Staff of the Securities and Exchange Commission and the Financial Industry Regulatory Authority issued a joint statement setting forth concerns that appear to be delaying their approval of broker-dealers facilitating digital asset security transactions for customers. Although the staff identified specific issues for broker-dealers to consider, they provided no clear path forward, except where a broker-dealer solely facilitates cryptosecurity transactions on a peer-to-peer basis without exercising any control or custody.

Generally, staff noted that a broker-dealer holding cryptosecurities for customers would have to safeguard such digital assets just like all other assets – namely, separate from the firm’s own assets – in order to enhance the likelihood of their return to customers in the case of the firm’s failure. Staff noted that application of this requirement – commonly known as the “Customer Protection Rule” (click here to access SEC Rule 15c3-3) – has “produced a nearly fifty year track record of recovery for investors when their broker-dealers have failed.”

Among other things, to demonstrate satisfactory control over an asset for purposes of the Customer Protection Rule, a broker-dealer or its agent must be able to demonstrate that it maintains “exclusive control” over the asset. Staff raised concerns over the potential ability of a broker-dealer or its agent to demonstrate the requisite exclusive control over a private key (effectively, the security code) to a digital wallet holding a cryptosecurity – even where it or its agent held the private key. Staff expressed concern that a broker-dealer “may not be able to demonstrate that no other party has a copy of the private key and could transfer the digital asset without the broker-dealer’s consent.” Staff also noted that, even with a private key, a broker-dealer might not be able to reverse or cancel a mistaken or unauthorized transaction.

Staff also expressed concern regarding the ability of a broker-dealer holding cryptosecurities to prepare accurate financial records, as required by law. This is because, said staff, it may be “difficult for broker-dealers to evidence the existence” of digital asset securities which could impede their ability to produce accurate financial records, as well as independent third-party accountants’ capability to test representations made by a broker-dealer’s management in financial statements.

Finally, the SEC noted that the definition of a “security” under the law governing insurance protection for customer assets – the Securities Investor Protection Act – might not apply to cryptosecurities. This is because the law does not cover investment contracts or interests that are not the subject of a registration statement. (Click here to access 15 U.S.C. § 78lll)(14).)

Staff indicated, however, that many of its concerns regarding application of the Customer Protection Rule may not apply where a broker-dealer solely engages in “non-custodial activities” for digital asset securities such as facilitating the bilateral settlement of a transaction directly between a buyer and an issuer without interposing itself, or where a broker-dealer facilitates a peer-to-peer over-the-counter transaction between a buyer and seller with no digital security passing through the broker-dealer.

The staff’s joint statement was issued by the SEC’s Division of Trading and Markets and FINRA’s Office of General Counsel.

In other legal and regulatory developments regarding cryptoassets:

  • New York AG Claims Bitfinex’s and Tether’s Extensive Contacts With New York Warrant Continuation of Lawsuit Against Entities in State: The New York Attorney General argued in a brief filed in connection with its lawsuit against companies associated with the management of the Bitfinex exchange and the stablecoin tether that the associated companies had “substantial ties” to New York to warrant a NY court exercising jurisdiction over its lawsuit. The NY AG filed its brief in opposition to a motion to dismiss by the companies.

According to the NY AG, during the relevant time covered by its lawsuit, Bitfinex both had clients in New York and was doing business in New York. Among other things, the NY AG claimed that the associated companies held accounts at NY banks and one other NY financial institution, and senior executives of the companies lived in and conducted work from New York. In April 2018, the NY AG filed a lawsuit against the companies and obtained an ex parte order from a NY court, claiming the companies used fiat currency balances supporting tether to help Bitfinex conduct certain day-to-day activities without adequate disclosure to tether holders. (Click here for background in the article “NY Attorney General Sues Stablecoin Issuer and Related Companies for Purportedly Misusing Tethered Fiat Currency Without Customer Disclosure” in the April 28, 2019 edition of Bridging the Week.)

  • Canada to Require Registration of Digital Asset Exchanges as Money Service Businesses: Effective June 1, 2020, domestic and foreign virtual currency exchanges “dealing in virtual currency” in Canada will have to register with the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) as a money service business and maintain a compliance program with certain enumerated elements. Moreover, any MSB receiving CAN $10,000 or more in virtual currency will also be subject to recordkeeping, customer identification and reporting obligations. One of the objectives of Canada’s new requirements is to ensure that “domestic and foreign MSBs are required to fulfill the same obligations.”

  • First Cryptosecurities Approved by SEC for Regulation A+ Offering: Last week, Blockstack Token LLC’s offering of up to 295 million Stacks Tokens under Regulation A+ was qualified by the Securities and Exchange Commission. This offering was intended to help Blockstack further the development of the firm’s decentralized computer network and decentralized applications. Under the SEC’s qualification, Stacks Tokens were eligible for purchase by the general public beginning July 11 and will remain available through September 9, 2019. The offering price was set at US $30/share, and payment for Stacks Tokens may be made in US dollars, bitcoin or ether. SEC Regulation A+ provides a means for certain US and Canadian companies to issue up to US $50 million of equity securities, debt securities and debt securities convertible into equities during a rolling 12 month period, exempt from SEC registration requirements and potentially also exempt from state registration and qualification obligations. (Click here for additional background in the article “Developer of Decentralized Computing Network Files Reg A+ Offering for SEC Approval” in the April 14, 2019 edition of Bridging the Week.)

My View: Although it was important for staff of the SEC and FINRA to publicly identify issues that have been delaying qualification of broker-dealers to handle digital asset securities, it would have been far more helpful for the regulators to advise the industry as to what measures might be taken to satisfy their concerns.

Recently, the Commodity Futures Trading Commission approved the application of Eris Clearing LLC to clear fully collateralized virtual currency futures contracts potentially deliverable into spot cryptocurrencies. In 2011, the CFTC approved Eris Exchange LLC, Eris Clearing’s indirect parent company, as a designated contract market. Branded together as “ErisX,” Eris Clearing anticipate offering the clearing of digital asset futures contracts traded on Eris Exchange beginning later in 2019. ErisX began offering spot virtual currency contracts earlier this year. (Click here for background in the article “CFTC Approves New Clearing House as First Derivatives Clearing Organization for Fully Collateralized, Deliverable Virtual Currency Futures” in the July 7, 2019 edition of Bridging the Week.)

In approving ErisX’s order, the CFTC provided a path forward for CFTC registrants wanting to handle cryptocurrencies processed in connection with exchange-traded derivatives contracts and to comply with its equivalent of the SEC’s customer protection rule (click here to access 7 U.S.C. § 6d). Drawing on the CFTC's order granting Eris Clearing its DCO authority, and insight into ErisX's proposed practices as described in an ErisX publication entitled “Owning and Safely Maintaining Digital Assets – ErisX’s Approach to Custody, Wallets and Security” (click here to access), it appears that the CFTC has reasonable confidence that private keys can be protected through robust policies, procedures and practices that guard against both external and internal fraud, and that at least certain cryptoassets can be seen and verified on their host blockchains. Private insurance, disclosure and third-party validation also have an important role in the CFTC’s view of a robust customer protection scheme involving digital assets.

It would be useful for the SEC and FINRA to review standards being applied by the CFTC in approving DCOs to see what measures could be exported to make the two securities regulators more comfortable with SEC registrants handling cryptosecurities. After all, as last week's qualification of Stacks Tokens may portend, more digital securities tokens could be on the way soon. (Click here to see also the CFTC’s 2017 order approving LedgerX as a DCO for fully collateralized virtual currency swaps.)