Second Post in a Two-Part Series

Some Answers — Producing Even More Questions

On May 9, 2019, the Financial Crimes Enforcement Network (“FinCEN”) published a comprehensive “interpretive guidance” (the “Guidance”) to “remind” businesses and individuals operating in a subset of the cryptocurrency markets involving “convertible virtual currencies” (“CVCs”) of the potential applicability of the Bank Secrecy Act (“BSA”) to their operations. At the outset, FinCEN explains that “[t]his guidance does not establish any new regulatory expectations or requirements.” Instead, “it consolidates current FinCEN regulations, and related administrative rulings and guidance issued since 2011” and provides illustrations of those regulations, rulings and guidance to common business models involving CVCs.

The principal purposes of the Guidance are threefold: (1) to set forth relevant FinCEN rules and requirements in a single source; (2) to demonstrate how the BSA may and does apply to innovations in the CVC markets occurring since 2011; and (3) to illustrate how these rules and requirements will be applied to future innovations in the CVC markets.

In our first post in this series, posted on the day that FinCEN issued the Guidance, we addressed recent major developments across a spectrum of regulatory, civil, and criminal enforcement cases involving cryptocurrencies, AML and money laundering – courtesy of the combined efforts of FinCEN, the New York Department of Financial Services, and the U.S. Department of Justice.  These enforcement cases underscored the need for more clear rules regarding how the BSA and other statutes can apply to cryptocurrencies.  The Guidance attempts to do just that, with partial success. It presents as a treatise on FinCEN regulation of CVCs, organized to:

  • provide definitions of key relevant concepts;
  • outline and explain current FinCEN regulations, ruling and guidance;
  • summarize the development and content of FinCEN’s money transmission regulations to CVCs and CVC businesses;
  • provide illustrations of “FinCEN’s existing regulatory approach to current and emerging business models using patterns of activities involving CVC”; and
  • localize resources to further explain applicable FinCEN rules and regulations.

The Guidance, although not exactly offering anything new, still contains a lot to unpack. It provides some significant clarity to application of FinCEN’s rules and regulations to CVC businesses and a thorough resource to address many questions involving FinCEN regulation of CVC. But, at the same time, and somewhat paradoxically, in its comprehensiveness, it reveals how almost limitless possibilities exist for individuals and entities to transact in CVC and how difficult questions of whether those activities will be regulated by FinCEN can be to answer.
Continue Reading

Typical Virtual Currency Exchanges Do Not Require PA Money Transmitter Licenses

The Pennsylvania Department of Banking and Securities (“DoBS”) just released Guidance declaring that virtual currency, “including Bitcoin,” is not considered “money” under the Pennsylvania Money Transmission Business Licensing Law, otherwise known as the Money Transmitter Act (“MTA”). Therefore, according to the Guidance, the operator of the typical virtual currency exchange platform, kiosk, ATM or vending machine does not represent a money transmitter subject to Pennsylvania licensure.

This Guidance is important because it has implications beyond merely the burdens imposed by Pennsylvania law for obtaining a money transmitter license. As we previously have blogged (here, here and here), it is a federal crime under 18 U.S.C § 1960 to operate as an unlicensed money transmitter business, which is defined in part as a business “operated without an appropriate money transmitting license in a State where such operation is punishable as a misdemeanor or a felony under State law, whether or not the defendant knew that the operation was required to be licensed or that the operation was so punishable.” Thus, a state law violation can become a federal violation. Further, the Financial Crimes Enforcement Network (“FinCEN”) has issued Guidance declaring that administrators or exchangers of digital currency – including popular crypto currencies such as Bitcoin – represent money transmitting businesses which must register with FinCEN under 31 U.S.C. § 5330 as money services businesses (“MSBs”), which in turn are governed by the Bank Secrecy Act (“BSA”) and related reporting and anti-money laundering compliance obligations. Moreover, a failure to register with FinCEN as a MSB when required also represents a separate violation of Section 1960. Drawing on the FinCEN guidance, federal courts have upheld the convictions of individuals who ran virtual currency exchanges and consequently were convicted of violating Section 1960 for operating unlicensed or unregistered money transmitter businesses.
Continue Reading

Address Emphasizes Role of SARs in Fighting Illegal Activity, Including Drug Dealing Fueling the Opioid Crisis

Kenneth Blanco, the Director of the Financial Crimes Enforcement Network (“FinCEN”), discussed last week several issues involving virtual currency during an address before the “2018 Chicago-Kent Block (Legal) Tech Conference” at the Chicago-Kent College of Law at Illinois Institute of Technology. Although some of his comments retread familiar ground, Blanco did offer some new insights, including the fact that FinCEN now receives over 1,500 Suspicious Activity Reports (“SARs”) a month relating to virtual currency.
Continue Reading

The U.S. Government Accountability Office (“GAO”) issued a statement earlier this week regarding testimony before the U.S. House of Representatives Subcommittee on Financial Institutions and Consumer Credit Committee on Financial Services regarding the potential perils of “derisking.”

As described by the GAO, “derisking is the practice of depository institutions limiting certain services or ending

The Conference of State Bank Supervisors (CSBS) announced last week that seven states have agreed to a multi-state compact that, according to the CSBS, “standardizes key elements of the licensing process for money services businesses (MSB).”

The seven states consist of Georgia, Illinois, Kansas, Massachusetts, Tennessee, Texas and Washington.  The CSBS expects other states to

As the value of bitcoin continues to soar (USD:BTC this past weekend exceeded $19,000.00:1), we thought that now would be a good time to emphasize the need to ensure regulatory compliance with the many federal and state AML rules and regulations, in addition to those segmented across various countries. A caveat: This post is far from exhaustive, and before undertaking any investment in cryptocurrency, it would be wise to consult with an attorney familiar with the rules applicable to the cryptocurrency sector.  Due to the nascency of the sector, the practical application of previously existing laws and regulations is rapidly evolving.

To begin, the notion that bitcoin and other digital tokens represent a currency only for criminals has been dispelled. Indeed, there is no question that investment in cryptocurrencies is inherently lawful and increasingly commonplace.  In 2017 alone, investment in initial coin offerings, or token sales, has exceeded $1.5 billion; in a similar vein, the value of certain cryptocurrencies now exceeds a number of Fortune 50 companies.  Most recently, CBOE and CME, the world’s largest futures exchange, launched bitcoin futures contracts.

With this in mind, and as we have written on this blog before (see herehere, here, here, here, here, here, here, and here), it is clear that regulators are moving aggressively to bring the cryptocurrency sector into the fold of existing rules and regulations. To be sure, applying these rules to the burgeoning sector has been like fitting a square peg in a round hole; a bedrock of the initial cryptocurrency boom was the promise of anonymity for its users. Conversely, identity verification is a bedrock of AML compliance.
Continue Reading

It is a potential crime to conduct a business that exchanges virtual currency and fail to register with the Financial Crimes Enforcement Network (“FinCEN“), even if the State in which one operates does not impose a similar licensing requirement. A federal district court in Louisiana has reaffirmed this principle in United States v. Lord, in which the defendants unsuccessfully sought to withdraw their pleas of guilty to offenses based on a failure to register with FinCEN.

Law and Justice

The defendants are father and son. According to the court opinion, in 2013, they began to operate a bitcoin business through a website called localbitcoins.com, which advertised the services of other bitcoin exchangers. The defendants’ clients provided cash, credit card payments and wire transfers to the defendants to purchase bitcoins from a third-party online bitcoin broker on their client’s behalf, in exchange for commissions charged by the defendants. In the Spring of 2014, the third-party bitcoin broker warned the defendants that they were required to register with FinCEN because they were acting as virtual currency exchangers. Although the defendants allegedly misrepresented to the third-party online broker that they already had registered with FinCEN, the defendants did not actually register until November 2014. By that time, however, they already had exchanged more than $2.5 million worth of virtual currency. This registration delay was the basis of the charges relating to the defendants’ virtual currency business.
Continue Reading

The Joint Committee of the European Supervisory Authorities (ESA) issued on February 10, 2017 draft rules regarding certain anti-money laundering (AML) and counter-terrorism steps for Member States of the European Union (EU). The draft rules seek to provide a consistent framework for payment service providers or electronic money issuers which provide cross-border services within the

The Western Union Company (“Western Union”) entered into a deferred prosecution agreement (“DPA”) on January 19th with the Department of Justice, based on alleged willful failures to maintain an effective AML program and the aiding and abetting of wire fraud.  The DPA involved a combined $586 million monetary penalty and also involved related civil enforcement actions by the Federal Trade Commission and FinCEN.  The agreement has been well-publicized and its details will not be repeated here; very generally, the DPA rests on allegations involving conduct stretching from 2004 through 2012 and an overall failure by Western Union to detect and prevent a kaleidoscope of illicit behavior by customers, from structured transactions to an international consumer fraud scheme to potential drug distribution.  To be sure, this is a significant agreement – but it echoes the same general sort of facts and allegations which have become almost standard in large AML enforcement actions. However, the Western Union action contains at least one interesting wrinkle.
Continue Reading