The application of the Corporate Transparency Act to decentralized autonomous organizations raises novel legal issues.
DAOs are a relatively new type of business association that lack statutory governance and liability protections for participants because they have not been formed as traditional legal entities.
As a result of legislative enactments seeking to fit DAOs into traditional entity structures to promote protections for them, DAOs operated through business entities will need to comply with the CTA's disclosure obligations.
What the CTA Requires:
Beginning Jan. 1, 2024, reporting companies operating in the U.S. must file Beneficial Ownership Secure System, or BOSS, reports with the U.S. Department of the Treasury's Financial Crimes Enforcement Network, including owners' names, birthdates, addresses and copies of government-issued photo identification.
A reporting company is an entity like a corporation, limited liability company, limited partnership or business trust that is created or registered to do business in the U.S. through a secretary of state filing.
Heavily regulated businesses — such as public companies and their regulated advisors, financial institutions, insurance providers and Section 501(c)(3) nonprofits — are exempt.
Also exempt are large operating companies — i.e., those with a U.S. physical street address, 21 or more full-time employees, and more than $5 million in annual gross receipts or sales as reported in a prior-year tax filing. Wholly owned subsidiaries of an otherwise exempt entity are also excluded.
Companies formed by Dec. 31 must initially file BOSS reports by Dec. 31, 2024, with companies formed starting Jan. 1, 2024, having 30 days to file — with changes due within 30 days.
BOSS reports may be accessed by federal, state, local and tribal law enforcement, and by financial institutions with customer consent — but will not be publicly accessible, including by Freedom of Information Act request.
Beneficial owners include persons with substantial control over — and those who directly or indirectly own 25% or more of — the company's equity.
Every reporting company must report at least one person, and an owner's refusal to disclose may signal their noncompliance to the Financial Crimes Enforcement Network. Fines and penalties for nonreporting or false reporting can be steep.
A DAO is an association of persons represented in part by rules encoded as a transparent computer program, usually controlled by the association and not influenced by a central governance body, and blockchain technology managing the DAO by decentralized autonomous means — often including a proprietary digital asset.
A DAO is set up by programing the organizational structure onto blockchain technology by smart contract, with preprogrammed code setting forth the decision-making structure and governance — and a smart contract often serving as de facto governing document.
DAOs typically fundraise by issuing tokens allowing for voting rights to make rule changes and take action. DAO members may view transactions on the blockchain — including a timeline of contributions and use of funds — with tokens usually purchased on decentralized platforms or directly through peer-to-peer transactions.
As of June, there were reportedly approximately 2.5 million active voting DAO members and almost 7 million DAO governance token holders worldwide.
As of spring 2023, only Tennessee, Utah, Vermont and Wyoming recognized DAOs, with various other states considering legislation. Many DAOs form as Delaware LLCs, and state cooperative law statutes, e.g., in Colorado or New York, or alternative DAO structures, such as benefit LLCs, also may provide a framework.
As of 2022, the Republic of the Marshall Islands approved legislation recognizing DAOs as LLCs. Other popular countries for DAOs include the Bahamas, British Virgin Islands, Cayman Islands, Gibraltar, Liechtenstein, Panama, Singapore and Switzerland.
DAOs' challenges, constraints and risks include those relating to:
Intellectual property ownership;
Infrastructure and scaling;
Proper taxation and procuring insurance;
Application of bankruptcy, insolvency and securities rules and antitrust;
Fraud and error;
Cryptocurrency risks; and
Dealing with know-your-customer and anti-money laundering rules.
How the CTA May Apply To and Affect DAOs:
The CTA assumes that a reporting company is a legal entity with a system of beneficial ownership and governance that a DAO may not possess.
Traditional partnership-based DAOs will not fall within CTA purview, but those DAOs subject to traditional state formations are considered legal entities in DAO legislation states and will need to consider CTA compliance.
CTA reporting requirements will be particularly burdensome for DAOs given their structure and framework — i.e., DAOs lack managers, directors or officers — so each member, and not the DAO as an organization, may need to determine whether they have substantial control or own 25% of the DAO.
A DAO that is a state-law, member-managed LLC would require each member to file a BOSS report.
The CTA prohibits blank stock and anonymous reporting company ownership, in direct opposition to DAOs' compelling feature of anonymity.
The Financial Crimes Enforcement Network has provided nontraditional entities with advice that substantial control includes control exercised in novel and less conventional ways, advising that control could apply to varying and flexible governance structures such as DAOs — for which different control indicators may be more relevant.
While the Financial Crimes Enforcement Network is unsure of how the CTA applies, the CTA applies to state-formed DAOs nonetheless.
The CTA does not address certain DAO-specific matters such as whether membership by token ownership is beneficial ownership for CTA purposes.
Realistically, without directors and officers, DAOs will have trouble naming compliance personnel. Wrapping DAOs into traditional structures has exposed DAOs to reporting requirements and compliance protocols, now expanding to include CTA compliance.
Using traditional DAO parameters to regulate nontraditional businesses may be incompatible with DAOs' innovative and changing nature and autonomy. DAOs required to be CTA compliant will need to monitor CTA guidance as the rollout continues.
A state-registered DAO may have easier CTA compliance or may lack personnel to track CTA requirements, but be expected to track them nonetheless. Wrapped-entity DAOs should set up CTA compliance protocols — including point persons — and track ongoing compliance.
Since DAOs operate through the blockchain and smart contracts, structuring a DAO to adopt CTA-disclosure procedures may be unrealistic.
Traditional DAOs operated as common law partnerships do not face CTA exposure, whereas DAOs operated as or through entities established through state law filings must be CTA-compliant.
The inherent characteristics of DAOs and blockchain technology will make CTA compliance challenging.
As the CTA rollout ramps up in late 2023 and in 2024, many questions likely will arise as to how DAOs that are wrapped or state-registered should properly comply with the CTA.
We would expect the Financial Crimes Enforcement Network to issue more guidance as to the application of the CTA to DAOs as the CTA rollout continues.
In the meantime, the CTA rollout could lead states to slow their efforts to pass DAO-related legislation pending a better understanding of the interplay between the CTA and state-registered DAOs.
Because DAOs are traditionally self-governed and self-regulated by their participants, burdensome CTA compliance requirements and rigid state regulation may further incentivize self-regulation in the DAO industry. DAOs also may be driven away from registering — or staying registered — in U.S. states if their status imposes reporting obligations with which they cannot legally comply.
The CTA's compliance requirements may further the perception of the U.S. as an unfavorable environment for blockchain and DAOs, pushing DAOs toward registering or focusing operations in countries with laws that are perceived as more welcoming.
In upcoming months, in anticipation of the CTA's effectiveness, proper DAO formation will require sophisticated formation and operational advice that is mindful of CTA compliance and potential pitfalls.