Legal Aspects and Regulation

Cryptocurrency Law and Regulation #

Guest lecture by Jake Chervinsky, The Blockchain Association

Basics of regulations #

  • Regulations: rules that either prohibit conduct or condition it on compliance with specific obligations; call for punishment of violators
  • Purpose: control market power, facilitate competition, attract investment, protect consumers, achieve other government interests

Regulation in the US #

  • Creators and enforcers of regulation:
    • Regulation on both state, federal level
    • Legislature makes laws, executive enforces law, judiciary interprets laws
    • Elected vs. appointed officials, policymakers vs. enforcers
  • Codification:
    • United States Code (USC) - actual laws/statutes passed by Congress
    • Code of Federal Regulations (CFR) - regulations by executive agencies
    • Plus guidance, settlements, no-action letters, etc.
    • Unique system in all 50 states

Regulators and Frameworks for Crypto Regulation #

Securities laws #

  • The Securities and Exchange Commission (SEC)
    • Mission: protect investors, facilitate capital formation, maintain fair, orderly, efficient markets
    • Federal securities laws originated in 1930s after Great Depression, seen as being caused by financial abuse and info. asymmetry
    • SEC regulates “securities” and a broad range of securities market actors
  • Crypto x Securities
    • Securities: subject to regulatory requirements that may not work with crypto
      • Registration with SEC, traded on SEC-regulated venues, held by SEC-approved custodians, etc.
    • Crypto industry spends a lot of time and money avoiding SEC regulation as they perceive it as a “death blow”
  • Investment contracts and the Howey test:
    • SCOTUS defines investment contract as (SEC v. W.J. Howey Co, 1948)
      1. Investment of money
      2. Common enterprise
      3. Reasonable expectation of profit
      4. Based on efforts of others
  • Regulation by enforcement:
    • Jun. 2018: Bitcoin and Ether are “sufficiently decentralized”
    • Apr. 2019: dozens of factors relevant to “based on efforts of others”
    • Since then: efforts by chair Gary Gensler to classify digital assets as securities

Commodities laws #

  • Commodity Futures Trading Commission (“CFTC”)
    • Mission: promote integrity, resilience, vibrancy of US derivatives markets: futures, options, swaps, etc.
    • Created 1974 when most futures were traded in agriculture market
    • Responsibilities greatly expanded after Great Recession + Dodd-Frank Act of 2010
  • CFTC-SEC turf war: are cryptocurrencies securities or commodities?
    • General industry preference for CFTC due to friendlier positions, until Ooki DAO

Anti-Money Laundering (AML) laws #

  • Financial Crimes Enforcement Network (FinCEN): enforces Bank Secrecy Act (BSA) - US AML/countering terrorism financing (CFT) laws
    • Requires regulated financial institutions to comply with certain AML program compliance requirements - incl. Know Your Customer (KYC)
    • Includes centralized crypto institutions like exchanges and custodions
  • Crypto x AML
    • In general, BSA deputizes financial intermediaries to perform task of surveiling our transactions and reporting on them to government

Sanctions laws #

  • Office of Foreign Assets Control (OFAC)
    • Sanctions: foreign policy tool used to influence behavior and diminish capabilities of foreign actors through economic penalties
    • OFAC administers US sanctions by designated specific targets on Specially Designated Nationals (SDN) list, who are then cut off from US markets
      • Illegal for any US-based person to transact w/ anyone on SDN list
  • Crypto x Sanctions
    • Sanctions compliance enforced on US-based crypto traders + exchanges
      • Despite sometime difficulty of knowing who is on SDN list given “borderless” crypto; customers only identified by wallet addresses
    • Bittrex: $24m settlement in 2022 for violations from 2014-2016
    • Virgil Griffith: 63 mos. imprisonment for aiding North Korea
    • Policymakers think crypto is particularly useful for sanctions evasion
      • Guest lecturer claims not particularly, with exceptions of NK Lazarus Group generating revenue from ransomware payouts and DeFi hacks, argument as follows:
        1. Came up after Russia invaded Ukraine, concerns about Russia using crypto to evade sanctions
        2. Crypto does not really allow Russia to get physical assets
        3. Use-case of crypto too limited for broad-scale sanctions evasion in Russia: Bitcoin/Ruble, Ether/Ruble market too weak
        4. Affects average citizens in sanctioned countries trying to get access to financial services, less so nation states

My question: what about ransomware? #

Guest lecturer response:

  • Ransomware existed before crypto, but crypto makes ransomware profitable
    • Easier for ransomware actors to profit
  • Need to get security house in order to prevent against attacks
    • Before ransomware - bad security state; ransomware makes security state more apparent
    • Argument: cannot use ransomware as an excuse for preventing average people from using crypto; “just clean up security”
  • Ransomware has exposed how effective of Russia and other countries’ (esp. NK) hacking operations, esp. state-sanctions
    • NK: ransomware serious source of revenue

Tax laws #

  • Internal Revenue Service (IRS)
    • IRS is responsible for collecting US federal taxes and administering US tax code, including how it applies to digital assets
    • Unanswered questions about crypto taxes:
      • Mining and staking?
      • Hard forks and airdrops?
      • DeFi transactions and interest income
  • Infrastructure bill
    • 2021: Infrastructure Investment and Jobs Act (IIJA) amendment with 5 new crypto provisions, incl. KYC
      • Guest lecturer claims all are problematic

Current issues and priorities #

  1. Privacy after TornadoCash mixer shutdown
    • Mixer: can pool crypto access in a wallet, then withdraw funds to a new, fresh wallet address
      • Allows users to obscure transaction flow
      • Abused by bad actors e.g. Lazarus Group for money-laundering purposes
    • Question: does OFAC have authority to make software illegal in the US?
  2. Stablecoins after Terra collapse
    • Will centralized stablecoins get preferential treatments due to UST?
  3. DAOs after Ooki
    • CFTC case: if governance token gets used to vote on protocol change, voter personally liable to CFTC case if commodities law violated
    • Question: are DAO voters personally liable for operating DeFi protocols?
  4. DeFi after Lazarus
    • Can DeFi stay permissionless despite concerns about illicit finance
  5. DCCPA, RFIA, DCA, etc.
    • Will Congress grant CFTC juisdiction over crypto spot markets?
  6. Politics
    • How will Congress composition change outlook for US crypto policy?