August 12, 2022

Volume XII, Number 224

Advertisement
Advertisement

August 12, 2022

Subscribe to Latest Legal News and Analysis

August 11, 2022

Subscribe to Latest Legal News and Analysis

August 10, 2022

Subscribe to Latest Legal News and Analysis

August 09, 2022

Subscribe to Latest Legal News and Analysis

NYDFS Provides Guidance on the Use of Blockchain Analytics to Maintain Compliance

On April 28, the New York Department of Financial Services (NYDFS) provided a “Virtual Currency Guidance” update.  The guidance is directed towards all virtual currency businesses licensed under 23 NYCRR Part 200 (the New York BitLicense) or limited purpose trust companies chartered under the New York Banking Law (collectively, “VC Entities”).”  The guidance mandates VC Entities to employ blockchain analytics to design and implement effective BSA/AML policies, processes, and procedures, including, for example, those relating to customer due diligence, transaction monitoring, and sanctions screening.

The Guidance addressed five key compliance concepts and issues:

Compliance in a virtual currency context should leverage the unique features of blockchain technology.   Virtual currencies can be transferred from one individual or entity to another pseudonymously and without relying on a regulated third party.  But, at the same time, each and every transaction is immutability recorded on the public blockchain ledger.  VC Entities should incorporate this information into their risk assessment and customer due diligence programs to create a more comprehensive view of a given customer’s wallet’s activity and source of funds.  VC entities should also note and account for the different types of virtual currencies and effectively address the specific characteristics of any particular virtual currency involved.

Blockchain analytical tools should be included in a VC Entity’s suite of controls.  The guidance “emphasizes” the importance of using blockchain analytics tools to enhance existing BSA/AML and OFAC-related compliance controls in three key areas:  (1) augmenting Know Your Customer (“KYC”)-related controls, (2) conducting transaction monitoring of on-chain activity, and (3) conducting sanctions screening of on-chain activity.  VC Entities without the internal resources to implement these controls should be looking to experienced and qualified third parties to provide these services.

  • Augmenting KYC-related controls: As part of their KYC responsibilities, VC Entities must obtain and maintain information regarding, and understand and effectively address the risks presented by, their customers.  Blockchain analytics tools allow VC entities to verify information provided by new and existing customers against the pseudonymous on-chain data for the customer’s wallet.  (See FinCEN’s Advisory on Illicit Activity Involving Convertible Virtual Currency and OFAC’s Sanctions Compliance Guidance for the Virtual Currency Industry for additional background.)  This information should be incorporated into the VC Entity’s policies, processes, and procedures to assess counterparty exposure for virtual currency funds transfers (e.g., beneficiary institutions for outbound transfers).

  • Conducting transaction monitoring of on-chain activity: VC Entities must have policies, processes, and procedures for tracing transaction activity for each type of virtual currency the entity supports and the flow of funds through the blockchain for any inbound or outgoing activity.  VC Entities can harness blockchain analytics to create a specific risk profile for each currency based on numerous factors, including whether a virtual currency has substantial exposure to a high-risk or sanctioned jurisdictions, is mixed with “tainted” cryptocurrency, is sent to or from darknet markets, is associated with scams/ransomware, and/or is associated with other illicit activity.  These processes must describe case management and escalation processes and identify relevant roles and responsibilities across the business and compliance functions, including the VC Entity’s resolution procedures where there are any doubts (e.g., related to source of funds).

  • Conducting sanctions screening of on-chain activity: VC Entities should incorporate blockchain analytics into screening processes in order to identify and prevent transactions with sanctioned individuals and entities listed on the SDN List, or located in sanctioned jurisdictions.  Relevant location data includes originator, beneficiary, originating and beneficiary exchanges, and underlying transactional data.

Putting It Into Practice:  This guidance is the first of its kind to explicitly set forth regulatory expectations for crypto transaction monitoring from a state regulator.  Other regulators and law enforcement will likely start looking to this guidance to inform their own best practices for crypto monitoring going forward, and those in the industry would be well served by internalizing and implementing these guidelines, regardless of their jurisdiction.  This guidance follows recent promises by the superintendent of the NYDFS to increase engagement with virtual currency businesses (we previously discussed these statements here).

Copyright © 2022, Sheppard Mullin Richter & Hampton LLP.National Law Review, Volume XII, Number 123
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement

About this Author

Sarah Aberg Government Contracts Attorney Sheppard Mullin Law Firm New York
Special Counsel

Sarah Aberg is special counsel in the White Collar Defense and Corporate Investigations Group in the firm's New York office.

Areas of Practice

Sarah's practice encompasses litigation, internal investigations and white collar defense, with a focus on financial services and securities. She has conducted multiple criminal trials and numerous internal investigations into a wide variety of allegations, including mail and wire fraud, mortgage fraud, insider trading, market manipulation, money laundering,...

212-634-3091
Associate

Gabriel is an Associate on the Telecom team and the Co-Lead Associate on the Blockchain and Digital Assets team in the firm’s Washington, D.C. office. He is a Blockchain Law Professional as Certified by the Blockchain Council.

At Sheppard Mullin, Gabriel assists the Telecom team in all aspects of communications law and regulation including, satellites, spectrum, 5G implementation, media companies, and new technologies. He assists the Blockchain and Digital Assets team in legal issues relating to the use of blockchain technology, social media, internet, video games, online gambling,...

202-747-2194
Advertisement
Advertisement
Advertisement