Get your tickets to the 2024 Coin Center Annual Dinner 

FinCEN raises major licensing problem for ICOs in new letter to Congress.

Nearly a year ago Coin Center released a report highlighting a looming ambiguity in FinCEN’s interpretation of federal anti-money-laundering laws: whether or not token sellers are money transmitters who are subject to the Bank Secrecy Act and need to do “know your customer” compliance with respect to their buyers, and arguing that any such interpretation would require formal rulemaking. We issued the report in part because we felt that the separate but related discussion over whether token sellers might be issuing securities had overshadowed this issue and left many unaware of the serious legal consequences that could stem from potentially violating the Bank Secrecy Act rather than the Securities Acts.

As it happens, our concerns were well-founded. Today FinCEN released a letter to Senator Ron Wyden clearly indicating that they interpret the relevant laws and regulations such that token sellers are money transmitters:

A developer that sells convertible virtual currency, including in the form of ICO coins or tokens, in exchange for another type of value that substitutes for currency is a money transmitter and must comply.

Make no mistake, this is a highly consequential interpretation. Accordingly, any group or individual developer who both (A) sold newly created tokens to buyers (i.e. had an ICO) involving U.S. residents and (B) failed to register with FinCEN as a money transmitter,and perform the associated compliance KYC/AML obligations, can be charged under a federal felony criminal statute, 18 U.S.C § 1960, with unlicensed money transmission. If found guilty one could face up to five years in prison. Criminal liability may also extend to employees of, and investors in, the business that sold the tokens.

There are important public policy questions at stake here:

  1. Is it wise or appropriate under relevant administrative law to make this substantial change/clarification in interpretation through a letter to a member of Congress interpreting guidance, rather than a public rulemaking or new legislation?
  2. Is it constitutional to mandate private data collection from people who are not financial intermediaries in the traditional sense, and may be better analogized to persons selling a new invention to buyers in a person to person transaction?

It is very difficult to take this letter and derive from it a clear picture of FinCEN’s interpretation. Only one footnote is given to explain their legal reasoning:

See, FIN-2013-G001 (explaining that convertible virtual currency administrators and exchangers are money transmitters under the BSA), and FIN-2014-R001, Application of FinCEN’s Regulations to Virtual Currency Mining Operations, January 30, 2014 (explaining that persons that create units of virtual currency, such as miners, and use them in the business of accepting and transmitting value are also money transmitters).

This footnote does not tell us whether FinCEN classifies these sellers as “exchangers” or “administrators,” two distinct types of money transmitter identified by the 2013 guidance. As we describe in our 2015 paper, there are compelling reasons why a developer selling a token is not an administrator: they cannot both issue and redeem the tokens that they sell, like a Bitcoin miner they merely put them into circulation and cannot claw them back (assuming they have sold an actual decentralized token and not some promise of future tokens). There are also good reasons why a developer selling a token is not an exchanger. They may sell but they do not do so as a business dedicated to exchange; they sell as one individual or entity would sell any valuable investment or commodity to another person, for their own purposes rather than to provide third-party money transmission services between two customers or people.

The bulk of the cited 2014 guidance on miners explains why a Bitcoin miner is not a money transmitter if they merely create the units. To be a money transmitter a miner must also sell them as part of an exchange business, rather than merely sell them on their own behalf. We can only assume that FinCEN believes that developers selling tokens are “in the business of accepting and transmitting value” in addition to creating new tokens. No doubt a developer selling tokens is accepting value, but who are they transmitting it to aside from themselves?

This is a complicated and consequential legal interpretation, and one that should be discussed, unpacked, and eventually finalized in a more formal and transparent setting, e.g. a rulemaking. A footnote in a letter to a Congressman should not suffice.

In the conclusion to our report from last May we outlined Coin Center’s position on these matters:

Common understanding suggests that money transmission is an act performed by an intermediary, a person who stands between two parties accepting money from one and transmitting it to another. When a person transacts directly with another person, giving them money for any reason—as a gift, a payment, a donation, a grant, a tip—she does not play this intermediary role. She does not hold herself out as a trusted third party. She is engaged in private, personal transactions rather than being engaged as a third party to the transactions of others.

Deputizing third-party intermediaries to surveil their users on behalf of the government is a policy choice Congress made long ago; one that carries risks to individual privacy but also potential benefits to national security and peace. It’s a tradeoff Congress made back in the 1970s and it isn’t going away anytime soon. However, mandating the same kind of surveillance from individuals who are not intermediaries—who are merely transacting on their own account with another citizen—is a considerable recalibration of the balance between privacy and security. It tips the scales against personal privacy and may even be unconstitutional.

This is not a recalibration that should be made merely by issuing administrative rulings or guidance, the approach thus far taken by FinCEN when dealing with these questions. Instead, FinCEN should clarify that selling decentralized virtual currency on one’s own account does not constitute money transmission, regardless of whether the purpose of that sale is to pay a merchant, to sell tokens received through mining, or—indeed—to sell one’s own newly invented decentralized token.

Should FinCEN or Congress wish to regulate this activity for financial surveillance purposes, that change must be the subject of a larger, more public debate within a notice and comment rulemaking or an amendment to the statutory law itself. Only those formal processes can enable necessary debate over financial surveillance and the constitutionality of warrantless search.