Regulation Overview of the Crypto landscape

The rise of every new technology or industry comes with added regulatory scrutiny, as we’ve witnessed with the internet, social media, ridesharing,and many other sectors. Regulators are treading a fine line between regulating it with the right approach, which will enable the industry to prosper and gain mainstream adoption, or by over-regulating it, which may inhibit its potential. Finding the right balance when navigating through areas for regulation in new technologies can be challenging but a task that regulators need to embrace. New technologies and industries can bring massive benefits to the community through economic growth, improved quality of life, etc but at the same time without adequate regulations, bad actors may thrive in extracting value from genuine participants. The following quote illustrates the thinking behind regulating with the right approach: “Speed limits and traffic lights provided public safety but also helped cars become mainstream. It is only with bringing things inside—and sort of clearly within our public policy goals—that new technology has a chance of broader adoption”. The current regulation outlook revolves around two key areas: 1) KYC/AML compliance and 2) classification of securities.

KYC/AML

Know-your-customer/Anti-money laundering (KYC/AML) procedures are put in place to identify their customers and are measures to deter money laundering. These procedures were meant to deter money launderers from using the said service to launder money, which could potentially be used to fund various nefarious activities. In traditional finance, KYC/AML has been in place for decades under various legislation such as the Bank Secrecy Act, Patriot Act in the US and the 5th Anti-Money Laundering Directive (AMLD5) in the EU and other similar legislation worldwide. Implementing KYC/AML is a matter of cost & benefit analysis on how thorough due diligence are conducted on customers and partners against the effectiveness of preventing money laundering activities. While there are ways to sidestep these procedures, financial institutions are also mindful in implementing excessive checks that will significantly add to their operational costs and inefficiencies.

In 2019, the Financial Crimes Enforcement Network (FinCEN), the Commodity Futures Trading Commission (CFTC) and the Securities and Exchange Commission (SEC) issued a joint statement that defined cryptocurrency exchanges as money service businesses (MSBs), thus making them subject to AML and KYC regulations under the Bank Secrecy Act. This was followed by new regulations for cryptocurrency wallets and cryptocurrency holdings at foreign exchanges. AMLD5 in Europe has also made it clear that cryptocurrency exchanges that are trading them to adhere to KYC/AML legislation. KYC/AML legislation in the crypto industry is relatively new and exchanges are applying KYC/AML measures retrospectively to remain compliant with regulators across various jurisdictions. Like traditional finance, KYC/AML are commonly applied to on-ramps and off-ramps, thus centralized crypto exchanges (CEXs) are impacted the most with KYC/AML procedures. The Financial Action Task Force (FATF) has recently updated the Travel-Rule guideline, which recommends Virtual Asset Service Providers (VASPs), including exchanges, banks, OTC desks, hosted wallets, and other financial institutions, to share certain identifying information about the recipient and receiver for cryptocurrency transactions over USD/EUR 1000 globally. Since the issuance of FATF’s virtual asset guidance, some jurisdictions, such as Singapore, Switzerland, and Hong Kong, have already forbid exchanges from operating without licenses that enforce Travel Rule compliance—regulations that require Virtual Asset Service Providers to securely share certain sender and receiver information with each other for cryptocurrency transactions. Exchanges are also complying with the new guidance by deploying new tools to scan addresses associated with incoming crypto transactions.

The rise of decentralized applications (dApps) built on various blockchain protocols adds a unique mix to the equation, by design there is no central authority responsible for operating those applications as they are solely managed by smart contracts. Having witnessed multiple hacks on smart contracts where hackers cashed out their loot via decentralized exchanges (DEXs) sidestepping any KYC/AML procedures placed on CEXs. This further makes the case for regulators to consider enforcing KYC/AML requirements on dApps. However contradicting this may sound, the enforcement of KYC/AML could undermine the pseudonymous or anonymous nature of cryptocurrencies. The uncertainty that the industry is facing on the regulation front is inevitable as stakeholders and regulators are coming to grasp how the technology functions and what blind spots within the industry are, to implement the right policies to regulate the industry.

Securities

Securities are commonly defined as fungible and tradable financial instruments used to raise capital in public and private markets. In the US, the Securities Act of 1933 is the federal law that requires that securities sold to the public be registered with the SEC and that complete information about the seller and the stock offering is made available to investors.

The Howey Test is often used to determine if a transaction qualifies as an “investment contract,” and therefore would be considered a security and subject to disclosure and registration requirements under the Securities Act of 1933 and the Securities Exchange Act of 1934. In recent years as blockchain technology matures and the issuance of tokens became more prevalent, the need to define the scope of a security and if the issued tokens come under the scope became ever more imperative. The SEC came up with a framework for “Investment Contract” Analysis of Digital Assets to give a clearer definition of what constitutes a security. The application of the Howey Test on digital assets remains applicable with the following three criteria: 1) The Investment of Money, 2) Common Enterprise and 3) Reasonable Expectation of Profits Derived from Efforts of Others. In most cases, whether a digital asset qualifies as an investment contract largely relies on whether there is an “expectation of profit to be derived from the efforts of others.”

Token Issuance

The focus on defining the scope of a security within the crypto industry is essential as unregistered security can only be traded by an accredited investor, which is largely not the case in the current environment. A recent case further reinforces this point where DEXs are delisting tokens that may be at risk of being classified as securities by a regulator.

Given the importance regulators placed on entities offering a public sale of securities to fundraise, there are various crypto projects (e.g Stacks) that applied to the SEC for an exemption from registration for public offerings under the SEC Regulation A+ framework. Regulation A is an exemption from registration requirements—instituted by the Securities Act—that apply to public offerings of securities that do not exceed $50 million in any one-year period. Projects that have met the criteria of not being a security can also make an application to the SEC to no longer treat it as a security, thereby allowing non-accredited investors to purchase them.

Regulation Landscape

Cryptocurrencies and Digital Assets have evolved tremendously since the publication of the Bitcoin Whitepaper in 2008, which kickstarted the industry to life. Simultaneously, as the industry grew to attract more participants, capital, and other resources into the mix, regulating the landscape needs to evolve to accommodate it. Crypto is at the cross juncture now as regulators see the need to implement tighter policies to regulate the industry in the interests of participants in the industry, while participants, builders in the industry are iterating at breakneck speed and are worried that regulations may impede their progress.

In the US, at the state level, there are 50 attorneys general and various state agencies that enforce digital asset-related laws (or other general laws that may apply to digital assets) passed by state legislatures and applied by the courts. Individual states are taking different approaches, and the laboratory of ideas is actively at work. For example, the New York State Department of Financial Services has enacted the Virtual Currency Business Activity regulatory framework (e.g., the “BitLicense” framework), which covers substantially all virtual currency activity by New York firms and residents. On the opposite end of the spectrum, Wyoming has passed legislation exempting virtual currency transactions from its money transmitter regulations, utility tokens from certain state securities registration and money transmitter laws and virtual currencies from property taxation laws. Colorado recently issued guidance exempting certain types of digital asset exchanges from the state’s money transmitter licensing requirements. It remains unsettled whether federal regulation will supersede state regulation in respect of digital assets and FinTech more generally, as the courts have not yet ruled on many aspects of crypto regulation.

The EU and Switzerland have taken different approaches to the regulation of distributed ledger-based security issuance and trading. In September 2020, the Swiss Parliament adopted the Federal Act on the Adaptation of Federal Law to Developments in Distributed Ledger Technology (DLT). In the same month, the European Commission adopted several legislative proposals as part of its Digital Finance Strategy.

Switzerland’s new regulation enables the issuance of securities using DLT as of 1 February 2021. The Swiss ledger-based security (Registerwertrecht) is a new type of uncertificated security, which can serve as an alternative to the existing intermediated securities (Bucheffekten). Both types are immaterialised securities, but intermediated securities require a regulated institution such as a bank, securities firm, or a Central Securities Depository (CSD) for issuance and transfer of the security. The new Swiss ledger-based security (Registerwertrecht) can be issued and transferred without an intermediary.

The European Commission adopted four proposals: The Market in Crypto-Assets Regulation (MiCA), the Pilot DLT Market Infrastructure Regulation (PDMIR), the Digital Operational Resilience Regulation (DORA), and a directive to amend existing financial services legislation.

According to the new legislation, security tokens issued using DLT will be subject to MiFID II and, therefore, other financial market regulations will apply as well, namely the Market Abuse Regulation, Prospectus Regulation, Transparency Directive, Short Selling Regulation, Settlement Finality Directive and the Central Securities Depository Regulation. However, the specific laws that apply depending on which country the issuer is in, which country the investors are in, and what type of investment contract is being tokenised. There are eight main types of security tokens:

  1. Tokenised profit participation rights
  2. Tokenised revenue participation rights
  3. Tokenised subordinated loans
  4. Tokenised commitments to use
  5. Tokenisation of a limited liability company (GmbH)
  6. Tokenisation of a stock corporation
  7. Tokenisation of real assets such as precious metals or apartment buildings
  8. Tokenisation of voucher entitlements

The European Union first published its Digital Finance Package on 24 September 2020 which includes legislative proposals on crypto-assets to ensure the EU’s financial sector remains competitive by simplifying the rules and emphasising consumer safety. MiCA Proposal is a regulatory framework developed to help regulate currently out-of-scope crypto-assets and their service providers in the EU and provide a single licensing regime across all member states by 2024. The Markets in Crypto-assets proposal has 4 broad objectives:

  • To provide legal certainty for crypto-assets not covered by existing EU financial services legislation, for which there is currently a clear need.
  • To establish uniform rules for crypto-asset service providers and issuers at the EU level
  • To replace existing national frameworks applicable to crypto-assets not covered by existing EU financial services legislation
  • To establish specific rules for so-called ‘stablecoins’, including when these are e-money.

Singapore’s digital assets regulations fall under The Payment Services Act (PSA) and The Securities and Futures Act (SFA), implemented by The Monetary Authority of Singapore (MAS). The regulation covers various segments including, KYC/AML, Digital Payment Token activities (DPT), DPT service providers, transfer of DPTs, provision of custodial wallet services for DPTs, and the facilitation of the exchange of DPTs. With DPT service providers being granted an exemption to provide services to retail and institutional investors while they await a formal licence.

Hong Kong in May’21 published the Consultation Conclusions on legislative proposals to enhance anti-money laundering and counter-terrorist financing (“AML/CTF”) regulations in Hong Kong, including a proposal to introduce a licensing regime for virtual asset services providers (“VASPs”). The Hong Kong authorities are focused on promoting the protection of market integrity and investor interests, and the regulatory requirements for licensed VASPs extend beyond AML/CTF requirements by seeking to regulate matters including customer type (i.e. professional investors only), prevention of market manipulative and abusive activities, and prevention of conflicts of interest.

Thailand introduced the Digital Asset Decree (the “Decree”) that establishes the requirements for a business to offer or provide operations for digital assets in 2018. The Decree covers both cryptocurrencies as well as digital tokens and is overseen by the Securities and Exchange Commission of Thailand (“SEC Thailand”). The Decree clearly segments between primary issuance activities (e.g. fundraising), applicable to token offerors and issuers, and secondary market activities (e.g. trading), applicable to token exchange and trade-related intermediaries. Thailand has also established 3 types of licenses: (i) Digital Asset Exchange License; (ii) Digital Asset Broker License; and (iii) Digital Asset Dealer License.

China has expressed their position with decentralized crypto networks with the banning of 1) crypto mining, 2) provision of crypto trading and payment services and 3) ICOs, but remains receptive to Chinese investors holding and trading of cryptocurrencies. China has been encouraging the use of China’s own Central Bank Digital Currency (CBDC) Digital Renminbi and showed great enthusiasm towards the application of blockchain technology in modernizing China’s financial systems.

India is taking a more calibrated approach towards regulation crypto, after initially floating the idea of outright banning it in the country. Similar to other jurisdictions, India takes on a tough stance towards money laundering and has issued a show-cause notice to India’s biggest crypto exchange – for facilitating money laundering, specifically for infringing the Indian Foreign Exchange Management Act (FEMA). However, India has yet to issue any clear regulatory guidance on crypto assets.

In developments…

As of writing, the US is about to take the most significant steps from a regulatory standpoint, in the coming months. Changes were made to cryptocurrency tax provisions that were intended to improve tax compliance among those trading digital currencies were drafted as part of a larger Infrastructure Bill, to be passed into law by the US government. There were some key contentious points within the draft that were causing concerns within the cryptocurrency and blockchain industry. In particular, The bill defines a broker broadly as “any person who is responsible for regularly providing any service effectuating transfers of digital assets on behalf of another person”. Therefore, under the U.S. tax code, brokers are required to collect and report information on transactions.

Even proposed fixes were fraught with complications as they would “pick winners and losers” according to critics. The Wyden-Lummis-Toomey amendment, which did not pass, made it explicitly clear that validators and software developers are not “brokers”. However, even that amendment only exempted proof-of-stake and proof-of-work validators while unknowingly excluding the many other consensus mechanisms that exist. The definition of “broker” may also encapsulate blockchain developers and does not acknowledge that many such developers are developing platforms and applications that have little or nothing to do with financial instruments.

The overarching concern amongst stakeholders is that innovation could be stifled if all teams working on blockchain-related projects are required to collect detailed information on their users and provide tax returns as if they were brokers of financial instruments.

In the same week, Rep. Don Beyer (D-Va.) introduced draft legislation for crypto consumer protection. The “Digital Assets Market Structure and Investor Protection Act”

Specifically, the bill would:

  • Create statutory definitions for digital assets and digital asset securities and provide the Securities and Exchange Commission (SEC) with authority over digital asset securities and the Commodity Futures Trading Commission (CFTC) with authority over digital assets;
  • Provide legal certainty as to the regulatory status for the top 90% of the digital asset market (by market capitalization and trading volume) through a joint SEC/CFTC rulemaking.
  • Require digital asset transactions that are not recorded on the publicly distributed ledger to be reported to a registered Digital Asset Trade Repository within 24 hours to minimize the potential for fraud and promote transparency;
  • Explicitly add digital assets and digital asset securities to the statutory definition of “monetary instruments,” under the Bank Secrecy Act (BSA), formalizing the regulatory requirements for digital assets and digital asset securities to comply with anti-money laundering, recordkeeping, and reporting requirements;
  • Provide the Federal Reserve with explicit authority to issue a digital version of the U.S. Dollar, clarify that digital assets, digital asset securities and fiat-based stablecoins are not U.S. legal tender, and provide the U.S. Treasury Secretary with authority to permit or prohibit US Dollar and other fiat-based stablecoins;
  • Direct the Federal Deposit Insurance Corporation (FDIC), National Credit Union Administration (NCUA), and Securities Investor Protection Corporation (SIPC) to issue consumer advisories on “non-coverage” of digital assets or digital asset securities to ensure that consumers are aware that they are not insured or protected in the same way as bank deposits or securities; and,
  • Require legislative recommendations from FinCEN, SEC and CFTC to provide clarity on dividing lines between who must register as a money services business versus who must register as a securities or commodities exchange.

On 3rd August 2021, SEC chairman Gary Gensler shared his thoughts about crypto regulation with the key consideration being to protect investors in crypto and also gave his views on several key crypto products in the space. 1) Stock tokens which give exposure to underlying securities are subject to securities law and need to adhere to current securities regulations. 2) Crypto trading platforms not only implicate the securities laws, but some platforms will also implicate the commodities laws and banking laws. A typical trading platform has over 100 tokens trading on them and each token’s legal status depends on its facts and circumstances, therefore the probability is quite remote that of the 100+ tokens none of them is a security given that there is no clear gatekeeping mechanism in enforcing the security criteria before listing on those platforms. 3) Nearly 75% of training on crypto trading platforms occurred between a stablecoin and another token, thus the use of stablecoins on these platforms may facilitate those seeking to sidestep a host of public policy goals connected to the banking and financial system. E.g. KYC/AML, Tax compliance, Sanctions, etc, thus the intent is to apply the full investor protections of the Investment company Act and other federal securities laws on these products. Additionally, he mentioned the need for more legislation on crypto trading, lending and DeFi platforms and granting regulators additional authorities to regulate the crypto ecosystem.

DeFi Regulation

Decentralized Finance (DeFi) has largely been unregulated in major jurisdictions, as participants interact with smart contracts to trade and conduct other financial activities without a middleman or centralized entity. Developers of these applications believe that DeFi applications are not subjected to current regulatory requirements as core developers will step away from the project after writing software that automates and facilitates users’ transactions with the protocol thereby achieving decentralization in the process, similar to the SEC’s stance on Bitcoin. However, SEC chairman Gary Gensler takes on a different view such that “there’s still a core group of folks that are not only writing the software, like the open-source software, but they often have governance and fees,” where “there’s some incentive structure for those promoters and sponsors in the middle of this.” Mr. Gensler also added that “these platforms facilitate something that might be decentralized in some aspects but highly centralized in other aspects.” Regulators stance on protecting investors interest in crypto has been clear, while DeFi currently does not require KYC/AML, or any safeguards against money laundering or other criminal activities, there may be some regulatory gaps that will be filled as regulators find a balance between regulating decentralized applications and ensuring investors interests.

It is clear that the crypto industry needs better defined public policies to take it mainstream and the current developments in the US will be watched by the world, and what eventually comes out of it will likely influence how regulators around the world view crypto.

You may also like