The Coin Center Annual Dinner will be on 10/6  in NYC. Get tickets here. 

The BRCA is ready to become law

The BRCA’s final text reflects the concerns of skeptics while preserving the protection non-custodial developers need.

by 

Blog Financial Surveillance Privacy & Autonomy Congress

Coin Center has advocated for a safe harbor from money transmission licensing and liability since 2016. That effort began to bear fruit when Representatives Tom Emmer and Darren Soto introduced the first Blockchain Regulatory Certainty Act in 2018.

Since then, the bill has been debated, revised, scrutinized, and stress-tested. The stakes have grown with the prosecution of Roman Storm. Critics have also grown more vocal as cryptocurrency has been misused in visible hacks, sanctions evasion, and other crimes.

Coin Center has listened to those critics. We have worked with lawmakers, regulators, the White House, Treasury, law enforcement, and national security stakeholders to help change the bill to avoid unintended consequences. An overbroad protection can become a loophole. An underinclusive one can fail to protect the people the bill is meant to protect.

The BRCA is now moving as part of Clarity, not as a stand-alone bill. It codifies the core of FinCEN’s 2019 guidance: people who do not accept and transmit money should not face money-transmitter licensing or federal felony liability merely because they publish software or help users custody their own assets.

What BRCA protects

The BRCA began with a control test. The original House bill protected a “blockchain developer or provider of a blockchain service” unless that person had “control over digital assets” to which a user was entitled.

“Control” meant the “unilateral and independent” ability to obtain what was needed to spend user assets “without the approval, consent, or direction of any other person.”

If a person can unilaterally move customer funds, the person can be regulated as an intermediary. If a person merely publishes software or provides infrastructure without control, money-transmitter regulation is the wrong fit. The original BRCA achieved this by clarifying that a non-controling developer is not a “financial institution” under the Bank Secrecy Act.

What changed

The first major narrowing came when BRCA was incorporated into House Clarity. The House Clarity version removed the broad “financial institution” protection and focused the bill on “money transmitter,” “money transmitting,” and “substantially similar” classifications.

Critics raised a valid concern. Some financial institutions apart from money transmitters are non-custodial but still have customer relationships and attendant Bank Secrecy Act obligations. A securities broker-dealer, for example, should not escape those obligations simply by doing business on a blockchain.

Coin Center supported the narrowing after serious internal debate. The BRCA should not let banks, broker-dealers, futures commission merchants, casinos, or other traditionally covered entities use non-custodial technology to avoid obligations that apply for independent reasons.

Senators Lummis and Wyden introduced a standalone version that kept the same structure and updated the terminology.“Blockchain” became “distributed ledger.” The protected party became a “non-controlling developer or provider.” The test remained whether the person has the legal right or unilateral ability to “control, initiate, or effectuate transactions” involving user assets. The protection was limited to “money transmitting.”

That text was also incorporated into Senate Clarity. Senate Clarity also addresses AML concerns elsewhere. Section 301 creates a decentralization test for DeFi trading protocols, subjecting insufficiently decentralized services to securities regulation and BSA obligations. Section 302 directs Treasury to provide guidance on front ends and sanctions obligations under existing law. Those provisions are reasonable and represent real concessions to law enforcement and AML concerns. Coin Center has come to support them because the risks of overapplication are tempered by the BRCA’s protections for genuinely non-custodial developers, front ends, and infrastructure. For us, these provisions are reciprocal. Expanded obligations for insufficiently decentralized services must be paired with clear protections for people who do not control customer funds.

Finally, responding to further concerns from law enforcement, the Senate Banking version of the BRCA also added an express criminal-law savings clause. The BRCA now provides that it does not modify money transmission liability under 18 U.S.C. § 1960(b)(1)(C) for a person who acts with “specific intent” to transfer funds the person knows are “derived from a criminal offense” or “intended to promote or support unlawful activity.”

Coin Center supported addressing that concern. We have never sought protection for people who knowingly move specific criminal funds on behalf of others. We also worked to ensure that criminal liability would not creep back onto neutral software development, self-custody tools, or infrastructure.

Why it is ready

The BRCA has narrowed over time. It no longer contains the broad “financial institution” protection. It preserves traditional BSA obligations where they apply for independent reasons. It preserves criminal liability for knowing facilitation under 18 U.S.C. § 1960(b)(1)(C).

Non-custodial software development is not financial intermediation. Publishing code is not accepting and transmitting money. Helping users hold their own assets is not custody. Running infrastructure is not operating a financial institution.

Coin Center thanks Representatives Emmer and Torres, House Financial Services Committee staff, the White House, Treasury, Senators Lummis, Wyden, Moreno, and Grassley, and Senate Banking Committee staff for their care on these issues.

Further cuts would defeat the bill’s primary goal: limiting dangerous federal felony liability to people who actually transmit money or knowingly and intentionally support others in doing so.

They would also badly distort CLARITY. Without the BRCA, the bill would still create a market structure for large intermediaries and token issuers. But it would lose one of its most important protections for developers, users, and open infrastructure. Stripping BRCA would not make CLARITY tougher on industry. It would not be a way to push back against perceived crypto-corruption. It would, in fact, be the opposite. It would make it a bill that helps the largest and most regulated businesses while leaving the builders of free and open infrastructure out in the cold.

Members of both parties should support BRCA if they believe in American innovation, clear AML obligations for the right actors, and the rule of law.