The final version of the BitLicense [PDF] is out and it has failed to address our two top concerns: an overbroad definition of virtual currency business activity and an unprecedented and discriminatory state-level anti-money laundering regime. Our consolation today is that the future’s looking bright on the other coastline. The current draft of California’s equivalent legislation, AB 1326, is much better than the BitLicense.
Here’s New York’s definition of virtual currency business activity:
Virtual Currency Business Activity means the conduct of any one of the following types of activities involving New York or a New York Resident: (1) receiving Virtual Currency for Transmission or Transmitting Virtual Currency, except where the transaction is undertaken for non-financial purposes and does not involve the transfer of more than a nominal amount of Virtual Currency; (2) storing, holding, or maintaining custody or control of Virtual Currency on behalf of others; (3) buying and selling Virtual Currency as a customer business; (4) performing Exchange Services as a customer business; or (5) controlling, administering, or issuing a Virtual Currency.
As a first pass, notice its length and breadth. There are five ways to be a virtual currency business and each involves a number of synonym-like words, e.g. “storing, holding, or maintaining” and “controlling, administering, or issuing.” It’s important to note that none of those words are defined in the regulation, and conceivably some of them could include all kinds of activities regardless of whether they pose a consumer protection risk.
Here’s California’s latest definition of virtual currency business for comparison:
(c) “Virtual currency business” means the conduct of either of the following types of activities involving a California resident: (1) Maintaining full custody or control of virtual currency on behalf of others. (2) Providing conversion or exchange services of fiat currency into virtual currency or the conversion or exchange of virtual currency into fiat currency or other value, or the conversion or exchange of one form of virtual currency into another form of virtual currency.
California’s definition is heartening: there are only two qualifying activities and they have common meanings: custody and exchange. Maintaining full custody or control is the right approach. If you have control or custody, you can lose the customer’s funds and therefore it makes sense for you to be subject to consumer protection regulation. Excellently, the word “full” is there, and that matters with respect to digital currency because with multi-sig technology custody could be divided.
If a company doesn’t have full custody because it provides a security or disaster-recovery service for majority key-holders, then it can’t lose consumer funds and shouldn’t need to license. California’s approach will both protect consumers from any risk inherent in true custodians while still promoting innovation in multi-sig security services. New York’s definition lacks this sensitivity; it’s drafted like a catch-all.
New York’s AML framework has three primary components: per-transaction recordkeeping, reporting for transactions above $10,000, and suspicious activity reporting. California’s AML framework doesn’t. It has no components because California’s digital currency license would mirror every other state’s money transmission license; it would only deal with setting consumer protection standards and it would leave AML policy to the Federal government, the Department of Treasury, and FinCEN specifically. FinCEN has done excellent work and it’s entirely unclear why New York suddenly thinks they need different standards.
Now, you may be thinking, “I watched Ben Lawsky speak today, and he said that there would be no AML requirements duplicative of federal standards.” That’s indeed what he announced. However, when you read the text of the final draft you find that while some obligations may be avoided for companies that are federally compliant (and even that is hard to say because the language of the regulation is complicated and unclear), the fact remains that other requirements will apply irrespective of federal compliance. Be there no doubt, the final draft of the BitLicense still creates unprecedented state-level AML obligations for digital currency companies, discriminatory obligations that traditional money transmitters and banks do not need to bear.
It’s unfortunate that the BitLicense has been the focus of the media and many casual digital currency observers. In the superintendent’s own words: “We have never claimed to have a monopoly on the truth. And regulators must always be willing to course correct when necessary.” As it stands for now, California’s on a superior tack. In the race to develop rules that foster innovation and to do so thoughtfully, California is winning.