On Friday, the leaders of the Securities and Exchange Commission (“SEC”), Commodity Futures Trading Commission (“CFTC”), and Financial Crimes Enforcement Network (“FinCEN”) (collectively, the “Agencies”) issued a “Joint Statement on Activities Involving Digital Assets” (the “Joint Statement”). The Joint Statement serves as a reminder that businesses engaged in activities involving digital assets – or, as they are sometimes called, virtual currencies or cryptocurrencies – should be attentive to their anti-money laundering (“AML”) obligations, including under the Bank Secrecy Act (“BSA”).
The Joint Statement notes that the BSA requires “financial institutions” to: (1) establish and implement an effective AML program; and (2) comply with certain recordkeeping and reporting requirements, including the filing of suspicious activity reports (“SARs”). These requirements apply not just to a financial institution’s traditional lines of businesses, but also to its businesses involving digital assets.
The Joint Statement explains that, among others, the following types of entities are “financial institutions” subject to obligations under the BSA:
- Broker-dealers and mutual funds required to register with the SEC;
- Futures commission merchants and introducing brokers required to register with the CFTC; and
- Money services businesses (“MSBs”) as defined by FinCEN.
While observing “market participants refer to digital assets using many different labels,” the Joint Statement applies to the full range of “digital assets,” including those that qualify as securities, commodities, or security- or commodity-based instruments, such as futures or swaps.
According to the Joint Statement, the regulatory treatment of any particular digital asset activity will be dictated by “the facts and circumstances underlying [the] asset, activity or service, including . . . economic reality and use.” These facts and circumstances are also “key factor[s]” in determining whether a company must register with the CFTC, FinCEN, or the SEC. For covered financial institutions, BSA compliance will be overseen by one or more of the Agencies. SEC or CFTC registrants will, in addition, also generally be overseen by a self-regulatory organization, such as the Financial Industry Regulatory Authority (“FINRA”) or the National Futures Association (“NFA”).
The Joint Statement emphasizes that, for certain companies overseen by the SEC or CFTC, BSA obligations will apply to transactions regardless of the type of digital asset involved. As an example, the SEC generally regulates “securities” and “security-based swaps,” and not “commodities” or commodity derivatives contracts. However, if an SEC-registered broker-dealer enters into transactions in a digital asset that is treated as a “commodity” or convertible virtual currency (“CVC”) (such as Bitcoin), the BSA obligations for broker-dealers would still apply to those transactions.
The Joint Statement is notable for cutting across the complicated interpretive questions that digital asset activities present, and for reflecting a harmonized approach across all three federal agencies that have been most active in regulating digital assets.
In recent months and years, FinCEN, the SEC, and the CFTC have all been active in addressing the regulatory treatment of digital asset activities. Previous guidance and enforcement activities, however, have tended to focus on the Agencies’ particular spheres of jurisdiction. As just a few examples:
- FinCEN in May 2019 released interpretive guidance regarding MSB business models that involve CVCs (we described this guidance in detail at the time). In addition, FinCEN has recently brought enforcement actions against financial institutions and individuals for allegedly failing to meet their Bank Secrecy Act (“BSA”) obligations with respect to digital assets.
- The SEC in April 2019 issued a statement regarding when digital assets would be considered to meet the definition of “securities” under federal law; and
- The CFTC in May 2018 published an advisory that provides guidance to CFTC registrants for listing commodity derivatives contracts based on underlying digital assets.
In contrast, the upshot of the Joint Statement is to emphasize that, regardless of its primary regulator, any financial institution engaged in digital asset activities may face AML obligations under the Bank Secrecy Act (“BSA”), which the Agencies will expect the financial institution to meet.