2020 Crypto Year in Review

Executive Summary

2020 Synopsis 

If we put the last quarter of 2020 aside, this year could be marked by the sheer number of SEC enforcement actions and settlements in the crypto space, with more rumored to be in the works. However, the U.S. ended 2020 with a bang in the form of a flurry of proposed crypto regulations in Q4 with varying degrees of controversiality. Notably, the proposed STABLE Act and Mnuchin’s midnight rulemaking on self-custody have caused a bit of an uproar, which we touch on in more depth below.

Absent these recent rulemakings, there has been an unevenness in the Trump administration’s approach to the space and the last four years at the federal level haven’t been marked with any significant level of regulatory coordination or cohesive policy at the federal level. However, to pick upon some themes that we will talk about in this year-end review, regulators have vacillated between: (i) a focus on enforcement vs. prescriptive guidance, (ii) a tech specific vs. tech agnostic approach, (iii) aggressive views of jurisdictional reach vs. deference, and (iv) state, federal, and global coordination and cooperation vs. a more insular agency-specific approach.

These last minute rulemakings marked the last acts of an administration with what could be characterized as an ambivalent view of the crypto space, neither friendly nor particularly enabling. Although the IRS 2014 guidance (Notice 2014-2) classifying cryptocurrency as property was pivotal in pushing the predominant use case (use case follows tax treatment) for Bitcoin and other currency-like crypto assets toward a commodity-like store of value as opposed to a medium of exchange (think gold bar as opposed to dollar bill), other U.S. regulators have doubled down on labeling, and regulating, crypto as a currency-like instrument, among other things. With Bitcoin crossing $34,000 to hit an all-time high (“ATH”) in early January, Ethereum’s native cryptocurrency, Ether (“ETH”), trending close to its ATH from 2018  and the  proliferation of stablecoin projects, the U.S. government may now be rethinking previous pronouncements that crypto does not pose a significant threat to the U.S.’s fiat hegemony worthy of addressing.

The most activity on this front is taking place at the U.S. Department of the Treasury, and the Financial Crimes Enforcement Network of the U.S. Treasury (“FinCEN”) (see proposed rulemakings here and as discussed below)  as well as Department of Justice (“DOJ”) (see the DOJ Enforcement Framework released in October 2020), as U.S. authorities continue to bring anti-money laundering (“AML”) compliance, sanctions compliance, and terrorist financing concerns to the forefront. We have also seen significant enforcement actions against BitMEX as discussed below, John McAfee’s arrest for tax evasion related in part to his activities in crypto and the recently announced settlement between the U.S. Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) and BitGo, Inc. for violations of sanctions programs.

Looking Ahead

Against the backdrop of increased scrutiny by regulators, there is a sense of renewed excitement in the space but also a sense of foreboding over the uncertainties attendant with a change in administration. While the last administration was not uniform in its approach to the space, many expect the next to favor heavier regulation.

At the same time, there is a possibility the Biden administration may install Gary Gensler at the SEC, who is seen as crypto friendly, and many are excited about the prospect of Hester Peirce’s next iteration of a safe harbor in the token space which may see the light of day (she recently indicated on Twitter that it was in the works). We will also continue to track significant enforcement actions in the space such as the SEC’s enforcement action against Ripple that was announced at year’s end. The Ripple enforcement action is a seminal case due to the scale of the allegations, excerpted below and discussed in more depth herein, and has the potential to give rise to additional regulatory clarity as it plays out over the next several years.

“From at least 2013 through the present, [Ripple] sold over 14.6 billion units of a digital asset security called “XRP,” in return for cash or other consideration worth over $1.38 billion … to fund Ripple’s operations and enrich Larsen and Garlinghouse. Defendants undertook this distribution without registering their offers and sales of XRP with the SEC as required by the federal securities laws, and no exemption from this requirement applied.”

At the very least, this change opens up the opportunity for renewed discussion around policy towards the space. As SEC Commissioner Hester Peirce reiterated recently in a dissent from the Unikrn enforcement action (which we touch on below), “[w]e should strive to avoid enforcement actions and sanctions… that enervate innovation and stifle the economic growth that innovation brings.” In that settlement, and in many others to date, the token issuer is required to permanently disable its tokens and pay a penalty that represents substantially all of its assets. In essence, a Section 5 violation amounts to an insurmountable error that results in the shuttering of the business in these cases.

Commissioner Peirce weighs the direness of this consequence against the backdrop of the current regulatory regime in which “the determination of whether an instrument is offered and sold as a security in the form of an investment contract requires a subjective weighing of the facts and circumstances. Such analysis, idiosyncratic by its very nature, does not produce clear guideposts for entrepreneurs and others to follow.” Thus, the current regulatory regime produces a chilling effect on innovation in the absence of clear guidelines. As Commissioner Peirce, advocating specifically that the SEC take up her safe harbor proposal cautions, “[b]y failing to challenge ourselves to experiment with new approaches to regulation, we, and those whose interests we are pledged to serve, risk surrendering the fruits of innovation.”

Enforcement Updates

Ripple v. The SEC

Though not entirely surprising, in what is nonetheless some of the biggest news of the year, SEC publicly commenced an enforcement action on December 22 against Ripple Labs, Inc. (“Ripple”) and certain of its principals, Chris Larsen (co-founder, executive chairman of its board, and former CEO) and Brad Garlinghouse (the current CEO).

Many in the crypto space have long seen XRP, the digital asset issued by Ripple, as clearly over the yet-to-be drawn line in the sand as to what constitutes a securities offering in the crypto space. Ripple also constitutes one of the most well-known and centralized projects in the space with at times the third highest market cap of all cryptocurrencies. It was one of the first projects to engage in pre-mining and in fact pre-mined their entire fixed token supply of 100 billion, which it kept 80 billion of absent initial allocations of 20 billion XRP to its founders. For the better part of a decade,  Ripple been systematically dumping XRP on the market and retaining the proceeds. Similar to many startups using equity in lieu of cash, it has long been alleged how Ripple has also used XRP to the extent they were able in lieu of cash to pay business partners, service providers, and executive compensation amounts.

It follows that, in the complaint, the SEC goes for blood in proceeding against the principals for the first time in a crypto enforcement action outside the context of fraud, alleging that Ripple has, since 2013, engaged in a years’ long unregistered securities offering (for which no exemption applied) raising over $1.3B to fund operations and personally enrich Larsen and Garlinghouse to the tune of $600M through personal sales. In the complaint, the SEC seems to confirm the speculation around Ripple’s business practices, detailing how Ripple built and maintained a speculative market for XRP divorced from its stated use case for the purpose of increasing its value and personally benefitting therefrom. In this complaint, the SEC lays out factors under the Howey test to argue how Ripple’s continuous offering of XRP constituted an investment contract, detailing how retail investors invested in XRP with reasonable expectations of profits derived from the efforts of Ripple while Ripple also used the appreciation in the market price of the cryptocurrency to fund operations, engaging in sales of billions of XRP through various market channels and also using XRP as currency in exchange for services, including for executive compensation, to pay service partners, and greasing various palms to build and maintain a market for XRP. In this respect, the case seems pretty clear cut – as the SEC commented on the enforcement action:

“Issuers seeking the benefits of a public offering, including access to retail investors, broad distribution and a secondary trading market, must comply with the federal securities laws that require registration of offerings unless an exemption from registration applies… We allege that Ripple, Larsen, and Garlinghouse failed to register their ongoing offer and sale of billions of XRP to retail investors, which deprived potential purchasers of adequate disclosures about XRP and Ripple’s business and other important long-standing protections that are fundamental to our robust public market system.”

If you read through the 71-page complaint, there are some particularly unflattering and unfavorable facts about Ripple, including the following:

  • Ripple received legal advice as early as 2012 that, under certain circumstances, XRP could be considered an investment contract and therefore a security under federal securities laws depending on how, among other factors, XRP was promoted and marketed to potential purchasers and the motivation of such purchasers to purchase XRP. (3 and 52-59)
  • Larsen and Garlinghouse personally profited from undisclosed and unregistered sales of XRP to the tune of $600M and Garlinghouse did so while stating publicly he was “very long” on XRP. Both continue to hold substantial amounts of XRP and could further enrich themselves through personal sales. (6-8, 145-165)
  • Larsen received 9 billion XRP shortly after founding Ripple without vesting restrictions. He also previously founded and served as CEO of a company that was sued by the SEC for Section 5 violations. (18)
  • Ripple received legal advice early on that XRP was unlikely to be treated as currency, that Ripple should reach out to the SEC for clarity and that Ripple should refrain from distributing XRP to investors and employees. Larsen wrote an email in 2014 describing his grant of billions of XRP on Ripple’s founding as compensation for personally assuming the risk of being deemed to have issued securities in violation of law. (3 and 52-59)
  • Ripple initially engaged in market making efforts through promotional statements and distributing XRP in bug bounties and to developers. Ripple had stated goals to distribute XRP to raise funds for Ripple Labs operations. Ripple had no means of covering its operating expenses absent XRP sales and continued to use XRP to pay third parties throughout the better part of a decade. (61-62, 70, 76-77, 82)
  • The company’s CTO posted on an online forum early on that “as a corporation, we are legally obligated to maximize shareholder value. With our current business model, that means acting to increase the value and liquidity of XRPby establishing a use case as a payment system, one would expect increased demand and increase in price.” Essentially admitting that the use case needed to be established after the token had been created and distributed and that the company’s business model was dependent on increasing the value and liquidity of XRP. (see Howey factors around a common enterprise and expectation of profit derived from the efforts of others) (64, 68)
  • Though the payments use case developed over time, Ripple controlled supply and demand in the market and sold XRP widely to individuals who had no use for the asset based on its stated use case and did so without restricting resales. (69, 71)
  • While Larsen and Garlinghouse served as CEO, each had final authority over where and how much XRP to sell to the market and exercised this authority to oversee and manage liquidity in the market, at times engaging in trades coinciding with strategic announcements. (96, 166-167, 169-195)
  • Ripple also sold to institutional players in the crypto space, often at a discount to market ranging from 4-30% without restrictions on resale, including XRP market makers, dealers, and blockchain private funds. (101, 104)
  • Ripple paid listing fees to exchanges and various incentives for achieving volume targets. (145-8)
  • The SEC laid out the various elements of Howey that were met, including a number of self-owns from Ripple at various times throughout the better half of a decade acknowledging in internal communications that XRP’s use case was speculation (with an expectation of profit). (205-216)
  • The SEC and Ripple have been engaged in a back and forth since before April 1, 2019, from the tolling agreements entered into by the parties. (392)

The complaint charges the defendants with violating the registration provisions of the Securities Act of 1933, and seeks:

  • a permanent injunction barring Ripple, Larsen, and Garlinghouse from violating Section 5 of the Securities Act;
  • a prohibition barring Ripple, Larsen, and Garlinghouse from participating in any future offering of digital asset securities;
  • disgorgement with prejudgment interest of the $1.3B, including the $600M from Larsen and Garlinghouse; and
  • civil penalties.

Meaning, that if such relief is granted, the SEC’s end goal is to shut down Ripple and stop XRP from circulating. More immediately, this news has caused a cascade of delistings and trading suspensions of XRP from various exchanges and has caused the price to plummet 66%, trading at $0.65 on December 1 to $0.22 as of December 28.

Though I personally believe the case is a slam-dunk for the SEC (and am certainly not alone), the case is an interesting one for a variety of reasons – Ripple is very well funded and has one of the most unshakable fan bases in crypto, commonly referred to as the “XRP army” who have continued to have a cult-like belief in XRP and are very much in harm’s way as the price creeps downward, liquidity dries up through various delistings, and many do not sell their holdings.

To date, Ripple has responded in a written response from Brad Garlinghouse and issued this statement on December 29, promising to air their side in a few weeks, characterizing the SEC’s enforcement action as an attack on crypto amidst a “dangerous lack of regulatory clarity” and accusing the SEC of causing uncertainty in the market which has caused exchanges and other market participants to react “conservatively” and delist, all to the direct detriment of the community they purport to protect (this being the XRP army of retail investors).

Previewing some of their upcoming arguments, Ripple has made public this summary of Ripple’s Wells Submission, which notes that the “majority of [their] customers aren’t in the U.S. and overall XRP volume is largely traded outside of the U.S… [where] [t]here are clear rules of the road for using XRP in the UK, Japan, Switzerland and Singapore, for example.” Finally, they pointedly reference the change in administration, stating that they “look forward to working with all of the Commissioners and the SEC’s new leadership, once appointed. In all, the SEC Chair, six of his Directors from each SEC Division, the SEC’s Chief Economist, and the SEC’s General Counsel have now departed.”

While it remains to be seen if a change in SEC leadership will impact the proceedings given the continuity in leadership at the SEC’s FinHub, the jurisdictional issues Ripple brings up around the company’s global footprint have certainly not been compelling enough to give the SEC pause in previous enforcements. In particular, we have seen Telegram’s offer to withdraw from the U.S. in order to continue its token project was rejected, much to the incredulity of Telegram’s CEO (as we previously detailed here).

In all, the SEC may be successful in essentially closing Ripple down in court but may have already succeeded in permanently crippling the company by depressing the market price and liquidity of XRP and chilling any potential partnerships or business for Ripple going forward, a result that may be in furtherance of upholding the law but is certainly unsatisfying in light of the SEC’s investor protection mandate. Ripple is certainly not a sympathetic case from an enforcement perspective; however, it has been and will continue to be painful to watch retail investors as they lose, in some cases, their entire savings as the price of XRP continues to plummet.

More SEC Settlements

In addition to the settlements we catalogued earlier this year here, and the SEC settlement with Kik in October 2020 brought a number of additional token settlements, which for the most part follow the formula established to date:




Approx. $$ Raised


Register Token under 12(g) or Delisting

Issuer to Register with SEC & File Periodic Reports

Monetary Penalty

BitClave PTE Ltd. (Singapore)*


Consumer Activity Tokens (CAT)




 Red x


Unikrn, Inc.


UnikoinGold (UKG) token




 Red x


Salt Blockchain Inc.


Membership Tokens/Salt Tokens


Red x**




ShipChain, Inc.


SHIP Tokens


Red x***


 Red x


Tierion, Inc.


Tierion Network Tokens (TNT) 


Red x****


 Red x


* Singapore-based issuer with worldwide token sales, including the U.S., this is notable because of the continued theme of broad jurisdictional reach by the SEC, which has again showed a willingness to shut down a project in its entirety based on sales to U.S. investors.

** Issuer to engage in a claims process to return funds to investors who purchased tokens, SEC noted the remedial acts undertaken by Respondent, including the fact that Salt returned several million dollars to investors, and cooperation afforded to the Commission staff.

*** The SEC notes ShipChain’s current financial condition was taken into consideration together with the fact that ShipChain has decided to cease all operations, and that the penalty represents substantially all of ShipChain’s net assets.

**** Issuer to engage in a claims process to return funds to investors who purchased tokens.

Rounding out the over 20 enforcement actions in the token space from 2020, the SEC brought a good deal of enforcement based on fraud as well as a couple more celebrity promoter enforcement actions, including ones against Steven Seagal and rapper T.I. Overall, the volume of enforcement proceedings in the token space far outweighs any other category in the SEC’s listing of cyber enforcement actions and there is no reason to believe that this will change with the new administration given the recent spin-off of FinHub, which is dedicated to overseeing the token space. There are likely an untold number of investigations in the works for projects launched to date, and, absent a change in the SEC’s approach of weighing facts and circumstances, many more to come.

Other Notable Enforcement Proceedings


Another enforcement in the space that is, for lack of a better phrasing, a really big deal is the October enforcement action by the U.S. Commodity Futures Trading Commission (“CFTC”) and DOJ against BitMex, a Seychelles-based crypto exchange that offers leveraged derivatives trading, and its principals. BitMex is one of the bigger exchanges in the world, having made more than $1B in fees to date, including from U.S. customers.

The CFTC filed a civil enforcement action charging five entities and three individuals, Arthur Hayes, Ben Delo, and Samuel Reed, that own and operate the BitMEX trading platform, with (i) operating an unregistered trading platform and (ii) violating multiple CFTC regulations, including failing to implement required know-your-customer (“KYC”) and AML procedures. The CFTC is seeking disgorgement, civil monetary penalties, restitution, permanent registration and trading bans as well as a permanent injunction from future violations of the Commodity Exchange Act (“CEA”).

The case was brought in connection with the CFTC’s Division of Enforcement’s Digital Asset and Bank Secrecy Act Task Forces and involved a related criminal action filed by the DOJ for the three principals who are accused of violating the Bank Secrecy Act (“BSA”).  See United States v. Arthur Hayes, Benjamin Delo, Samuel Reed, and Gregory Dwyer, Case No. 20-CR-500 (SDNY).

As summarized by the CFTC press release, the CFTC complaint alleges that “from at least November 2014 through the present, and at the direction of Hayes, Delo, and Reed, BitMEX has illegally offered leveraged retail commodity transactions, futures, options, and swaps on cryptocurrencies including bitcoin, ether, and litecoin, allowing traders to use leverage of up to 100 to 1 when entering into transactions on its platform. According to the complaint, BitMEX has facilitated cryptocurrency derivatives transactions with an aggregate notional value of trillions of dollars and has earned fees of over $1 billion since beginning operations in 2014. Yet, as alleged in the complaint, BitMEX has failed to “implement the most basic compliance procedures required of financial institutions that impact U.S. markets.”

Reed has been arrested and Belo and Hayes (a western NY native who resides in Hong Kong) remain at large. The enforcement is indicative of the U.S. government’s focus on compliance concerns, including its focus around BSA violations in the space.

iFinex vs. NY

New York’s investigation of iFinex, the parent company to Tether and cryptocurrency exchange BitFinex, and certain of its affiliates, continues on. New York commenced an investigation in 2018 into Tether, which continues to be the most widely adopted stablecoin product, due to liquidity concerns around iFinex’s ability to redeem Tether at face value (Tether is supposed to be backed 1-to-1 by U.S. dollars) with the NY Office of Attorney General (“NY OAG”) accusing iFinex of losing around $850 million in user deposits and engaging in an ensuing cover up after such an amount was seized by authorities from Crypto Capital, an offshore payment processor where iFinex stored funds. 

This investigation continues a theme of the NY OAG’s aggressive stance on its jurisdiction as well as its particular focus on the crypto industry. Previously, New York, construing its jurisdiction very broadly, conducted a fact finding exercise against various crypto exchanges, including many with an intentionally non-existent (or minimal) nexus to New York as the group subject to New York’s fact finding included exchanges that chose to exit New York in the wake of the BitLicense’s enactment, as I detailed in a CoinTelegraph article here.

In this case, the vast breadth and scope of the NY OAG’s investigative powers were affirmed under the Martin Act. On July 9, the Appellate Division in the First Department confirmed the notion that the NY OAG has jurisdiction over virtual currencies as “commodities,” which the court found is defined in such a broad way under the Martin Act that it picks up virtual currency as “any foreign currency, any other good, article, or material,” giving the NY OAG subject matter jurisdiction over Tether (and other virtual currencies) and also finding that iFinex had, at times, customers in New York and one of its executives had a New York residence, establishing sufficient minimum contacts in New York to exercise specific personal jurisdiction for purposes of the investigation (noting the standard would be higher to bring a case). 

At year end, the NY OAG has indicated that iFinex is complying with document requests and expects the process to wrap up within weeks. NY OAG has requested an extension of the deadline of reporting its findings, to January 15, 2021, and that the previously granted injunction be similarly extended, which operates to prevent Tether from loaning funds to Bitfinex.

Regulatory Developments

SEC No-Action Relief

This year brought another significant step for regulatory clarity in November when the SEC expanded the fact pattern under which it is willing to grant no-action relief to token projects, in this case (i) allowing the Ethereum-based token that functions as on-platform currency (“VCoins”) to be transferred off platform and by doing so, (ii) allowing for peer-to-peer exchanges, including transfers to non-users of the platform, for fiat, focusing instead on mechanisms to curtail appreciation and therefore speculation in price as opposed to focusing on restricting transfers.

This no-action letter for IMVU, Inc., a software developer that designs, develops, and manages virtual world communities, builds upon TurnKey Jet and PoQ, which, as I discussed here, were granted no-action relief based on: (1) use of proceeds from the sale of tokens being restricted from financing the platform/token functionality which was to be fully developed and operational by the time any token is sold, (2) tokens to be immediately usable for their intended function at the time of sale, (3) the issuer restricting transfers to on-platform wallets, (4) this issuer selling tokens at a fixed price/the tokens represent an obligation for the issuer to supply services at a fixed value, (5) any redemption of tokens to be at a discount to the face value of the token, and (6) the token is to be marketed in a manner that emphasizes the functionality of the token and not any potential appreciation in value.

The IMVU no-action letter grants similar relief for VCoin, with factors (3) and (5) removed and based on the following additional conditions:

  • factors (1) and (2) above being true, retaining a focus on functionality at time of sale and use of proceeds from sale;
  • factor (3) has been upheld in the form of a less restrictive condition that IMVU not promote or support the listing or trading of the digital asset on any third party trading platform thereby lessening the ability to speculate in the asset as a use case; and
  • factor (6) above being true and adding a similar condition to (4) in that the digital token is to “be made continuously available in unlimited quantities and at a fixed price, and IMVU will always generate enough supply of VCoin to maintain VCoin’s fixed price,” which limits any potential for appreciation in price.

The no-action letter also requires KYC/AML checks for holders of VCoins and imposes the following additional limits to ensure consumptive use:

  • IMVU will impose specified limits on VCOIN purchases, conversions, and transfers; and
  • IMVU will require users who purchase VCOIN from IMVU to affirm that, among other things, they are acquiring the VCOIN for consumptive use and not for speculative purposes.

It should also be noted that, while it seems the project has a green light from the SEC, the tokens, in becoming convertible to fiat or convertible virtual currency (“CVC”), will subject the company to a host of laws around money transmission and operating as a money services business (“MSB”), including FinCEN regulations.

In all, the SEC has retained its focus on avoiding speculation in the digital asset through supply dynamics and fixed pricing and was likely encouraged by the relative maturity of the platform in this instance. Though certainly not a path to market for decentralized projects because of the various centralized compliance aspects of the no-action relief and other applicable regulations, it is a welcome expansion of the fact pattern under which no-action relief has been granted to date.

SEC Public Statements and Proposed Rulemaking

The SEC has also issued a number of public statements and proposed rulemakings over the course of 2020 that are of note, including some that reflect FinHub’s desire to engage more with the crypto community and are in furtherance of increased regulatory coordination. The following represents opportunities to comment on various issues by the SEC as well as rulemakings:

  • Staff Statement on Wyoming Division of Banking’s “NAL Custody of Digital Assets and Qualified Custodian Status” (November 9, 2020) – inviting comments around the application of the custody rule under the Advisers Act as it relates to digital assets and asking specific questions for public input.
  • Staff Letter and Responses: Fund Innovation and Crypto Holdings (January 18, 2018 letter and responses to date) – asking various questions around investment funds investing in cryptocurrency and related products and requirements of the 1940 Act and indicating that until “the questions identified above can be addressed satisfactorily, we do not believe that it is appropriate for fund sponsors to initiate registration of funds that intend to invest substantially in cryptocurrency and related products, and we have asked sponsors that have registration statements filed for such products to withdraw them.”
  • Transfer Agent Concept Release (blockchain applications) – as part of a much broader effort to update and modernize regulations around transfer agents, including issues that primarily arise from the diverse array of transfer agent functions and services which have developed over time, the SEC requests comments in light of distributed ledger systems being tested “in a variety of settings,” to help the SEC determine: “What utility, if any, would a distributed public ledger system have for transfer agents, and how would it be used? What regulatory actions, if any, would facilitate that utility? How would transfer agents ensure their use of or interaction with such a system would comply and be consistent with federal securities laws and regulations, including the transfer agent rules? Please explain.”
  • Non-DVP and Custody of Digital Assets Letter & Responses (March 12, 2019 and responses to date) – asking different questions around how characteristics of digital assets impact the application of the Custody Rule and responses to date.
  • Invitation to Comment on the Custody of Digital Asset Securities by Broker-Dealers (December 23, 2020) – (i) requesting comment on industry best practices with respect to digital asset securities, (ii) acknowledging that technical requirements for custody of and transacting in digital asset securities are unique from traditional securities, and (iii) creating a 5-year period in which broker-dealers who deem themselves in compliance with Rule 15c3-3 (around retaining possession or control over securities held for the account of customers) and meet certain conditions will not face enforcement. The safe-harbor is designed to provide market participants with the opportunity to develop practices and procedures to safeguard and demonstrate control or possession over digital asset securities.

FINRA Guidance

On September 25, 2020, the SEC’s Division of Trading and Markets issued a no-action letter to FINRA providing guidance on the role of an alternative trading system (“ATS”) in the settlement of digital asset securities trades. The no-action letter streamlines the process for non-custodial settlement provided certain conditions designed to ensure customer-protection are met, building upon a Joint Staff Statement on Broker-Dealer Custody of Digital Asset Securities issued by the SEC and FINRA which sets out a settlement process for an ATS.

This is important guidance as it provides a significant step forward from regulators broadly telling crypto market participants that existing laws apply, to regulators now developing guidance on just how exactly to achieve compliance in practice. In this case, regulators have not only put forth a roadmap of the steps required to comply with laws in practice, they listened and responded to feedback from market participants in order to revise and build upon guidance based on practical concerns.


File under poorly received proposed federal legislation, the Stablecoin Tethering and Bank Licensing Enforcement (STABLE) Act would require all issuers of stablecoins to obtain federal bank charters in order to operate and certain other companies in the digital asset space (i.e., those who offer stablecoin services) would, along with the stablecoin issuer, be required to follow banking regulations. The bill has been touted as bringing these digital currency products and businesses into the existing regulated banking framework, with its authors stating that crypto shouldn’t be “beyond the reach of fair lending laws and regulation” and that we should not let FinTech, i.e., “Wall Street and Silicon Valley own the future of payments.”

While no one is arguing that rules shouldn’t apply (ok, maybe a minority are), for those of us in New York or those who have any notion of interacting with New York consumers, the BitLicense already applies to impose regulations positioned toward financial institutions; however, many crypto-proponents are troubled by the potentially far-reaching implications of the proposed law, including that:

  • A “stablecoin” under the proposed bill is broadly defined to include any “cryptocurrency or privately-issued digital financial instrument that has its value denominated in or pegged to U.S. or any other fiat currency” (or a basket of currencies) with a fixed nominal redemption value or that otherwise creates a reasonable expectation or belief that the instrument will retain a nominal redemption value.
  • The bill potentially overlaps with existing state law frameworks such as those in New York and Wyoming by requiring stablecoin issuers to obtain a federal banking charter, obtain federal deposit insurance, and become a member of the Federal Reserve system without clarifying how the law would interact with these state law frameworks.

Others such as Coin Center have pointed out that the bill is not tech-agnostic, as its authors claim, in that it does not impose similar requirements for traditional sector non-banking market participants engaging in money services businesses with dollar-denominated liabilities (such as Venmo) to ensure they can cover their liabilities to protect consumers from similar risks, but instead only covers fiat-denominated liabilities to the extent they are embodied in “stablecoins.”

The bill also is potentially problematic for public blockchains more broadly, in that it could impose liability on node operators for validating what would now be illegal stablecoin transactions (absent these varyingly decentralized projects obtaining banking charters) and to the extent they do not seek pre-approval for engaging in “stablecoin related commercial activity.” The software run by these node operators does not operate to bar what would now be “illegal” transactions but instead validates transactions by checking math – therefore, the implication is that running the software is illegal in that it provides “payment infrastructure” as it operates to validate illegal transactions.

FINCEN Proposed Rulemaking

In a midnight rulemaking with an abbreviated comment period (typically 60 days but in this case just 15 days) that extended over the Christmas holiday to end on January 4, Treasury Secretary Mnuchin introduced proposed FinCEN rules pursuant to the Bank Secrecy Act around non-custodial/self-custodied wallets (or, “unhosted wallets” as the proposed rule refers to wallets that are not held by custodians or exchanges) entitled “Requirements For Certain Transactions Involving Certain Convertible Virtual Currency Or Digital Assets”.  

Mnuchin said the rules were “aimed at closing anti-money laundering regulatory gaps for certain convertible virtual currency and digital asset transactions” in the interest of national security concerns against international terrorist financings, sanctions evasion, AML concerns, and weapons proliferation.

The proposed rule builds upon the requirements imposed by the Travel Rule, which mandate AML requirements be met as well as certain reporting and recordkeeping requirements on Virtual Asset Service Providers (VASPs) which are essentially crypto MSBs. Under the proposed rule, banks and money service businesses (“MSBs”) would be required to “submit reports, keep records, and verify the identity of customers” for transactions involving CVC or digital assets with legal tender status (“LTDA”) held in unhosted wallets or held in wallets hosted in certain jurisdictions identified by FinCEN. Specifically, the proposed rule would: (i) require that banks and MSBs acquire certain information about the identity of the self-custodied wallets for transactions of more than $3,000 and report transactions over $10,000 and collect information (including name and physical address on the counterparties to these transactions, (ii) require banks and MSBs to produce reports containing the transaction hash and identity of persons holding self-custodied wallets engaging in transactions across more than one financial institution, and (iii) prohibit structuring transactions to avoid these rules.

Essentially, it takes rules applicable to transactions between banks and MSBs and imposes them on transactions across the board, including where a consumer wants to withdraw crypto or convert to fiat from an exchange without involving any third party transfer. That means that the KYC/AML rules required by exchange-hosted wallets would apply to anyone who wants to redeem fiat or take their crypto into cold storage, which is arguably more onerous than rules that apply to legacy institutions like cash withdrawals.

As of the deadline, there were 65,617 comments submitted, including one by Coin Center which painstakingly sets forth why the rule is not technology neutral in that it imposes onerous obligations on CVC and LTDA transactions where none exists for legacy financial institutions. Coin Center states the rules would stifle innovation by being impractical if not nearly impossible by requiring (for transactions in excess of $3,000) that the bank or MSB “collect counterparty information irrespective of whether that information is provided to, or readily obtainable” thereby replacing “in the case of cryptocurrency transactions only, the existing flexible risk-based standards for data collection” imposed on financial institutions.

The BitLicense at Year Five

This year also marked the fifth anniversary of the BitLicense, New York’s regulations over virtual currency businesses. Although New York’s Department of Financial Services (“NYDFS”) has been relatively quiet while the NYOAG has been a lot louder, the BitLicense continues on with a little refinement this past June with the proposal of a training-wheels regime for fledging virtual currency businesses. NYDFS released new guidance and proposed a conditional licensing regime for applicants who partner with licensed entities. NYDFS also partnered with the State University of New York (“SUNY”) system by entering into a memorandum of understanding allowing crypto startups to work through the university campuses throughout the state for assistance.

BlockStack & Navigating Securities Laws

BlockStack has the notable distinction in forging a potentially viable path to market for a token offering and has detailed their approach in this blog post. BlockStack initially played it safe by assuming securities laws would apply and came to market through one of the first SEC qualified digital asset securities offerings with the thought that the tokens would eventually evolve to constitute non-securities. The hope is that Stacks Tokens, upon the adoption of the Stacks Blockchain 2.0, would be sufficiently decentralized and no longer constitute a security and thus, no registration statement would be required for the tokens issued to miners and trading would be permissible on platforms not registered as exchanges of ATS. If successful, BlockStack will have successfully navigated securities laws to put a token to market based on the model laid out in Hinman’s speech on this topic, which suggested the possibility of a token evolving to a commodity-like instrument but did not explicitly lay out any criteria. This, together with the approaches in the no-action letters expand the available paths to market for token projects.

Developments to Watch

Coinbase Goes Public

To file under crypto goes mainstream, Coinbase, a New York-based crypto exchange founded in 2012, announced in mid-December that they confidentially filed an S-1 with the SEC. Though the details around the offering are not yet public, Coinbase is one of the bigger players in crypto and as of its last raise in October 2018, was raising money in a Series E round at an $8 billion dollar valuation. Coinbase has also expanded its products and services over time to include a retail exchange, an institutional exchange, a wallet product, custodial and merchant services, and USD Coin (“USDC”), its own stablecoin backed by U.S. dollars.

Though this is the first IPO undertaken by a crypto exchange, Coinbase (banked by JP Morgan and audited by Deloitte) has long been considered more of an institutional player in the crypto space.. They have consistently chosen to embrace regulation and regulators and this is a notable development in that it is symbolic of the merging of crypto with the traditional finance sector, including with respect to compliance and acceptance in the traditional market. Coinbase has always had a chummy relationship with regulators, from agreeing to send account statements to the IRS, to buying a surveillance company and being accused of offering a back door to regulators, to being seen as having the implicit go ahead of regulators to list whatever assets Coinbase decided to list. It is this last presumption that has recently been dispelled with the Ripple enforcement action and it also may have placed Coinbase in an untenable position with respect to navigating clear of the Ripple situation, with Coinbase announcing on December 28 their plans to stop trading XRP. 

Enforcement in the Stablecoin and DeFi Space

As we have written about here, the decentralized finance (“DeFi”) space has been rife with activity in 2020, leading many to draw parallels to the 2017 initial coin offering (“ICO”) bubble. Hester Peirce recently predicted that DeFi…“will challenge the regulatory structure in a number of ways, and some of those are on the security side, … also on the corporate governance side some of which, much of which, is within state law purview. We’re going to have to ask a lot of really difficult questions about what that means for how we regulate things.”

The SEC has also previously indicated that certain stablecoins may be securities and at least one project, Basis, was dead on arrival based upon that determination. We should expect more enforcement in this area bringing additional clarity to token models that the SEC views as securities. We will also likely see more enforcement from other U.S. regulators, including FinCEN, and any number of developments with respect to privacy coins, if the recent announcement from Bittrex delisting Monero, Dash, and Zcash is any indication.

In all, we expect this to be an active space, both in terms of continued innovation and regulatory reaction to set and reinforce limits.

Fallout from the Ledger Hack

Ledger, a crypto hardware wallet company based in France, announced that they had experienced a data breach on December 23. As the story unfolded, the hack took place earlier in the year, in July, and involved around a year or two’s worth of customer data, including emails, full names, physical addresses, and phone numbers. The customer data was posted on RaidForums, an online marketplace for buying and selling hacked information.

If you have questions about whether your personal information was part of this hack, please contact us. In any case, this is a reminder to be very careful in this space, and gave rise to a number of tips circulating on how to maintain anonymity when prompted for personal information, including to use a pseudonym when ordering as well as trashmail or a throwaway email address, a landline or throwaway phone number, and consider shipping to a P.O. Box or other address instead of your personal residence.

The hack, though only involving e-commerce data, soon produced panic and fears of physical safety as phishing attempts proliferated, a number of which threatening harm if demands were not met:

Crypto graphic

Less threatening on a physical level though no less devastating, a number of successful phishing attempts and SIM swaps have resulted in many people having their crypto account balances drained. In all, this is just the latest among an ever-growing number of security breaches. It may have the result of putting Ledger out of business but it will not stop future hacks from happening or the need for consumers in the space to become vigilant about their own information security.

2020 HSE Year in Review

This was a fun, action-packed year in the crypto space, which we detailed in articles throughout the year that are listed below. The future is digital as they say, and we see technology playing an ever more pronounced role in our practice. To leverage our collective experience, 2020 marked the launch of HSE’s Digital Assets and Disruptive Technologies practice in our Securities and Capital Markets Group. Our goal is to offer clients a 360-degree view of the legal issues that affect disruptive technology product and service offerings, including blockchain and distributed ledger technology (DLT) products and services and focus on some of the more novel issues posed by the intersection of regulation and technology.  Be sure to check our web page often for new insights and resources in this exciting space.

HSE Year in Review – Publications

Additional Good Reads

To view 2020 Crypto Year in Review as a PDF, click here.

Attorney Advertising. Prior results do not guarantee a similar outcome. This publication is provided as a service to clients and friends of Harter Secrest & Emery LLP. It is intended for general information purposes only and should not be considered as legal advice. The contents are neither an exhaustive discussion nor do they purport to cover all developments in the area. The reader should consult with legal counsel to determine how applicable laws relate to specific situations. ©2021 Harter Secrest & Emery LLP