Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
IOSCO urges global harmonization of crypto oversight
Earlier this month, the International Organization of Securities Commissions (IOSCO) released draft policy recommendations to support greater regulatory and oversight consistency within the crypto and digital assets markets. According to the global securities watchdog, regulators must strive for consistency in their oversight of crypto-asset activities given the cross-border nature of these markets and the varying approaches taken by individual jurisdictions. Seeking to optimize consistency in the way crypto-asset and securities markets are regulated, the IOSCO advised regulators to enhance cooperation efforts and attempt “to achieve regulatory outcomes for investor protection and market integrity that are the same as, or consistent with, those required in traditional financial markets in order to facilitate a level-playing field between crypto-assets and traditional financial markets and help reduce the risk of regulatory arbitrage.” Encouraging regulators to engage in rulemaking and information sharing, the IOSCO presented a comprehensive strategy for harmonizing the oversight of crypto companies, including standards on conflicts of interest and governance, fraud and market abuse, cross-border cooperation, custody of client monies and assets, and operational and technological risks. The IOSCO also suggested measures for reducing money laundering risks, explaining that crypto assets may be more appealing to criminals who want to avoid traditional financial system oversight. The IOSCO noted that its goal is to finalize its policy recommendations in early Q4 2023. Comments will be received through July 31.
Crypto company settles NY AG’s hidden-fee claims
On May 18, the New York attorney general announced a settlement with a Brooklyn-based cryptocurrency company to resolve claims that it charged investors “exorbitant and undisclosed fees” to store cryptocurrency in an account that was advertised as being free on its website. The fees charged to investors to use its wallet storage were allegedly so high that they completely cleaned out investors’ accounts, the AG said. The company agreed to the AG’s findings that it regularly charged and increased fees without properly notifying investors. According to the AG’s investigation, the company changed the wallet storage fee structure four times without clearly disclosing the fee increase, which led to some investors being charged fees equal to 96 percent of the value of their account holdings. In total, the company took approximately $4.25 million from investors. The AG maintained that the company also failed to register as a commodity broker dealer in the state for a period of time, and that while it was eventually granted a virtual currency license pursuant to 23 NYCRR Part 200, it failed to file a registration statement. Under the terms of the assurance of discontinuance, the company is required to pay $508,910 in restitution to the state and provide full restitution to all investors who were misled. The company is also required to provide monthly refund status updates to the AG, limit the amount of fees charged for using its wallet service to 0.002 percent per cryptocurrency per month for at least five years, and ensure that it adequately discloses all fees to investors.
New York proposes “landmark” crypto legislation
On May 5, New York Attorney General Letitia James announced proposed legislation to increase oversight of the cryptocurrency industry. Calling the “landmark legislation” the “strongest and most comprehensive set of regulations on cryptocurrency in the nation,” James said the bill would increase transparency, eliminate conflicts of interest, and impose “commonsense” investor protection measures consistent with other financial services regulations. Among other things, the bill would strengthen NYDFS’ regulatory authority over digital assets and codify the Department’s ability to license digital asset brokers, marketplaces, investment advisors, and issuers prior to engaging in business in the state. NYDFS would also be given jurisdiction to enforce violations of law within the crypto industry, including by issuing subpoenas; imposing civil penalties of $10,000 per violation per individual or $100,000 per violation per firm; collecting restitution, damages, and penalties; and shutting down businesses found to be engaging in fraud and illegal activities.
The bill would also strengthen investor protections by enacting and codifying “know-your-customer” protections, “[b]anning the use of the term ‘stablecoin’ to describe or market digital assets unless they are backed 1:1 with U.S. currency or high-quality liquid assets as defined in federal regulations,” and requiring crypto platforms to reimburse victims of fraud, similar to a bank’s responsibility under the EFTA. Other provisions would, among other things, (i) implement protections to stop conflicts of interest, including by preventing common ownership of crypto issuers, marketplaces, brokers, and investment advisers and preventing such persons from engaging in more than one of those activities; and (ii) require public reporting of financial statements to increase transparency and mandate that companies be required to undergo independent audits and publish audited financial statements, among other things.
The proposed bill will be submitted by the attorney general’s office to the New York Senate and Assembly for their consideration during the 2023 legislative session.
Crypto platform reaches $1.2 million settlement on alleged compliance failures
On May 1, NYDFS issued a consent order against a cryptocurrency trading platform for engaging in alleged violations of the state’s cybersecurity regulation (23 NYCRR Part 500). According to the consent order, during examinations conducted in 2018 and 2020, NYDFS identified multiple alleged deficiencies in the respondent’s cybersecurity program, as required by both the cybersecurity regulation and the state’s virtual currency regulation (23 NYCRR Part 200). Following the examinations, NYDFS initiated an investigation into the respondent’s cybersecurity program. The Department concluded that the respondent failed to conduct periodic cybersecurity risk assessments “sufficient to inform the design of the cybersecurity program,” and failed to establish and maintain an effective cybersecurity program and implement a reviewed and board-approved written cybersecurity policy. Moreover, NYDFS claimed the respondent’s policies and procedures were not customized to meet the company’s needs and risks. Under the terms of the consent order, the respondent must pay a $1.2 million civil monetary penalty and submit quarterly progress reports to NYDFS detailing its remediation efforts.
Republicans say regulators are coordinating on de-banking digital assets
On April 26, House Financial Services Committee Chairman Patrick McHenry (R-NC), Digital Assets, Financial Technology and Inclusion Subcommittee Chairman French Hill (R-AR), and Oversight and Investigations Subcommittee Chairman Bill Huizenga (R-MI) sent separate letters to the Federal Reserve Board Chair Jerome Powell, FDIC Chair Martin J. Gruenberg, and acting Comptroller of the Currency Michael J. Hsu seeking information to help the lawmakers determine whether there exists a “coordinated strategy to de-bank the digital asset ecosystem in the United States” and “suppress innovation.”
The text common to each letter pointed to actions taken by the federal prudential regulators as discouraging banks from offering services to digital asset firms. The lawmakers cited OCC guidance issued in 2021 (Interpretive Letter 1179, covered by InfoBytes here), which stated that banks can engage in certain cryptocurrency activities as long as they are able to “demonstrate, to the satisfaction of its supervisory office, that it has controls in place to conduct the activity in a safe and sound manner” and the banks receive a regulator’s written non-objection. Also discussed were FDIC instructions released in April 2022, which directed banks to promptly notify the agency if they intend to engage in, or are currently engaged in, any digital-asset-related activities, as well as a joint statement issued by the regulators in January that highlighted key risks banks should consider when choosing to engage in cryptocurrency activities. (Covered by InfoBytes here and here.)
Referring to certain recent bank collapses, the lawmakers argued that they do not believe that the underlying problems were caused by digital asset-related customers. The lawmakers requested information related to non-public records and communications between agency employees and supervised banks relating to the aforementioned guidance by May 9.
District Court orders fintech to pay $2.8 million to settle claims of price manipulation of crypto-assets security
On April 20, the U.S. District Court for the Southern District of New York entered a final judgment in which a fintech company and its former CEO (collectively, “defendants”) have agreed to pay the SEC more than $2.8 million to settle allegations that they manipulated the price of their crypto-assets security. The SEC filed charges against the defendants last September for “perpetrating a scheme to manipulate the trading volume and price” of their digital token, and for effectuating the unregistered offering and sale of such token. The complaint also contended that the defendants hired a third party to create the false appearance of robust market activity for the token and inflated the token’s price in order to generate profits for the defendants. According to the SEC, the defendants allegedly earned more than $2 million as a result. The SEC charged the defendants with violating several provisions of the Securities Act of 1934 and Rule 10b-5, as well as certain sections of the Exchange Act. At the time the charges were filed, the third party’s CEO consented to a judgment (without admitting or denying the allegations), which permanently enjoined him from participating in future securities offerings and required him to pay disgorgement and prejudgment interest.
The defendants, while neither admitting nor denying the allegations, consented to the terms of the April final judgment. The company agreed to pay nearly $2.8 million, including more than $1.5 million in disgorgement of net profits, a civil penalty of more than $1 million, and roughly $240,000 in prejudgment interest. The former CEO agreed to pay more than $260,000, representing disgorgement, prejudgment interest, and a civil penalty. Both defendants are permanently enjoined from engaging in future securities law violations, and are restricted in their ability to engage in any offering of crypto asset securities.
OFAC sanctions facilitators of DPRK virtual currency laundering
On April 24, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions, pursuant to Executive Orders 13722 and 13382, against three individuals for providing material support to the Democratic People’s Republic of Korea (DPRK) through several previously designated entities. According to OFAC, the DPRK uses illicit facilitation networks to access the international financial system, launder stolen virtual currency, and generate revenue to support the regime’s weapons of mass destruction and ballistic missile programs. “The United States and our partners are committed to safeguarding the international financial system and preventing its use in the DPRK’s destabilizing activities, especially in light of the DPRK’s three launches of intercontinental ballistic missiles (ICBMs) this year alone,” Under Secretary of the Treasury for Terrorism and Financial Intelligence Brian E. Nelson said in the announcement. OFAC explained that the DPRK deploys IT workers to fraudulently obtain employment to generate revenue in virtual currency, and said that in 2022 alone, DPRK cyber actors were able to steal an estimated $1.7 billion in virtual currency through various hacks. The stolen virtual currency was converted into fiat currency using a network of over-the-counter virtual currency traders (including traders based in China) to avoid detection by financial institutions or authorities, OFAC said.
As a result of the sanctions, all property and interests in property belonging to the sanctioned entities subject to U.S. jurisdiction are blocked and must be reported to OFAC. Additionally, “any entities that are owned, directly or indirectly, 50 percent or more by one or more blocked persons are also blocked.” OFAC further warned that “persons that engage in certain transactions with the individuals or entities designated today may themselves be exposed to designation,” and that “any foreign financial institution that knowingly facilitates a significant transaction or provides significant financial services for any of the individuals or entities designated today could be subject to U.S. correspondent or payable-through account sanctions.”
House subcommittee holds hearing on stablecoin regulation
The House Financial Services Subcommittee on Digital Assets, Financial Technology and Inclusion recently held a hearing to examine stablecoins’ role in the payment system and to discuss proposed legislation for creating a federal framework for issuing stablecoins. A subcommittee memorandum identified different types of stablecoins (the most popular being pegged to the U.S. dollar to diminish volatility) and presented an overview of the market, which currently consists of more than 200 different types of stablecoins, collectively worth more than $132 billion. The subcommittee referred to a 2021 report issued by the President’s Working Group on Financial Markets, along with the FDIC and OCC (covered by InfoBytes here), in which it was recommended that Congress pass legislation requiring stablecoins to be issued only by insured depository institutions to ensure that payment stablecoins are subject to a federal prudential regulatory framework. The subcommittee discussed draft legislation that would define a payment stablecoin issuer and establish a regulatory framework for payment stablecoin issuers, including enforcement requirements and interoperability standards.
Subcommittee Chairman, French Hill (R-AR), delivered opening remarks, in which he commented that the proposed legislation would require stablecoin issuers to comply with redemption requirements, monthly attestation and disclosures, and risk management standards. Recognizing the significant amount of work yet to be done in this space, Hill said he believes that “innovation is fostered through choice and competition,” and that “one way to do that is through multiple pathways to become a stablecoin issuer, though with appropriate protections [to] prevent regulatory arbitrage and a race to the bottom.” He cited reports that digital asset developers are leaving the U.S. for countries that currently provide a more established regulatory framework for digital assets, and warned that this will stymie innovation, jobs, and consumer/investor protection. He also criticized ”the ongoing turf war between the SEC and CFTC” with respect to digital assets, and warned that “[w]hen you have two agencies contradicting each other in court about whether one of the most utilized stablecoins in the market is a security or a commodity, what you end up with is uncertainty.”
Witness NYDFS Superintendent Adrienne A. Harris discussed the framework that is currently in place in New York and highlighted requirements for payment stablecoin issuers operating in the state. In a prepared statement, Harris said many domestic and foreign regulators call the Department’s regulatory and supervisory oversight of virtual currency the “gold standard,” in which virtual currency entities are “subject to custody and capital requirements designed to industry-specific risks necessary for sound, prudential regulation.” Harris explained that NYDFS established “additional regulations, guidance, and company-specific supervisory agreements to tailor [its] oversight” over financial products, including stablecoins, and said the Department is the first agency to provide regulatory clarity for these types of products. She highlighted guidance released last June, which established criteria for regulated entities seeking to issue USD-backed stablecoins in the state (covered by InfoBytes here), and encouraged a collaborative framework that mirrors the regulatory system for more traditional financial institutions and takes advantage of the comparative strengths offered by federal and state regulators. Federal regulators will be able to comprehensively address “macroprudential considerations” and implement foundational consumer and market protections, while states can “leverage their more immediate understanding of consumer needs” and more quickly modernize regulations in response to industry developments and innovation, Harris said.
DFPI cracks down on crypto platforms’ AI claims
On April 19, the California Department of Financial Protection and Innovation (DFPI) announced enforcement actions against five separate entities and an individual for allegedly offering and selling unqualified securities and making material misrepresentations and omissions to investors in violation of California securities laws. According to DFPI, the desist and refrain orders allege that the subjects (which touted themselves as cryptocurrency trading platforms) engaged in a variety of unlawful and deceptive practices, including promising investors high yield returns through the use of artificial intelligence to trade crypto assets, falsely representing that an insurance fund would prevent investor losses, and using investor funds to pay purported profits to other investors. The subjects also allegedly took measures to make the scams appear to be legitimate businesses through the creation of professional websites and social media accounts where influencers and investors shared testimonials about the money they were supposedly making. The orders require the subjects to stop offering, selling, buying, or offering to buy securities in the state, and demonstrate DFPI’s continued crackdown on high yield investment programs.
SEC opens comment period on defining “exchange”
On April 14, the SEC reopened the comment period on proposed amendments to the statutory definition of “exchange” under Exchange Act rule 3b-16, which now includes systems that facilitate the trading of crypto asset securities. (See also SEC fact sheet here.) The comment period was reopened in response to feedback requesting information about how existing rules and the proposed amendments would apply to systems that trade crypto asset securities and meet the proposed definition of an exchange, or to trading systems that use distributed ledger or blockchain technology, including such systems characterized as decentralized finance (DeFi). The SEC also provided supplement information and economic analysis for systems that would now fall under the new, proposed definition of exchange. The reopened comment period allows an opportunity for interested persons to analyze and comment on the proposed amendments in light of the supplemental information. Comments are due 30 days after publication in the Federal Register.
“[G]iven how crypto trading platforms operate, many of them currently are exchanges, regardless of the reopening release we’re considering today,” SEC Chair Gary Gensler said. “These platforms match orders of multiple buyers and sellers of crypto securities using established, non-discretionary methods. That’s the definition of an exchange—and today, most crypto trading platforms meet it. That’s the case regardless of whether they call themselves centralized or decentralized.” He added that crypto-market investors must receive the same protections that the securities laws afford to all other markets. Commissioners Mark T. Uyeda and Hester M. Peirce voted against reopening the comment period. Uyeda cautioned against expanding the definition of an “exchange” in an “ambiguous manner,” saying it could “suppress further beneficial innovation.” Peirce also dissented, arguing that the proposal stretches the statutory definition of an “exchange” beyond a reasonable reading in an attempt to “reach a poorly defined set of activities with no evidence that investors will benefit.”