against seven issuers of digital assets and four digital asset exchanges. The crux of these complaints is that the digital assets sold by the issuer defendants were investment contracts that were required to be registered or come within an exemption from registration under the federal securities laws. With respect to the digital asset exchanges, the complaints allege they were operating unregistered securities exchanges without an applicable exemption and were also acting as unregistered broker-dealers, both predicated on the fact that the one or more of the digital asses listed on the exchanges were securities. These cases are still in their infancy, but judicial rulings on legal issues in these cases and their ultimate outcomes may have a significant impact on digital assets going forward.
Since releasing the DAO Report, the SEC has resolved several investigations into the sale of digital assets by entering into consent orders with the subjects of those investigations. Many of these consent orders seem to communicate a distinct regulatory proposition to the blockchain community and the SEC has been criticised by many of regulation via enforcement with respect to digital assets. The Munchee order stands for the proposition that the sale of a digital asset may be subject to compliance with the securities laws even when there is a purported consumptive use of the token. The Tomahawk order stands for the proposition that the investment-of-money element of the Howey test may be satisfied even when a digital asset is airdropped to holders for free, so long as the blockchain network sponsor obtains a benefit by doing so. The TokenLot order makes clear that engaging in buying or selling digital asset securities for the account of another requires registration as a broker-dealer. The Zachary Coburn order, related to the Dex EtherDelta, stands for the proposition that a platform engaging in exchange activity with respect to digital asset securities must be registered as a national securities exchange or operate within an exemption from such registration. The Airfox and Paragon orders required these token sellers to register their digital asset securities post-ICO, making clear that the SEC wants issuers of digital asset securities to provide the disclosure necessary for purchasers to make informed decisions. These are just a few examples of enforcement actions brought by the SEC that target a specific participant in the digital asset space in order to communicate a regulatory approach to the broader market.
There are no regulatory sandbox programmes in the USA specifically geared towards blockchain projects. That said, both the SEC and the CFTC have other programmes in place that seek to engage with projects in the FinTech space. The SEC rolled out the Strategic Hub for Innovation and Financial Technology in 2019 (FinHub). FinHub is a way for the SEC to engage with fintech developers and entrepreneurs to assist with respect to compliance with the federal securities laws. At the CFTC, LabCFTC is a hub for engagement with the fintech community in order to promote responsible fintech innovation and fair competition. LabCFTC regularly meets with innovators and entrepreneurs in the fintech space to enable the CFTC to be proactive and forward-thinking with respect to new technologies and applications.
At the state level, there are several sandbox programmes relevant to blockchain.
Arizona passed a law in 2019 providing for a regulatory sandbox programme to promote innovation with respect to financial products or services that is overseen by the Attorney General’s Office. The programme allows for the temporary testing of innovations without otherwise being licensed or authorised to act under the laws of Arizona. The Arizona sandbox does not specifically address the use of blockchain technology but deals more generally with the use of emerging technology for innovation.
Kentucky passed a law in 2019 providing for a regulatory sandbox programme to promote innovation in the insurance industry. The programme is administered by the Kentucky Department of Insurance and provides limited no-action relief from insurance law to eligible participants during the beta testing phase of an innovative insurance product. The Kentucky sandbox does not specifically address the use of blockchain technology but deals more generally with the use of emerging technology for innovation.
Nevada passed a law in 2019 providing for a regulatory experimentation programme for product innovation overseen by the Department of Business and Industry that allows participants to test innovative financial products or services under a temporary exemption from certain statutory and regulatory requirements related to financial products and services that might otherwise apply. The Nevada sandbox does not specifically address the use of blockchain technology but deals more generally with the use of emerging technology for innovation.
Utah passed a law in 2019 providing for a regulatory sandbox programme overseen by the Department of Commerce that allows participants to test innovative financial products or services without otherwise obtaining a licence or authorisation to act under the laws of Utah. The Utah sandbox specifically contemplates the use of blockchain technology in innovative financial products or services.
Wyoming passed a law in 2019 providing for a financial technology sandbox for the testing of financial products and services. The sandbox is overseen by the Banking Commissioner or the Secretary of State depending on the statutes or rule at issue with respect to a particular applicant. The Wyoming sandbox specifically contemplates the use of blockchain technology in innovative financial products or services.
The Internal Revenue Service (IRS) issued guidance in October 2019 with respect to transactions involving virtual currency. Specifically, the guidance addresses the tax implications of a hard fork of a blockchain. When a hard fork results in a taxpayer receiving new units of cryptocurrency over which they have dominion and control, they will have gross income as a result. If they do not receive any new units of cryptocurrency over which they have dominion and control in connection with a hard fork, they will not have any gross income.
This guidance builds upon the previous IRS guidance with respect to virtual currency from 2014, in which the IRS determined that virtual currency is “property” for federal tax purposes and that general tax principles applicable to property transactions apply to transactions in which virtual currency is used.
There are no significant government initiatives regarding blockchain technology in the USA not covered elsewhere in this chapter.
While there are not any definitive laws or court cases specifying how ownership of a digital asset is determined in the USA, we expect that most non-security digital assets would be considered “bearer” instruments. Control over the asset equates to ownership, primarily through control of the private key necessary to effectuate an on-chain transaction involving the digital asset. There are many instances in which the owner of a digital asset transfers control to a third party, in which case the owner’s right to the asset is contractual pursuant to the terms of their agreement with the third party.
The categorisation of a digital asset as a security, commodity, or some other type of property is highly fact dependent in the USA and it is not easy for market participants to determine the correct characterisation in advance in many cases. Unfortunately, the correct categorisation of digital assets is critical with respect to regulatory compliance, as we are now seeing significant securities regulatory enforcement with respect to digital assets that were sold to the public in the USA without registration under the federal or state securities laws. There is no efficient mechanism for market participants to make an advance determination with any degree of legal certainty in the current regulatory environment. Engagement with the SEC’s FinHub or the CFTC’s LabCFTC may provide directional feedback and help to identify specific legal issues to consider, but will not provide any formal or informal regulatory approval (i) of a particular business plan, or (ii) with respect to the likely regulatory treatment of particular digital assets.
In order to obtain specific formal guidance that can be confidently relied upon, market participants have the option of pursuing a request for no-action from either the SEC or the CFTC. Such a request would set out in detail a business model utilising blockchain technology or involving a digital asset and then seek confirmation from the relevant regulator that, if the plan is followed as described, they will not recommend enforcement. The SEC has provided no-action relief with respect to three projects involving the use of blockchain technology so far. The first was for Turnkey Jet, Inc in which the SEC provided no-action with respect to the sale of a digital token at a fixed price redeemable for air travel. The second was for Pocketful of Quarters, Inc, a gaming platform on the Ethereum blockchain, in which the SEC provided no action relief with respect to the sale of an ERC-20 token for gaming. The third was for Paxos, in which the SEC provided no-action relief with respect to a blockchain-based clearing and settlement platform for certain National Market System (NMS) securities. The CFTC has chosen to deal with these issues in a more generally applicable way by providing broad guidance. For example, the CFTC recently released final interpretive guidance with respect to the actual delivery in the context of retail commodity transactions involving virtual currency, an issue that was the subject of several requests for no-action or guidance.
The regulatory treatment of stablecoins in the USA depends on the type of stablecoin in question and how it is structured. Stablecoins backed by deposits of fiat currency or other assets have not yet been treated as securities by the regulators, although there has been significant discussion on this point within the legal community. In particular, the initial proposed structure of the Libra token, proposed by Facebook as a stablecoin backed by a basket of currencies, prompted much speculation about whether that arrangement constituted a security. Similarly, we have yet to see any formal guidance from the regulators with respect to stablecoins generated algorithmically.
As noted in 2.2 International Standards, the New York Attorney General is investigating Bitfinex and Tether to determine whether Tether is backed by sufficient reserve assets. This case remains ongoing but may provide some clarity with respect to the regulatory treatment of asset-backed stablecoins once resolved.
In the USA, generally speaking, cryptocurrencies may be used for payments if accepted by merchants. The use of cryptocurrencies, or any other fiat substitute, for payments may implicate the money transmission laws at the federal and state levels.
There are no regulations in the USA that specifically apply to non-fungible tokens (NFTs). To the extent that the offer or sale of NFTs constitutes an investment contract under the Howey test, compliance with the securities laws would be required. Otherwise, the offer and sale of NFTs as consumer products would be subject to consumer protection laws and regulations. Both federal and state consumer protection laws generally prohibit unfair or deceptive acts and practices with respect to consumer goods and services. Given their non-fungible nature, NFTs are unlikely to be considered “commodities”.
There are a variety of markets for digital assets available to US persons. These markets can be divided into several categories:
Digital Asset Securities Markets
Platforms that provide for the exchange of digital asset securities are highly regulated by the SEC. Any entity engaging in exchange activity with respect to securities, including digital asset securities, must register as a national securities exchange or operate within an exemption to such registration. There is an exemption from registration as a national securities exchange for alternative trading systems that comply with the SEC’s Regulation ATS. Regulation ATS requires the entity operating an alternative trading system (ATS) to register with FINRA as a broker-dealer and certain other prerequisites.
Centralised Markets for Non-security Digital Assets
Centralised platforms that allow users to exchange non-security digital assets are prevalent in the USA. These platforms facilitate fiat-to-digital-asset or digital-asset-to-digital-asset transactions. These platforms may perform these services in a custodial manner, meaning the platform maintains custody of the assets trading on the platform in an omnibus account for the benefit of its customers and relies on its own internal record-keeping to credit and debit customer accounts as needed. In other words, exchanges of assets between customers of a custodial platform will not result in an auditable on-chain transaction and the transaction will only be reflected in the internal ledger used by the platform to track customer balances. These platforms may also perform these services in a non-custodial manner, in which transfers of digital assets facilitated by the platform occur on-chain and are directed to the self-custodied wallet addresses of the transaction participants. In either case, platforms that provide these services with respect to non-security digital assets are generally regulated as money transmitters at both the federal and state level and have the attendant know your customer (KYC)/anti-money laundering (AML) and BSA compliance obligations.
Decentralised Markets for Non-security Digital Assets
There are also a variety of decentralised exchanges available to US persons. These exchanges typically provide for a peer-to-peer exchange of digital assets by means of a technical protocol or one or more smart contracts. Exchanges facilitated in this way do not typically involve third-party custody of the digital assets being exchanged at any point in time during the transaction. The regulatory obligations with respect to decentralised exchanges will be highly fact dependent, but it is likely they may be regulated as money transmitters at both the state and federal levels.
As discussed in 4.1 Types of Markets, there are a variety of US markets that facilitate the exchange of fiat currency for digital assets. Any market facilitating such an exchange is very likely a money transmitter at both the federal and state level and will likely have the attendant KYC/AML and BSA compliance obligations. The same is true for markets facilitating the exchange of one digital asset for another digital asset.
As discussed in 2.3 Regulatory Bodies, the Bank Secrecy Act is the primary federal law addressing KYC/AML in the United States. It applies to any entity that is acting as a money services business, which includes money transmitters. Generally speaking, the BSA requires that money transmitters know their customers and implement and enforce policies and procedures reasonably designed to detect, report and deter suspected money laundering and other suspicious transaction activity.
Please refer to 2.3 Regulatory Bodies for a discussion of the relevant regulators with respect to digital assets in the USA.
There are no specific laws or regulations that deal with re-hypothecation of non-security digital assets.
Wallet providers were addressed in May 2019 FinCEN guidance regarding convertible virtual currency. The guidance described the types of wallets that may be used to store digital asset value and the regulatory treatment with respect to each of them. That treatment depends on four criteria:
Wallets in which user funds are controlled by third parties are referred to as “hosted wallets”. Wallets in which user funds remain in the control of the user are called “unhosted wallets”. Hosted wallet providers are money transmitters and have different obligations with respect to different types of wallet users. Unhosted wallets are software enabling a person to store and conduct transactions involving convertible virtual currency. A hosted wallet user does not need a third party in order to conduct transactions and there is no third party acting as a money transmitter in this model. The user is also not acting as a money transmitter while using an unhosted wallet to engage in transactions on their own behalf.
The creator of unhosted multi-signature wallets that restricts its role to providing a second authorisation key to validate and complete transactions initiated by the wallet user is not a money transmitter according to the May 2019 FinCEN guidance. However, the provider of a hosted wallet with a multi-signature feature will be a money transmitter, as will any wallet provider that stands between a wallet user and the payment system or that exercises independent control of the value in a wallet.
Custody of digital assets is also a regulated activity in certain states, most notably New York State. The New York BitLicense regime requires entities located in New York State or doing business with New York State residents to obtain a licence when they engage in virtual currency business activity. There are five enumerated virtual currency business activities, one of which involves taking custody of virtual currency on behalf of customers, whether in a hot wallet or cold wallet solution. Accordingly, hosted wallet providers must obtain a BitLicense in New York before offering such services in New York or to New York residents.
Capital raising through the sale of a digital asset is almost always considered securities activity that is subject to compliance with federal and state securities laws in the USA. The SEC Chairman notoriously reported in 2019 that every ICO he had seen involved a securities offering. This view is reflected in the DAO report, the subsequent consent orders entered into with the issuers of digital assets, and the enforcement actions filed by the SEC in courts. The courts and regulators will conduct an analysis to determine whether the sale of a digital asset that does not clearly fall within one of the enumerated instruments in the definition of a security constitutes an “investment contract” pursuant to the Howey test.
This test, as refined by subsequent interpretation, requires an investment of money in a common enterprise with an expectation of profit to be derived from the essential managerial efforts of others in order to find an investment contract. Two points are critical to this analysis:
The SEC provided clarification with respect to factors relevant to these critical points in April 2019 in guidance entitled the Framework for Investment Contract Analysis of Digital Assets (the Framework). The Framework set forth 38 different factors, some with sub-factors, that the SEC considers relevant to the analysis. The Framework factors provide additional guidance with respect to conducting a Howey analysis, but it should be noted that a Howey analysis is very dependent on specific facts and circumstances and some factors may be more or less relevant. In addition, the Framework does not assign a weight to any of the relevant factors, likely because each analysis must be done independently and it would be difficult to assign a weight that would apply equally to every project conducting an analysis using the Framework factors, which makes any analysis using the Framework factors highly subjective and of limited utility.
The use of an exchange to conduct an initial sale of digital assets for capital raising purposes does not change the analysis set forth in 5.1 Initial Coin Offerings, and such sales are also likely to be treated as securities transactions subject to compliance with the securities laws in the USA. In particular, depending on how a particular initial exchange offering (IEO) is structured, if an exchange is acting as an underwriter or an unregistered broker-dealer with respect to the distribution of digital asset securities, they may incur significant legal liability.
Digital asset investment funds are subject to the same regulatory requirements as traditional investment funds. There are a variety of fund structure options available to funds holding digital assets under the Investment Company Act of 1940 (the ICA), which generally requires investment companies to register or fall within an enumerated exemption from registration. Any company with more than 40% of its assets in investment securities constitutes an investment company. Accordingly, the categorisation of digital assets as securities, commodities, or something else is critical in determining whether a fund has a registration obligation pursuant to the Investment Company Act.
The most commonly relied upon exemptions from registration under the ICA are Sections 3(c)(1) and 3(c)(7). The Section 3(c)(1) exemption is for funds that have less than 100 holders that are all accredited investors. The Section 3(c)(7) exemption permits an unlimited number of holders who must be qualified purchasers. Accredited investors are generally natural persons with an income of more than USD200,000 in each of the two most recent years (USD300,000 if joint with spouse) or with an individual, or joint with a spouse, net worth that exceeds USD1 million, as well as a variety of entities that meet certain other qualifications. Qualified purchasers are generally individuals and entities that own not less than USD5 million in investments.
Finally, private funds that hold assets other than securities, such as non-security digital assets, are not investment companies and can simply offer interests in their funds in private placements pursuant to Regulation D.
There are no special regulations pertaining to broker-dealers or financial intermediaries dealing in digital assets. Rather, legacy laws and regulations applicable to broker-dealers and financial intermediaries have been adapted to cover activities involving blockchain and digital assets.
The general view in the US legal community is that private contractual arrangements that are executable, in whole or in part, using blockchain or distributed ledger technology are valid and enforceable assuming the elements necessary to form a contract are present – offer, acceptance, the intention to be legally bound, and consideration. Whether a smart contract is coded to reflect the intentions of the parties is a separate question and one that has prompted significant debate with respect to how such a situation would be handled and resolved.
It is not likely that developers of decentralised blockchain-based networks or the code that runs these networks would be considered fiduciaries who have a duty to the users of the network or the code. There have been no cases in the USA in which developers have been held responsible for a breach of a fiduciary duty in connection with losses sustained by the user of software they have developed for use on a decentralised blockchain network.
Decentralised finance (DeFi) platforms are prevalent and gaining in popularity in the USA. These platforms operate in an emerging area and there have been few regulatory actions with respect to DeFi platforms in the USA to date. However, many of these DeFi platforms are operating in areas that might traditionally be subject to regulation. For instance, escrowing digital assets in a smart contract with the expectation of earning a profit in the form of interest paid by another user that borrows and uses those digital assets is very similar to peer-to-peer lending products, such as those offered by Lending Club and Prosper, that were adjudged by a variety of US securities regulators to be securities. In addition, it is worth noting that DeFi platforms often involve the use of stablecoins in order to provide a digital on-ramp to the relevant service. As we expect increased regulatory scrutiny with respect to stablecoins, we can also expect an increase in regulatory attention with respect to DeFi as well.
There is no proven method of perfecting a security interest in a digital asset in the USA. That said, a digital asset lender may attempt to take a security interest in a digital asset pledged as collateral for a loan pursuant to the applicable provisions of the Uniform Commercial Code (UCC). This is an emerging area of law that is untested and there is some question as to which provisions of the UCC apply to any given arrangement. One strategy that has been used in the USA is to treat the digital asset pledged as collateral for a loan as a “financial asset”, treat the borrower’s account with the lender as a “securities account”, treat the borrower as an “entitlement holder”, and have the borrower acknowledge that the lender is a “securities intermediary”, as all of these terms are defined under the UCC. This should create a “security entitlement” under the UCC that will allow for perfection of a security interest in the collateral by the lender.
Certain regulated participants in the securities markets in the USA have specific laws and rules that apply to how they custody assets held for the benefit of others. These laws and rules are all in place to protect customer assets. The custody laws and rules outlined below apply to securities, including digital asset securities, and funds, which may include non-security digital assets.
Broker-dealers are subject to the customer protection rule under the Securities Exchange Act which requires them to custody securities that they have exclusive possession and control over in a “good control location”. Several different types of third party custodians can serve as good control locations, including banks, other broker-dealers, and clearing agencies.
Investment advisers are subject to the “custody rule” under the Investment Advisers Act of 1940, which generally requires them to hold customer funds and securities with a qualified custodian. Qualified custodians include banks, registered broker-dealers, and futures commission merchants.
Registered investment companies are required by the ICA to maintain their securities and similar investments with a bank, a member of a national securities exchange, or a central securities depository.
Data privacy laws are enacted at the state level in the USA. The absence of a federal data privacy law means that there are differing obligations in each state with respect to data privacy. Practically speaking, this means that national companies will seek to comply with the most robust state-level data privacy law. The California Consumer Privacy Act (CCPA) is the most robust state data privacy law and it became effective in January 2020. The California Attorney General is required to adopt regulations on or before 1 July 2020 and may not bring an enforcement action until six months after the adoption of the regulations. Among other things, the CCPA provides consumers with
Covered businesses also need to provide consumers with a privacy notice. The CCPA does not directly implicate blockchain, however any covered business using blockchain to gather, store, or refer to customer information should have compliance with the CCPA in mind.
Data protection laws are also enacted at the state level in the USA. The CCPA has a data protection component requiring covered businesses to implement and maintain reasonable security procedures. Similar data protection laws have been passed in other states, as have data breach reporting statutes. These laws do not specifically apply to the use of blockchain-based products or services.
Mining cryptocurrencies on blockchain networks running proof of work algorithms is allowed in the USA. There are no specific regulations in place with respect to this activity. However, this activity may be subject to money transmission regulations in certain circumstances and may not in others. The May 2019 FinCEN guidance reiterates previous guidance indicating that miners who are users of the virtual currency they mine are not money transmitters. On the other hand, the administrator of a mining pool that combines mining services with hosted wallets on behalf of pool members will be a money transmitter.
Staking assets to secure blockchain networks using proof of stake consensus protocols is allowed in the USA and is not, as of yet, regulated. Staking as a service (StaaS) businesses do exist in the USA. No regulations have been specifically applied to StaaS providers.