This past week, co-defendants in a class action related to the theft of cryptocurrency engaged in their own lawsuit over alleged security failures.  IRA Financial Trust, a retirement account provider offering crypto-assets, sued class action co-defendant Gemini Trust Company, LLC, a crypto-asset exchange owned by the Winklevoss twins, following a breach of IRA customer accounts.  IRA claims that Gemini failed to secure a “master key” to IRA’s accounts, and that hackers were able to exploit this alleged security flaw to steal tens of millions of dollars of cryptocurrency.  This lawsuit demonstrates the growing trend of cryptocurrency thefts resulting from cyber breaches, and ensuing litigation activity.

Continue Reading Litigation Between FinTech Companies Follows Class Action Over Cryptocurrency Theft

A recent class action refiled in federal court against Shopify highlights a growing trend of lawsuits against companies related to the theft of cryptocurrency, particularly as a result of internal company threats. See Forsberg et al v. Shopify, Inc. et al, 1:22-cv-00436 (D. Del.). Despite not itself being a repository for or facilitating the

On Monday, May 17, 2021, the Federal Deposit Insurance Corporation (“FDIC”) issued a request for information and comment (“RFI”) regarding the current and potential digital asset activities of insured depository institutions (“IDIs”).  The RFI is intended to inform the FDIC’s understanding of digital asset activities, including associated risk and compliance management issues.  Comments on the RFI are due by July 16, 2021.

The RFI categorizes digital asset activities into five use cases and solicits comments based on this framework.  The five use cases are (i) technology solutions, such as token-based systems and distributed ledgers; (ii) asset-based activities, such as investments and margin lending; (iii) liability-based activities, such as deposit services and reserves; (iv) custodial services; and (v) other activities, which could include market-making and decentralized financing.  The RFI requests comment on whether additional use cases should be included within this framework and which use cases have the greatest demand in the marketplace.  The RFI also requests that commenters provide more detailed information about the use cases that IDIs currently conduct or are considering conducting.

Continue Reading FDIC Issues Request for Information on Digital Assets

On September 21, 2020, the Office of the Comptroller of the Currency (“OCC”) published a letter addressing the authority of nationals banks to hold deposits that serve as reserves for stablecoins, which is a type of cryptocurrency designed to have a stable value. The OCC concludes that national banks and federal savings associations may engage in certain stablecoin activities as described in the letter.
Continue Reading OCC Issues Guidance on National Banks and Stablecoin Activities

Today, the OCC released an interpretive letter concluding that national banks and federal savings associations (together, “banks”) may permissibly provide cryptocurrency custody services for customers.  The letter, written by Chief Counsel Jonathan Gould, describes custody of cryptocurrency as a modern form of the traditional banking activity of providing safekeeping and custody services, which the agency has previously permitted banks to conduct through electronic means.  The letter also “reaffirms the OCC’s position that national banks may provide permissible banking services to any lawful business they choose, including cryptocurrency businesses, so long as they effectively manage the risks and comply with applicable law.”

Continue Reading OCC Interpretation Paves Way for Banks to Custody Cryptocurrency

On May 9, 2019, the Financial Crimes Enforcement Network (“FinCEN”) published interpretive guidance to reiterate how FinCEN’s existing regulations relating to money services businesses (“MSBs”) apply to business models involving convertible virtual currencies (“CVCs”). The guidance is the most significant CVC-related guidance that FinCEN has released since its 2013 guidance on the application of money transmission regulations to CVC transactions. The guidance does not establish any new regulatory requirements but, rather, synthesizes FinCEN’s existing framework of regulations, administrative rulings, and guidance since 2011 and applies this framework to common business models involving CVCs.

Continue Reading FinCEN Issues Guidance to Synthesize Regulatory Framework for Virtual Currency

[This article was also published in Law360]

Despite enduring the longest government shutdown in U.S. history, the U.S. Securities and Exchange Commission’s Division of Enforcement filed more cases in the first six months of this fiscal year than in the same period last year. From October 2018 through the end of March, the division filed 216 new “stand-alone” actions,[1] compared to just 149 during the first six months of FY 2018.

This increase was largely due to 79 cases filed on a single day in March against investment advisers for alleged disclosure failures relating to conflicts of interests associated with certain mutual fund fees. With the addition of these cases, enforcement actions against investment advisers made up nearly 50% of all cases filed so far this fiscal year.

Excluding the 79 March settlements from the half-year results, the division filed only 137 stand-alone enforcement actions — 12 fewer than at the same point last year, though perhaps more in line with our expectations, considering the time lost during the shutdown.

Overview of FY 2019 Enforcement

Despite bringing fewer cases involving broker dealer misconduct, insider trading and public finance abuse, the division is outpacing its FY 2018 results in the areas of issuer reporting/audit and accounting, Foreign Corrupt Practices Act and, as mentioned above, investment adviser misconduct.

The division is also close to where it was in FY 2018 with respect to market manipulation cases, just 10% off last year’s pace. Below is a chart comparing this year’s performance to FY 2018. For a comprehensive analysis of FY 2018, see our earlier article here.

As the chart above shows, the government shutdown assuredly had a negative impact on several program areas. Every enforcement area but investment adviser misconduct, FCPA and issuer reporting/audit and accounting has seen a decline relative to the same period last year. Most notable is the decline in securities offering cases, which had increased each of the past two years.

Nevertheless, some enforcement activity continued during the shutdown and even a few enforcement actions were brought. According to Chairman Clayton,[2] during the shutdown, the SEC “focused on monitoring the functioning of our markets and, as necessary to prevent imminent threats to property, taking action.” That action involved filing only 10 new cases during the lull.

Notably, during the shutdown, the division sued nine individuals and entities accused of hacking into the SEC’s EDGAR system — the electronic portal used by the public to make SEC filings — in 2016. The defendants purportedly accessed the system to extract nonpublic information for use in illegal trading.

Before the shutdown, the SEC brought several significant cases against public companies for disclosure violations and fraudulent or otherwise deficient financial statements or internal controls. Once the shutdown ended, the agency picked up where it left off, ending with 20% more cases in these areas than during the same period last year.

In addition to significant cases against the Hertz Corporation,[3] Lumber Liquidators Holdings Inc.[4] and Volkswagen Aktiengesellschaft,[5] the SEC punctuated those efforts with two mini-sweeps — one addressing alleged longstanding but unaddressed internal controls failures and another focused on alleged failures to disclose that required quarterly reviews by external auditors had not occurred.

Continue Reading SEC Has Been Busy in FY 2019

New York has enacted the Digital Currency Study Bill, which will establish a digital currency task force and provide the governor and the state legislature information “on the effects of the widespread use of cryptocurrencies and other forms of digital currencies and their ancillary systems in the state.”  The task force will conduct an extensive review of the blockchain industry in New York (with an emphasis on cryptocurrency exchanges), while analyzing the laws and regulations of other states, the federal government, as well as foreign countries. In particular, the task force will provide legislative and regulatory recommendations to “increase transparency and security, enhance consumer protections, and to address the long term impact related to the use of cryptocurrency.”  The task force will submit their findings by December 15, 2020.

This legislation is the latest step by New York to understand and regulate cryptocurrency as well as the blockchain industry.  Clyde Vanel, the primary sponsor for this bill and the Chair of the Subcommittee on Internet and New Technologies of the New York Assembly, stated that “the task force of experts will help us strike the balance between having a robust blockchain industry and cryptocurrency economic environment while at the same time protecting New York investors and consumers.”

New York is not the first state to establish such a task force.  In September 2018, the California state legislature passed a bill that will establish a working group to discuss the potential applications of blockchain technology and how such technology will affect businesses, the government, and other social purpose organizations.  The bill also, for the first time in California, defines blockchain technology as “a mathematically secured, chronological, and decentralized ledger or database.”[1]
Continue Reading New York State Passes Legislation to Form a Cryptocurrency Task Force

On October 10, the North American Securities Administrators Association (“NASAA”)—an association of state, provincial, and territorial securities regulators in the United States, Mexico, and Canada—released its annual Enforcement Report (the “Report”). The Report demonstrates that, while stepped-up enforcement activity has been observed at the federal level with respect to cryptoasset markets, state regulators are increasingly getting in on the action.

Continue Reading State Securities Regulators Step Up Scrutiny of Cryptoassets and ICOs

Arizona recently became the first state in the U.S. to create a “regulatory sandbox” program to facilitate the development of innovative financial products and services. Such products would either incorporate new or emerging technology or reimagine uses of existing technology. The program would exempt participants from certain state financial regulations, but not federal requirements.

On