A US federal court, the US Department of Treasury and the Securities and Exchange Commission all issued views on the regulation of cryptocurrencies that portend increasing complexity for market participants. A defendant in a separate criminal action, which alleges that an initial coin offering he orchestrated constituted an illicit sale of securities, argued that cryptocurrencies are not securities because they are currencies, and currencies are not included in the definition of securities under applicable law. Moreover, digital tokens issued in initial coin offerings do not take value from the sole or even significant entrepreneurial or managerial efforts of others – a hallmark of investment contracts (a type of security), he said. As a result, the following matters are covered in this week’s edition of Bridging the Weeks:
(Click here for details of these developments in the article “A Court, Treasury and the SEC Confirm Substantial Overlap in US Jurisdiction of Cryptocurrencies” in the March 8, 2018 edition of Between Bridges. This article includes My View regarding the need to rationalize the oversight of cryptocurrencies.)
Motion to Dismiss
On February 27, Maksim Zaslavskiy moved to dismiss a criminal complaint that had been filed against him in November 2017, charging that he engaged in illegal unregistered securities offerings and securities fraud in connection with the offering of digital tokens (REcoin and DRC) through initial coin offerings organized by two of his companies, REcoin Group Foundation, LLC and DRC World, Inc. (Click here to access a copy of the criminal complaint.) The complaint was filed in a federal court in Brooklyn, New York.
Among other things, Mr. Zaslavskiy claimed in his motion that the digital tokens he tried to create were not securities but cryptocurrencies, and that all currencies, fiat and otherwise, are not securities under applicable law. Indeed, claimed Mr. Zaslavskiy, the Securities Act of 1934, one of the relevant laws, expressly excludes currencies from the definition of a security. (Click here to access the definition of “security” under the Securities Act at 15 U.S.C. § 78(a)(10).) According to Mr. Zaslavskiy, “[t]here is no legal requirement that ‘currency’ be legal tender and recognized by the United States or any other foreign country.”
Additionally, Mr. Zaslavskiy argued that the REcoin and DRC cryptocurrencies issued as part of his company’s ICOs did not satisfy all four prongs of the Howey test. If they did, they could be construed to be an investment contract – a type of security. Under the Howey test – articulated in a 1946 Supreme Court decision (click here to access) – there must be (1) investment of money (2) in a common enterprise (3) with a reasonable expectation of profits (4) to be derived solely from the entrepreneurial or managerial efforts of others for an investment contract to exist. Among other things, posited Mr. Zaslavskiy, investors in REcoin and DRC did not expect profits through the efforts of others, but rather from “the value of the network flows from the critical efforts of all of its participants – from the efforts of the developers, to miners and the stakeholders alike.”
Previously, REcoin, DRC World and Mr. Zaslavskiy consented to the entry of a preliminary injunction and asset freeze in response to an SEC enforcement action alleging that they engaged in a fraudulent initial coin offering from July 2017 through at least September 2017. (Click here for background in the article “Second Lawsuit Against Tezos ICO Backers Filed; CME Group Schedules Testing of US Dollar Futures Contract Based on Bitcoin” in the November 19, 2017 edition of Bridging the Week.)
A Commissioner Speaks
In a keynote address before the DC Blockchain Summit last week, CFTC Commission Brian Quintenz again recommended that cryptocurrency platforms voluntary form a self-regulatory organization-type entity to develop industry standards and provide oversight over spot platforms, including enforcing its own rules against its members. Although recognizing that Congress has not yet authorized the creation of an SRO in the cryptocurrency space, he believes that “a private, cryptocurrency oversight body could help bridge the gap between the status quo and future government regulation.”
At the February 14 meeting of the CFTC’s Technology Advisory Committee, Mr. Quintenz called for the consideration of whether the “SRO model could assist cryptocurrency exchanges establish and enforce standards that protect investors and deter fraud.” (Click here for a copy of Mr. Quintenz’s prepared remarks.)
New Jersey Halts ICO
The New Jersey Bureau of Securities issued an emergency cease and desist order against Bitcoiin a/k/a Bitcoiin B2G to halt a pending initial coin offering scheduled to begin on approximately March 26, 2018, with a pre-ICO period already in effect. Bitcoiin purports to be a second-generation peer-to-peer cryptocurrency like Bitcoin but with improvements. (Click here for background.) The Bureau of Securities claimed that Bitcoiin’s offering constituted the offer and sale of unlicensed securities.
Coinbase, Inc. and two of its senior officers were named in a purported class action lawsuit filed in a federal court in California on March 1, claiming that the some of the firm's employees engaged in insider trading of Bitcoin Cash (BTH) prior to the firm's announcement on December 19, 2017, that it would commence offering trading services in the virtual currency to the public the following day (click here to access Coinbase's blog announcement). Previously, claimed the lawsuit, Coinbase alerted its own employees of its imminent intention to offer these trading services despite making contrary statements to the public. In response, some Coinbase employees allegedly purchased and sold BTH, driving up the price of BTH overall, said the lawsuit. Public investors were harmed, argued the lawsuit, when they could not purchase BTH at the same prices as Coinbase employees, but only at the allegedly artificially higher prices following the firm's public announcement. Shortly after its commencement of public trading of BTH, Coinbase announced it would conduct its own investigation related to possible improper pre-announcement trading by its employees following market rumors of their trading (click here to access Coinbase's blog announcement on December 20, 2017). Coinbase operates the Global Digital Asset Exchange, a unit of the firm. A hard fork in Bitcoin created BTH on approximately August 1, 2017. A second purported class action lawsuit was filed naming Coinbase on March 2 related to certain of the firm's practices related to virtual currencies it allegedly possesses sent to persons through the firm by email that have been unclaimed by such persons.
My View: The SEC takes a very broad view of what constitutes a security. This view is principally premised on the agency’s interpretation of Howey. Applying this Supreme Court decision, the SEC has argued that an investment contract can exist when persons invest money in a project and expect profits through the appreciation in value of their investment attributable to the significant entrepreneurial or managerial efforts of others, even if such “profits” can be realized solely by investors reselling their investments and not through traditional indicia of investments such as the receipts of dividends or other derivations of a company’s revenue. (Click here for background on the SEC’s views in the article “Non-Registered Cryptocurrency Based on Munchee Food App Fails to Satisfy SEC’s Appetite for Non-Security” in the December 17, 2017 edition of Bridging the Week.)
However, under this approach, privately issued gold coins promoted by their issuers could potentially be deemed investment contracts by the SEC, as could special edition collectible automobiles hyped by their manufacturers. In these instances, purchasers would reasonably expect to realize a premium to ordinary market value if they resold their asset because of the significant entrepreneurial or managerial efforts of others designed to create buzz around their asset. This seems like an attenuated view of what should be considered a security, but it appears consistent with the SEC’s current reasoning. This view could also potentially capture some virtual currencies within the definition of a security as well. (Click here to see this possibility raised in Question 9 in the CFTC’s request for comment in connection with its proposed guidance on “actual delivery” for retail commodity transactions involving virtual currencies (December 20, 2017) – at page 60341.)
To date, no one has correlated the price of any cryptocurrency to any individual causation element, let alone solely or even significantly to the managerial or entrepreneurial efforts of any promoters. In most cases, cryptocurrencies appear to fluctuate in value because of a network effect derived from many considerations, including scarcity of the relevant cryptocurrency, perceived utility of the project behind the digital token, token safety and regulation. As a result, the SEC’s view of what constitutes an investment contract, and thus a security, in the cryptocurrency space appears to be a stretch.
Compliance Weeds: SEC-registered brokers, dealers, investment advisers and investment companies must maintain written policies and procedures to protect customer information against cyber-attacks and other types of unauthorized access, and they have obligations to detect, prevent and mitigate identity theft. (Click here to access 17 CFR §248.30) and here to access 17 CFR §248.201-202.) The Financial Industry Regulatory Authority recently announced it would be reviewing members’ cybersecurity program effectiveness as part of its inspection of member firms in 2018. (Click here for background in the article “FINRA Announces 2018 Examination Priorities; Will Review Role of Firms and Salespersons in Facilitating Cryptocurrency Transactions and ICOs” in the January 15, 2018 edition of Bridging the Week.) FINRA published a report on effective cybersecurity practices by broker-dealers in 2015 (click here to access).
Since March 1, 2016, every National Futures Association member FCM, retail foreign exchange dealer, commodity trading advisor, commodity pool operator and introducing broker is required to maintain a formal written information system security plan (ISSP) that, among other things, establishes a government framework “that supports informed decision making and escalation within the firm to identify and manage information security risks.”
ISSPs must also require assessment and prioritization of the risks associated with the use of information technology systems; the deployment of safeguards against identified threats and vulnerabilities; and implementation of a formal incident response plan to respond to and recover from cyber-breaches.
Employee training and the risks posed by critical third-party service providers that access a member’s system or provide outsourcing must also be addressed in an ISSP.
A relevant member’s chief executive officer, chief technology officer or other executive-level officer should approve its ISSP. Moreover, “sufficient information” should be provided about the ISSP to a relevant member’s board or governing body (or delegated committee) “to enable it to monitor the Member’s information security efforts.” NFA contemplates that a member that is part of a group may comply with its ISSP requirements through participation in a consolidated entity ISSP. An NFA member must retain all records related to its adoption and implementation of an ISSP in accordance with ordinary CFTC recordkeeping requirements.
NFA members should regularly monitor ISSPs, and ISSPs’ effectiveness should be reviewed at least once every 12 months by either in-house staff with appropriate knowledge or an independent third-party specialist.
(Click here to access NFA Interpretive Guidance 9070, Information Systems Security Programs.)
Just recently, AMP Global Clearing LLC, a Commodity Futures Trading Commission-registered FCM, agreed to pay a fine of US $100,000 to resolve an enforcement action brought by the Commission claiming that it failed to supervise a third party’s implementation of “critical” provisions of its ISSP. As a result of this failure, said the Commission, AMP’s technology system was compromised by an unauthorized individual (Infiltrator) who impermissibly copied approximately 97,000 files, including many files that contained confidential personal information. (Click here for details in the article “CFTC Says Futures Brokerage Firm’s Failure to Supervise Led to Unauthorized Cyber Attack” in the February 18, 2018 edition of Between Bridges.)
Unrelatedly, Ginga Global Markets Pte Ltd, a non-member, consented to settle charges brought by the New York Mercantile Exchange related to its purported failure to supervise employees in their reporting of block trades to the exchange. According to NYMEX, from May 1, 2016, through May 1, 2017, Ginga did not have procedures to review block trades before and after exchange submission to ensure that block trade execution times were accurate. Accordingly, implied NYMEX, the firm “frequently misreported the true and accurate execution times of block trades” to the exchange. To resolve this matter, Ginga agreed to pay a fine of US $60,000 to NYMEX. According to the exchange’s disciplinary notice, there was no suggestion that Ginga was a principal to any block trade; it solely acted as the executing broker.
Block trades may be entered into CME Direct or CME Clearport as either single-sided or dual-sided entries. For single-sided entries, the buyer and seller each agree to enter their side of a transaction and indicate the other as the opposite party. In this circumstance, both parties must comply with the relevant time period.
Where a broker or other representative will enter the buy and sell side of a block transaction on behalf of two counterparties, the broker or representative assumes the obligation of complying with the relevant time period.
Disputes between parties may arise when one side believes a trade has been consummated and reports it within the requisite time period, and the other side does not, arguing that a transaction has not been finalized. Parties aggrieved by this outcome should raise complaints to Market Regulation staff expeditiously.
(Click here for background on CME Group’s requirements related to block trades in CME Group MRAN1802-5.)
For further information:
Broker-Dealer Agrees to Pay US $1.25 Million Fine to SEC for Permitting Unauthorized Sales of Unregistered Securities:
Court Rules Justice Department Cannot Dismiss Case Against Alleged Spoofer in Connecticut to Add More Charges in Illinois:
Federal Court, Treasury and SEC Provide Further Guidance on Cryptocurrencies; Subject of Criminal Complaint for ICO Asks Court to Dismiss Prosecution Claiming Cryptocurrencies Are Not Securities:
FINRA Proposes New Rule to Govern Outside Business Activities:
Futures Brokerage Firm Penalized US $100,000 by NFA for Failing to Supervise Guaranteed Introducing Broker That Engaged in Deceptive Sales Solicitations:
ICE Futures U.S. Offers Guidance on Position Limits and Exemptions:
Trader Agrees to Three-Year ICE Futures US Trading Ban to Resolve Charges He Traded to Illicitly Move Funds From His Employer to Himself:
UK Brokerage Firm Shut Down by Financial Conduct Authority; Firm Also Charged in US With Securities Fraud and Money Laundering:
The information in this article is for informational purposes only and is derived from sources believed to be reliable as of March 10, 2018. No representation or warranty is made regarding the accuracy of any statement or information in this article. Also, the information in this article is not intended as a substitute for legal counsel, and is not intended to create, and receipt of it does not constitute, a lawyer-client relationship. The impact of the law for any particular situation depends on a variety of factors; therefore, readers of this article should not act upon any information in the article without seeking professional legal counsel. Katten Muchin Rosenman LLP may represent one or more entities mentioned in this article. Quotations attributable to speeches are from published remarks and may not reflect statements actually made.