InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
Unregistered crypto platform to pay $1.8 million to New York
On June 15, the New York attorney general announced a settlement with a Hong Kong-based cryptocurrency platform to resolve allegations that the company failed to register as a securities and commodities broker-dealer and falsely represented itself as a crypto exchange. The respondent’s platform enables investors to buy and sell cryptocurrency. An investigator was able to create an account on the platform using a New York-based IP address to buy and sell tokens even though the respondent was not registered with the state. (Under New York law, securities and commodities brokers are required to be registered.) The respondent is ordered to refund more than one million dollars to investors and pay more than $600,000 to the state. According to the settlement, investors will receive their refunds in the form of cryptocurrency within 90 days. Additionally, the respondent must cease operating in the U.S., and implement geoblocking to prevent New York IP addresses from accessing its platform. The platform is also banned from offering, selling, or purchasing securities and commodities in New York, and must send weekly emails to its investors in New York, advising them to withdraw their funds from their accounts, or their funds will be transferred to the AG’s office. “Unregistered crypto platforms pose a risk to investors, consumers, and the broader economy,” the AG said, further warning of the serious consequences to other crypto platforms that do not follow New York law. This settlement follows other crypto-related legislation and suits from the New York AG (covered by InfoBytes here).
CFTC shuts down illegal trading platform
The U.S. District Court for the Northern District of California recently granted the CFTC’s motion for default judgment in an action accusing a decentralized autonomous organization of violating the Commodity Exchange Act (CEA) by operating an illegal trading platform and unlawfully acting as a futures commission merchant. (See also CFTC press release here.) The CFTC maintained that the organization’s platform and its blockchain-based software “protocol” enables users to engage in retail commodity transactions but does not provide protections or other requirements mandated under the statute. In addition to unlawfully offering leveraged and margined retail commodity transactions outside of a registered exchange, the organization is charged with failing to comply with Bank Secrecy Act obligations applicable to future commission merchants, including implementing a customer information program or conducting know your customer procedures. The default judgment requires the organization to shutter its website and remove its content from the internet, and orders permanent trading and registration bans. The organization also must pay a $643,542 civil money penalty and is enjoined from future violations of the CEA.
NYDFS calls its virtual currency framework the “gold standard”
On May 25, NYDFS Superintendent Adrienne Harris testified before the New York assembly to address the regulation of virtual currency in the state. Harris highlighted the value and “gold standard” set by NYDFS’s virtual currency regulatory framework. She detailed how novel risks in that landscape were met with subsequential growth of the virtual currency unit since her arrival, including the addition of 50 professionals and a range of seasoned experts to streamline enforcement investigations.
In her testimony, Harris also voiced how the framework responsibly supports innovation for entities engaging primarily in virtual currency activities, leveraging their licensing (BitLicense) and chartering (the limited purpose trust company charter) regimes, whereas other states license virtual currency entities only as money transmitters. Adding on, she specified how NYDFS’s customized approach continues after approval, specifically, “NYDFS creates a detailed supervisory agreement that is tailored to the specific risks presented by the company’s business model. Licensed and chartered entities also are subject to ongoing supervision and are regularly examined for compliance with broadly applicable virtual currency regulations and other rules, as well as with their supervisory agreements.” The development of these tools, among other safeguards, is demonstrative of NYDFS’ focus on addressing the inherently high-risk nature of virtual currency business activity with respect to illicit transactions, she noted.
Harris further clarified that secure, customized regulatory requirements, as outlined in the framework, coupled with transparency, ushers in more business for the state, especially in the case of crypto startups. Further, other regulators, jurisdictions, and economic development agencies are seeking to replicate the framework, Harris commented, as consumer protection is not only achieved as outlined in the law, but by regulators that are able to move at a faster pace than the former.
IOSCO urges global harmonization of crypto oversight
Earlier this month, the International Organization of Securities Commissions (IOSCO) released draft policy recommendations to support greater regulatory and oversight consistency within the crypto and digital assets markets. According to the global securities watchdog, regulators must strive for consistency in their oversight of crypto-asset activities given the cross-border nature of these markets and the varying approaches taken by individual jurisdictions. Seeking to optimize consistency in the way crypto-asset and securities markets are regulated, the IOSCO advised regulators to enhance cooperation efforts and attempt “to achieve regulatory outcomes for investor protection and market integrity that are the same as, or consistent with, those required in traditional financial markets in order to facilitate a level-playing field between crypto-assets and traditional financial markets and help reduce the risk of regulatory arbitrage.” Encouraging regulators to engage in rulemaking and information sharing, the IOSCO presented a comprehensive strategy for harmonizing the oversight of crypto companies, including standards on conflicts of interest and governance, fraud and market abuse, cross-border cooperation, custody of client monies and assets, and operational and technological risks. The IOSCO also suggested measures for reducing money laundering risks, explaining that crypto assets may be more appealing to criminals who want to avoid traditional financial system oversight. The IOSCO noted that its goal is to finalize its policy recommendations in early Q4 2023. Comments will be received through July 31.
Crypto company settles NY AG’s hidden-fee claims
On May 18, the New York attorney general announced a settlement with a Brooklyn-based cryptocurrency company to resolve claims that it charged investors “exorbitant and undisclosed fees” to store cryptocurrency in an account that was advertised as being free on its website. The fees charged to investors to use its wallet storage were allegedly so high that they completely cleaned out investors’ accounts, the AG said. The company agreed to the AG’s findings that it regularly charged and increased fees without properly notifying investors. According to the AG’s investigation, the company changed the wallet storage fee structure four times without clearly disclosing the fee increase, which led to some investors being charged fees equal to 96 percent of the value of their account holdings. In total, the company took approximately $4.25 million from investors. The AG maintained that the company also failed to register as a commodity broker dealer in the state for a period of time, and that while it was eventually granted a virtual currency license pursuant to 23 NYCRR Part 200, it failed to file a registration statement. Under the terms of the assurance of discontinuance, the company is required to pay $508,910 in restitution to the state and provide full restitution to all investors who were misled. The company is also required to provide monthly refund status updates to the AG, limit the amount of fees charged for using its wallet service to 0.002 percent per cryptocurrency per month for at least five years, and ensure that it adequately discloses all fees to investors.
New York proposes “landmark” crypto legislation
On May 5, New York Attorney General Letitia James announced proposed legislation to increase oversight of the cryptocurrency industry. Calling the “landmark legislation” the “strongest and most comprehensive set of regulations on cryptocurrency in the nation,” James said the bill would increase transparency, eliminate conflicts of interest, and impose “commonsense” investor protection measures consistent with other financial services regulations. Among other things, the bill would strengthen NYDFS’ regulatory authority over digital assets and codify the Department’s ability to license digital asset brokers, marketplaces, investment advisors, and issuers prior to engaging in business in the state. NYDFS would also be given jurisdiction to enforce violations of law within the crypto industry, including by issuing subpoenas; imposing civil penalties of $10,000 per violation per individual or $100,000 per violation per firm; collecting restitution, damages, and penalties; and shutting down businesses found to be engaging in fraud and illegal activities.
The bill would also strengthen investor protections by enacting and codifying “know-your-customer” protections, “[b]anning the use of the term ‘stablecoin’ to describe or market digital assets unless they are backed 1:1 with U.S. currency or high-quality liquid assets as defined in federal regulations,” and requiring crypto platforms to reimburse victims of fraud, similar to a bank’s responsibility under the EFTA. Other provisions would, among other things, (i) implement protections to stop conflicts of interest, including by preventing common ownership of crypto issuers, marketplaces, brokers, and investment advisers and preventing such persons from engaging in more than one of those activities; and (ii) require public reporting of financial statements to increase transparency and mandate that companies be required to undergo independent audits and publish audited financial statements, among other things.
The proposed bill will be submitted by the attorney general’s office to the New York Senate and Assembly for their consideration during the 2023 legislative session.
Crypto platform reaches $1.2 million settlement on alleged compliance failures
On May 1, NYDFS issued a consent order against a cryptocurrency trading platform for engaging in alleged violations of the state’s cybersecurity regulation (23 NYCRR Part 500). According to the consent order, during examinations conducted in 2018 and 2020, NYDFS identified multiple alleged deficiencies in the respondent’s cybersecurity program, as required by both the cybersecurity regulation and the state’s virtual currency regulation (23 NYCRR Part 200). Following the examinations, NYDFS initiated an investigation into the respondent’s cybersecurity program. The Department concluded that the respondent failed to conduct periodic cybersecurity risk assessments “sufficient to inform the design of the cybersecurity program,” and failed to establish and maintain an effective cybersecurity program and implement a reviewed and board-approved written cybersecurity policy. Moreover, NYDFS claimed the respondent’s policies and procedures were not customized to meet the company’s needs and risks. Under the terms of the consent order, the respondent must pay a $1.2 million civil monetary penalty and submit quarterly progress reports to NYDFS detailing its remediation efforts.
Republicans say regulators are coordinating on de-banking digital assets
On April 26, House Financial Services Committee Chairman Patrick McHenry (R-NC), Digital Assets, Financial Technology and Inclusion Subcommittee Chairman French Hill (R-AR), and Oversight and Investigations Subcommittee Chairman Bill Huizenga (R-MI) sent separate letters to the Federal Reserve Board Chair Jerome Powell, FDIC Chair Martin J. Gruenberg, and acting Comptroller of the Currency Michael J. Hsu seeking information to help the lawmakers determine whether there exists a “coordinated strategy to de-bank the digital asset ecosystem in the United States” and “suppress innovation.”
The text common to each letter pointed to actions taken by the federal prudential regulators as discouraging banks from offering services to digital asset firms. The lawmakers cited OCC guidance issued in 2021 (Interpretive Letter 1179, covered by InfoBytes here), which stated that banks can engage in certain cryptocurrency activities as long as they are able to “demonstrate, to the satisfaction of its supervisory office, that it has controls in place to conduct the activity in a safe and sound manner” and the banks receive a regulator’s written non-objection. Also discussed were FDIC instructions released in April 2022, which directed banks to promptly notify the agency if they intend to engage in, or are currently engaged in, any digital-asset-related activities, as well as a joint statement issued by the regulators in January that highlighted key risks banks should consider when choosing to engage in cryptocurrency activities. (Covered by InfoBytes here and here.)
Referring to certain recent bank collapses, the lawmakers argued that they do not believe that the underlying problems were caused by digital asset-related customers. The lawmakers requested information related to non-public records and communications between agency employees and supervised banks relating to the aforementioned guidance by May 9.
District Court orders fintech to pay $2.8 million to settle claims of price manipulation of crypto-assets security
On April 20, the U.S. District Court for the Southern District of New York entered a final judgment in which a fintech company and its former CEO (collectively, “defendants”) have agreed to pay the SEC more than $2.8 million to settle allegations that they manipulated the price of their crypto-assets security. The SEC filed charges against the defendants last September for “perpetrating a scheme to manipulate the trading volume and price” of their digital token, and for effectuating the unregistered offering and sale of such token. The complaint also contended that the defendants hired a third party to create the false appearance of robust market activity for the token and inflated the token’s price in order to generate profits for the defendants. According to the SEC, the defendants allegedly earned more than $2 million as a result. The SEC charged the defendants with violating several provisions of the Securities Act of 1934 and Rule 10b-5, as well as certain sections of the Exchange Act. At the time the charges were filed, the third party’s CEO consented to a judgment (without admitting or denying the allegations), which permanently enjoined him from participating in future securities offerings and required him to pay disgorgement and prejudgment interest.
The defendants, while neither admitting nor denying the allegations, consented to the terms of the April final judgment. The company agreed to pay nearly $2.8 million, including more than $1.5 million in disgorgement of net profits, a civil penalty of more than $1 million, and roughly $240,000 in prejudgment interest. The former CEO agreed to pay more than $260,000, representing disgorgement, prejudgment interest, and a civil penalty. Both defendants are permanently enjoined from engaging in future securities law violations, and are restricted in their ability to engage in any offering of crypto asset securities.
OFAC sanctions facilitators of DPRK virtual currency laundering
On April 24, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions, pursuant to Executive Orders 13722 and 13382, against three individuals for providing material support to the Democratic People’s Republic of Korea (DPRK) through several previously designated entities. According to OFAC, the DPRK uses illicit facilitation networks to access the international financial system, launder stolen virtual currency, and generate revenue to support the regime’s weapons of mass destruction and ballistic missile programs. “The United States and our partners are committed to safeguarding the international financial system and preventing its use in the DPRK’s destabilizing activities, especially in light of the DPRK’s three launches of intercontinental ballistic missiles (ICBMs) this year alone,” Under Secretary of the Treasury for Terrorism and Financial Intelligence Brian E. Nelson said in the announcement. OFAC explained that the DPRK deploys IT workers to fraudulently obtain employment to generate revenue in virtual currency, and said that in 2022 alone, DPRK cyber actors were able to steal an estimated $1.7 billion in virtual currency through various hacks. The stolen virtual currency was converted into fiat currency using a network of over-the-counter virtual currency traders (including traders based in China) to avoid detection by financial institutions or authorities, OFAC said.
As a result of the sanctions, all property and interests in property belonging to the sanctioned entities subject to U.S. jurisdiction are blocked and must be reported to OFAC. Additionally, “any entities that are owned, directly or indirectly, 50 percent or more by one or more blocked persons are also blocked.” OFAC further warned that “persons that engage in certain transactions with the individuals or entities designated today may themselves be exposed to designation,” and that “any foreign financial institution that knowingly facilitates a significant transaction or provides significant financial services for any of the individuals or entities designated today could be subject to U.S. correspondent or payable-through account sanctions.”