Insights

Image of bitcoin in washing machine

Financial Crimes Enforcement Network Consolidates Guidance on Virtual Currencies

In Short

The Situation: The Financial Crimes Enforcement Network ("FinCEN") released interpretive guidance concerning the application of the Bank Secrecy Act ("BSA") and the anti-money laundering ("AML") regulations to certain business models involving virtual currencies and concurrently issued an advisory about possible illicit activity and suspicious transactions relating to the use of virtual currencies.

The Result: FinCEN notes that the guidance does not create any new regulatory obligations, but that it is instead a compilation of the agency's previously released administrative rulings and other guidance in this area to furnish industry participants with additional clarity about FinCEN's approach to regulating such virtual currency-related products, services, and service providers as peer-to-peer ("P2P") exchangers, virtual wallets, kiosks, decentralized applications ("DApps"), anonymity-enhanced transactions, payment processors, and online casinos.

Looking Ahead: Virtual currency businesses and other entities currently offering or seeking to bring to market products or services involving virtual currency transmission would likely benefit from evaluating the FinCEN guidance to assure that those particular activities comply with the applicable existing regulatory framework, especially since this release follows FinCEN's public announcement of a P2P enforcement action. 

On May 9, 2019, FinCEN released new interpretive guidance regarding the application of the BSA and the AML regulations to digital currencies (or "convertible virtual currencies," as FinCEN calls them). FinCEN states that the guidance does not set forth any new regulatory requirements, but rather summarizes previously issued FinCEN administrative rulings and other guidance to provide greater clarity about existing compliance obligations under the FinCEN regulations.

As before, FinCEN defines convertible virtual currencies ("CVCs") as "value that substitutes for currency." FinCEN also states that "exchangers" and "administrators" of CVCs are generally considered money transmitters subject to registration with FinCEN as a money services business ("MSB"). In contrast, "users" of CVCs are not MSBs. The new guidance also describes how FinCEN regulations apply to particular business models involving CVC transmission, including:

  • P2P exchangers
  • CVC wallets and their providers
  • CVC kiosks (i.e., ATMs or vending machines)
  • DApps and their owners and operators
  • Anonymity-enhanced CVC transactions
  • CVC payment processors, and
  • Online casinos  

Additionally, the guidance addresses a number of notable exemptions to the FinCEN regulations, including, among others, those that apply to CVC trading platforms, initial coin offerings ("ICOs") involving CVC, and CVC creators. We discuss each below.

P2P Exchangers

FinCEN explains that P2P exchangers are usually natural persons who are in the business of buying and selling CVCs, including facilitating transfers of one CVC to another CVC and exchanging CVC for other monetary value such as real currency. According to FinCEN, a P2P exchanger conducting these kinds of transactions is a money transmitter acting as a principal and must register with FinCEN as an MSB, regardless of the frequency or formality of the transaction or where the exchanger is located. FinCEN indicates further that natural persons conducting these activities infrequently and not for profit or gain are exempted.

Notably, the guidance comes on the heels of FinCEN's announcement in April 2019 that it settled a first-of-its kind enforcement action against a P2P CVC exchanger for violating the BSA by (i) buying and selling bitcoin for others without registering as an MSB; (ii) failing to develop and implement an "effective" written AML compliance program; (iii) neglecting to file Suspicious Activity Reports, including for transactions that "bore strong indicia of illicit activity"; and (iv) failing to file Currency Transaction Reports for transactions that involved the physical transfer of more than $10,000 in currency. The P2P CVC exchanger consented to a civil money penalty and agreed to (among other things) "permanently cease providing 'money transmission services,' … and to not engage in any activity that would make him [an MSB] for purposes of regulations implementing the BSA."  

CVC Wallets

FinCEN distinguishes between "hosted" and "un-hosted" CVC wallet providers. According to FinCEN, hosted wallet providers receive, store, and transfer CVC on behalf of accountholders typically online or through mobile applications. FinCEN indicates that, in this particular business model, "the money transmitter is the host, the account is the wallet, and the accountholder is the wallet owner." FinCEN states that the regulatory requirements ascribed to the host will vary depending upon the wallet owner's status as a nonfinancial institution, agent, or U.S. or foreign counterparty, and on the nature of the transaction and its U.S. dollar equivalent. Likewise, FinCEN notes that its regulatory treatment of transactions that host channels from or for wallet owners will also depend upon the type of those specific transactions.

Additionally, FinCEN defines un-hosted wallets as software on a computer, phone, or other device that enables persons to hold CVC and engage in CVC transactions. For this particular business model, FinCEN notes that another third party is not required for such transactions. According to FinCEN, to the extent that "the person conducting a transaction through the un-hosted wallet is doing so to purchase goods or services on the user's own behalf, they are not a money transmitter."

FinCEN explains that multi-signature wallet providers enable the establishment of CVC wallets that require multiple private keys for wallet owners to carry out transactions. In this regard, when a multi-signature wallet provider limits its role to the creation of un-hosted wallets that require the addition of a second authorization key to the wallet owner's private key to complete transactions, FinCEN states that this wallet provider is not accepting and transmitting value so it is not a money transmitter. However, FinCEN indicates that an entity is a money transmitter if it conflates the services of multi-signature wallet providers with those of hosted wallet providers. Further, FinCEN notes in the guidance that a multi-signature wallet provider is a money transmitter if "the value is represented as an entry in the accounts of the provider, the owner does not interact with the payment system directly, or the provider maintains total independent control of the value."

CVC Kiosks

According to FinCEN, owners and operators of CVC kiosks that utilize electronic terminals to receive real currency from consumers and to transfer the equivalent value in CVC (or vice versa) are deemed to be money transmitters. In addition, the guidance also restates FinCEN's view that owners and operators of ATMs that link account holders with their respective accounts held with regulated banks for the sole purpose of verifying account balances and dispensing currency are not considered money transmitters.  

DApps

FinCEN states that, when DApps (i.e., software on a P2P network of computers operating on a Blockchain platform) accept and transfer value, the definition of money transmitter under the FinCEN regulations will apply to the DApp, its owners and operators or both, as is also the case with CVC kiosks.  

Anonymity-enhanced CVC Transactions

The guidance includes a more thorough discussion of anonymizing services than FinCEN has previously provided. In particular, FinCEN explains that anonymity-enhanced CVC transactions are denominated in "regular types of CVC" specifically structured to conceal information that is otherwise available on the CVC's native distributed public ledger or to prevent their tracing through such ledgers. Among other things, FinCEN details how its regulations apply to anonymizing service providers, anonymizing software providers, and anonymity-enhanced CVC providers. Specifically, FinCEN states that anonymizing service providers that receive and re-transmit CVC in a way that prevents tracing the source of that transmission are considered money transmitters. FinCEN mentions that anonymizing software providers are excepted because they are engaged in the trade of furnishing "the delivery, communication, or network access services used by a money transmitter to support money transmission services," and are not themselves conducting money transmission. Moreover, FinCEN indicates that anonymity-enhanced CVC providers (creators or sellers of such CVC) would be money transmitters depending upon the nature of the payment system and the activity.  

CVC Payment Processors

FinCEN also mentions that CVC payment processors are money transmitters and may not avail themselves of FinCEN's payment processor exemption from MSB registration. One of the four conditions of this exemption—all of which must be met—is that the entity must "operate through clearance and settlement systems that admit only BSA-regulated financial institutions." According to FinCEN, CVC payment processors are generally unable to meet this condition and are thus money transmitters "regardless of whether they accept and transmit the same type of CVC, or they accept one type of value (such as currency or funds) and transmit another (such as CVC)."

Online Casinos

FinCEN restates the definition of "casino, gambling casino, or card club" under the FinCEN regulations as entities that are "licensed or authorized to do business as such in the United States… [and have] gross annual gaming revenue in excess of $1 million, whether denominated in CVC or other value." (According to FinCEN, online casinos include "predictive markets, information markets, decision markets, idea futures, and event derivatives.") FinCEN states that entities in the business of gambling that is not within the scope of this definition of casino could still be deemed money transmitters if they nonetheless receive and transfer value denominated in CVC. FinCEN indicates that this is true even when the initial transmission or disbursement occurs when a particular event happens, in which case money transmission takes place when that condition is satisfied and the receipt or transfer occurs.

Notable Exemptions 

  • Trading Platforms. FinCEN states that in a scenario in which a CVC trading platform "only provides a forum where buyers and sellers of CVC post their bids and offers… and the parties themselves settle any matched transactions through an outside venue," the trading platform is not a money transmitter. However, FinCEN makes clear that a trading platform is acting as a CVC exchanger and is therefore a money transmitter if, when transactions are matched, the platform itself buys CVC from a seller and sells it to a buyer.  
  • ICOs. In a circumstance where an ICO consists of the sale of CVC to a group of preferred buyers, FinCEN considers the seller to be acting as an administrator and, consequently, a money transmitter. This is because, "at the time of the initial offering the seller is the only person authorized to issue and redeem… the new units of CVC." The guidance also addresses the fact-specific application of the FinCEN regulations to the use of ICOs to raise funds for development projects by offering digital debt or equity instruments or by conducting certain hedging activities.
  • Moreover, FinCEN indicates that DApp developers are not money transmitters merely by creating an application to issue a CVC or by otherwise enabling financial transactions denominated in CVC. According to FinCEN, such a developer would have to use that DApp to conduct money transmission in order to be considered a money transmitter.  
  • CVC Creators. FinCEN explains that, insofar as an entity mines CVC and only uses it to buy goods and services for its own behalf, that entity is not an MSB. FinCEN also states that, if that entity's activities includes the acceptance or transmission of CVC, however, it would be subject to the FinCEN regulations.

Concurrently, with the release of its guidance, FinCEN also issued an advisory entitled "Advisory on Illicit Activity Involving Convertible Virtual Currency," which details potential risks, types of abuses and their indicators, and suspicious activity reporting that may arise from CVC transactions.

Three Key Takeaways

  1. FinCEN's guidance follows the U.S. Securities and Exchange Commission's issuance in April 2019 of a framework on digital asset-related activities. These releases signal the continuing efforts by federal regulatory authorities to clarify the degree to which certain legal and regulatory regimes apply to transactions involving cryptocurrencies, digital assets, and Blockchain and other distributed ledger technologies.
  2. FinCEN's guidance is likely aimed at virtual currency businesses and other market participants who have sought additional details and certainty from the agency about the regulatory treatment of specific innovative products, services, and service providers relating to CVC transmission, particularly trading platforms, noncustodial virtual wallets, and ICOs, as well as DApps and anonymizing software providers.
  3. While FinCEN's guidance does not replace the role of guidance from experienced counsel, virtual currency businesses and other entities operating in this space should use the guidance to examine whether their activities may give rise to regulatory compliance obligations under the BSA and AML regulations, including the requirement to register with FinCEN as an MSB, but they should also be mindful that FinCEN emphasizes that the guidance is a nonexhaustive list of business models involving CVC transmission and does not cover "every potential combination of facts and circumstances." 

Jones Day publications should not be construed as legal advice on any specific facts or circumstances. The contents are intended for general information purposes only and may not be quoted or referred to in any other publication or proceeding without the prior written consent of the Firm, to be given or withheld at our discretion. To request reprint permission for any of our publications, please use our “Contact Us” form, which can be found on our website at www.jonesday.com. The mailing of this publication is not intended to create, and receipt of it does not constitute, an attorney-client relationship. The views set forth herein are the personal views of the authors and do not necessarily reflect those of the Firm.

 
We use cookies to deliver our online services. Details of the cookies and other tracking technologies we use and instructions on how to disable them are set out in our Cookies Policy. By using this website you consent to our use of cookies.