Hot Takes

FinCEN raises major licensing problem for ICOs in new letter to Congress.

Nearly a year ago Coin Center released a report highlighting a looming ambiguity in FinCEN’s interpretation of federal anti-money-laundering laws: whether or not token sellers are money transmitters who are subject to the Bank Secrecy Act and need to do “know your customer” compliance with respect to their buyers, and arguing that any such interpretation would require formal rulemaking. We issued the report in part because we felt that the separate but related discussion over whether token sellers might be issuing securities had overshadowed this issue and left many unaware of the serious legal consequences that could stem from potentially violating the Bank Secrecy Act rather than the Securities Acts.

As it happens, our concerns were well-founded. Today FinCEN released a letter to Senator Ron Wyden clearly indicating that they interpret the relevant laws and regulations such that token sellers are money transmitters:

A developer that sells convertible virtual currency, including in the form of ICO coins or tokens, in exchange for another type of value that substitutes for currency is a money transmitter and must comply.

Make no mistake, this is a highly consequential interpretation. Accordingly, any group or individual developer who both (A) sold newly created tokens to buyers (i.e. had an ICO) involving U.S. residents and (B) failed to register with FinCEN as a money transmitter,and perform the associated compliance KYC/AML obligations, can be charged under a federal felony criminal statute, 18 U.S.C § 1960, with unlicensed money transmission. If found guilty one could face up to five years in prison. Criminal liability may also extend to employees of, and investors in, the business that sold the tokens.

There are important public policy questions at stake here:

  1. Is it wise or appropriate under relevant administrative law to make this substantial change/clarification in interpretation through a letter to a member of Congress interpreting guidance, rather than a public rulemaking or new legislation?
  2. Is it constitutional to mandate private data collection from people who are not financial intermediaries in the traditional sense, and may be better analogized to persons selling a new invention to buyers in a person to person transaction?

It is very difficult to take this letter and derive from it a clear picture of FinCEN’s interpretation. Only one footnote is given to explain their legal reasoning:

See, FIN-2013-G001 (explaining that convertible virtual currency administrators and exchangers are money transmitters under the BSA), and FIN-2014-R001, Application of FinCEN’s Regulations to Virtual Currency Mining Operations, January 30, 2014 (explaining that persons that create units of virtual currency, such as miners, and use them in the business of accepting and transmitting value are also money transmitters).

This footnote does not tell us whether FinCEN classifies these sellers as “exchangers” or “administrators,” two distinct types of money transmitter identified by the 2013 guidance. As we describe in our 2015 paper, there are compelling reasons why a developer selling a token is not an administrator: they cannot both issue and redeem the tokens that they sell, like a Bitcoin miner they merely put them into circulation and cannot claw them back (assuming they have sold an actual decentralized token and not some promise of future tokens). There are also good reasons why a developer selling a token is not an exchanger. They may sell but they do not do so as a business dedicated to exchange; they sell as one individual or entity would sell any valuable investment or commodity to another person, for their own purposes rather than to provide third-party money transmission services between two customers or people.

The bulk of the cited 2014 guidance on miners explains why a Bitcoin miner is not a money transmitter if they merely create the units. To be a money transmitter a miner must also sell them as part of an exchange business, rather than merely sell them on their own behalf. We can only assume that FinCEN believes that developers selling tokens are “in the business of accepting and transmitting value” in addition to creating new tokens. No doubt a developer selling tokens is accepting value, but who are they transmitting it to aside from themselves?

This is a complicated and consequential legal interpretation, and one that should be discussed, unpacked, and eventually finalized in a more formal and transparent setting, e.g. a rulemaking. A footnote in a letter to a Congressman should not suffice.

In the conclusion to our report from last May we outlined Coin Center’s position on these matters:

Common understanding suggests that money transmission is an act performed by an intermediary, a person who stands between two parties accepting money from one and transmitting it to another. When a person transacts directly with another person, giving them money for any reason—as a gift, a payment, a donation, a grant, a tip—she does not play this intermediary role. She does not hold herself out as a trusted third party. She is engaged in private, personal transactions rather than being engaged as a third party to the transactions of others.

Deputizing third-party intermediaries to surveil their users on behalf of the government is a policy choice Congress made long ago; one that carries risks to individual privacy but also potential benefits to national security and peace. It’s a tradeoff Congress made back in the 1970s and it isn’t going away anytime soon. However, mandating the same kind of surveillance from individuals who are not intermediaries—who are merely transacting on their own account with another citizen—is a considerable recalibration of the balance between privacy and security. It tips the scales against personal privacy and may even be unconstitutional.

This is not a recalibration that should be made merely by issuing administrative rulings or guidance, the approach thus far taken by FinCEN when dealing with these questions. Instead, FinCEN should clarify that selling decentralized virtual currency on one’s own account does not constitute money transmission, regardless of whether the purpose of that sale is to pay a merchant, to sell tokens received through mining, or—indeed—to sell one’s own newly invented decentralized token.

Should FinCEN or Congress wish to regulate this activity for financial surveillance purposes, that change must be the subject of a larger, more public debate within a notice and comment rulemaking or an amendment to the statutory law itself. Only those formal processes can enable necessary debate over financial surveillance and the constitutionality of warrantless search.

Link/Tweet

China intends to launch a national digital currency that will let the government easily surveil spending. Following in their footsteps would be a mistake.

A recent New York Times report highlights that Facebook’s Libra project has led Beijing to accelerate its cryptocurrency effort:

A state-issued e-currency would help China’s government know more — much, much more — about how its citizens spend their money, giving it sweeping new powers to fight crime and manage the economy while also raising privacy concerns.

“It’s extraordinary power and visibility into the financial system, more than any central bank has today,” said Martin Chorzempa, a research fellow at the Peterson Institute for International Economics in Washington.

Yet some in the U.S., including members of Congress, have been pointing precisely to China's pursuit of a state digital currency as a reason why the U.S. should consider its own corporate-led or central bank digital currency. As policymakers look at the issue they should make sure not to fall into the trap of undermining American values--like freedom of speech and assembly and rights to privacy and due process--in the haste of competing with China. Such values are absent in China's planned system, according to the Times:

Chinese officials use something of an oxymoron to describe what their new currency will offer: “controllable anonymity.”

“As long as you aren’t committing any crimes and you want to make purchases that you don’t want others to know about, we still want to protect this kind of privacy,” Mr. Mu, the deputy director of the central bank’s payments department, said in another recent online lecture on China’s cryptocurrency plans.

The capacity to perfectly surveil and control transactions on a payments or currency network is possible when intermediaries--whether banks, or companies, or consortia of either--operate a network. Any such American-led effort must forswear that kind of power by making anonymity and censorship-resistance core network features. To do otherwise would be to import authoritarian values out of fear when it is the liberal values enshrined in the U.S. Constitution that are the basis of our global leadership.

Link/Tweet

Coin Center has published a new plain English explainer on forks and airdrops to highlight ambiguities in recent IRS guidance.

Last week we published our analysis of the recently released IRS guidance. Our biggest concern with that guidance was that it incorrectly described how forks and airdrops occur, and therefore failed to provide much needed clarity with respect to how these events will be taxed.

Today we published an updated explainer on forks and airdrops to provide policymakers with a plain english description of how these events actually unfold. We hope this material will help to underscore how inappropriate it would be to hold taxpayers liable for forked or airdropped assets that they have taken no affirmative steps to claim and of which they may not even be aware. We are working closely with tax professionals, members of Congress, and other policymakers to ensure that this ambiguity is quickly resolved in a manner that does not leave cryptocurrency users with unreasonable obligations.

Read the explainer here.

Link/Tweet

This week’s EOS and Sia settlements with the SEC reinforce Coin Center’s 2016 policy recommendations.

Block.one has settled and is paying a fine for doing a pre-sale of EOS as ERC20 tokens, and Nebulous has settled and is paying a fine for selling Sianotes, a profit share in the returns from their network’s decentralized storage system. In both cases, the cryptocurrency on each project’s running network has not been deemed a security in their respective settlements: EOS (the tokens on the now functional EOS network) is not deemed a security, and Siacoin (the tokens on the now functional Siacoin network) is also not deemed a security in their settlement.

In our Framework for Securities Regulation of Cryptocurrencies we explained why this exact type of outcome strikes an ideal policy balance. Tokens providing some use-value from a decentralized network are not a good fit for securities regulation, while heavily marketed and pre-sold tokens (as in trading before the network is live) are a good fit for securities regulation.

In a 2018 update to our Framework we stressed that two separate inquiries should be performed regarding security classification if a network’s token was presold but later successfully launched and now provides functionality. First, an inquiry about the pre-sale agreement (and any tokens representing it, e.g. EOS’s original ERC20 token) will likely find them to be a security and investors could benefit from appropriate disclosures and controls. Second, a separate inquiry should look at the resultant decentralized token (once distributed) and if the network is powered by open source software and running with an open consensus mechanism the token is not a security, current purchasers have less need for a disclosure regime focused on the original issuer.

This division between pre-sold token and resultant token is sometimes referred to as a transmutation of a security into a non-security or commodity. We don’t like this framing. Nothing, in our opinion, ever transmutes. The agreement for future tokens was (and always will be) a security, and the tokens that get delivered are the fruits of that agreement. The resultant assets are not tainted by their being part of an earlier crowdfund any more than the Floridian land sold in the Howey case is tainted today. Yes the land and the tokens were involved in investment contracts that were rightly regulated as securities, but these assets are not securities when they trade on secondary markets amongst persons who did not participate in the prior investment schemes. With regard to functional and decentralized cryptocurrencies, there is no original sin and there is no transubstantiation.

While some may be vexed by the size of the fines involved, the policy here is sound. We are very gratified that the SEC continues to take a reasonable approach to providing investor protection in this space.

Link/Tweet

There is hidden tax guidance between the lines of recent IRS educational letters to cryptocurrency users.

On July 26, the IRS announced it was sending “educational” letters to more than 10,000 taxpayers that the agency suspects “failed to report income and pay the resulting tax from virtual currency transactions or did not report their transactions properly.” Commissioner Charles P. Rettig added that taxpayers “should take these letters very seriously by reviewing their tax filings and when appropriate, amend past returns and pay back taxes, interest and penalties.”

This initiative is somewhat surprising. Commissioner Rettig acknowledged in May that the agency has not yet provided taxpayers with “clarity on basic issues related to the taxation of virtual currency transactions," including fundamental questions such as how taxpayers should calculate the tax basis of their cryptocurrencies and how they should assign those bases to cryptocurrency dispositions. Commissioner Rettig has assured Congress and other stakeholders that substantive guidance will be coming “soon,” although there continues to be no mention of it in the agency’s “Priority Guidance Plan,” which lists “guidance items that are most important to taxpayers and tax administration.”

More surprisingly, perhaps, is that the threelettertemplates the agency released seem to contain answers to some of the open questions about the tax treatment of cryptocurrency transactions that it has failed to articulate in guidance. Two key examples:

  1. Notice 2014-21 says that “taxpayers will be required to determine the fair market value of virtual currency in U.S. dollars as of the date of payment or receipt.” We have previously noted that requiring fair market value calculations to be conducted using a daily exchange rate, rather than allowing for more precise methodologies, often doesn’t make sense, particularly for virtual currencies that have significant intraday exchange rate movements. The recently released Letters 6174 and 6174-A, however, instruct taxpayers to “report the virtual currency received at its fair market value, measured in U.S. dollars, as of the date and time of the transaction.” (Emphasis added.)

  2. Section 1031 of the Internal Revenue Code stipulates that no gain or loss need be recognized when certain types of property of “like kind” are exchanged. The Tax Cuts and Jobs Act of 2017 narrowed this exception to only apply to real estate exchanges starting in 2018, but it has been an open question whether or not certain virtual currency transactions that occurred before then would qualify. However, all three of the letters the IRS released—which address tax years 2013 to 2017–state that “an exchange of a virtual currency (such as Bitcoin, Ether, etc.) includes the use of the virtual currency to pay for goods, services, or other property, including another virtual currency such as exchanging Bitcoin for Ether.” The implication is that the IRS does not recognize the “like kind” exemption for cryptocurrencies.

Generally, the letters hint at positive changes in the IRS’ approach to the taxation of virtual currency transactions, albeit changes that should come in the form of formal guidance rather than ominous letters alleging noncompliance.

(For a more in-depth look at what the open questions are as well as suggestions of common-sense clarifying guidance the IRS could provide, please see our report “A Duty to Answer.”)

Link/Tweet

Coin Center submitted comments to Her Majesty’s Treasury defending UK citizens’ right to develop and publish open-source software.

As outlined in its consultation paper, “Transposition of the Fifth Money Laundering Directive”, HM Treasury is currently considering broadening the scope of the UK’s anti-money laundering/countering the financing of terrorism (AML/CFT) regulations to impose data collection and reporting requirements on not only cryptocurrency developers, but all open-source software developers and others who facilitate the peer-to-peer exchange of cryptoassets.

In our comment letter, we urge HM Treasury to refrain from such an over-broadening of its AML/CFT regulations. We argue that such an expansion would violate UK citizens’ free speech and privacy rights, as codified in the International Covenant on Civil and Political Rights (ICCPR) and in the European Convention on Human Rights (ECHR). Those arguments, which are more fully laid out in the comment, are briefly summarized below.

Regarding privacy rights, both the ICCPR and the ECHR prohibit intrusions upon the privacy of persons unless those intrusions are made in accordance with law that is sufficiently clear in its terms to give citizens an adequate indication as to the circumstances in which and the conditions on which public authorities are empowered to resort to this secret and potentially dangerous interference with the right to respect for private life and correspondence. The imposition of financial surveillance upon every user of cryptocurrency, regardless of their particular circumstances, would fail to meet this standard and would, therefore, not be in keeping with the ICCPR and the ECHR.

Regarding speech rights, any law or regulation attempting to ban, require licensing for, or compel the altered publication (e.g. backdoors) of open-source cryptocurrency software would be unconstitutional under First Amendment-like protections for speech afforded to UK citizens by the ICCPR and ECHR.

These arguments, and their underlying principles—the right to free speech and to privacy—hew closely to our recent report on how the First and Fourth Amendments to the US Constitution protect open-source software developers and users here in the United States.

Link/Tweet

The Human Rights Foundation has published a guide for activists and journalists to use Bitcoin privately.

In the second installment of their multi-part series meant to help those who may need to transact privately in the course of their sensitive work, security expert Eric Wall details the “how” of using Bitcoin privately.

To fight political dissent, authoritarian governments can abuse their power over the administrators of centralized payments networks. Bitcoin can be a lifeline in those situations. But using Bitcoin privately is no easy task. This guide aims to help, as Eric explains:

If you’re an activist or a journalist concerned with the dangers of having your bitcoin activity unmasked by a corporation or an authoritarian government, choosing the right wallet application could potentially mean the difference between life and death. While the previous article in this series aimed to answer the question “What traces do we leave when we’re using the Bitcoin blockchain?” to equip readers with a protocol-level understanding of Bitcoin’s privacy characteristics, this article aims to take things into the practical domain and familiarize the user with the applications we use to interact with the protocol to send and receive bitcoins; Bitcoin wallets.

The discussion being presented here is heavily focused on achieving privacy in the face of a spying corporation or government. For users who aren’t concerned by surveillance and simply wish to get started with bitcoin, this article is likely to be overkill. It is the purpose of this investigation to set fairly ambitious privacy goals for different use cases and explore the practical feasibility of achieving them using the tools currently available in the industry today.

Read the full guide here.

Link/Tweet

Non-custodial cryptocurrency mixer developers are not subject to U.S. regulation.

A recent seizure of a custodial cryptocurrency mixer by EU authorities has prompted some people to ask us what this means for popular privacy software like CoinJoin or Wasabi Wallet, which are user-hosted software tools, not third-party services that take custody of user funds.

In the U.S. at least, recent guidance from FinCEN clearly specified that the developers of such software do not qualify as money services businesses as that term is defined in the relevant law and regulations. Here is the relevant portion of our analysis of FinCEN’s recent guidance:

[L]et's look at what the Guidance says about privacy-preserving cryptocurrencies like Zcash and Monero, as well as privacy-preserving services like tumblers. Section 4.5.1 states that mere developers of cryptocurrencies or protocols are not regulated as money transmitters. This section draws a critical distinction between those who provide services that can anonymize cryptocurrency payments and others who only provide software. In both cases the Guidance seems to be considering tumblers and mixers as well as dedicated privacy-preserving cryptocurrency networks. For example, one can imagine a mixer service provider (which receives coins from users, shuffles all the coins, and sends them back to its users) on the one hand, or one can imagine mixer software (which is merely a protocol that allows participants in a mix to move money to and from each other without any service provider in the middle e.g., TumbleBit protocol) on the other. Similarly, you could have privacy-preserving cryptocurrency software (e.g., Monero or Zcash) on the one hand, and on the other a centralized service (like Liberty Reserve or e-Gold) with no internal records kept of user transfers.

What’s significant about this distinction is that, according to the Guidance, service providers are money transmitters and software providers are not. Again, this is not a surprising interpretation and it is one for which Coin Center has long advocated, but it is excellent that FinCEN explains it all and offers clarity to mere developers of these highly significant privacy technologies. The Guidance states clearly:

An anonymizing software provider is not a money transmitter. FinCEN regulations exempt from the definition of money transmitter those persons providing ‘the delivery, communication, or network access services used by a money transmitter to support money transmission services.’ This is because suppliers of tools (communications, hardware, or software) that may be utilized in money transmission, like anonymizing software, are engaged in trade and not money transmission.

As we said then, we are glad to see FinCEN’s care in carving out the developers and users of privacy-protecting software that will become important tools for those who need it most in an increasingly surveilled society.

Link/Tweet

Based in Washington, D.C., Coin Center is the leading non-profit research and advocacy center focused on the public policy issues facing cryptocurrency and decentralized computing technologies like Bitcoin and Ethereum. Our mission is to build a better understanding of these technologies and to promote a regulatory climate that preserves the freedom to innovate using permissionless blockchain technologies.