FINRA and SEC Issue Joint Statement on Security Token and Custody Rules
On July 8, 2019, the staff of the U.S. Securities and Exchange Commission (“SEC”) Division of Trading and Markets and the staff of the Financial Industry Regulatory Authority (“FINRA”) issued a joint statement outlining considerations from industry groups and participants that have sought to engage in facilitating transactions in digital asset classified as securities in a manner that requires such firms to register as a broker-dealer, an exchange, or an alternative trading system (“ATS”) under the Securities Exchange Act of 1934 (the “Exchange Act”). Broker-dealers (or new applicants) that seek to expand their businesses to facilitate transactions in digital assets classified as securities likely need to seek FINRA approval prior to expanding their business to include such activities.
The statement addressed several questions for the SEC and FINRA in this area, and acknowledged that the application of the federal securities laws and FINRA rules to digital assets, digital securities, effecting and administering transactions of these assets, and the related technologies raise many novel and complex regulatory and compliance questions and challenges. As outlined in the statement their concerns stem from 3 areas:
Traditionally, the ability of a broker-dealer to comply with aspects of Rule 15c3-3 under the Exchange Act (the “Customer Protection Rule”) is facilitated by established laws and practices regarding the loss or theft of a security. This ability may not be available or effective in the case of certain digital assets that are securities.
Record keeping requirements for broker dealers impose some constraints on digital assets classified as securities and broker dealers may find it challenging to comply these rules without putting in place significant technological enhancements and solutions unique to digital asset securities.
In case of a broker dealer failure, investors may not be protected since digital assets may not comply with the definition of securities as defined by the Securities Investor Protection Act.
The joint statement outlined how the Customer Protection Rule, in particular, poses a unique challenge for broker-dealers that seek to facilitate and intermediate sales of digital assets classified as securities because that rule imposes strict standards for the custody of customer assets. That rule applies to entities that buy, sell, or are otherwise involved in transactions in all securities, including digital securities, for customers or their own accounts. The intent of the Customer Protection Rule is to protect customers’ securities held by a broker dealer in the event that the broker dealer fails. The rule, among other things, requires broker-dealers to safeguard customer securities and to separate customer assets from the firm’s accounts.
The Customer Protection Rule
The Customer Protection Rule poses a unique challenge for broker-dealers trying to interact with digital asset securities because that rule requires strict standards for the custody of customer assets. The SEC/FINRA staff statement focused in large part on custodial requirements in the Customer Protection Rule. That rule applies to entities that buy, sell, or are otherwise involved in transactions in all securities, including digital asset securities, for customers or their own accounts. The purpose of the Customer Protection Rule is to protect customers’ securities held by a broker dealer should that broker dealer fail. The rule requires broker-dealers to safeguard customer securities and to separate customer assets from the assets and accounts of the firm. Broker-dealers are required to maintain physical possession or control over their customers’ fully paid and excess margin securities, or maintain them free of liens at a good control location – generally being a third-party custodian, such as the Depository Trust Company, a bank, or a transfer agent.
Regulators are analyzing and considering questions about how a broker-dealer would address unauthorized, fraudulent, or erroneous transactions involving digital assets. In the joint release the SEC and FINRA raised concerns about broker-dealers maintaining custody of digital asset securities, including that the manner in which digital asset securities are issued, held, and transferred may create greater risk that a broker-dealer maintaining custody of those assets could be victimized by fraud or theft, could lose a “private key” necessary to transfer a client’s digital asset securities, or could transfer a client’s digital asset securities to an unknown or unintended address without meaningful recourse to invalidate fraudulent transactions, recover or replace lost digital assets, or remedy errors. Here, the release notes that, “[t]hese risks could cause securities customers to suffer losses, with corresponding liabilities for the broker-dealer, imperiling the firm, its customers, and other creditors,” and this in turn runs contrary to the central charge of the SEC and FINRA - to protect investors; maintain fair, orderly, and efficient markets; and ultimately facilitate capital formation.
The SEC and FINRA noted that not all broker-dealers’ business models in the digital asset space involve the custody of digital asset securities. Generally, noncustodial broker-dealer business models do not raise the same level of regulatory concern; therefore, providing a potential path forward for broker-dealers seeking to transact, or facilitate transactions, in digital asset securities. The release provided three examples of noncustodial digital asset business models:
a digital asset broker-dealer that resembles a private placement agent;
a broker-dealer that is an over-the-counter (“OTC”) market facilitator for digital assets - the broker-dealer facilitates OTC transactions in digital asset securities where the buyer and seller complete the transaction directly, apart from the broker-dealer; and
a broker-dealer that operates an ATS digital assets with the trades being settled directly between the buyer and seller, or the buyer and seller could instruct their respective custodians to settle the transactions.
The release does not provide solutions to these questions. Instead, it identifies some of the novel issues that regulators are analyzing and struggling with before they feel ready to approve applications of actors in the digital asset space that seek to become broker-dealers or facilitate transactions involving digital asset securities. There is no current custody solution that the SEC has approved for broker-dealers to comply with the Customer Protection Rule (and certain other regulatory matters and obligations). Regulators appear to be looking at the overall market structure and potential impacts while continuing to search for viable solutions to mitigate known risks.
Custodian Acting As Unregistered Clearing Agencies
In a footnote to the joint release the SEC and FINRA noted that entities that perform functions to facilitate the clearance and settlement of transactions in digital asset securities may be required to register as a clearing agency under Section 17A of the Exchange Act. Before performing clearing agency functions, including trade comparison, netting, matching, and settlement activities, intermediaries must either register with the SEC or apply for an exemption from registration.
There are two types of clearing agencies, clearing corporations and depositories, which differ based on their particular clearing activities. A blockchain technology platform could be required to register as a clearing corporation if it compares the trades of users of the platform, clears the trades, and prepares instructions for automated settlement of the trades. The platform could also be required to register as a clearing corporation if the platform acts as the common counterparty and guarantees the completion of trades. A blockchain technology platform that retains custody of digital assets that classified as securities could be deemed to be acting as a depository. Similarly, a blockchain technology platform could be deemed to be acting as a depository if it effects deliveries of securities between participants via the blockchain (a book entry system that transfers ownership of electronically), without the need for the physical movement of securities. A custodian active in the digital asset space must consider its activates in light of Section 17A of the Exchange Act to avoid running afoul of registration requirements relating to clearing agencies.
Custodial arrangements for entities facilitating trading in digital assets may also give rise to concerns under Regulation R. In 2007, the Federal Reserve and the SEC issued an adopting release for Regulation R. Regulation R outlined exceptions for banks seeking to avoid broker-dealer registration requirements under the Exchange Act, expanding upon exemptions that were already contained therein.
Under Regulation R, banks became able to receive an exemption from broker-dealer registration when securities transactions are a component of the bank's trust and fiduciary, custodial, and deposit sweep functions. As a carve-out to this exemption, however, banks may be deemed to be a carrying broker under the Exchange Act if their custodial activities in partnership with a broker-dealer become so intertwined that the bank appears to be engaging in impermissible carrying broker activity. In looking for impermissible carrying broker activity, the SEC looks to attributes relating to shared customers between the bank and the broker-dealer. In particular, the SEC considers whether shared customers are the broker-dealer’s own regulatory obligation and whether there are formal or informal arrangements that cause the broker-dealers customers to use the bank’s custody accounts instead of maintaining funds and securities accounts at the broker-dealer. The existence of a substantial number of shared customers, in tandem with a formal or informal relationship with the broker-dealer, may indicate that the bank is engaging in impermissible carrying broker activity in its role as the custodian, and therefore be ineligible for the exemptions provided by Regulation R.
It is critical that broker-dealers and custodians evaluate the potential implications of Regulation R when developing a custodial structure for the trading of digital assets in order to ensure that the custodian is able to avail itself of the exemptions provided there under and avoid being deemed to be acting as a carrying broker.
Any company planning to facilitate transactions in digital assets which are securities for transaction related compensation or to operate a platform to bring together multiple buyers and sellers of digital assets are securities, should proceed with caution. Broker-dealers and ATSs that facilitate such transactions could be deemed to have custody of customer funds or securities or to be acting as an unregistered clearing agency. Also, banks that hold digital assets that are classified as securities or customer funds that are not securities should proceed with caution or risk being deemed a carrying broker under Regulation R.