New cryptocurrency legislation awaits California Governor Gavin Newsom’s signature after passing the California Assembly on August 30, 2022. If signed into law, California’s Digital Financial Assets Law would create sweeping requirements that, among other things, would mandate that digital asset exchanges and crypto companies obtain licenses to operate within the State of California, but not until January 2025, as described in more detail below. Many observers have compared the new California legislation to New York State’s BitLicense regulation, which was adopted in 2015.

New Licensure Requirements

The legislation would introduce new licensure requirements. Under the law, a person would need to be licensed with the California Department of Financial Protection and Innovation (DFPI) to engage in “digital financial asset business activity” with a California resident (i.e., a person who is domiciled in California or physically located in California for more than 183 days of the previous 365 days, a person who has a place of business in California, or a legal representative of a person who is domiciled in California).

  • The legislation defines “digital financial asset” to mean “a digital representation of value that is used as a medium of exchange, unit of account, or store of value, and that is not legal tender, whether or not denominated in legal tender.” However, it does not include as a digital financial asset (1) a transaction in which a merchant grants, as part of an affinity or rewards program, value that cannot be taken from or exchanged with the merchant for legal tender, bank or credit union credit, or a digital financial asset; or (2) a digital representation of value issued by or on behalf of a publisher and used solely within an online game, game platform, or family of games sold by the same publisher or offered on the same game platform.
  • The legislation further defines “digital financial asset business activity” to mean any of the following:
    • Exchanging, transferring, or storing a digital financial asset or engaging in digital financial asset administration (i.e., issuing a digital financial asset with the authority to redeem the digital financial asset for legal tender, bank or credit union credit, or another digital financial asset), whether directly or through an agreement with a digital financial asset control services vendor.
    • Holding electronic precious metals or electronic certificates representing interests in precious metals on behalf of another person or issuing shares or electronic certificates representing interests in precious metals.
    • Exchanging one or more digital representations of value used within one or more online games, game platforms, or families of games for either of the following: (1) a digital financial asset offered by or on behalf of the same publisher from which the original digital representation of value was received or (2) legal tender or bank or credit union credit outside the online game, game platform, or family of games offered by or on behalf of the same publisher from which the original digital representation of value was received.

The scope of the California legislation is similar to the New York BitLicense regulation; however, the California law additionally includes in its scope persons who hold on behalf of another person or issue electronic precious metals or electronic certificates representing interests in precious metals.

The legislation does not apply to activities governed generally by the US Securities and Exchange Commission or California Corporate Securities Law or to the extent that the law conflicts with the Electronic Fund Transfer Act of 1978. A person who performs certain activities, such as contributing connectivity software or computing power to securing a network that records digital financial asset transactions or to a protocol governing transfer of the digital representation of value, is not covered by the legislation.

Other exclusions would be available under the legislation; for example, a person is excluded from the legislation if the person (1) provides only data storage or security services for a business engaged in digital financial asset business activity and does not otherwise engage in digital financial asset business activity on behalf of another person; (2) provides only to a person otherwise exempt from the legislation a digital financial asset as one or more enterprise solutions used solely among each other and that does not have an agreement or a relationship with a California resident that is an end user of a digital financial asset; (3) uses a digital financial asset, including creating, investing, buying, selling, or obtaining a digital financial asset as payment for the purchase or sale of goods or services, solely on the person’s own behalf for personal, family, household, or academic purposes; or (4) engages in digital financial asset business activity with, or on behalf of, California residents that is reasonably expected to be valued, in the aggregate, on an annual basis at $50,000, among other exclusions.

New Oversight of Stablecoin Activities

Moreover, the legislation would prohibit certain activities involving stablecoin unless (1) the issuer of the stablecoin is licensed pursuant to the legislation or is a bank, and (2) the issuer of the stablecoin at all times owns eligible securities (i.e., any US currency eligible security or foreign currency eligible security) having an aggregate market value computed in accordance with US generally accepted accounting principles of not less than the aggregate amount of all of its outstanding stablecoin issued or sold in the United States. The stablecoin restrictions would be phased out and become inoperative January 1, 2028.

Examinations, Recordkeeping, and Reporting?

Under the law, the DFPI could perform an examination of a licensee without prior notice, and such person would be required to pay the costs associated with such examination. The legislation also introduces various recordkeeping requirements such as a monthly general ledger that lists all assets, liabilities, capital, income, and expenses of the licensee. Licensees would be required to keep specific types of records for at least five years and to report to the DFPI within 15 days of certain events.

Enforcement Measures

The DFPI would be able to take enforcement measures against licensees, or those subject to licensure requirements but who are not licensed, with prescribed civil penalties of up to $100,000 for each day a person is in violation of the requirements.

Other types of enforcement measures permitted under the Legislation would include any of the following:

  • Suspension or revocation of a license
  • Ordering a person to cease and desist from doing digital financial asset business activity with, or on behalf of, a California
  • Requesting a court to appoint a receiver for the assets of a person doing digital financial asset business activity with, or on behalf of, a California resident
  • Requesting a court to issue temporary, preliminary, or permanent injunctive relief against a person doing digital financial asset business activity with, or on behalf of, a California resident
  • Assessing a penalty
  • Recovering on the security and initiating a plan to distribute the proceeds for the benefit of a California resident injured by a violation of the legislation or any law of California other than the legislation that applies to digital financial asset business activity with, or on behalf of, a California resident
  • Imposing necessary or appropriate conditions on the conduct of digital financial asset business activity with, or on behalf of, a California resident
  • Seeking restitution on behalf of a California resident if the DFPI shows economic injury due to a violation of the legislation

Additional Requirements

Licensees would be subject to disclosure requirements, including providing a fee schedule to California residents that discloses the fees and charges the licensee may assess, the manner by which fees and charges will be calculated if they are not set in advance and disclosed, and the timing of the fees and charges.

Licensees would need to establish and maintain policies and procedures for, among other things, an anti-money laundering program, a business continuity plan, an information security program, and an operational security program.

Public Reaction

The legislation’s sponsor, Assemblymember Timothy S. Grayson, provided a statement on his efforts. “The excitement around cryptocurrency and digital financial assets is palpable . . . . While the newness of cryptocurrency is part of what makes investing exciting, it also makes it riskier for consumers because cryptocurrency businesses are not adequately regulated and do not have to follow many of the same rules that apply to everyone else. This bill will provide consumers basic but necessary protections and will promote a healthy cryptocurrency market by making it safer for everyone.”

But the legislation has its detractors. In an open letter to the California legislature, the Blockchain Association stated that the BitLicense “would make it impossible for many stablecoin issuers to operate in California due to the licensing requirements placed on these entities regardless of whether they ‘operate’ within the state. Stablecoins serve as an important bridge between traditional finance and the digital asset economy, and their success is a key prerequisite for the entire crypto ecosystem’s success.” The Blockchain Association also cautioned that New York State’s BitLicense regulation created a regulatory environment that was too challenging for startups or smaller crypto companies to survive and that “California should not repeat New York’s mistakes.”

Whether the law creates a “crypto rush” or is a bust remains to be seen. Governor Newsom has until September 30, 2022, to sign the bill.