Bridging the Week by Gary DeWaal: January 21 – 25 and January 28, 2019 (Security Tokens, Utility Tokens; Another Regulator’s Priorities) [Video]
The UK Financial Conduct Authority issued proposed guidance concluding that only security tokens among the three principal types of cryptoassets are under the regulator’s oversight umbrella. Cryptocurrencies and utility tokens generally are not. Separately, the Financial Industry Regulatory Authority issued its annual Risk Monitoring and Examination Priorities Letter that outlined its principal areas of focus in 2019. Members' supervision of digital assets business is among the key topics it will evaluate. As a result, the following matters are covered in this week’s edition of Bridging the Week:
UK Financial Conduct Authority Proposes Guidance to Help Classify Cryptoassets; Says Cryptocurrencies and Utility Tokens Generally Outside Regulatory Perimeter (includes Legal Weeds);
Online Distribution Platforms, Fixed Income Mark-up Disclosure and Suitability Take Center Stage in 2019 FINRA Risk Monitoring and Examination Priorities (includes Compliance Weeds); and more.
UK Financial Conduct Authority Proposes Guidance Regarding Cryptoassets; Says Cryptocurrencies and Utility Tokens Generally Outside Regulatory Perimeter: In a consultation paper proposing guidance on cryptoassets, the UK Financial Conduct Authority indicated that, while security tokens fall within its regulatory perimeter, cryptocurrencies (which the FCA labels “exchange tokens”) and utility tokens are likely outside its oversight. Notwithstanding, FCA noted that certain payment tokens pegged to fiat currency (e.g., stablecoins) may be subject to UK requirements related to e-money and that under some circumstances, stablecoins pegged to fiat currencies; other commodities or assets (e.g., gold); or baskets of other cryptoassets may constitute securities if they resemble funds or a derivative.
Moreover, foreshadowed FCA, by the end of 2019 certain transactions involving cryptocurrencies will likely be subject to anti-money laundering and counter-financing of terrorism regulation, while Her Majesty’s Treasury will publish a consultation paper to consider the expansion of FCA’s regulatory remit to include cryptoassets it currently does not oversee.
FCA indicated that all persons carrying out activities involving regulated products in the United Kingdom – including acting as an exchange or trading platform; a payment provider; a custodian or wallet provider; or an adviser, broker or other intermediary – may be subject to UK licensing or other requirements unless expressly exempt. It is a criminal offense to carry on a regulated activity in the UK without appropriate authorization.
Generally, said FCA, a security token is an instrument “which indicates an ownership position in an entity, a creditor relationship with an entity, or other rights to ownership or profit.” These characteristics may be evidenced by (1) the rights and obligations of token holders by virtue of ownership of the relevant cryptoasset; (2) contractual entitlement of token holders to profit share or any payment benefit, as well as control of the token issuer; (3) language in descriptive materials describing the tokens as investments; and (4) the ability to transfer or exchange the cryptoasset on an organized trading facility or other type of market. Also relevant, noted FCA, is the flow of funds from the issuer or other relevant party to token holders, including, potentially, an indirect flow of funds through “profits or payments derived exclusively from the secondary market.” FCA observed that security tokens can resemble many different types of securities including shares, debt instruments, warrants, certificates that confer rights over investments, and collective investment schemes.
FCA defined an exchange token as a digital token not issued or backed by a central authority that can be used directly as a means of exchange on a peer to peer basis without involvement of an intermediary. A utility token is a digital asset that provides consumers with a current or prospective service or product.
In its proposed guidance, FCA noted that the UK’s involvement in the cryptoasset market to date has been nominal. For example, there are currently less than 15 spot cryptoasset exchanges in the UK out of a global market of 231, and daily trading volume in the UK amounts to US $200 million which constitutes approximately 1 percent of daily global volume. Notwithstanding, FCA acknowledged observing the benefit of cryptoassets on a small scale in its regulatory sandbox – e.g., increased speed and a reduction in cost for cross border money remittance – although it also identified a number of “substantial risks” to consumers, particularly where they purchase “unsuitable products" without being aware of the products' risks. (Click here for details regarding the FCA's regulatory sandbox.)
FCA seeks comments to its proposed guidance by April 5, 2019.
In 2017, FCA issued a discussion paper on distributed ledger technology. (Click here for more details in the article “Financial Conduct Authority Seeks Comments on Proposed Distributed Ledger Technology Regulation” in the April 16, 2017 edition of Bridging the Week.)
In other legal and regulatory developments involving cryptoassets:
Cryptocurrency Exchange Prevails in Requiring Use of Arbitration to Resolve Customer Dispute: Coinbase, Inc. prevailed in a motion to dismiss a complaint filed in a federal court in Brooklyn, NY that alleged it was potentially responsible for a scam that caused a loss of US $200,000 from a customer's account. Coinbase had asked the court to dismiss the complaint because the customer had previously agreed to submit all disputes that could not be resolved amicably between the parties to arbitration. This occurred when the customer agreed when opening his account to the applicability of Coinbase's user agreement and the user agreement contained a mandatory arbitration clause; the customer expressed his agreement by clicking a checkbox in Coinbase's online application. The customer claimed he did not recall being required to read or sign any user agreement or even clicking the checkbox. The court ruled for Coinbase saying that, despite his lack of recollection, the customer had inquiry notice of Coinbase's user agreement, including the mandatory arbitration provision, and that by checking the checkbox he assented to all its terms.
Another Day, More NY BitLicenses: Robinhood Crypto LLC and Moon Inc., dba LibertyX each obtained a BitLicense from the New York State Department of Financial Services. According to the DFS, Robinhood Crypto was approved to offer services to buy, sell and store seven cryptocurrencies, including bitcoin, ether, bitcoin cash and litecoin, while LibertyX was authorized to permit consumers to purchase bitcoin from traditional ATMs using debit cards. New York’s BitLicense was introduced in 2015 to establish minimum standards to help ensure customer protection, cybersecurity and anti-money laundering compliance by persons involved in a virtual currency business involving New York or a NY resident. (Click here for additional information in the article “NYDFS Issues BitLicense Framework for Regulating Virtual Currency Firms” in the June 7, 2015 edition of Bridging the Week.)
Cryptocurrency Exchange Not a Money Transmitter Says Pennsylvania: The Pennsylvania Department of Banking and Securities issued guidance concluding that cryptocurrency exchanges are not money transmitters requiring a license under applicable law. (Click here to access the Pennsylvania Money Transmission Business Licensing Law or “MTA.”) Since cryptocurrency exchanges never directly handle fiat currency, said the Department, they do not provide payment services or money transfer services. According to the Department, cryptocurrency exchanges typically facilitate the exchange of cryptocurrencies for other virtual currencies or fiat currency by their users; virtual currencies are not money under the MTA; and cryptocurrency exchanges typically do not handle fiat currency themselves. Any fiat currency is paid by or to a user to/from an account in the exchange’s name at a depository institution. Earlier this month, the Texas Department of Banking clarified that not all transactions involving virtual currencies require licensing under the state’s laws pertaining to money transmission. (Click here for details in the article “Texas Clarifies Application of Money Transmission Requirements to Transactions Involving Virtual Currencies” in the January 6, 2019 edition of Bridging the Week.)
Cboe BZX Withdraws Rule Proposal From SEC for Bitcoin ETF: Cboe BZX Exchange, Inc. withdrew a proposed rule change initially filed with the Securities and Exchange Commission in June 2018 to enable trading of shares of SolidX bitcoin shares issued by the VanEck SolidX Bitcoin Trust. As proposed, each share in the trust would represent a fractional interest in bitcoin holdings by the Trust. (Click here for additional information in the article “SEC Kicks Bitcoin Fund Consideration Down the Road” in the December 9, 2018 edition of Bridging the Week.) In July 2018, the SEC denied a similar application by the Bats BXZ Exchange to trade shares of the Winklevoss Bitcoin Trust, claiming that the proposed rule change was not consistent with requirements of applicable law, mainly “to prevent fraudulent and manipulative acts and practices” and “to protect investors and the public interest.” (Click here for details in the article “SEC Says 'No' to Winklevoss Bitcoin Trust While NFA Says 'Yes' to Intermediaries’ Crypto Businesses but Requires Disclosures” in the August 5, 2018 edition of Bridging the Week.)
Singapore Warns ICO Issuer: The Monetary Authority of Singapore publicly warned an unnamed issuer of a proposed security token not to proceed with an initial coin offering until it complied with applicable law. According to MAS, the security token’s issuer intended to conduct the offering under an exemption from prospectus registration that was available solely for security offerings that were not advertised. However, MAS claimed that the issuer violated this restriction when its legal advisers posted information regarding the offering on LinkedIn that was accessible to the general public. (Click here to access MAS’s guidance on ICOs.)
Granite and Hoosier States Propose to Accept Cryptocurrencies for Taxes and Other Fees: A bill was introduced in the New Hampshire House of Representative that, if enacted into law, would authorize state agencies, including the state’s tax collector, to accept cryptocurrencies as payment for taxes and fees beginning July 1, 2020. The bill proposes that the state treasurer develop an implementation that would address valuation, accounting, and management issues related to the acceptance of cryptocurrencies and appoint a third party to process cryptocurrency transactions at no cost to the state. A similar measure was proposed in Indiana. Last year, Ohio authorized businesses operating in the state to pay state business taxes with bitcoin. (Click here for details in the article, "Ohio Accepts Bitcoin for Taxes" in the December 2, 2018 edition of Bridging the Week.)
Legal Weeds: In June 2018, William Hinman, the Director of the Division of Corporate Finance of the Securities and Exchange Commission, said that the cryptoasset ether is not a security. It may have once been a security, but not today. As a result, transactions involving ether are not securities transactions. At the same time, Mr. Hinman additionally indicated that he could envision that certain utility tokens might also not be securities. He said that such a conclusion might be appropriate “where there is no longer any central enterprise being invested in or where the digital asset is sold only to be used to purchase a good or service available through the network on which it was created.” (In its proposed guidance, the FCA peripherally referenced the possible morphing of a cryptoasset from one type of a digital asset to another; however, it provided no specific examples or insight.)
In evaluating whether a digital token is likely a security, Mr. Hinman set forth 13 considerations, including:
Is there a single person or small group that is behind the sale of the digital asset? Do they play a “significant role” in the development and maintenance of the token and its potential increase in worth?
Does this person or group have a stake or other interest in the digital token and are they incentivized to cause an increase in value of the digital asset? Do purchasers anticipate such an effort and increase in value?
Do the customer protection provisions of applicable law make sense, including disclosure obligations of a person or entity that plays a key role in the system?
Do persons or entities other than the promoters exercise governance rights?
Is token creation tied to the needs of users or for speculation?
Is the token marketed and distributed to the general public?
Is the system underlying the token fully functioning or in the early stages of development?
(Click here for details in the article “Anything but Sleep Inducing: SEC Corporate Finance Director Says Ether Not a Security and Canada Issues Guidance on Utility Tokens” in the June 17, 2018 edition of Bridging the Week.)
Just a few weeks afterward, SEC Chairman Jay Clayton issued a statement noting that staff statements solely reflect their personal opinions, and are non-binding and create no enforceable rights or obligations on the Commission. Only rules and regulations formally adopted by the Commission have the force of law, he said. (Click here for further background on Mr. Clayton’s pronouncement in the article “SEC Notes That Staff Views Are Just That – Staff Views and Not the SEC’s” in the September 16, 2018 edition of Bridging the Week.) Mr. Clayton previously expressed his belief that most ICO-issued cryptoassets are securities and his skepticism regarding cryptoassets labeled as utility tokens not being securities. (Click here for background in the article “Non-Registered Cryptocurrency Based on Munchee Food App Fails to Satisfy SEC’s Appetite for Non-Security” in the December 17, 2017 edition of Bridging the Week.)
Late last year, the Commodity Futures Trading Commission issued a Request for Input to help it better understand ether in anticipation of potential self-certifications and applications by CFTC-regulated markets to list futures and other derivatives products based on the virtual currency.(Click here for background in the article “CFTC Seeks to Fuel Up Its Knowledge of Ether” in the December 16, 2018 edition of Bridging the Week.) The comment period for the CFTC's RFI currently expires on February 15, 2019.
Online Distribution Platforms, Fixed Income Mark-up Disclosures and Suitability Take Center Stage in2019 FINRA Risk Monitoring and Examination Priorities: The Financial Industry Regulatory Authority said in its annual 2019 Risk Monitoring and Examination Priorities Letter that online distribution platforms, fixed income mark-up disclosure, sales practice risks, the supervision of digital assets business, market risks and financial risks would be among the new topics emphasized during its risk monitoring and examinations of members this year. Among market risks to be considered are best execution, market manipulation, market access, short sales, and short tenders, while financial risks that will be emphasized are credit risk, and funding and liquidity. FINRA also indicated that, in 2019, it will explore how member firms are using regulatory technology to enhance their compliance efforts. In its annual letter, FINRA indicated that the topics it plans to emphasize this year are topics “member firms should consider as they identify opportunities to improve their compliance, supervisory and risk management programs.”
In its annual report of examination priorities issued in late December 2018, the Securities and Exchange Commission’s Office of Compliance Inspections and Examinations said that digital assets, cybersecurity and anti-money laundering programs would be among its top focus during its 2019 reviews of registrants. (Click here for background in the article “Offer and Sale of Digital Assets and Cybersecurity Among the Focus of SEC OCIE 2019 Examination Priorities” in the January 6, 2019 edition of Bridging the Week.)
Compliance Weeds: In its 2019 Risk Monitoring and Examination Priorities Letter, FINRA also indicated it would, this year, continue to assess member firms’ controls regarding outside business activities and private securities transactions.
Under FINRA rules, no registered person may be directly or indirectly employed in any other capacity in a business activity outside the scope of his or her relationship with his or her member firm unless he or she has given prior written notice to the member. (Click here to access FINRA Rule 3270.) Additionally, a person associated with members must also provide advance written notice to his or her employer if he or she may engage in a securities transaction outside the regular course or scope of his or her employment, including new offerings of securities which are not registered with the SEC, subject to various exceptions and conditions. (Click here to access FINRA Rule 3280.)
Last year, Arthur Meunier a/k/a Arthur Breitman agreed to be suspended for two years from association with any FINRA-regulated broker-dealer to settle FINRA charges that, from February 2014 to April 2016, he participated in the development of Tezos, a blockchain technology project, without notifying the broker-dealer he was then employed by of such activity, as required by FINRA rules. (Click here for background in the sub-article “FINRA Fines a Tezos Co-Founder” in the April 22, 2o18 edition of Bridging the Week.)
Also last year, FINRA commenced a disciplinary proceeding against Timothy Ayre for trying to attract investors to purchase shares in a worthless company he owned and served as president – Rocky Mountain Ayre, Inc. (“RMTM”) – by making material misstatements in public filings, and by unlawfully offering to the public digital assets – HempCoins – that he claimed were backed by RMTM common stock. FINRA also claimed that Mr. Ayre engaged in private securities transactions involving RMTM while employed by a broker-dealer without disclosing such transactions to his employer, in violation of the firm’s written supervisory procedures.
FINRA’s inclusion of an additional charge against Mr. Ayre for his engagement in private security transactions involving RMTM while employed by a broker-dealer that required disclosure of such transactions, as well as its earlier action against Mr. Ayre, coupled with the current FINRA Letter, are implicit warnings to member firms that it is best to ensure they have WSPs that track applicable FINRA rules regarding outside business activities and private securities transactions. Moreover, member firms should remind their associated persons that these requirements apply to relevant transactions involving security tokens as well as business activities involving all digital assets, in addition to traditional securities and business activities.
Congressmen Propose Law Rewarding Identification of Hacking Vulnerabilities in State Department’s Information Technology: Three congressmen – Ted Lieu (D - CA), Ted Yoho (R – FL) and Brad Sherman (D – CA) – introduced a bill that would invite cybersecurity researchers to probe the State Department’s information technology for previously undiscovered vulnerabilities. The “Hack Your State Department Act” would, if adopted, require that the State Department (1) create a vulnerability disclosure process to provide researchers with guidelines on the rules of engagement for scrutinizing the agency’s information technology and (2) establish a bug bounty pilot program that would provide a monetary reward to persons for discovering a previously unknown cybersecurity flaw. A similar bounty program for the Department of Homeland Security was signed into law late last year. (Click here for details in Sec. 102 of the Strengthening and Enhancing Cyber-capabilities by Utilizing Risk Exposure Technology Act of 2018.)