This content is from: Features

Fintech regulation: where do we stand?

Latham & Watkins lawyers take a deep dive into US trends to unpick the patchwork efforts to regulate tokens, blockchains and cryptocurrencies and the businesses that deal in them

Latham & Watkins takes a deep dive into US trends to unpick the patchwork efforts to regulate tokens, blockchains and cryptocurrencies and the businesses that deal in them

www.lw.com

In the US, the attempts to regulate the growing cryptocurrency and token industries have perplexed regulators and legislators at federal and state levels. In the past year or so, lawmakers have made a concerted effort to better understand the potential risks and rewards in this space.

With stablecoin projects burgeoning in the US and cryptocurrencies rebounding strongly in 2019, market regulators and both federal and state legislatures have made some progress in attempting to provide legal clarity regarding the status of digital assets and cryptocurrencies (collectively, tokens) and the platforms on which they trade.

In spring 2019, the Securities and Exchange Commission (SEC) released its Framework for 'Investment Contract' Analysis of Digital Assets (Framework), which it intends to serve as a guide in determining whether a token is a security. The Framework focuses on the third prong of the Howey test: whether an investor reasonably expects to derive profits from the efforts of others and what constitutes sufficient decentralisation to avoid meeting that criteria. Issuers and sellers must consider whether managerial efforts continue to be important to the value of the token and whether the token's value correlates to the value of the goods or services for which it can be exchanged.


The market is likely to continue to rely on the same sort of facts-and-circumstance analysis that is applied today


The Framework notes that: 'price appreciation resulting solely from external market forces … impacting the supply and demand for an underlying asset generally is not considered 'profit' under the Howey test.' Thus, a token would not necessarily be deemed a security if its price rose incidentally 'to obtaining the right to use it for its intended functionality'.

The SEC has lately been dogged in its pursuit of non-compliance in the token space. Most recently, it sued Kik Interactive for its 2017 ICO of one trillion Kin Tokens. The SEC alleges the ICO violated Section 5 of the Securities Act (requiring registration and appropriate disclosures and safeguards). Kik has pledged to challenge the SEC's categorisation of Kin Tokens as securities. Industry players are hopeful that judicial scrutiny of the SEC's analysis will provide some clarity for future ICOs.

The Commodity Futures Trading Commission (CFTC) has general anti-fraud and manipulation enforcement authority over virtual currencies (either directly, as commodities in interstate commerce or as futures, options or derivatives, if the virtual currency has been packaged as such). Since 2015, the CFTC has been very active in bringing enforcement actions relating to fraud and manipulation in the spot markets or general non-compliance with regulatory requirements related to the virtual currency instrument.

Federal legislation on tokens and blockchain

Two bills addressing the regulatory uncertainty surrounding tokens have been introduced in the House: the Token Taxonomy Act of 2019 (HR 2144) (TTA) and the Digital Taxonomy Act of 2019 (HR 2154) (DTA). If enacted, the TTA would amend the definition of a 'security' in the Securities Act of 1933 (Securities Act), the Securities Exchange Act of 1934 (Exchange Act), the Investment Advisers Act of 1940 (Advisers Act) and the Investment Company Act of 1940 (Company Act). The DTA, on the other hand, would simply appropriate $25 million per year (from 2020 to 2024) to the Federal Trade Commission (FTC) to prevent unfair and deceptive practices in digital token transactions and mandate the FTC to provide an annual report to Congress outlining its actions related to digital tokens, along with any recommendations for additional legislation. The DTA and TTA are complementary and neither would amend the Commodity Exchange Act.

The TTA defines the term 'digital token' and then excludes it from the definition of 'security' in the Securities Act (with corresponding amendments to the Exchange Act, Advisers Act and Company Act). The TTA defines 'digital unit' ('a representation of economic, proprietary, or access rights that is stored in a computer readable format') and states that a digital token is a digital unit that meets certain criteria.

Specifically, a digital unit is created through a decentralised, mathematically verified process, recorded on a distributed ledger and tradeable peer-to-peer. The definition of a digital token expressly excludes digital units that represent 'a financial interest in a company or partnership, including an ownership interest or revenue share'. Overall, it appears that the TTA would exclude Bitcoin and Ether (which the SEC has already indicated are not securities) and many utility tokens from the definition of security.

To further facilitate the issuance and trading of digital units, the TTA creates an exemption from registration for transactions involving the offer and sale of digital units, as long as the person offering, promoting or selling the digital unit 'has a reasonable and good faith belief' that the digital units were digital tokens. The second prong of the exemption, however, states that if the SEC notifies such person that the digital unit is, in fact, a security, the issuer/promoter/seller must publish a notice that the digital unit is a security, cease all sales and return all proceeds (minus reasonable expenses) within 90 days of receiving the notice. This provides the SEC with a veto, and may undercut the utility of the exemption. In reality, if an issuer must always be on the lookout for the SEC's notice, after which it must return all proceeds from the sale of purported digital tokens, it is likely to find another method of raising capital.

The market is likely to continue to rely on the same sort of facts-and-circumstance analysis that is applied today, which puts many tokens, excluding some payment tokens and stablecoins, at greater risk of being deemed securities by the SEC. As a result, though the TTA is a welcome step, its utility may be limited unless additional limits are placed on the SEC's veto power.

The TTA also includes an amendment to the Securities Act that pre-empts state laws relating to the offer and sale of digital tokens. As it stands in mid-2019, state laws may capture and regulate digital tokens under their securities or money transmitter laws. The TTA does allow the states to retain their investigatory and enforcement powers in this space.

Without express guidance from the SEC or legislative changes to the applicable laws, regulated market intermediaries are reticent to trade security tokens (tokens that specifically accede to being securities). The Exchange Act requires that a market intermediary demonstrate adequate custody of customers' securities; how that translates to digital units is unclear. The TTA would require the SEC to amend the Exchange Act to indicate that satisfactory control by a securities intermediary is demonstrated by using public key cryptography to protect a digital unit and by following commercially reasonable cybersecurity practices that enable the regulated market intermediary to 'solely be able to sign on behalf of such digital unit.' While this amendment would answer the custody question at a high level, it does not address all of the satisfactory control location questions an intermediary may have related to security tokens.

State legislatures and the rise of self-regulation

At the state level, various legislatures have also made attempts to clarify the laws and regulation governing tokens. In February 2019, Wyoming passed a bill granting virtual currencies 'super-negotiability' status, similar to fiat currency, under Article 9 of the US Uniform Commercial Code. This means that tokens, like cash, can now be exchanged in that state free and clear of encumbrances (liens, security interests, etc.).

A similar bill has recently been introduced in Missouri, which would 'require the state and political subdivisions thereof to accept virtual currency as legal tender'. Colorado and Montana have also recently passed bills exempting the exchange of utility tokens from state security laws if the primary purpose of the token has a consumptive, rather than speculative or investment, purpose. Rhode Island has a similar bill under consideration, which would 'exempt a developer or seller of an open blockchain token from the provisions of the Rhode Island Uniform Securities Act'.


Federal financial regulators took a fairly long time to enter the fintech fray, which left state regulators as the dominant voices


Many other states have bills at various stages of progression through their legislatures. New York's legislature, for example, is considering a bill 'allowing signatures, records and contracts secured through blockchain technology to be considered in an electronic form and to be an electronic record and signature'. The bill would also: 'allow smart contracts to exist in commerce'. Utah is considering a Blockchain Technology Act, which: 'exempts a person who facilitates the creation, exchange, or sale of certain blockchain technology-related products from [the state's] Money Transmitter Act [and] creates a legislative task force to study the potential applications of blockchain technology to government services.'

The regulation of cryptocurrency continues to evolve, not only at the legislative level but the industry level as well. Industry has begun to act in places where regulation is lacking. In February 2019, CFTC commissioner Brian Quintenz stated that participants in the cryptocurrency industry should create a self-regulatory structure, advising that token platforms should: 'come together to form some type of self-regulatory structure where they can discuss, agree to, implement, and hopefully examine or audit'. To that end, various token industry organisations have attempted to establish self-regulatory organisations (SROs) and have published self-regulatory guidelines and standards.

For example, the Gemini Trust Company, which is licensed and regulated by the New York State Department of Financial Services (NYSDFS) as a token exchange and custodian, promotes itself as a compliance-centric company: it has been proactive in creating a code of conduct for its users that takes into account federal and state laws. Gemini, along with other industry players, has also created the Virtual Commodity Association Working Group (VCA), an SRO for US virtual currency exchanges and custodians, which intends to work together with the CFTC to provide additional oversight of (and presumably enforcement power over) virtual currency markets.

Companies engaged in this industry (either through tokens or other digital assets) throughout the world have created, or have attempted to create, SROs for their home jurisdiction to provide additional guidance and help steer regulation for the industry. Many such SRO structures, however, are industry-driven and very few are, at this time, backed by governmental mandate. Robust and unified self-regulation in the token space still remains largely aspirational since an established self-regulatory framework is not feasible until applicable legislatures and regulatory agencies align on a coherent (or at least not conflicting) governance regimes with consistent definitions, operating procedures and enforcement mandates.

The potential of the OCC's fintech charter

The federal financial regulators took a fairly long time to enter the fintech fray, which left state regulators as the dominant voices in this space. The Consumer Financial Protection Bureau (CFPB) launched Project Catalyst in 2012 in an attempt to engage with the fintech community but its impact was relatively limited. In July 2018, the CFPB created an Office of Innovation, which absorbed Project Catalyst. While the CFPB has issued some no-action letters, which have allowed fintech companies to use new technology or data in their provision of consumer products and services, it has not created fintech-specific rules or regulations or updated current rules and regulations to reflect fintech innovation in the consumer finance space.

On the other hand, the Office of the Comptroller of the Currency (OCC) – the chartering authority and primary regulator of national banks in the US – opened its Office of Innovation in 2014. The OCC has since announced that it is accepting applications for special purpose national bank (SPNB) charters from non-depository fintech companies. It also provided a supplement to its Licensing Manual to address charter applications by fintech companies (the Licensing Supplement). These moves by the OCC, coming after nearly two years of debate and resistance by state regulators and community banks, build on a white paper released in December 2016 (the White Paper: 'Exploring Special Purpose National Bank Charters for Fintech Companies'), the March 2017 draft supplement to the OCC Licensing Manual ('Evaluating Charter Applications From Financial Technology Companies') and comments submitted by the public in response to both.


The District Court order is certainly a significant setback for the OCC and for supporters of the fintech charter


Though the OCC has been open to accepting SPNB charter applications for about a year, it has yet to issue a single charter. In the Policy Statement, the OCC stated that the SPNB charter would: 'level the playing field with regulated institutions and help ensure [fintech companies] operate in a safe and sound manner'. The OCC further explained that fintech companies that receive an SPNB charter would be subject to the same high standards of safety and soundness that all national banks must meet.

According to the OCC, a fintech company with an SPNB charter will be supervised like similarly situated national banks and would have to meet similar capital, liquidity, risk management, financial inclusion and contingency planning requirements. These requirements, taken together with the extensive application process laid out by the OCC and the heightened supervision that an SPNB will initially face, may, as a practical matter, be at odds with the OCC's stated intent of supporting innovation since very few fintech companies are likely to be able to comply with such requirements before actually launching a product that requires multi-state licensing or some relationship with a regulated entity (either a bank or non-bank financial institution).

In addition, the relationship between a SPNB and the Federal Reserve remains unclear. By statute, all national banks must be members of the Federal Reserve. However, the Board of Governors of the Federal Reserve has not provided any guidance on the treatment of SPNBs. Membership of the Federal Reserve offers many benefits, including access to the Discount Window and to the FedWire payment network. The uncertainty as to the treatment of SPNBs simply underlines the confusing landscape fintech companies considering the SPNB charter face.

A battle between federal and state regulators

Federal regulators moved slowly to address fintech; but the states have been aggressive in their regulation. Now, the states are aggressively defending their dominance in the fintech space. In 2017 (after the OCC's 2016 White Paper's release), the Conference of State Bank Supervisors (CSBS) and New York State Department of Financial Services (NYSDFS) then-Superintendent Maria Vullo each separately sued the OCC and then-Acting Comptroller Keith Noreika in the US District Court of the District of Columbia and the US District Court of the Southern District of New York respectively, alleging that granting the proposed charter was outside the scope of the OCC's statutory authority and would harm the US financial system. Both suits were dismissed, primarily on the ground that the claims were premature because the OCC had not taken any official action on the chartering process.

The OCC's decision to then move forward and begin accepting applications for SPNB charters provided another opening for state-led litigation. The NYSDFS filed a second suit reiterating its initial claims in September 2018 and the CSBS filed a new suit the following month. The OCC moved to dismiss both, arguing that the claims were still premature because the OCC had not yet received – let alone approved – any SPNB charter applications.

In a May 2019 order, US District Court Judge Victor Marrero rejected the OCC's motion to dismiss the NYSDFS' new lawsuit and by doing so, may have put the charter in limbo for the foreseeable future. Judge Marrero found that the OCC indicated a 'clear expectation of issuing SPNB charters' and that the NYSDFS has sufficiently alleged 'at least some demand for, and interest in, such charters'. Accordingly, the NYSDFS demonstrated that there is now a 'substantial risk that the harm will occur'. Specifically, this means that: (1) New York citizens will lose the 'critical financial protections' that the dual banking system and state regulatory oversight affords; and (2) that the NYSDFS will be deprived of future revenue in connection with assessments it levies upon New York State-licensed institutions.

The case remained unresolved in mid-2019. The OCC and NYSDFS have been conferring on language for a proposed final order. The OCC's actions appear to be designed to expedite its ability to appeal the decision to the US Second Circuit Court of Appeals. Whether the Second Circuit will come to a different conclusion from the Southern District is unclear. But the OCC could make a broader-based argument before the Circuit Court and the scope of the appeal could be shaped by the proposed order the OCC is working on with the NYSDFS.

The District Court order is certainly a significant setback for the OCC and for supporters of the fintech charter. The OCC already faced a challenge in terms of the practical utility of the charter, as fintech companies grapple with important questions and issues when evaluating whether the charter would provide a viable long-term regulatory approach. While a few companies have publicly announced their charter applications or their desire to begin the chartering process, none have actually completed the arduous and time-consuming process. In addition, several fintech companies recently announced their intention to pursue a full national bank charter, forgoing the SPNB charter altogether. Adding litigation risk to the long list of factors a company must weigh in determining whether to pursue the SPNB charter is likely to render the charter non-viable for the immediate future.

While the OCC's intention in providing the SPNB charter is, ostensibly, to support and encourage innovation that can improve and expand access to financial services, the significant – and in some cases uncertain – regulatory requirements and open hostility from state regulators may impede that vision. The high initial expectations and ongoing burden associated with the SPNB charter, coupled with the open questions and litigation uncertainty, are likely to mean that the pool of potential candidates for an SPNB charter will be limited to a discrete number of well-resourced and sophisticated groups with sufficiently experienced personnel. Of these, some will probably already have regulatory compliance structures in place and fail to see a compelling benefit in transitioning to an SPNB charter, regardless of the litigation risk. Others may walk away for fear of jeopardising their established relationships with state regulators.

About the author

Todd Beauchamp
Partner, Latham & Watkins

Washington DC, US
T: +1 202 637 2294
E: todd.beauchamp@lw.com
W: www.lw.com/people/todd-beauchamp

Todd Beauchamp is a partner in Latham & Watkins' Washington DC office and a member of the firm's financial institutions industry group. He serves as global co-chair of the fintech industry group and leads the payments and emerging financial services practice. Todd represents financial institutions and non-bank financial services companies, including technology companies, on the full spectrum of regulatory, transactional and corporate matters.


About the author

Yvette Valdez
Partner, Latham & Watkins

New York, US
T: +1 212 906 1797
E: yvette.valdez@lw.com
W: www.lw.com/people/yvette-valdez

Yvette Valdez is a partner in Latham & Watkins' New York office and member of the derivatives practice and financial institutions and fintech industry groups. Yvette advises emerging companies, financial institutions and investment managers on regulations for bespoke cryptoasset and cryptocurrency technologies, including token sales, market infrastructure, trading, clearing and DLT settlement solutions. She also handles domestic and cross-border fintech initiatives in the derivatives markets.


About the author

Stephen Wink
Partner, Latham & Watkins

New York, US
T: +1 212 906 1229
E: stephen.wink@lw.com
W: www.lw.com/people/stephen-wink

Stephen Wink is a partner in Latham & Watkins' New York office, member of the financial institutions and fintech industry groups and co-chair of the blockchain and cryptocurrency task force. Stephen advises a diverse mix of clients, including broker-dealers, robo-advisors, crowdfunding and cryptocurrency platforms, marketplace lenders and payments providers on the financial regulatory considerations inherent in their proprietary fintech transactions.


About the author

Alan Avery
Partner, Latham & Watkins

New York, US
T: +1 212 906 1301
E: alan.avery@lw.com
W: www.lw.com/people/alan-avery

Alan Avery is a partner in Latham & Watkins' New York office, member of the financial institutions group and head of the US bank regulatory practice. Alan advises domestic and foreign banking institutions on the impact of US federal and state banking laws on their global operations. He represents financial institutions on federal and state regulatory approval requirements for bank formations, licensing, reorganisations and M&A.


About the author

Deric Behar
Knowledge management lawyer, Latham & Watkins

New York, US
T: +1 212 906 4534
E: deric.behar@lw.com
W: www.lw.com/people/deric-behar

Deric Behar is a knowledge management lawyer in Latham & Watkins' New York office and member of the financial regulatory practice and financial institutions industry group. Deric focuses on financial services regulation and regulatory enforcement affecting securities, commodities and derivatives markets. He also focuses on cross-border regulatory developments and fintech and cryptoasset regulation.


About the author

Loyal Horsley
Associate, Latham & Watkins

Washington DC, US
T: +1 202 637 2396
E: loyal.horsley@lw.com
W: www.lw.com/people/loyal-horsley

Loyal Horsley is an associate in Latham & Watkins' Washington DC office and member of the payments and emerging financial services practice and financial institutions industry group. Loyal's practice focuses on regulatory, transactional and enforcement matters related to electronic and mobile payments, money services and other emerging payment technologies, including those related to money transmission, virtual currencies, payment instruments and stored value offerings.


Instant access to all of our content. Membership Options | One Week Trial