Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On June 21, the Secretary of the U.S. Department of the Treasury issued a statement covering the end of the U.S. presidency of the Financial Action Task Force (FATF) and confirming that FATF members agreed to regulate and supervise virtual asset financial activities and related service providers. On the same day, FATF issued a statement noting that it “adopted and issued an Interpretive Note to Recommendation 15 on New Technologies (INR. 15) that further clarifies the FATF’s previous amendments to the international Standards relating to virtual assets and describes how countries and obliged entities must comply with the relevant FATF Recommendations to prevent the misuse of virtual assets for money laundering and terrorist financing and the financing of proliferation.” As previously covered by InfoBytes, in October 2018, FATF urged all countries to take measures to prevent virtual assets and cryptocurrencies from being used to finance crime and terrorism and updated The FATF Recommendations to add new definitions for “virtual assets” and “virtual asset service providers” and to clarify how the recommendations apply to financial activities involving virtual assets and cryptocurrencies.
According to FATF announcement, INR. 15 establishes “binding measures,” which require countries to, among other things, (i) assess and mitigate risks associated with virtual asset activities and service providers; (ii) license or register service providers and subject them to supervision; (iii) implement sanctions and other enforcement measures when service providers fail to comply with an anti-money laundering/combating the financing of terrorism (AML/CFT) obligation; and (iv) ensure that service providers implement the full range of AML/CFT preventive measures under the FATF Recommendations, including customer due diligence, record-keeping, suspicious transaction reporting, and screening all transactions for compliance with targeted financial sanctions.
On April 25, the New York Attorney General announced that operators of a virtual currency trading platform and “tether” virtual currency issuer, along with their affiliated entities, are enjoined from engaging in activities that may have defrauded investors trading in cryptocurrency. The AG’s investigation found that the operators allegedly “engaged in a cover-up to hide the apparent loss of $850 million dollars of co-mingled client and corporate funds.” Under the terms of the court order, the operators and companies must, among other things, (i) immediately end the further dissipation of U.S. dollar assets that back “tether” tokens; (ii) are prohibited from making any distributions to executives, employees, or agents, investors, or associates from “funds that that have been loaned, extended, or pledged, or otherwise taken from the U.S. dollar reserves held by the operator”; and (iii) are prohibited from destroying or deleting potentially relevant documents and communications.
On March 6, the Colorado Governor signed SB 19-23, which provides limited exemptions from the state’s securities registration and licensing requirements for persons dealing in certain types of digital tokens. The “Colorado Digital Token Act” (the Act) provides issuer exemptions for digital tokens sold for a “consumptive purpose”—the token is used in exchange for a good, service, or content—rather than a “speculative or investment purpose.” Specifically, the Act attempts to reduce regulatory uncertainty by providing a safe harbor from state securities laws for persons that meet the specified conditions. Subject to the filing of a referendum petition, the Act will take effect August 2.
On February 19, the Wyoming Governor signed HB 57, which creates a fintech sandbox program in the state for companies to test innovative financial products and services. Wyoming is the second state to introduce a regulatory sandbox program, following Arizona’s sandbox introduction last March. (Previously covered by InfoBytes here.) Under the “Financial Technology Sandbox Act” (the Act), the state’s sandbox will be open to innovative financial products and services, including those focused on blockchain and cryptocurrencies, and will allow testing of these products for up to two years with the possibility of an additional 12 month extension before requiring participants to apply for formal licensure. Additionally, under certain conditions, the Act—which grants various supervisory and enforcement power to the state banking commissioner and the secretary of state, including revocation and suspension rights—will authorize (i) limited waivers of specified statutes or rules, and (ii) reciprocity agreements with other regulators. The Act takes effect January 1, 2020.
On January 22, the Financial Industry Regulatory Authority (FINRA) issued new guidance on areas member firms should consider when seeking to improve their compliance, supervisory, and risk management programs. The 2019 FINRA Risk Monitoring and Examination Priorities Letter (2019 Priorities Letter) examines both new priorities as well as areas of ongoing concern, including the adequacy of firms’ cybersecurity programs. FINRA notes, however, that the 2019 Priorities Letter does not repeat topics previously addressed in prior letters, and advises member firms that it will continue to review ongoing obligations for compliance. Topics FINRA plans to focus on in the coming year include:
- Firms’ use of regulatory technology to help compliance efforts become “more efficient, effective, and risk-based.” FINRA will work with firms to understand risks and concerns related to supervision and governance systems, third party vendor management, and safeguarding customer data;
- Supervision of digital assets, including coordinating with the SEC to review how firms determine whether a given digital asset is a security and whether firms are implementing adequate controls and supervisions related to digital assets, such as complying with anti-money laundering and Bank Secrecy Act rules and regulations;
- Assessment of firms’ compliance with FinCEN’s Customer Due Diligence rule, which requires firms to identify beneficial owners of legal entity customers (as previously covered by InfoBytes here); and
- Financial risks, including credit risks, funding and liquidity planning.
On December 21, the New York governor signed A08783, which creates a digital currency task force to conduct a comprehensive review related to the regulation of cryptocurrencies in the state. The act requires the task force to issue a report by December 15, 2020, with recommendations to “increase transparency and security, enhance consumer protections, and to address the long-term impact related to the use of cryptocurrency.” The report will also contain a review of laws and regulations on digital currency, including those used by other states, the federal government, and foreign countries.
On November 27, the U.S. District Court for the Southern District of California denied the SEC’s motion for a preliminary injunction against a cryptocurrency company, concluding the agency failed show the currency tokens were “securities” as defined under federal securities laws. According to the order, the SEC filed a complaint against the company in October alleging it falsely claimed its initial coin offering (ICO) was registered and approved by the SEC and other regulators, including using the agency’s seal in marketing materials. At the time of the filing, the SEC claimed the company had already raised more than $2.5 million in pre-ICO sales. The SEC moved for a preliminary injunction to freeze the company’s assets and prevent the company’s owner from buying or selling securities and other digital currency during the pendency of the case. Upon review, the court noted the SEC must establish the company previously violated federal securities laws and there is a reasonable likelihood that it will happen again. The SEC argued the allegedly fraudulent marketing materials used to raise money from 32 “test investors” violated federal securities laws, while the company argued the investors did not have an expectation to receive profits as they were working with the company on the exchange’s functionality and therefore, the currency tokens were not “securities.” The court denied the SEC’s motion, concluding that it could not determine whether the tokens were “securities” under federal law without full discovery as there were disputed issues of material facts, including what the test investors relied on in terms of marketing materials before they purchased the cryptocurrency tokens.
On November 16, the SEC announced cryptocurrency-related settlements imposing civil money penalties against two companies that allegedly offered and sold digital tokens through initial coin offerings (ICO). The settlements are the SEC’s first cases imposing civil money penalties based solely on alleged ICO securities offering registration violations. According to the SEC, the two companies allegedly violated the Securities and Exchange Act of 1934 by offering and selling ICO tokens without (i) registering them pursuant to federal securities laws; or (ii) qualifying for an exemption to registration requirements. Under the terms of the settlement agreements (available here and here), the companies—who have neither admitted nor denied the findings—have each agreed to pay a $250,000 civil money penalty, and will also (i) return funds to impacted investors; (ii) register the digital tokens as securities; and (iii) file periodic reports with the SEC.
On November 8, the SEC announced its first enforcement action settlement with a digital currency platform for allegedly operating as an unregistered national securities exchange. According to the cease-and-desist order, the founder of the digital currency exchange, who has since sold the exchange to foreign buyers, allegedly violated federal securities laws by providing an online platform for secondary market trading of digital assets, including ERC20 tokens, without registering with the Commission or operating pursuant to a registration exemption. ERC20 tokens are digital assets issued and distributed on the Ethereum Blockchain using the ERC20 protocol, which, according to the SEC, is the standard coding protocol currently used by a significant majority of issuers in initial coin offerings. The order emphasizes that 92 percent of the trades on the exchange took place after the SEC released its Report of Investigation Pursuant To Section 21(a) Of The Securities Exchange Act of 1934: The DAO (the DAO Report) in July 2017, advising that non-exempt digital currency exchanges must register with the Commission. Without admitting or denying the findings, the founder agreed to pay $300,000 in disgorgement plus interest and a $75,000 penalty.
FATF updates standards to prevent misuse of virtual assets; reviews progress on jurisdictions with AML/CFT deficiencies
On October 19, the Financial Action Task Force (FATF) issued a statement urging all countries to take measures to prevent virtual assets and cryptocurrencies from being used to finance crime and terrorism. FATF updated The FATF Recommendations to add new definitions for “virtual assets” and “virtual asset service providers” and to clarify how the recommendations apply to financial activities involving virtual assets and cryptocurrencies. FATF also stated that virtual asset service providers are subject to Anti-Money Laundering/Combating the Financing of Terrorism (AML/CFT) regulations, which require conducting customer due diligence, such as ongoing monitoring, record-keeping, and suspicious transaction reporting, and commented that virtual asset service providers should be licensed or registered and will be subject to compliance monitoring. However, FATF noted that its recommendations “require monitoring or supervision only for purposes of AML/CFT, and do not imply that virtual asset service providers are (or should be) subject to stability or consumer/investor protection safeguards.”
The same day, FATF announced that several countries made “high-level political commitment[s]” to address AML/CFT strategic deficiencies through action plans developed to strengthen compliance with FATF standards. These jurisdictions are the Bahamas, Botswana, Ethiopia, Ghana, Pakistan, Serbia, Sri Lanka, Syria, Trinidad and Tobago, Tunisia, and Yemen. FATF also issued a public statement calling for continued counter-measures against the Democratic People's Republic of Korea due to significant AML/CFT deficiencies and the threats posed to the integrity of the international financial system, and enhanced due diligence measures with respect to Iran. However, FATF will continue its suspension of counter-measures due to Iran’s political commitment to address its strategic AML/CFT deficiencies.
- Buckley Webcast: Hot topics in debt collection — An analysis of recent federal FDCPA litigation
- Jonice Gray Tucker to discuss "How to succeed in law school" at the SEO Law DC Panel Discussions
- Amanda R. Lawrence to discuss "Navigating the challenges of the latest data protection regulations and proven protocols for breach prevention and response" at the ACI National Forum on Consumer Finance Class Actions and Government Enforcement
- Sasha Leonhardt and John B. Williams to discuss "Privacy" at the National Association of Federally-Insured Credit Unions Summer Regulatory Compliance School
- Warren W. Traiger to discuss "CRA modernization" at the National Association of Industrial Bankers and the Utah Association of Financial Services Annual Convention
- Benjamin W. Hutten to discuss "Requirements for banking inherently high-risk relationships" at the Georgia Bankers Association BSA Experience Program
- Henry Asbill to discuss "Ethical guidance in conducting internal investigations – The intersection of Yates an Upjohn" at the American Bar Association Southeastern White Collar Crime Institute
- Brandy A. Hood to discuss "RESPA Section 8/referrals: How do you stay compliant?" at the New England Mortgage Bankers Conference
- Daniel P. Stipano to discuss "Lessons learned from recent enforcement actions and CMPs" at the ACAMS AML & Financial Crime Conference
- Daniel P. Stipano to discuss "Assessing the CDD final rule: A year of transitions" at the ACAMS AML & Financial Crime Conference