The Growing Regulatory Spotlight on Digital Assets’ Role in Funds Transfers and Payments

An obscure but powerful task force, simply known as the FATF, holds the key.

April 21, 2021

By Amy Davine Kim

Over the past two decades, the advent of the global digital banking and financial services system has revolutionized electronic funds transfers and payments and adoption of digital asset technologies. Blockchain and distributed ledger technologies will transform the way in which we buy and sell goods and services, and even the goods and services that we buy.  With this opportunity has come an increased global governmental scrutiny of implementing policies to address anti-money laundering and counter-financing of terrorism (AML/CFT) risks, and ongoing concerns about how best to put in place such policies while addressing privacy concerns.

Two years ago, the Financial Action Task Force (FATF), a powerful intergovernmental organization founded in 1989, amended its anti-money laundering Recommendations to include virtual assets and so-called Virtual Asset Service Providers (VASPs). The FATF is viewed as a crucial standards-setter for anti-money laundering and anti-terrorist financing policies; failure to adopt and enforce its Guidance is noted in the FATF’s audits, which can lead to countries being “grey-listed” and causing financial institutions to no longer do business within those countries.

The Guidance prompts countries to establish regulatory frameworks globally to address AML/CFT concerns involving virtual assets, typically including the development of compliance programs that require customer due diligence and implementation of the so-called “Travel Rule” provisions.  Now, two years later, the FATF has again proposed “updates” to its Guidance in an attempt to develop greater clarity around the requirements.

The Guidance was open to comment for 30 days by financial regulatory bodies around the world, as well as industry players, such as the Chamber of Digital Commerce. The FATF intends to release a final form of the Guidance this June.

The Chamber has long supported such standard-setting bodies and processes as undertaken by the FATF, including through its work to develop data messaging standards for the Travel Rule.  Nevertheless, this recently updated Guidance takes an overly broad, cookie-cutter approach that, for a quickly evolving industry like digital assets and blockchain technology, creates both uncertainty and unintended consequences for legitimate players in the marketplace, as well as the regulators and policy makers overseeing them.  Over the past month, since the FATF Guidance was opened up for comment, the Chamber spent countless hours evaluating the Guidance and discussing it with our Members and submitted our comments on Tuesday. We would like to highlight several points of concern that we recommend the governing body address during this consultative process.

First, the FATF’s effort to define what a Virtual Asset Service Provider is and isn’t is overly broad and seeks to capture all virtual assets as well as multiple businesses in the ecosystem – even those not typically subject to AML obligations as financial institutions.  This sweeping perspective brings all virtual assets within the purview of anti-money laundering obligations, even those not used as a “currency” or method of payment.  Not all virtual assets create the same risks nor require the same regulation at the same points, yet that nuance is absent from the Guidance.

The FATF Guidance generally treats virtual assets and peer-to-peer transactions as higher risk for illicit activities, stating in no uncertain terms that Virtual Assets or “VAs” are becoming increasingly mainstream for criminal activity more broadly” without additional evidence or support for this statement, dismissing the distinctions between different types of virtual assets, and ignoring evidence to the contrary. Further, the Guidance does not address whether current and developing controls sufficiently mitigate the risk. With higher risk typically comes the imposition of additional compliance requirements, and such regulatory hurdles often disincentivize some financial institutions from participating or innovating within the digital currency marketplace. 

Second, the Guidance expands the concept of VASP to include those that merely “facilitate” the activity of exchange, administration, and safekeeping.  For example, this includes those that develop software and engage in business development.  To be clear, we support the application of anti-money laundering compliance obligations on those financial institutions that directly provide money transfer and safekeeping services.  Yet, there are many businesses and individuals engaged in supporting these services that do not directly provide them nor are appropriate to conduct things like customer due diligence or KYC, nor should they be sharing personally identifiable information (PII) with counterparts pursuant to the Travel Rule.

Finally, updates to the Guidance concerning submission of PII between financial institutions engaged in cross-border wire transfers, colloquially known as the “Travel Rule,” expand the scope of this requirement to include not only domestic wire transfers but also transfers involving a self-hosted wallet – a unique expansion of the rule beyond what is required in the traditional fiat currency space.  While intended to address anti-money laundering challenges and help law enforcement agencies better track criminals – the expanded scope changes the goal posts at a time when industry and governments are working diligently to quickly develop a secure, global information exchange system.  The transfer of PII is a very sensitive issue, one that must be handled carefully and appropriately.  In our view, we should complete the work already underway to ensure it effectively and efficiently achieves law enforcement goals before making adjustments and additions to the requirements midstream.   

Just as important as preventing anti-money laundering violations and enabling law enforcement to better track such illegal activities, is not only understanding the scope of such threats, but also confirming the progress that all countries engaged in the digital currency marketplace have made in adopting the “Travel Rule” guidelines already adopted in 2019.  It’s important for the FATF to encourage global adoption of the current “Travel Rule” with the understanding that some States may come online with their regulations at different times than others.  This uneven progress, often called the “Sunrise Issue”, greatly impacts when a financial institution must share sensitive PII. 

The Chamber of Digital Commerce will continue its active and constructive engagement, working with all players to develop a strong understanding of this rapidly evolving space. The Financial Action Task Force’s efforts – as well as those of the many jurisdictions and regulatory bodies that are implementing them – have contributed to increased adoption and certainty in the digital asset and blockchain ecosystem. Data shows that the coordinated efforts of our industry, regulators, and law enforcement have reduced the risk of AML abuse, maintained security, and protected privacy. Data would also help track areas of increasing or decreasing risk, so that further efforts are focused on those areas of high risk in the global money laundering landscape.

While there is more to be done, the Chamber believes it is important in this highly innovative and evolving industry for the Financial Action Task Force to work collaboratively in setting Guidance that not only focuses clearly on those institutions that engage directly in the provision of financial services to customers but leverages risk-based data and the potential benefits of the underlying technologies. Our goal is to prevent illicit activity from utilizing the virtual asset system while not hindering the advancement of cutting-edge blockchain and digital assets technology that will be the cornerstones of the new age of financial services.

Chamber Submits Comments to SEC on Proposed Safe Harbor for Broker-Dealer Custody of Digital Asset Securities Highlighting Concerns on Bifurcated Treatment of Broker-Dealers Based Purely on Technology

April 9, 2021

On Monday, April 5, we filed a letter in response to the Securities and Exchange Commission (the “Commission”) Statement and Request for Comment regarding “Custody of Digital Asset Securities by Special Purpose Broker-Dealers” (the “Statement”), which was originally issued by the Commission on December 23, 2020.  While the safe harbor indicates an important willingness to enable this industry to grow, its narrow focus on a single technology, limiting broker-dealer custody to digital asset securities only, without sufficient basis, creates an unworkable framework that creates enhanced, yet inaccurate, perceptions of risk.

The Statement sets forth a five-year temporary safe harbor for broker-dealers seeking to custody “digital asset securities.”  The temporary safe harbor becomes automatically effective April 27, 2021. In the Statement, the Commission establishes, and solicits input on, a bifurcated regulatory structure for broker-dealers seeking the ability to custody securities based on whether the broker-dealer operates in the traditional securities space or in the digital asset securities space.

The Statement requires a broker-dealer seeking to custody digital asset securities to limit its business to digital asset securities only in order to isolate certain perceived risk.  The Commission also establishes, and solicits input on, a range of unique policies and procedures that a special purpose broker-dealer would be required to adopt.

The Chamber supports the Commission’s issuance of the Statement as a positive and constructive step toward grappling with the complex requirements of federal securities laws, and the Customer Protection Rule in particular, as they apply to digital asset securities and transactions in those securities.

We also, however, note our concern that the Commission is imposing a bifurcated and relatively onerous regulatory framework on broker-dealers without providing a compelling basis for doing so.  Specifically:

• • It is unrealistic for a broker-dealer to operate successfully if its business is limited to operating in the digital asset securities space should they seek to self-custody even one digital asset security – We note that the temporary safe harbor would create a significant hardship for existing or future broker-dealers operating under this model;

• • Digital asset securities do not impose greater investor risk than traditional securities – Digital asset securities intentionally created in connection with the issuance of debt or equity by a traditional issuer may differ significantly from non-security digital assets and “inadvertent” digital asset securities when it comes to risk of theft or loss of keys. In addition, we discuss why blockchain is actually a far superior option for complying with recordkeeping and reporting obligations under the securities laws and have characteristics that make them particularly well suited to serving as the source of truth;

• • Broker-dealers cannot operate successfully with self-custodied digital asset securities without also custodying non-security digital assets – We strongly support allowing broker-dealers to self-custody these non-security digital assets to promote more efficient settlement processes around the secondary trading of digital asset securities;

• • The temporary safe harbor is not technology neutral – The Commission is imposing a bifurcated regulatory structure on broker-dealers, and potentially significantly limiting their business model, based solely on an issuer’s choice of technology representing its securities and regardless of whether the broker-dealer can meet the current regulatory requirements related to the custody of traditional book-entry securities;

• • The scope of the temporary safe harbor should be clarified – The Commission should clarify that the provisions of the temporary safe harbor apply only to broker-dealers seeking to self-custody digital assets securities for customers in order to provide certainty that other broker-dealers operating in the digital asset security space may continue to operate under existing regulations;

• • The definition of “digital asset security” is extremely broad and should be narrowed – The Commission should clarify that securities that have non-controlling blockchain components do not fall within the definition of “digital asset securities and should consider how applicable state law provides for “possession or control” to occur;

• • Broker-Dealers need clarity that they can use third-party custody providers – The Commission should clarify that broker-dealers can satisfy the Customer Protection Rule by maintaining digital asset securities at a good control location, such as a bank, transfer agent or other regulated entity, and that the Commission provide additional clarity on what is deemed a “good control location” for digital asset securities; and

• • The Commission should seek customary industry input prior to implementation of the temporary safe harbor – The Commission is implementing the temporary safe harbor without soliciting prior public comment or providing a cost/benefit analysis around the enumerated requirements which is reflected in many of the problematic aspects of the Statement.

While we welcome the Statement as a move in the right direction to provide the digital asset industry with a much-needed framework for broker-dealers seeking to custody digital asset securities, we encourage the Commission to address the concerns enumerated in our letter prior to implementation of the temporary safe harbor to ensure it achieves its intended purpose to enable this industry to grow in a safe manner.

We are grateful for the tireless effort and countless hours expended by our Members in addressing the issues raised by the Statement.

Chamber Addresses Extraordinary Financial Privacy Concerns, Proposes Solutions in Response to Treasury

Chamber submits comments to FinCEN on Proposed Rule on Digital Assets

March 31, 2021

On Monday, we filed our response to FinCEN’s Notice of Proposed Rulemaking (NPRM) “Requirements for Certain Transactions Involving Convertible Virtual Currency or Digital Assets.”  This supplemental letter is in response to a series of NPRM’s on self-hosted wallets, including those published on December 23, 2020; January 15, 2021; and January 28, 2021.

As we highlighted in an earlier blog on this proposal, it is critical to highlight the unprecedented scope of information FinCEN would collect regarding nearly every convertible virtual currency (CVC) transaction.

The proposed verification requirements would create a new standard for this technology that rises above existing know-your-customer (KYC) obligations. Providing this level of detailed information about non-customers (the counterparties to transactions) to the government for lawful transactions would erode financial privacy for lawful transactions of all amounts – even those not conducted through banks or MSBs and its repercussions cannot be understated.

Building on our initial comments, filed January 4, our supplemental letter enhances our original points and addresses the additional information that FinCEN provided through its somewhat extraordinary series of NPRMs over a short period.  Here, we honed in on some of the specific proposals, including:

1. A recordkeeping requirement for banks and MSBs for transactions of $3,000 and above, which included verification of customers and counterparties to the transaction; and
2. A reporting requirement for transactions of $10,000 and above to include customer and counterparty information on a new “Value Transaction Report,” which requires personally identifiable information and publicly available information on a blockchain. The proposal also included a new “Foreign Jurisdictions List” of countries with which U.S. entities are prohibited from engaging in virtual currency transactions.

By combining information contained in CVC transaction reports, including personally identifiable information and a blockchain address of the customer and all counterparties, the government will be able to track every transaction those wallet owners make, past, present, or future, at any transaction level and at any time.  

To spell this out more clearly, this means that a counterparty to a transaction, who never had an account relationship with the bank or MSB, will have its entire wallet history and future transactions exposed to both that financial institution and the government.  This is an extraordinary expansion of the amount of information provided to third parties about non-customers.

While there are good reasons to report certain transactions to the government, such as when suspicious or illegal activity is detected, enabling such granular tracking of individuals’ lawful, everyday financial activities is beyond common principles of government oversight.

The Chamber believes that the very significant compliance and privacy questions raised by this proposed rule, as well as potential for much broader implications for people and businesses, demand significantly more evaluation and time for comment from multiple stakeholders.

As a result, we made the following Recommendations:

Recordkeeping Requirement.

• • We are supportive of a recordkeeping requirement for transactions above $3,000 that is limited to bank and money services businesses (MSB) customers only and does not include collecting counterparty information.
  • Compliance with this requirement should become effective at least 180 days after the final rule’s issuance due to the process for implementing the required changes.

Reporting Requirement.

• • The recently enacted Anti-Money Laundering Act of 2020 requires FinCEN to review as part of a year-long study requirements for currency transaction reports (CTRs) and suspicious activity reports (SARs). The proposed Value Transaction Reports for transactions at or exceeding $10,000 should be delayed until after FinCEN completes its study to reduce unnecessarily burdensome requirements.

Implications for Self-Hosted Wallets.

• • • Self-hosted wallets play a critical role across the blockchain and digital asset industry. Thus, FinCEN should exempt from the final rule decentralized finance (DeFi), consider the privacy implications for including LTDA within the rule’s scope, and contemplate how the rule will harm financial inclusion efforts through de-risking caused by the disincentivization and stigmatization of self-hosted wallet use.

Towards a Risk-Based Approach.

• • • FinCEN should promote a risk-based approach generally, and specifically with respect to anonymity-enhanced cryptocurrencies.

We are grateful for the tireless effort and countless hours expended by our Members in addressing these extraordinary proposals, as well as our counsel at Steptoe – Jason Weinstein, Alan Cohn, Shannen Coffin, and Evan Abrams.

Read the Chamber’s comment letter to FinCEN here.

Congressmen Task SEC and CFTC to “Eliminate Barriers” to Digital Asset Innovation through Joint Working Group of Stakeholders, Promoting Competitive Environment in the United States

By Amy Davine Kim, Chief Policy Officer, Chamber of Digital Commerce

March 8, 2021

As other countries continue to lead in the rapidly growing digital asset industry, now is the time for the United States to build and maintain clear and uniform regulatory framework across agencies to position this industry for success in the coming decades. Bipartisan legislation introduced yesterday by Ranking Member Patrick McHenry (R-NC) of the House Committee on Financial Services and co-sponsored by Congressman Stephen Lynch (D-MA), Chair of the House Financial Services Committee FinTech Task Force, Congressman Glenn Thompson (R-PA), Ranking Member of the House Committee on Agriculture, Congressman Ted Budd (R-NC), and Congressman Warren Davidson (R-OH) would promote that goal by formalizing a joint working group on digital assets between the U.S. Securities and Exchange Commission (SEC) and U.S. Commodity Futures Trading Commission (CFTC), the two leading agencies that oversee digital asset markets in the United States, as well as key industry groups.

The United States can no longer do nothing. For more than a decade, despite good intentions, the industry has operated in an opaque, fragmented, and confusing regulatory environment with respect to standards for custody, private key management, cyber security, business continuity, and registration and reporting requirements, to name a few.  In recent years, the SEC has viewed most digital assets exchanged or sold as a security while the CFTC has considered most to be a commodity – two different financial assets.  We need a solution that will take input from the experts across all stakeholders, in both industry and government, to forge meaningful recommendations of standards for adoption and regulation.

The SEC’s recent enforcement actions against blockchain companies for distributing digital tokens as unlicensed securities offerings plainly illustrates the serious and market-moving consequences of ongoing regulatory confusion and opacity. In other words, the industry needs more guidance specific to the unique characteristics of digital assets and their markets.

We are proud to support the Eliminate Barriers to Innovation Act of 2021 that requires the SEC and CFTC to form a “Working Group on Digital Assets” to convene key stakeholders, including industry representatives, for one year to work together to resolve regulatory issues surrounding digital assets, and to provide recommendations to relevant Congressional committees. This type of legislative concept – establishing a group of experts to consider the problems presented to them and make recommendations – is well-understood in Congress and has the ability to gain traction among Members from both sides of the aisle.

The working group would include equal representation from both organizations as well as at least one representative from a financial technology company, a financial services institution, an investor protection group, a small business or entrepreneur, an institution or organization supporting investment in historically-underserved businesses, and someone engaged in related academic research or advocacy.

Specifically, the legislation calls for the working group to deliver a report to SEC and CFTC leaders and relevant Congressional committees that contains recommendations to:

• • • Improve the efficiency, transparency, availability and efficacy of primary and secondary markets in digital assets;
    • Support market integrity and improve customer protection; and
    • Establish protocols concerning custody, private key management, cybersecurity and business continuity relating to digital asset intermediaries.

Importantly, the legislation also requires the working group to deliver comprehensive analysis of developments in other countries relating to digital assets and how those trends impact the United States and our competitive position in this evolving industry.

Ranking Member McHenry and Congressman Lynch’s leadership have been instrumental in driving this urgent and ongoing dialogue forward.

Simply put, clear and uniform guidance from the SEC and CFTC is sorely needed if we are to remain competitive globally in the digital asset marketplace and remain innovation leaders. This legislation will help move the needle toward a framework for greater clarity and transparency with respect to how digital assets interplay between securities and commodities laws. We also believe this legislation will make the United States a much more attractive country to launch or grow any digital asset business.