In the United States, obstruction of privacy has regularly been used as a way to observe citizens by government agencies. Bitcoin, the most widely used cryptocurrency, is built upon blockchain technology and allows for the possibility of an open, inclusive, global financial system. In their infancy, Bitcoin and other cryptocurrencies were unregulated. No rules had been invented, and thus it was a space free of scrutiny. It was, as lawmakers often said, the “Wild West”. Interest in moderating the space has exploded in the last two years, as lawmakers have realized the space is messy and rules must be set in place. Here at Blockchain at Berkeley (B@B), we’ve spent several months closely watching the ensuing attempts at regulating the space. We provide this overview of crypto regulation and its implications.
Several regulatory bodies are pushing on the DeFi space, some well-known while others operate out of the headlines.
The Securities and Exchange Commission (SEC) is technically an independent agency of the United States government which was established after the market crashes which led to the Great Depression in the late 1920s. Its stated role is to protect public market investors and maintain the trust of public exchanges and their listed securities. The SEC also runs a whistleblower’s program for violations of securities laws.
The Federal Reserve / The Office of the Comptroller of the Currency (OCC) leads a system of national banks and sets monetary policy including currency reserve requirements, the federal funds rate, stabilizing prices, setting inflation targets, and also serves as a lender of last resort.
The Commodities Futures Trading Commission (CFTC) regulates derivatives markets, including commodity futures, options, swaps, and is supposed to maintain the integrity of transactions, which they do so by conducting risk assessments and reviews.
The Consumer Financial Protection Bureau (CFPB) focuses on protecting consumers from unfair manipulation via debt collection practices, predatory loans/mortgages, advertising, and social media.
These regulatory bodies spend a significant amount of work reviewing, investigating, and auditing the financial world and DeFi as it grows. We want to highlight what actions these bodies have taken so far to regulate the crypto space.
This section offers a comprehensive history of the regulation of the crypto space and significant events and incidents that occurred, i.e., ICOs that were shutdown, policy changes, BitMEX shut down, Kik ICO lawsuit, etc.
In 2019, the SEC filed a legal complaint against Telegram and Telegram Open Network (TON). Telegram was ordered to pay back $1.2 billion to investors and pay an $18.5 million civil penalty after its failed ICO. Telegram had raised $1.7 billion through privately placed investment contracts under an exemption found in Regulation D of the Securities Act of 1933. The Howey Test was applied to determine if there was a securities offering. The court found that the pre-sale scheme was a security. According to Lara Shalov, an associate regional director of the SEC’s NY office, Telegram had attempted to “flood the markets with securities sold in an unregistered offering without providing full disclosures concerning their project.” Telegram had sold nearly 3 billion Grams to 171 initial purchasers around the world as a way to raise capital. Telegram alleged the token itself was not a security, although the token purchase offering for the Gram constituted a security.
Kik ICO lawsuit
In 2019, the SEC sued Canadian messaging app Kik over a dispute Kik held for its ICO network Kin. According to the SEC, Kik allegedly violated U.S. security and investment laws with its illegal $98 million ICO. The ICO was unregistered and thus illegally violating Section 5 of the Securities Act. Kin claimed that the Kin token sale was not a securities sale, reliant on the fact that purchasing Kin was not an investment contract, since Kin purchases did it for their utility and not with the prospect of making a profit due to price fluctuations. Kik was ordered to pay a $5 million penalty and give the SEC a 45 day notice if they were to do another.
The Howey Test was also applied to the case. To meet the Howey Test, there must be “i) an investment of money ii) in a common enterprise iii) with profits to be derived solely from the efforts of others.” Kik and the SEC agreed on the first part but disagreed on parts two and three. In Judge Hellerstein’s order for summary judgment, he wrote, “Kik established a common enterprise. Kik deposited the funds into a single bank account. Kik used the funds for its operations, including the construction of the digital ecosystem it promoted.” Judge Hellerstein also cited Kik CEO Ted Livingston as evidence of the expectation of profit.
The Bitcoin Mercantile Exchange (BitMEX) was the world’s first cryptocurrency exchange. BitMEX pleaded guilty to violating the Bank Secrecy Act for failing to maintain anti-money laundering (AML) and know-your-customer (KYC) programs. The SEC thus considered BitMEX a money laundering program. Damian Wiliams, who at the time was U.S. Attorney, commented that BitMEX CEOs Arthur Hayes and Benjamin Delo “built a company designed to flout [their obligation as a business to help drive out crime and corruption.” Additionally, BitMEX founders repeatedly claimed that BitMEX did not operate in the United States, which was not true, as they derived substantial profits from U.S. trading.
Mt. Gox 750,000 BTC theft
Mt. Gox was the leading exchange for Bitcoin circa 2013 when roughly 80% of all Bitcoin trading occurred on the site. However, extreme security breaches had been widely reported as early as 2011. In essence, the 2011 security breach exploited a hack that compromised the credentials of an auditor for the exchange. The malicious party was able to subsequently transfer bitcoins to themselves and artificially deflate the nominal price, thereby producing a fraudulent sell order at almost any price. These security concerns snowballed until 2014 when the exchange was halted and Mt.Gox declared bankruptcy under the premise that it had been continually hacked over an extended period. Unimaginable figures like 6% of all circulating Bitcoin, $400 million, and 750,000 Bitcoin were thrown out in terms of what was lost.
SEC v. Ripple Labs Lawsuit
On December 22, 2020, the SEC filed a lawsuit against Ripple Labs and two executives claiming that Ripple traded $1.3 billion worth of XRP in the form of a security without registering it with the SEC. The lawsuit claimed Ripple violated the registration provision of the Securities Act of 1933 and that XRP passed the Howey Test. Ripple and other companies have responded by stating that the SEC is biased. This claim was worth considering since the SEC had not considered the sales of Bitcoin and Ether as “securities transactions.” According to the SEC’s description of XRP, it passes the Howey Test and qualifies as a security since it helped pay for Ripple’s platform. Ripple executives also profited from the sale of XRP.
This ongoing case sets a legal precedent for the future of cryptocurrencies. If the ruling is in favor of the SEC, more stringent regulations will apply to future lawsuits. If the ruling favors Ripple Labs, the CFTC will be the main regulator and technological innovation will be less stifled.
In 2022, the SEC charged BlockFi with failing to register the offer and sales of its crypto lending product. As a consequence, BlockFi received a $100 million fine and was barred from operating in the United States. BlockFi was also given sixty days to make sure its business follows the Investment Company Act of 1940. On a similar note, the SEC warned Coinbase that it would sue if it launched a lending product. This is the biggest fine so far.
Legal overview of laws that define and classify a security, such as the Howey Test which was created by the Supreme Court to define what an investment contract is.
KYC (Know-Your-Customer) rules
KYC (Know-Your-Customer) rules are a compliance obligation to obtain customer information before providing financial services. KYC rules require certain types of money-handling businesses to do three things: identify and authenticate clients, evaluate the risk of clients, and watch out for anomalous behavior. Many decentralized crypto services allow users to maintain anonymity and withhold personal information, which is a problem for regulators.
AML (Anti-Money Laundering) rules
Firms are required to comply with AML (Anti-Money Laundering) rules under the Bank Secrecy Act by reporting suspicious transactions like “money laundering and terrorist financing”. Regulators implement AML rules to understand the background, context, and sources of wealth individuals possess. AML aids the prevention of undetected large flows of money from crossing borders or moving between the shadow economy and the real economy.
Section 314(b) of the U.S. FinCEN is a relevant AML rule. It stipulates that financial institutions are expected to share information with the Treasury Department on potential money laundering and terrorist acts (due to the USA Patriot Act, which in 2021 was amended to include cryptocurrencies).
An investment club is a collective of people who pool their money to invest together. An investment club must invest in securities, not rely on an exclusion from the definition of an investment company, and not have more than 100 members. The SEC can regulate investment clubs under the Securities Act of 1933 or the Investment Company Act of 1940. DAOs use this investment club exemption to avoid regulation by the SEC.
Securities Act of 1933
The Securities Act of 1933 or “truth in securities” law requires that investors receive significant financial information about securities being publicly sold and that no deceit, misrepresentation, or fraud is involved in the security sale.
Securities Act of 1934
The Securities Act of 1934 calls for greater financial transparency and accuracy, and less fraud and market manipulation. Companies with over $10 million in assets whose securities are held by over 500 owners are required to file periodic reports with the SEC. Companies must disclose information at crucial times, like proxy contests, so investors can make informed decisions about purchasing or selling stock.
Investment Company Act of 1940
The Investment Company Act regulates companies that invest, reinvest, and trade securities to minimize conflicts of interests. Rule 206(4)-2 (the "custody rule") of the related Investment Advisers Act helps assure investors that their accounts legitimately contain the funds they claim to contain.
The Howey Test
Created in a May 1946 Supreme Court case SEC v. W. J. Howey Co., the Howey Test determined what is considered an “investment contract” and is thus subject to U.S. Security laws.
The Howey Test effectively poses a few qualifying questions for an asset
SEC v. W. J. Howey Co. stated that land sales and a service contract counted as an investment contract, and thus violated §5 of the Securities Act, and also 15 U.S.C. § 77e. The Howey Test contains implications for initial coin offerings (ICOs), as an initial coin offering is an unregulated form of crowdfunding where funds can be raised for a new cryptocurrency venture. An SEC article suggests if somebody is considering an ICO, they should reference the Howey Test.
The Hinman Test
In 2018, William Hinman, who served as the SEC director of corporation finance, suggested that digital tokens or coins may not be considered securities if the network on which they exist is sufficiently decentralized, such as Bitcoin and Ethereum. This was later referred to as the Hinman Test and was supported by Jay Clayton, who served as the SEC Chairman, in 2019. Since securities are associated with a lot of regulations and reporting requirements, there is a preference for tokens to not be securities through this test. However, it is still unclear what would be considered "sufficiently decentralized" by SEC, as SEC hasn't released a detailed guideline.
Money Transmitter Law
Money transmitters are regulated by the Bank Secrecy Act, the Dodd-Frank Wall Street Reform and Consumer Protection Act, and other state regulations. The Financial Crimes Enforcement Network (FinCEN) administers the Bank Secrecy Act, which was passed in 1970 and requires money transmitters to be registered and follow the record-keeping, identification, and reporting requirements to fight money laundering. The Dodd-Frank Wall Street Reform and Consumer Protection Act, which was passed in 2010, authorizes the Consumer Financial Protection Bureau (CFPB) to enforce consumer protections for remittance transfers, including the requirements of disclosure and error resolution.
Insider Trading SEC Rule 10b-5
President Biden signed HR 3684 “Infrastructure Investment and Jobs Act” into law on November 15, 2021. Three pages of the 1039 page act add new reporting requirements for certain crypto transactions. “Cash reporting requirements” now apply to digital-asset transactions over $10,000. This is an amendment to 26 U.S.C. § 6050I. The Biden administration also intends to bring back the Financial Transaction Tax, which taxes the issuance and transfer of securities (this was eliminated in 1965).
This section provides an analysis of buybacks and burns to affect the “float” of shares on the market and pump up their value, and whether that is comparable to stock buybacks.
The history of coin burning predates Bitcoin. The SEC considers stock buybacks and burns an illegal and manipulative market practice. It is very similar to traditional share repurchase programs.
Cryptocurrencies can start at a low price and then artificially increase their token value through burning and lowering supply. Users will send bitcoin to a dead and unusable address, permanently getting rid of tokens being circulated. The address is inaccessible and unassignable and dubbed a “burn” or “eater” address. Burning coins reduces the supply of coins and thus makes them more scarce. With less supply (more scarcity) and equivalent demand, investors usually end up with a profit. Profit is not guaranteed. Coin burning creates a so-dubbed “supply crunch”.
Blockchain businesses use buybacks and token-burns to limit emissions and racket up prices. The volatile cryptocurrency market heavily relies on inflation. For this reason, DeFi has not secured the trust of the public and investors. Token burns are when a project pulls tokens from circulation and sends them to a burner address. The tokens are later repurchased by the community or taken out of current pools. Modern examples include Binance Coin (BNB), Bitcoin Cash (BCH), and Stellar (XLM) which have burnt tokens to reduce supply and raise prices.
Wash sales are when a security is sold at a loss and then repurchased directly before or after the initial purchase. The loss is then not tax-deductible. The time that is allotted for security purchases to be qualified as wash sales is thirty days before or after the sale. Currently, the wash sale rule does not apply to crypto transactions, however, there are growing concerns from regulatory bodies to apply this rule to the sale of digital assets.
Launched in 2016 by Ethereum protocol engineer Christoph Jentzsch, the DAO represented a revolutionary method to allocate collective funds based on the votes of stakeholders. The DAO accepted ETH for making investments and returned the DAO token along with the ability to vote on how the pool would be invested. At its core, the tokenholders were incentivized to invest in promising ventures as that would subsequently raise the price of the tokens they held.
The DAO hack took place as the DAO had successfully raised $150 million during a token sale period before the subsequent allocation. A vulnerability in the smart contract permitted a hacker to drain funds from the DAO before programmers could fix the bug. Due to the existence of 14% of all Ethereum invested in the DAO at the time, there was a widespread outcry for the Ethereum community to do something about the hack. The resulting response became the Ethereum hard fork where there now exists two separate chains, one with that history rolled back (Ethereum) and the other without change (Ethereum Classic). The DAO hack effectively called into question whether “code is law” and if the vulnerability of the smart contract had the right to be exploited.
Besides the hack itself, the DAO operated like a decentralized investment club. The governance process of the DAO, however, had centralized components that made it onto the SEC’s radar. Individual moderators did not have the power to make proposals on the network, they had to go through an individual, yet cycled, voting curator that would have to approve proposals before their implementation.
A write-up of our current expectations from the SEC and the regulation of crypto assets in the future.
A broader discussion of what these regulations imply for the crypto space going forward
When a cryptocurrency is used to purchase goods
The Internal Revenue Service (IRS) already treats cryptocurrency like a stock property. People owe taxes when they sell cryptocurrency at a profit. Similar to stocks and funds. Using cryptocurrency to purchase goods counts as a sale. Thus, a sales tax and capital gains taxes are owed if the coins have appreciated since a person originally paid for them.
There are several legislative concerns about cryptocurrency mining (including people with a stake in proof-of-stake protocols). First of all, miners are technically the ones who collect and settle down transactions on the chain, or in other words, the "accountants" of the blockchain. This leads to the concern that miners are technically providing financial services and are responsible for these transactions. Miners in the US are, strictly speaking, required to follow know-you-customer (KYC), anti-money-laundering (AML), and sanctioning, and many other countries impose similar regulations. CEO of a mining pool company Marathon Digital, Fred Thiel, expressed the complicated choice of censoring or not:
There’s a certain amount of Bitcoin politics involved here. On the one hand, you have groups in the bitcoin community who are all about maximum decentralization. They are against the whole concept of doing anything that has to do with financial regulatory compliance or government regulation. Then there are the institutional investors who like the fact that people are trying to make the blockchain more compliant because it makes it safer for you to invest.
Secondly, miners are often required to pay tax for the mining reward, depending on the country where the miners reside. This leads to an interesting discussion: where are the miners? Since miners are entities on the internet, miners can easily get an IP address of a different location by, for example, using VPN. Miners can also register themselves as residents of the Cayman Islands, where there is no taxation on digital assets. This leaves a large legal loophole, as it is very hard in practice to locate miners.
Therefore, it becomes a question of whether the current regulations on mining in the US are productive and beneficial for the US. The core of the problem is that larger entities would have to do business outside the US (for example, a crypto exchange company, Huobi, is in Seychelles, a country in Africa) or give up entirely (for example, most of the banks and technology giants, including Meta), and smaller entities, commonly the miners here, can escape from law enforcement easily through shell companies or by simply using a VPN. In the end, revenue from crypto mining is leaving the US. Some people may propose to loosen the requirements for miners, as it is technically impractical to enforce KYC, AML, and sanctioning as a miner. Others may suggest that the government should identify an actionable framework that is different from existing financial regulations, for regulating blockchain activities.
The SEC issued its DAO Report in July 2017. It cited that digital tokens that represent an investment contract are subject to federal securities laws, as was established by SEC v. W.J. Howey Co. Since DAOs appeared on the SEC’s radar in 2017, the SEC has continued to keep a watchful eye on them. Recently, in November 2021, the SEC halted a Wyoming-based DAO (American CryptoFed) from registering 2 digital tokens on the basis that the DAO filed a “materially deficient and misleading registration form” (Form 10) to register those tokens as equity securities. Wyoming was the first state to recognize DAOs as a type of LLC. This is a prominent example of a coordination problem between the state and federal governments. While states are working to incorporate policy regarding blockchain innovations, the federal government has issues maintaining regulations on those innovations.
On January 26, 2022, the SEC released a 654-page proposal with rules that could impact the “digital asset” space. The most significant changes that come with the report are that the SEC has expanded the definition of “exchange” in three ways: adding the phrase “trading interest”, and “communication protocols”, replacing “uses established, nondiscretionary methods” with “makes available established, nondiscretionary methods”.
The SEC has been closely monitoring the impact that blockchain-based investments have had on consumer bases as a means of developing effective policy against potential scams and risky investments. After the DAO hack in 2016, the SEC then considered cryptocurrencies to be investment securities, issuing warnings about investing, particularly for ICOs, that were high-risk. As the blockchain industry develops, so will the SEC’s regulatory hand. We are now seeing digital assets of all types being subject to securities laws. In August, the SEC announced an enforcement action against DeFi Money Market which could then extend to other DeFi protocols that the SEC deems were profiting from unregistered gains. Furthermore, digital collectibles and NFTs could be subject to regulation, especially with the unregistered trading of fractionalized tokens. Crypto exchanges and stablecoins may also face similar regulatory action from the SEC, further extending their regulatory influence into the space.
With the extensive legal action that the SEC is taking to allegedly protect consumers from the volatility of investing in crypto, there will likely be further barriers to entry for investment in the space. There may be requirements for investors to become accredited and for exchanges to be risk-aversive in branding. Though from the regulatory side this may be the case, the blockchain space will likely develop past the scope of SEC, which will then spur further litigation. The ethos of the blockchain industry is more or less antithetical to regulation and expounds on consumer freedom, so as regulation increases, so will decentralization and consumer privacy within the space.
Overall, further regulation on the space may have heavy implications on those who are building blockchain applications as they will need to consider the impacts of SEC regulations on their business models, which could hamper development within the space.
The SEC has been scrutinizing NFT creators and marketplaces for possible violations of securities laws. Many regulators have claimed that NFTs can be classified as securities within certain restrictions. Quite recently, attorneys from the SEC have been issuing subpoenas for investigation on token offerings that came in the form of NFT collections. The SEC has been increasing its regulatory oversight over the blockchain industry, evident by recent investigations and cases against blockchain companies. In February, the SEC levied a fine against BlockFi of $100m for crypto lending violations. Regulators have been active in investigating fractional NFTs which involves breaking down the assets into fractional units which can then be bought and sold. They are probing these assets as they can be used as a method of fundraising. If fractionalized NFTs are used to represent a fraction of ownership or revenue rights, then it may qualify as a security under the Howey Test.
It is quite inevitable that NFTs will fall under regulatory scrutiny from the SEC and that we will see a case against popular collections/marketplaces soon. Especially considering the expanding utility of NFTs beyond the art space and into digitized contracts, deeds, fractional NFTs, and investment packs, the SEC will keep a close eye on such utilities that cross into being investments. Even pro-crypto regulators in the SEC, like Hester Peirce, have noted that the expanding NFT market will fall under the SEC’s purview.
As for possible future predictions of SEC regulation, it is possible regulators will have NFTs fall under their prior token distribution regulation. Out of the entire blockchain space, NFTs seem to deviate the most from intended financial gain. Sure, some collections try to advertise their speculative value as a means of gaining collectors, however, most existing utilities do not directly fit neatly into the Howey test. The SEC will be sure to scrutinize commodities where consumers accrue the risk of losing capital, which NFTs fit very neatly into. This could very well impact the potential expanding utility that NFTs have, which would hamper development in the industry.
Blockchain at Berkeley (B@B) is Berkeley’s hub for blockchain innovation and one of the leading student-run blockchain organizations. Since 2016, Blockchain at Berkeley has been focused on educating the wider community about blockchain, facilitating innovative research and discussions, and crafting industry-leading proof-of-concepts with top blockchain and Fortune 500 companies. Blockchain at Berkeley’s Research department was founded in Spring 2022, and we are excited to cultivate discussions on blockchain research topics.
Thank you to the Regulation Research crew (Erika, Jay, Weikeng, Annamira) for bringing this article to fruition with their consistent effort and passion for the cause. Thanks Ratan for editing this piece!