This is the inaugural issue of The Distributed Ledger, a periodic publication covering the latest trends and developments in blockchain technology, digital assets and smart contracts. In this edition, we examine a federal ruling that boosts the CFTC's virtual currency enforcement efforts, a New York attorney general report on whether virtual asset trading platforms adequately protect customers and an Ohio law that brings blockchain records within the state's version of the Uniform Electronic Transactions Act.
My Big Coin Gives Big Boost to CFTC’s Virtual Currency Enforcement Efforts
In a recent case alleging virtual currency fraud, a Massachusetts federal district court handed the Commodity Futures Trading Commission (CFTC) a significant victory in its efforts to police fraud in virtual currency markets.
In CFTC v. My Big Coin Pay, Inc.,1 the U.S. District Court for the District of Massachusetts ruled that a virtual currency fell within the Commodity Exchange Act’s (CEA) definition of “commodity” and was subject to CFTC anti-fraud enforcement authority under CEA Section 6(c)(1) and CFTC Rule 180.1, even though no futures contracts for the virtual currency existed.2
The CFTC alleged that the defendants fraudulently offered the sale of a virtual currency called “My Big Coin.”3 According to the CFTC, the defendants made untrue or misleading statements and material omissions in touting My Big Coin as a “fully-functioning virtual currency,” when in fact My Big Coin was never a functional, traded virtual currency.4 The defendants moved to dismiss, primarily arguing that the CFTC failed to state a claim for relief because My Big Coin is not a “commodity” within the meaning of the CEA and therefore the CFTC’s authority did not apply to the allegedly fraudulent scheme.5
The court explained that while the CEA grants the CFTC exclusive jurisdiction over commodity futures contracts and the exchanges where they are traded, it also grants the CFTC anti-fraud and anti-manipulation enforcement authority over any sale of a “commodity in interstate commerce.”6 The CEA defines “commodity” as including a number of enumerated agricultural products, as well as “all other goods and articles ... and all services, rights, and interests ... in which contracts for future delivery are presently or in the future dealt in.”7
The defendants argued that because no My Big Coin futures are “dealt in,” My Big Coin is not a commodity under the CEA.8 But the CFTC pleaded that both My Big Coin and bitcoin are virtual currencies, and the court noted that it was undisputed that bitcoin futures contracts are currently traded.9 The CFTC argued that My Big Coin and bitcoin were “sufficiently related,” in light of certain characteristics common to virtual currencies, so as to justify treatment as part of the same commodity category.10
The court agreed with the CFTC’s argument that the term “commodity” is “broader than any particular type or brand of commodity.”11 The court observed that the CEA “defines ‘commodity’ generally and categorically,” rather than “by type, grade, quality, brand, producer, manufacturer, or form,” highlighting congressional intent to focus on categories of commodities rather than specific items.12 The court further noted that the CEA should be construed “flexibly to effectuate [its] remedial purposes.”13 Finally, the court found support in cases holding that the CEA covered certain natural gas contracts for which there were no futures contracts because futures contracts existed on other types of natural gas and natural gas is “fungible” and “may move freely throughout a national pipeline system.”14 Thus, the court concluded, the CEA “only requires the existence of futures trading within a certain class ... in order for all items within that class ... to be considered commodities.”15
The decision lends further support to the CFTC’s view that virtual currency is properly within the scope of its regulatory and enforcement purview. The CFTC first took the position that virtual currency is a commodity subject to the agency’s authority in a 2015 order settling charges against virtual currency firm Coinflip, Inc.16 Since then, the CFTC has remained firm on that position in statements from commissioners,17 guidance and interpretations18 and enforcement actions.19
James McDonald, director of the CFTC Division of Enforcement, stated that the My Big Coin decision “recognizes the broad definition” of the term “commodity” under the CEA, as well as the CFTC’s authority to prosecute fraud in the virtual currency space.20 Director McDonald likened the My Big Coin decision to that in CFTC v. McDonald, a recent New York federal district court decision that held that the CFTC could pursue a pure anti-fraud action under Section 6(c)(1) and Rule 180.1 against defendants who allegedly operated a fraudulent virtual currency trading scheme and misappropriated money from investors.21
The CFTC will no doubt view the My Big Coin decision as a green light to press forward with its virtual currency enforcement efforts regardless of whether the particular type of virtual currency is subject to a futures contract. And in light of the CFTC’s recent focus on virtual currency fraud, and continued growth and development in virtual currency products and markets,22 those efforts are likely to remain vigorous.
New York Attorney General Report Criticizes Virtual Asset Trading Platforms for Failing to Adequately Protect Customers
On September 18, 2018, the Office of the New York State Attorney General (the OAG) released a report criticizing virtual currency trading platforms for insufficiently protecting customers (the Report), following a fact-finding inquiry by the Virtual Markets Integrity Initiative.23 The Report’s key conclusion is that “[V]irtual asset trading platforms now in operation have not registered under state of federal securities or common laws. Nor have they implemented common standards for security, internal controls, market surveillance protocols, disclosures, or other investor and consumer protections. Accordingly, customers of virtual asset trading platforms face significant risks.”
The OAG launched its Virtual Markets Integrity Initiative in April 2018 by sending letters and questionnaires to 13 cryptocurrency exchanges requesting information regarding their policies and practices. Nine of the 13 exchanges participated in the inquiry.24 The four exchanges that declined to participate claimed that they did not allow trading from New York state.25 Following an investigation into whether these exchanges accepted trades from within New York state, OAG referred three of the platforms (Binance, Gate.io and Kraken) to the New York State Department of Financial Services for possible violations of New York state’s virtual currency regulations.26
The Report comes on the heels of a March 2018 public statement by the Securities and Exchange Commission warning investors about potentially unlawful online trading platforms for virtual currencies.27 It is unlikely to be the last word on such exchanges by regulators who are facing increased calls to regulate cryptocurrencies.
The Report identified three broad areas of concern: conflicts of interest, susceptibility to abusive trading practices, and limited or illusory protections for consumer funds.
Conflicts of Interest
- The OAG found that there is little information available regarding how the exchanges determine whether or not to list a particular virtual currency on their respective platforms, and none of the responding exchanges conveyed a consistent methodology used to make this determination. The Report also highlighted that cryptoexchanges typically do not disclose whether they receive compensation for listing a particular virtual currency.
- Several of the participating exchanges indicated that they allow owners and employees to trade directly on their platforms. The Report cautioned that if employees have access to nonpublic information, they may be engaging in insider trading at the expense of everyday investors.
- A number of the participating exchanges indicated that they engage in proprietary trading on their own platform, to varying degrees. The Report noted that exchanges may thereby be acting as “market makers,” and to the extent that a significant volume of trades are attributable to proprietary trading, this could mask the true liquidity of the exchange.
Susceptibility to Abusive Trading Practices
- The OAG found that most of the cryptoexchanges do not have a formal policy to monitor and prevent abusive trading. Unlike traditional exchanges, they lack robust market surveillance capabilities to spot and halt suspicious trading patterns, and fail to monitor pump-and-dump schemes.
- The Report noted that few of the participating cryptoexchanges prohibit “bots” or the use of automated algorithmic trading or trading using application programming interfaces.
Protection of Consumer Funds
- The OAG explained that there are no generally accepted auditing methods for virtual assets, and cryptoexchanges generally do not have a transparent or consistent approach to independent auditing. Several exchanges indicated that they do not hire independent auditors to conduct audits of their virtual currency holdings. The Report cautions that lack of independent audits makes it difficult to determine whether such cryptoexchanges are responsibly protecting the virtual assets over which they have custody.
- Most but not all of the participating cryptoexchanges reported that they conduct penetration testing to identify security flaws in their platform. The Report notes that in the event of a hack or unauthorized withdrawal, customers are highly vulnerable.
- The Report notes that insurance products for virtual currencies are underdeveloped and not well understood.
- The OAG found that most exchanges do not have formal policies in place to protect customers during outages or trading suspensions, and customers have often been locked out of their accounts and unable to trade. According to the Report, cryptoexchanges have failed to adequately notify customers of any such outages.
Questions Customers Should Be Asking
The Report concludes with a list of questions that customers should consider before transacting with a virtual asset trading platform:
- What security measures are in place to stop hackers from unlawfully accessing the platform or particular customer accounts?
- What insurance or other policies are in place to make customers whole in the event of a theft of virtual or fiat currency?
- What guardrails or other policies does the platform maintain to ensure fairness for retail investors in trading against professionals?
- What controls does the platform maintain to keep unauthorized or abusive traders off the venue?
- What policies are in place to prevent the company and its employees from exploiting nonpublic information to benefit themselves at the expense of customers?
- How does the platform notify customers of a site outage or suspension, the terms under which trading will resume and how customers can access funds during an outage?
- What steps does the platform take to promote transparency and to subject its security, virtual and fiat accounts, and controls to independent auditing or verification?
- Is the platform subject to, and registered under, banking regulations or a similar regime — for instance, the New York BitLicense regulations?
Ohio Statute Facilitates Development of Blockchain-Based Business
Several states have introduced legislation to facilitate the use of blockchain technology in an effort to attract new technology initiatives to their state. While many such bills remain in committee, or states simply pass a mandate to study the issue, Ohio recently joined Arizona, California, Delaware, Nevada, Tennessee and Vermont by enacting somewhat more substantive statutes.28 Although the Ohio statute did not go as far as Arizona in specifically recognizing the enforceability of “smart contracts,” the statute nonetheless benefits developers by recognizing the use of blockchain technology to store and transmit electronic records.
The statute is actually a minor amendment to its version of the Uniform Electronic Transactions Act (UETA). Forty-seven states have enacted a version of the UETA, the language of which varies somewhat across states. The UETA generally states the following with respect to “electronic records” and other documents in an “electronic form”:
- A record or signature may not be denied legal effect or enforceability solely because it is in electronic form.
- A contract may not be denied legal effect or enforceability solely because an electronic record was used in its formation.
- If a law requires a record to be in writing, an electronic record satisfies the law.
Ohio’s amendment to its version of the UETA states that a record or contract that is secured through blockchain technology is considered to be in an “electronic form” and to be an “electronic record.” Therefore, records and contracts secured through blockchain technology may not be denied legal effect or enforceability solely because they are in electronic form or because an electronic record was used in the formation of the contract. Similarly, blockchain-based records satisfy written record-keeping requirements under the amended Ohio statute.
Ohio notably omitted language regarding the enforceability of smart contracts in its recent amendment. The term “smart contract” refers to computer code that automatically executes all or parts of an agreement and is stored on a blockchain-based platform. An earlier version of Ohio’s amendment suggested that the enforceability or legal effect of electronic contracts cannot be denied simply because a contract contains a “smart contracts term.” The enacted version does not include this language. However, this smart contracts-specific language may have been omitted on the theory that smart contracts are already enforceable under Ohio’s version of the UETA — which theory has not been tested or conclusively decided in Ohio state courts.
Given that contract law is ordinarily a function of state law in the United States, we will likely see further statutory developments regarding the legal effect of blockchain-based records and contracts at the state level. Some have asserted, however, that statutes like those in Ohio and Arizona are primarily marketing ploys to attract blockchain businesses, since blockchain-based systems likely already fell within the UETA’s definition of “electronic record.”