On May 9, 2019, the Financial Crimes Enforcement Network (“FinCEN”) published interpretive guidance to reiterate how FinCEN’s existing regulations relating to money services businesses (“MSBs”) apply to business models involving convertible virtual currencies (“CVCs”). The guidance is the most significant CVC-related guidance that FinCEN has released since its 2013 guidance on the application of money transmission regulations to CVC transactions. The guidance does not establish any new regulatory requirements but, rather, synthesizes FinCEN’s existing framework of regulations, administrative rulings, and guidance since 2011 and applies this framework to common business models involving CVCs.

The guidance largely focuses on the activities (i.e., business models) that will cause a person to be a “money transmitter” under FinCEN’s MSB regulations. For this purpose, a money transmitter is a person who accepts value from one person and transmits value to another location or person by any means. Money transmitters are required to register as MSBs and comply with anti-money laundering (“AML”) requirements, including AML compliance program recordkeeping, monitoring, and reporting requirements.

The regulatory interpretations contained in the guidance may extend only to other business models consisting of the same key facts and circumstances as the business models described in the guidance. Similarly, a person who is engaged in more than one type of business model may be subject to more than one type of regulatory obligation or exemption.

Some of the business models described in the guidance include:

  • Peer-to-Peer (“P2P”) Exchangers. P2P exchangers engaged in the business of buying and selling CVCs – including facilitating transfers from one type of CVC to a different type of CVC, as well as exchanges between CVC and other types of value – are money transmitters, whether their activities are conducted online or in person. A natural person that acts as a P2P exchanger on an infrequent basis and not for profit or gain will be exempt from the definition of money transmitter.
  • CVC Wallets. Whether a CVC wallet provider is a money transmitter depends on four factors: (a) who owns the value; (b) where the value is stored; (c) whether the owner interacts directly with the payment system where the CVC runs; and (d) whether the person acting as intermediary has total independent control over the value. Hosted wallet providers – account-based providers that receive, store, and transmit CVC on behalf of CVC owners – are money transmitters. However, the applicable regulatory framework, including the due diligence or enhanced due diligence procedures the CVC wallet provider must follow, varies based on the identity of the wallet owner and the nature of the transactions conducted through the hosted wallet. By contrast, owners of unhosted wallets – computer software that allows the owners to store and conduct CVC transactions – are not money transmitters. Multiple-signature wallet providers may be money transmitters depending on the services they offer. For example, if the multiple-signature wallet provider limits its role to creating un-hosted wallets that require the addition of a second authorization key to the wallet owner’s private key in order to validate and complete transactions, the wallet provider is not a money transmitter because it does not accept and transmit value.
  • CVC Kiosks. The owner-operator of an ATM-like electronic terminal that facilitates the exchange of CVC for currency or other CVC is a money transmitter.
  • Decentralized Applications (DApps). DApps – software programs that operate on a P2P computer network running a blockchain platform, but lacking an identifiable administrator – may be money transmitters depending on whether they transmit value. Developers who build DApps financed by an initial coin offering (“ICO”) are not money transmitters because the activity consists of producing a good or service. However, if the DApp developer uses the DApp to engage in money transmission, it will qualify as a money transmitter.
  • Payment Processors. CVC payment processors are financial intermediaries that enable traditional merchants to accept CVC from customers in exchange for goods and services. CVC payment processors fall within the definition of “money transmitter” and generally do not satisfy the “payment processor” exemption to the definition of “money transmitter” because such money transmitters typically do not operate, either in whole or in part, through a clearance and settlement system that admits only Bank Secrecy Act-regulated financial institutions. As such, CVC payment processors generally will need to register with FinCEN as an MSB.
  • CVC Trading Platforms and Decentralized Exchanges. CVC trading platforms that enable buyers and sellers of CVC to find each other, or facilitate trades as an intermediary, are money transmitters if the platform purchases CVC from the seller and sells it to the buyer. A platform that is merely a forum for buyers and sellers to post bids (but the parties themselves settle the matched transaction through an outside venue) is not a money transmitter.

FinCEN issued the interpretive guidance in conjunction with a separate advisory to help financial institutions identify and report suspicious activity involving virtual currency transactions. The advisory document warns that bad actors are increasingly using CVCs for money laundering, sanctions evasion, and other illicit financing purposes. The advisory highlights prominent typologies associated with such illicit activity, and provides a list of 30 “red flags” that MSBs and other financial institutions should watch for in evaluating potential suspicious activity. Finally, the advisory reminds financial institutions of their legal obligation to file suspicious activity reports (“SARs”), and identifies the types of information that are most helpful to law enforcement to be included in SARs.

The release of the FinCEN guidance and advisory were followed by a May 13 speech by Sigal Mandelker, the Treasury Department’s Under Secretary for Terrorism and Financial Intelligence, who is responsible for overseeing FinCEN regarding the AML and sanctions risks associated with virtual currency. Mandelker described how bad actors, including nations like Iran, North Korea, and Russia, are turning to virtual currencies as a method to evade economic sanctions. Similarly, terrorist organizations are using bitcoin to solicit donations from terrorist sympathizers. Mandelker praised FinCEN for its role in protecting national security and the virtual currency industry through its regulations and enforcement actions, including the release of the guidance and advisory.