[ { "id": "sec-001", "jurisdiction": "US", "framework": "SEC", "article": "SEC v. W.J. Howey Co., 328 U.S. 293 (1946)", "category": "classification", "title": "Howey Test — Overview and Application to Digital Assets", "content": "The Howey Test, established by the U.S. Supreme Court in SEC v. W.J. Howey Co., 328 U.S. 293 (1946), is the primary analytical framework used by the SEC to determine whether a digital asset constitutes an investment contract and therefore a security under Section 2(a)(1) of the Securities Act of 1933. Under Howey, an investment contract exists when there is (1) an investment of money, (2) in a common enterprise, (3) with a reasonable expectation of profits, (4) derived from the efforts of others. The SEC has consistently applied this test to initial coin offerings, token sales, and ongoing digital asset transactions. The test is flexible and adaptable, focusing on economic realities and substance over form. The Supreme Court emphasized that the definition of a security embodies a flexible rather than static principle, one that is capable of adaptation to meet the countless and variable schemes devised by those who seek the use of the money of others on the promise of profits. Every prong must be satisfied for a digital asset to be classified as a security.", "effective_date": "1946-05-27", "tags": ["howey-test", "investment-contract", "security", "classification", "supreme-court", "four-prongs"] }, { "id": "sec-002", "jurisdiction": "US", "framework": "SEC", "article": "Howey Prong 1", "category": "classification", "title": "Howey Test — Investment of Money", "content": "The first prong of the Howey Test requires an investment of money. In the context of digital assets, the SEC and federal courts have broadly interpreted this element. An investment of money includes not only fiat currency but also other forms of consideration such as Bitcoin, Ether, or other crypto-assets exchanged for the token being offered. In SEC v. Shavers (E.D. Tex. 2013), the court held that Bitcoin qualifies as money or a form of consideration sufficient to satisfy this prong. The SEC's 2019 Framework for Investment Contract Analysis of Digital Assets confirms that this prong is typically satisfied in the context of digital asset offerings because purchasers exchange value — whether fiat currency, another digital asset, or other forms of consideration — for the digital asset. Even airdrops or bounty programs can satisfy this prong if participants provide something of value such as personal data, promotional services, or development work. The investment of money prong is rarely a contested element in digital asset cases because virtually all token distributions involve some form of value exchange.", "effective_date": "2019-04-03", "tags": ["howey-test", "investment-of-money", "prong-1", "consideration", "bitcoin-as-money"] }, { "id": "sec-003", "jurisdiction": "US", "framework": "SEC", "article": "Howey Prong 2", "category": "classification", "title": "Howey Test — Common Enterprise", "content": "The second prong of the Howey Test requires the existence of a common enterprise. Federal courts have applied varying tests for common enterprise. Horizontal commonality requires pooling of investor funds with profits shared pro rata among investors — this is the most widely accepted standard and is the test applied by the Second, Third, Sixth, and Seventh Circuits. Vertical commonality ties the investor's fortunes to those of the promoter (broad vertical commonality) or to the efforts of the promoter (narrow vertical commonality) — applied by some circuits including the Ninth Circuit. In digital asset offerings, horizontal commonality is typically established because funds raised from token purchasers are pooled in a common treasury or project fund and used to develop the platform or network. The SEC's 2019 Framework notes that a common enterprise typically exists where the fortunes of digital asset purchasers are linked to each other or to the success of the promoter's efforts, such as where the development of the network is funded by proceeds from the token sale. Most ICOs and token offerings readily satisfy this prong regardless of which commonality standard is applied.", "effective_date": "2019-04-03", "tags": ["howey-test", "common-enterprise", "prong-2", "horizontal-commonality", "vertical-commonality", "pooling"] }, { "id": "sec-004", "jurisdiction": "US", "framework": "SEC", "article": "Howey Prong 3", "category": "classification", "title": "Howey Test — Reasonable Expectation of Profits", "content": "The third prong of the Howey Test requires a reasonable expectation of profits. Profits under Howey include capital appreciation resulting from the development of the initial investment or participation in earnings resulting from the use of investors' funds. Profits do not include consumption or use of the asset. In the digital asset context, the SEC's 2019 Framework identifies several characteristics that suggest a reasonable expectation of profit: the digital asset is transferable on secondary markets or is expected to be; the digital asset is offered broadly to potential purchasers rather than targeted to expected users; the digital asset is offered at a discount to its expected future value; the issuer or promoter touts the potential for appreciation; there is little apparent correlation between the purchase price and the market value of the good or service that can be obtained in exchange for the asset; and the quantity offered exceeds what a user would reasonably need. Where a token is marketed for consumptive use — for example, to purchase goods or services on a functioning network — and purchasers acquire it primarily for that consumption, the profit expectation may not exist, weakening the securities classification argument.", "effective_date": "2019-04-03", "tags": ["howey-test", "expectation-of-profits", "prong-3", "capital-appreciation", "consumptive-use", "marketing"] }, { "id": "sec-005", "jurisdiction": "US", "framework": "SEC", "article": "Howey Prong 4", "category": "classification", "title": "Howey Test — Efforts of Others", "content": "The fourth prong of the Howey Test, as refined in SEC v. Glenn W. Turner Enterprises, Inc. (9th Cir. 1973), requires that the expected profits be derived from the entrepreneurial or managerial efforts of others. This is the most contested and analytically complex prong in digital asset cases. The SEC's 2019 Framework identifies an Active Participant (AP) — typically the promoter, sponsor, or other third party — whose efforts are essential and that create a reasonable expectation of profits. Key factors include: the AP is responsible for the development, improvement, or operation of the network; the AP retains a stake or interest in the digital asset such that it is motivated to expend efforts to increase the value of the network; the AP has raised an amount of funds in excess of what may be needed to establish a functional network; the AP continues to spend funds from proceeds or operations to enhance the functionality or value of the system; essential tasks are performed by the AP rather than by a decentralized community. Conversely, where a network is sufficiently decentralized — meaning no single entity or coordinated group provides essential managerial efforts — this prong may not be satisfied. SEC Director William Hinman's June 2018 speech suggested that Ether, despite initially being sold as a security, had become sufficiently decentralized that it no longer constituted a securities transaction.", "effective_date": "2019-04-03", "tags": ["howey-test", "efforts-of-others", "prong-4", "decentralization", "active-participant", "managerial-efforts", "hinman-speech"] }, { "id": "sec-006", "jurisdiction": "US", "framework": "SEC", "article": "SEC Strategic Hub Framework (April 2019)", "category": "classification", "title": "SEC Framework for Investment Contract Analysis of Digital Assets", "content": "In April 2019, the SEC's Strategic Hub for Innovation and Financial Technology (FinHub) published the Framework for Investment Contract Analysis of Digital Assets, providing comprehensive guidance on how the Howey Test applies to digital assets. The Framework identifies characteristics that make it more or less likely that a digital asset is offered or sold as a security. It emphasizes that the analysis is not static — a digital asset may be offered as a security at one point and later be sold in a manner that no longer constitutes a securities offering. The Framework introduces the concept of the Active Participant (AP) and provides detailed factors for evaluating each Howey prong. Key guidance includes: tokens sold before network functionality exists are more likely securities; tokens with burn mechanisms or supply constraints suggesting price appreciation indicate profit expectations; tokens where the AP controls governance, pricing, or network development suggest reliance on others' efforts. The Framework also discusses when a digital asset previously sold as a security may be re-evaluated, including when the network becomes operational, the token is used for its intended functionality, and governance has been sufficiently distributed. While not binding law, the Framework represents the SEC staff's analytical approach and has been highly influential in enforcement actions and no-action letter analyses.", "effective_date": "2019-04-03", "tags": ["framework", "FinHub", "investment-contract", "digital-assets", "staff-guidance", "active-participant", "re-evaluation"] }, { "id": "sec-007", "jurisdiction": "US", "framework": "SEC", "article": "Securities Act Section 5", "category": "licensing", "title": "Registration Requirements for Token Offerings", "content": "Section 5 of the Securities Act of 1933 (15 U.S.C. § 77e) prohibits the offer or sale of any security unless a registration statement has been filed with the SEC and is in effect, or an exemption from registration applies. For digital asset offerings determined to be securities under the Howey Test, the issuer must either register the offering through a Form S-1 or similar registration statement, which requires comprehensive disclosure of financial statements, risk factors, management information, and use of proceeds, or rely on an exemption from registration such as Regulation D, Regulation A+, Regulation S, or Regulation Crowdfunding. The registration process involves SEC staff review and comment, which typically takes several months. The consequences of failing to register a securities offering are severe: the SEC may bring enforcement actions seeking disgorgement of proceeds, civil penalties, and injunctive relief, and purchasers have a private right of action under Section 12(a)(1) to rescind their purchase. Most ICOs and token sales conducted between 2017 and 2019 did not register with the SEC, leading to a wave of enforcement actions that established critical precedent for the digital asset industry.", "effective_date": "1933-05-27", "tags": ["registration", "Section-5", "Securities-Act", "offering", "Form-S-1", "exemptions", "enforcement"] }, { "id": "sec-008", "jurisdiction": "US", "framework": "SEC", "article": "Regulation D (17 CFR 230.501-508)", "category": "licensing", "title": "Regulation D Exemptions for Token Sales", "content": "Regulation D under the Securities Act provides exemptions from registration for private placements of securities, including digital asset offerings. Rule 506(b) permits an issuer to raise an unlimited amount of capital from an unlimited number of accredited investors and up to 35 sophisticated non-accredited investors, provided there is no general solicitation or advertising. Rule 506(c) permits general solicitation and advertising but restricts sales to verified accredited investors only, requiring the issuer to take reasonable steps to verify accredited investor status. An accredited investor is defined under Rule 501(a) as a natural person with income exceeding $200,000 (or $300,000 jointly with spouse) in each of the two most recent years, or a net worth exceeding $1,000,000 excluding primary residence. Many token issuers have used Simple Agreements for Future Tokens (SAFTs), structured as Reg D offerings, to raise capital from accredited investors before network launch, with the token delivery occurring upon network functionality. Form D must be filed with the SEC within 15 days after the first sale of securities. Securities sold under Reg D are restricted securities subject to resale limitations under Rule 144, requiring a one-year holding period before public resale.", "effective_date": "2013-09-23", "tags": ["Reg-D", "private-placement", "accredited-investor", "506b", "506c", "SAFT", "restricted-securities", "Rule-144"] }, { "id": "sec-009", "jurisdiction": "US", "framework": "SEC", "article": "Regulation S (17 CFR 230.901-905)", "category": "licensing", "title": "Regulation S — Offshore Token Offerings", "content": "Regulation S provides a safe harbor from Section 5 registration requirements for securities offerings conducted outside the United States. Under Reg S, an offer or sale of securities is deemed to occur outside the United States if two conditions are met: the offer or sale is made in an offshore transaction (i.e., the buyer is outside the US at the time of the buy order, or the transaction is executed on an established foreign securities exchange), and no directed selling efforts are made in the United States. Reg S has been used by token issuers to conduct offerings to non-US persons while simultaneously conducting Reg D offerings to US accredited investors. Category 1 securities (those of foreign issuers with no substantial US market interest) have no distribution compliance period. Category 2 securities require a 40-day distribution compliance period during which the securities cannot be offered or sold to US persons. Category 3 securities, which include offerings by US issuers, require a one-year distribution compliance period with additional restrictions including that the purchaser certifies they are not a US person and agrees to resell only outside the US. Token issuers relying on Reg S must implement robust geo-blocking measures to prevent US participation and should be aware that the SEC may look through technical measures to assess whether the offering effectively targets US investors.", "effective_date": "1990-04-24", "tags": ["Reg-S", "offshore-offering", "non-US-persons", "distribution-compliance-period", "geo-blocking", "safe-harbor"] }, { "id": "sec-010", "jurisdiction": "US", "framework": "SEC", "article": "SEC v. Ripple Labs, No. 1:20-cv-10832 (S.D.N.Y.)", "category": "enforcement", "title": "SEC v. Ripple Labs — XRP Enforcement Action", "content": "In December 2020, the SEC filed suit against Ripple Labs Inc. and two of its executives alleging that Ripple raised over $1.3 billion through the sale of XRP in unregistered securities offerings. The case became the most significant legal battle in the crypto industry's history. In July 2023, Judge Analisa Torres issued a landmark ruling with mixed outcomes: institutional sales of XRP directly by Ripple to sophisticated buyers constituted unregistered securities offerings under Howey, as buyers purchased with an expectation of profit based on Ripple's efforts. However, programmatic sales of XRP on exchanges to retail buyers who did not know they were purchasing from Ripple did not satisfy the Howey Test because those buyers could not have known whether their payments went to Ripple and thus could not have had a reasonable expectation of profit based on Ripple's efforts specifically. The court also ruled that distributions to employees and developers were not securities because there was no investment of money. In August 2024, Ripple was ordered to pay a $125 million civil penalty, substantially less than the $2 billion sought by the SEC. This case established a critical precedent distinguishing between primary market institutional sales and secondary market exchange transactions of digital assets.", "effective_date": "2023-07-13", "tags": ["Ripple", "XRP", "enforcement", "institutional-sales", "programmatic-sales", "secondary-market", "landmark-ruling"] }, { "id": "sec-011", "jurisdiction": "US", "framework": "SEC", "article": "SEC v. Telegram Group Inc., No. 1:19-cv-09439 (S.D.N.Y. 2020)", "category": "enforcement", "title": "SEC v. Telegram — TON Network Injunction", "content": "In October 2019, the SEC obtained an emergency temporary restraining order against Telegram Group Inc. and its subsidiary TON Issuer Inc. to halt the distribution of Gram tokens associated with the Telegram Open Network (TON). Telegram had raised approximately $1.7 billion from 175 purchasers through two rounds of private sales structured as SAFTs under Regulation D. The SEC alleged that the planned delivery of Gram tokens to initial purchasers would constitute an unregistered public distribution of securities. In March 2020, Judge P. Kevin Castel granted a preliminary injunction, ruling that the court must consider the entirety of Telegram's scheme — from the initial private sale through the planned public distribution — as a single integrated offering. The court rejected Telegram's argument that the Gram tokens themselves were not securities, holding that the economic reality was that purchasers bought Grams with an expectation of profit based on Telegram's promised efforts to develop the TON network and create demand for Grams. Telegram ultimately agreed to return $1.2 billion to investors and pay an $18.5 million civil penalty. The case established the principle that SAFT structures cannot be used to circumvent securities laws where the end distribution effectively constitutes a public offering of securities.", "effective_date": "2020-03-24", "tags": ["Telegram", "TON", "Gram", "SAFT", "integrated-offering", "preliminary-injunction", "enforcement"] }, { "id": "sec-012", "jurisdiction": "US", "framework": "SEC", "article": "SEC v. Kik Interactive Inc., No. 1:19-cv-05244 (S.D.N.Y. 2020)", "category": "enforcement", "title": "SEC v. Kik — KIN Token Enforcement", "content": "In June 2019, the SEC filed suit against Kik Interactive Inc. alleging that Kik conducted an unregistered offering of securities through its 2017 sale of Kin tokens, raising approximately $100 million. Kik had conducted a pre-sale to accredited investors under a SAFT framework followed by a public token distribution event. In September 2020, Judge Alvin K. Hellerstein granted summary judgment in favor of the SEC, finding that the entire Kin offering — including both the private pre-sale and public sale — constituted a single integrated offering of securities under Howey. The court rejected Kik's argument that the public sale was separate from the private SAFT offering, applying an integration analysis that considered whether the two phases were part of a single plan of financing. The court found that purchasers had a reasonable expectation of profit based on Kik's efforts to build the Kin ecosystem and that Kik had actively encouraged speculation in Kin. Kik was ordered to pay a $5 million civil penalty and was enjoined from conducting unregistered offerings. The decision reinforced the principle that labeling a transaction as a utility token sale does not immunize it from securities regulation when the economic reality satisfies Howey.", "effective_date": "2020-09-30", "tags": ["Kik", "KIN", "enforcement", "integration-doctrine", "utility-token", "SAFT", "summary-judgment"] }, { "id": "sec-013", "jurisdiction": "US", "framework": "SEC", "article": "SEC v. LBRY Inc., No. 1:21-cv-00260 (D.N.H. 2022)", "category": "enforcement", "title": "SEC v. LBRY — LBC Token Ruling", "content": "In March 2021, the SEC filed suit against LBRY Inc. alleging that LBRY conducted an unregistered offering of securities through its sales of LBRY Credits (LBC), raising approximately $11 million. LBRY operated a decentralized content-sharing platform and argued that LBC was a utility token used to publish, access, and tip content on its network. In November 2022, Judge Paul Barbadoro granted summary judgment in favor of the SEC, finding that LBC was offered and sold as an investment contract under Howey. The court held that LBRY's marketing of LBC as an investment opportunity, combined with its use of proceeds to develop the LBRY network, established that purchasers reasonably expected profits derived from LBRY's efforts. Critically, the court rejected LBRY's argument that utility alone negated securities classification, holding that a token can have consumptive utility and still be offered as a security if it is marketed and sold as an investment. LBRY was ordered to pay a $111,614 penalty. The LBRY case was significant because it demonstrated that even tokens with genuine utility on a functioning network can be classified as securities based on how they are offered and sold, setting a precedent that raised concerns across the crypto industry about retroactive classification.", "effective_date": "2022-11-07", "tags": ["LBRY", "LBC", "enforcement", "utility-with-investment", "functioning-network", "marketing-as-investment"] }, { "id": "sec-014", "jurisdiction": "US", "framework": "SEC", "article": "SEC Administrative Order — Kraken Staking (Feb 2023)", "category": "enforcement", "title": "SEC v. Kraken — Staking-as-a-Service Enforcement", "content": "In February 2023, the SEC charged Payward Ventures Inc. and Payward Trading Ltd. (collectively known as Kraken) with offering and selling unregistered securities through its crypto-asset staking-as-a-service program. The SEC alleged that Kraken's staking program, which offered annual returns of up to 21% on staked crypto-assets, constituted an investment contract under Howey. Investors transferred crypto-assets to Kraken's custody, Kraken pooled those assets, staked them on behalf of investors, and paid returns determined by Kraken rather than the actual staking rewards earned on-chain. The SEC contended that investors had an expectation of profit based on Kraken's efforts to manage the staking program, pool assets, and set payout rates. Kraken agreed to immediately cease offering or selling securities through its staking-as-a-service program to US customers and to pay $30 million in disgorgement, prejudgment interest, and civil penalties. The enforcement action signaled the SEC's position that intermediated staking services where a third party pools assets, exercises discretion over staking operations, and determines payouts constitute securities offerings. This position raised significant concerns for other centralized exchanges offering similar staking programs.", "effective_date": "2023-02-09", "tags": ["Kraken", "staking", "staking-as-a-service", "enforcement", "pooled-staking", "settlement", "cease-and-desist"] }, { "id": "sec-015", "jurisdiction": "US", "framework": "SEC", "article": "Exchange Act Section 5 (15 U.S.C. § 78e)", "category": "licensing", "title": "Exchange Registration Requirements for Crypto Platforms", "content": "Section 5 of the Securities Exchange Act of 1934 (15 U.S.C. § 78e) prohibits any broker, dealer, or exchange from effecting securities transactions unless registered with the SEC or operating under an exemption. A national securities exchange is defined under Section 3(a)(1) as any organization, association, or group of persons that constitutes, maintains, or provides a marketplace for bringing together buyers and sellers of securities. The SEC has asserted that crypto trading platforms that list tokens deemed to be securities are operating as unregistered exchanges, brokers, or clearing agencies. Under Rule 3b-16 of the Exchange Act, a system meets the definition of an exchange if it uses established, non-discretionary methods under which orders interact with each other and buyers and sellers entering such orders agree to the terms of a trade. The SEC has brought enforcement actions against multiple crypto platforms including Bittrex, Coinbase, and Binance alleging operation as unregistered exchanges. Registration as a national securities exchange under Section 6 of the Exchange Act requires compliance with extensive requirements including fair access rules, governance standards, surveillance programs, and investor protection measures. Alternative Trading System (ATS) registration under Regulation ATS provides a lighter framework but still requires broker-dealer registration.", "effective_date": "1934-06-06", "tags": ["exchange-registration", "Exchange-Act", "unregistered-exchange", "Rule-3b-16", "broker-dealer", "ATS", "trading-platform"] }, { "id": "sec-016", "jurisdiction": "US", "framework": "SEC", "article": "Investment Company Act of 1940 Section 3(a)", "category": "classification", "title": "Investment Company Act Considerations for DAOs and DeFi", "content": "The Investment Company Act of 1940 (ICA) defines an investment company as any issuer that is or holds itself out as being engaged primarily in the business of investing, reinvesting, or trading in securities, or that owns or proposes to acquire investment securities having a value exceeding 40% of the issuer's total assets. DAOs (Decentralized Autonomous Organizations) that pool investor funds to invest in digital assets may meet this definition and be required to register as investment companies under the ICA. Registration imposes extensive requirements including limitations on leverage, related-party transactions, and composition of the board of directors. The SEC has indicated that DeFi protocols that pool assets and offer returns may also implicate investment company registration requirements. In March 2023, the SEC proposed amendments to Rule 3a-1 that could further expand the definition of exchange to encompass certain DeFi protocols. The 40% test under Section 3(a)(3) is particularly relevant for DAOs that hold treasuries consisting predominantly of other tokens. Exemptions under Section 3(c)(1) (limited to 100 beneficial owners) and Section 3(c)(7) (limited to qualified purchasers) may be available but require careful structuring. These considerations are critical for any project establishing a DAO treasury or governance structure that manages digital assets.", "effective_date": "1940-08-22", "tags": ["Investment-Company-Act", "DAO", "DeFi", "pooled-assets", "40-percent-test", "registration", "Section-3c1", "Section-3c7"] }, { "id": "sec-017", "jurisdiction": "US", "framework": "SEC", "article": "CFTC Jurisdiction — CEA Section 2(c)(2)(D)", "category": "classification", "title": "CFTC Jurisdiction over Crypto Commodities", "content": "The Commodity Futures Trading Commission (CFTC) asserts jurisdiction over digital assets that qualify as commodities under the Commodity Exchange Act (CEA). The CFTC has consistently maintained since 2015 that Bitcoin and other virtual currencies are commodities under Section 1a(9) of the CEA, which defines a commodity to include all goods and articles and all services, rights, and interests in which contracts for future delivery are presently or in the future dealt in. In CFTC v. McDonnell (E.D.N.Y. 2018), the court confirmed the CFTC's jurisdiction over virtual currencies as commodities. The CFTC has anti-fraud and anti-manipulation enforcement authority over commodity spot markets under CEA Section 6(c)(1) and CFTC Rule 180.1, and exclusive jurisdiction over futures, options, and swaps involving digital asset commodities. In June 2023, the CFTC stated that Ether is also a commodity. The CFTC and SEC share jurisdictional boundaries in crypto regulation, with the SEC claiming authority over digital assets that are securities and the CFTC claiming authority over digital assets that are commodities. A digital asset can transition from being a security (during initial offering) to a commodity (once sufficiently decentralized). Proposed legislation including the Financial Innovation and Technology for the 21st Century Act (FIT21) would establish clearer jurisdictional boundaries between the SEC and CFTC.", "effective_date": "2015-09-17", "tags": ["CFTC", "commodity", "Bitcoin", "Ether", "jurisdiction", "CEA", "futures", "anti-fraud", "FIT21"] }, { "id": "sec-018", "jurisdiction": "US", "framework": "SEC", "article": "FinCEN MSB Registration (31 CFR 1010.100(ff))", "category": "aml", "title": "FinCEN Money Services Business Registration for Crypto", "content": "Under the Bank Secrecy Act (BSA) and its implementing regulations, the Financial Crimes Enforcement Network (FinCEN) requires businesses engaged in money transmission to register as Money Services Businesses (MSBs). Under 31 CFR 1010.100(ff)(5), a money transmitter is defined as a person that provides money transmission services, which includes the acceptance and transmission of currency, funds, or other value that substitutes for currency. In March 2013, FinCEN issued guidance (FIN-2013-G001) clarifying that administrators and exchangers of convertible virtual currency are money transmitters and must register as MSBs, implement AML programs, and comply with BSA reporting requirements. An exchanger is a person engaged as a business in the exchange of virtual currency for real currency, funds, or other virtual currency. An administrator is a person engaged as a business in issuing and redeeming a centralized virtual currency. MSB registration must be filed with FinCEN within 180 days of establishment using Form 107. Failure to register is a federal crime under 18 U.S.C. § 1960, carrying penalties of up to five years imprisonment. MSBs must also register or obtain licenses in each state where they operate, with specific requirements varying by state.", "effective_date": "2013-03-18", "tags": ["FinCEN", "MSB", "money-transmitter", "registration", "BSA", "virtual-currency", "FIN-2013-G001"] }, { "id": "sec-019", "jurisdiction": "US", "framework": "SEC", "article": "NY DFS BitLicense (23 NYCRR Part 200)", "category": "licensing", "title": "New York BitLicense — State-Level Crypto Licensing", "content": "The New York Department of Financial Services (NY DFS) BitLicense, codified at 23 NYCRR Part 200 and effective August 8, 2015, is the most prominent state-level licensing regime for cryptocurrency businesses operating in the United States. A BitLicense is required for any person conducting Virtual Currency Business Activity involving New York or a New York resident, including receiving, storing, holding, or maintaining custody of virtual currency on behalf of others; buying and selling virtual currency as a customer business; performing conversion or exchange services; controlling, administering, or issuing a virtual currency. The application requires extensive documentation including a detailed business plan, anti-money laundering policies, cybersecurity program, financial statements audited by an independent CPA, background checks on all principals, and a non-refundable application fee of $5,000. Licensees must maintain capital in an amount as determined by the DFS superintendent, maintain a surety bond or trust account, and comply with ongoing reporting, examination, and book-and-records requirements. The BitLicense imposes consumer protection requirements including disclosure of material risks, terms and conditions, and transaction receipts. As of 2024, only approximately 30 entities have obtained a BitLicense, and the regime has been criticized as creating a high barrier to entry that favors larger, well-capitalized firms.", "effective_date": "2015-08-08", "tags": ["BitLicense", "New-York", "NYDFS", "state-licensing", "custody", "exchange", "capital-requirements", "cybersecurity"] }, { "id": "sec-020", "jurisdiction": "US", "framework": "SEC", "article": "BSA AML Program Requirements (31 CFR 1022.210)", "category": "aml", "title": "BSA Anti-Money Laundering Program Requirements", "content": "Under the Bank Secrecy Act and FinCEN regulations at 31 CFR 1022.210, Money Services Businesses including crypto exchanges and money transmitters must develop, implement, and maintain an effective AML program. The AML program must be written, approved by senior management, and commensurate with the risks posed by the location and size of the business, the nature and volume of transactions, and the types of products and services offered. The program must include at minimum: (1) the designation of a compliance officer responsible for ensuring day-to-day compliance with the BSA and FinCEN regulations; (2) the development of internal policies, procedures, and controls designed to ensure ongoing compliance with the BSA; (3) training for appropriate personnel, including training in the detection of suspicious transactions; (4) an independent review function to monitor and maintain an adequate program, which must be conducted by qualified internal or external auditors. For crypto businesses, the AML program must address the specific money laundering and terrorist financing risks associated with virtual currency transactions, including the pseudonymous nature of blockchain transactions, the speed and cross-border nature of transfers, and the use of mixing services, privacy coins, and other obfuscation techniques.", "effective_date": "2002-07-01", "tags": ["AML-program", "BSA", "compliance-officer", "training", "independent-review", "risk-based", "FinCEN"] }, { "id": "sec-021", "jurisdiction": "US", "framework": "SEC", "article": "BSA CDD/KYC Requirements (31 CFR 1010.230)", "category": "aml", "title": "Customer Due Diligence and KYC for Crypto Businesses", "content": "The Customer Due Diligence (CDD) Final Rule, effective May 11, 2018, requires covered financial institutions including MSBs to establish and maintain written procedures to identify and verify the identity of customers (Customer Identification Program — CIP), identify the beneficial owners of legal entity customers, understand the nature and purpose of customer relationships to develop customer risk profiles, and conduct ongoing monitoring to identify and report suspicious transactions. For crypto businesses, CIP requirements under 31 CFR 1010.220 mandate collection and verification of customer identity information including name, date of birth (for individuals), address, and an identification number such as Social Security Number for US persons or passport number for non-US persons. Identity must be verified through documentary methods (government-issued ID) or non-documentary methods (database checks, credit bureau inquiries) or a combination. The beneficial ownership requirement (31 CFR 1010.230) requires identification and verification of any individual who owns 25% or more of a legal entity customer or who exercises significant management control. Enhanced due diligence (EDD) must be applied to higher-risk customers, including politically exposed persons, customers in high-risk jurisdictions, and customers with unusual transaction patterns. Crypto businesses must maintain CDD records for five years after the account is closed.", "effective_date": "2018-05-11", "tags": ["CDD", "KYC", "CIP", "beneficial-ownership", "identity-verification", "enhanced-due-diligence", "record-keeping"] }, { "id": "sec-022", "jurisdiction": "US", "framework": "SEC", "article": "FinCEN Travel Rule (31 CFR 1010.410(f))", "category": "aml", "title": "FinCEN Travel Rule for Crypto Transfers", "content": "The FinCEN Travel Rule, codified at 31 CFR 1010.410(f), requires financial institutions including MSBs to collect, retain, and transmit certain information relating to funds transfers of $3,000 or more. For transmittals of funds, the transmitter's financial institution must obtain and retain the name and address of the transmitter, the amount of the transmittal, the execution date, the identity of the recipient's financial institution, and as many of the following items as are received: the name and address of the recipient, the account number of the recipient, and any other specific identifier of the recipient. This information must be transmitted to the next financial institution in the payment chain. In October 2020, FinCEN proposed a rule that would lower the threshold for the Travel Rule from $3,000 to $250 for transactions involving convertible virtual currency or digital assets with legal tender status, and would also require reporting of transactions exceeding $250 involving unhosted (self-custodial) wallets. As of 2024, this proposed rule has not been finalized. The Travel Rule presents unique compliance challenges for crypto businesses because blockchain transactions are pseudonymous and may involve unhosted wallets where there is no intermediary to receive transmitted information. Industry solutions such as the Travel Rule Information Sharing Architecture (TRISA) and Travel Rule Universal Solution Technology (TRUST) have been developed to facilitate compliance.", "effective_date": "1996-01-01", "tags": ["travel-rule", "FinCEN", "funds-transfer", "3000-threshold", "unhosted-wallets", "TRISA", "TRUST", "information-sharing"] }, { "id": "sec-023", "jurisdiction": "US", "framework": "SEC", "article": "BSA SAR Filing (31 CFR 1022.320)", "category": "aml", "title": "Suspicious Activity Report Filing Obligations", "content": "Under 31 CFR 1022.320, Money Services Businesses including crypto exchanges and money transmitters are required to file Suspicious Activity Reports (SARs) with FinCEN for any transaction or pattern of transactions that the MSB knows, suspects, or has reason to suspect involves funds derived from illegal activity, is designed to evade BSA reporting requirements, has no business or apparent lawful purpose, or involves the use of the MSB to facilitate criminal activity. SARs must be filed for suspicious transactions of $2,000 or more (the threshold for MSBs, compared to $5,000 for banks). SARs must be filed within 30 calendar days of the initial detection of the suspicious activity. The SAR must be filed electronically through FinCEN's BSA E-Filing system using FinCEN Form 111 (SAR). MSBs must retain a copy of the SAR and supporting documentation for five years from the date of filing. SAR filing is confidential — the MSB may not notify any person involved in the transaction that a SAR has been filed, and SARs are exempt from disclosure under the Freedom of Information Act. For crypto businesses, suspicious activity indicators include structuring transactions to avoid reporting thresholds, transactions involving known ransomware addresses, use of mixing or tumbling services, rapid movement of funds through multiple wallets, and transactions with addresses flagged on OFAC sanctions lists.", "effective_date": "2002-07-01", "tags": ["SAR", "suspicious-activity", "FinCEN", "BSA", "2000-threshold", "confidentiality", "filing-obligations", "red-flags"] }, { "id": "sec-024", "jurisdiction": "US", "framework": "SEC", "article": "BSA CTR Filing (31 CFR 1010.311)", "category": "aml", "title": "Currency Transaction Report Filing for Crypto", "content": "Under 31 CFR 1010.311, financial institutions including MSBs must file Currency Transaction Reports (CTRs) with FinCEN for each transaction in currency (cash) of more than $10,000 conducted by or on behalf of a person. Multiple currency transactions must be aggregated if they are by or on behalf of the same person and result in either cash in or cash out totaling more than $10,000 during any one business day. CTRs must be filed within 15 calendar days of the transaction using FinCEN Form 112 (CTR) through the BSA E-Filing system. For crypto businesses, CTR filing obligations arise primarily in connection with cash-based transactions such as Bitcoin ATM operations or over-the-counter crypto purchases made with physical cash. FinCEN has clarified that transactions in convertible virtual currency that do not involve currency (cash) — such as crypto-to-crypto transfers or wire transfers to purchase crypto — do not trigger CTR filing requirements. However, structuring transactions to avoid the $10,000 CTR filing threshold is a federal crime under 31 U.S.C. § 5324, regardless of whether the underlying funds are lawful. Bitcoin ATM operators must be particularly vigilant about CTR compliance given the cash-intensive nature of their operations.", "effective_date": "2002-07-01", "tags": ["CTR", "currency-transaction-report", "10000-threshold", "cash", "structuring", "Bitcoin-ATM", "aggregation"] }, { "id": "sec-025", "jurisdiction": "US", "framework": "SEC", "article": "OFAC Compliance — Executive Order 13694", "category": "aml", "title": "OFAC Sanctions Compliance for Crypto Businesses", "content": "The Office of Foreign Assets Control (OFAC) within the U.S. Department of the Treasury administers and enforces economic and trade sanctions against targeted foreign countries, terrorists, international narcotics traffickers, and other threats to US national security. All US persons, including crypto businesses, are required to comply with OFAC sanctions regulations regardless of whether they are regulated as financial institutions. OFAC maintains the Specially Designated Nationals and Blocked Persons List (SDN List), which includes individuals, entities, and in some cases specific cryptocurrency wallet addresses associated with sanctioned parties. In November 2018, OFAC added Bitcoin addresses to the SDN List for the first time, designating two Iranian nationals and their associated Bitcoin addresses. In August 2022, OFAC designated Tornado Cash, an Ethereum mixing protocol, as a sanctioned entity, marking the first time OFAC sanctioned a smart contract protocol. Crypto businesses must screen all transactions and counterparties against the SDN List and other OFAC sanctions lists, block transactions involving sanctioned parties or jurisdictions, file blocking reports with OFAC within 10 business days of blocking a transaction, and maintain records for at least five years. OFAC operates on a strict liability basis — a violation occurs regardless of whether the person had knowledge that the transaction involved a sanctioned party.", "effective_date": "2018-11-28", "tags": ["OFAC", "sanctions", "SDN-list", "Tornado-Cash", "strict-liability", "blocking", "wallet-screening", "compliance"] }, { "id": "sec-026", "jurisdiction": "US", "framework": "SEC", "article": "IRS Notice 2014-21, Rev. Rul. 2019-24", "category": "disclosure", "title": "IRS Crypto Tax Reporting — Classification and Obligations", "content": "The Internal Revenue Service (IRS) treats virtual currency as property for federal tax purposes pursuant to IRS Notice 2014-21. This means that general tax principles applicable to property transactions apply to transactions using virtual currency, including capital gains and losses reporting. Taxpayers must recognize gain or loss on the sale or exchange of virtual currency, calculated as the difference between the fair market value at the time of the transaction and the taxpayer's adjusted basis in the virtual currency. Revenue Ruling 2019-24 clarified that taxpayers receiving crypto from a hard fork followed by an airdrop have ordinary income equal to the fair market value of the new crypto when received, provided the taxpayer has dominion and control over it. Crypto received as payment for goods or services constitutes ordinary income at fair market value on the date of receipt. Mining and staking rewards are ordinary income when received. Capital gains from crypto held more than one year qualify for long-term capital gains rates. Taxpayers report crypto capital gains and losses on Form 8949 (Sales and Other Dispositions of Capital Assets) and Schedule D (Capital Gains and Losses). Beginning with tax year 2025, crypto brokers including exchanges are required to report transactions on Form 1099-DA under regulations finalized in June 2024 implementing the Infrastructure Investment and Jobs Act reporting provisions.", "effective_date": "2014-03-25", "tags": ["IRS", "tax", "property-treatment", "capital-gains", "Form-8949", "Schedule-D", "1099-DA", "mining-income", "staking-income"] }, { "id": "sec-027", "jurisdiction": "US", "framework": "SEC", "article": "IRS Form 1099-DA (26 CFR 1.6045)", "category": "disclosure", "title": "Broker Reporting Requirements — Form 1099-DA", "content": "The Infrastructure Investment and Jobs Act of 2021 expanded the definition of broker under Section 6045 of the Internal Revenue Code to include any person who, for consideration, is responsible for regularly providing any service effectuating transfers of digital assets on behalf of another person. The Treasury Department and IRS finalized regulations in June 2024 implementing these provisions, requiring crypto brokers to file information returns (Form 1099-DA) reporting gross proceeds from digital asset transactions beginning with tax year 2025 for centralized exchanges and 2026 for decentralized exchanges and other brokers. Brokers must report the customer's name, address, and taxpayer identification number, the type and amount of digital asset sold, the date and time of the transaction, gross proceeds, and, where available, the customer's basis in the digital asset. The regulations require brokers to implement customer identification and reporting systems comparable to those used by traditional securities brokers. Cost basis reporting is required beginning in 2026, with brokers required to track and report adjusted basis using specific identification or first-in-first-out (FIFO) methods. DeFi platforms and unhosted wallet providers face ongoing uncertainty regarding whether and how these reporting requirements apply to their operations.", "effective_date": "2025-01-01", "tags": ["1099-DA", "broker-reporting", "IRS", "gross-proceeds", "cost-basis", "FIFO", "Infrastructure-Act", "digital-assets"] }, { "id": "sec-028", "jurisdiction": "US", "framework": "SEC", "article": "SEC Regulation A+ (17 CFR 230.251-263)", "category": "licensing", "title": "Regulation A+ for Token Offerings", "content": "Regulation A+ under the Securities Act provides an exemption from full registration for smaller public offerings, potentially applicable to digital asset offerings. Regulation A+ has two tiers: Tier 1 permits offerings of up to $20 million in a 12-month period with no ongoing reporting obligations but requires state-level Blue Sky compliance, while Tier 2 permits offerings of up to $75 million in a 12-month period with ongoing SEC reporting obligations but preemption of state securities registration requirements. Non-accredited investors may participate in Reg A+ offerings, making it potentially attractive for broad-based token distributions. However, Tier 2 imposes investment limits on non-accredited investors of no more than 10% of the greater of their annual income or net worth. The SEC has qualified several crypto token offerings under Regulation A+, including Blockstack's STX token offering in 2019, which was the first SEC-qualified token offering. Reg A+ requires filing of an offering statement on Form 1-A with the SEC, which must be reviewed and qualified by the SEC before sales can commence. The offering circular must include audited financial statements for the two most recent fiscal years, a description of the business and the securities offered, risk factors, use of proceeds, and management information.", "effective_date": "2015-06-19", "tags": ["Reg-A+", "mini-IPO", "Tier-1", "Tier-2", "non-accredited-investors", "Blockstack", "Form-1-A", "qualified-offering"] }, { "id": "sec-029", "jurisdiction": "US", "framework": "SEC", "article": "Regulation Crowdfunding (17 CFR 227)", "category": "licensing", "title": "Regulation Crowdfunding for Token Sales", "content": "Regulation Crowdfunding (Reg CF) under Title III of the JOBS Act permits issuers to raise up to $5 million in a 12-month period through online crowdfunding platforms registered with the SEC as funding portals or through registered broker-dealers. Reg CF is potentially applicable to digital asset offerings and has been used for token sales. Individual investment limits apply based on annual income and net worth: investors with annual income or net worth below $124,000 may invest the greater of $2,500 or 5% of the lesser of their annual income or net worth; investors with both annual income and net worth of $124,000 or more may invest up to 10% of the lesser of their annual income or net worth, not to exceed $124,000 in a 12-month period. Issuers must file Form C with the SEC and make it available to investors, including financial statements (reviewed by an independent accountant for offerings over $618,000, audited for offerings over $1,236,000), a description of the business, the use of proceeds, the offering price or method for determining the price, the target offering amount and deadline, and a description of the ownership and capital structure. Securities issued under Reg CF are restricted for one year. The issuer must file annual reports on Form C-AR with the SEC.", "effective_date": "2016-05-16", "tags": ["Reg-CF", "crowdfunding", "JOBS-Act", "funding-portal", "investment-limits", "Form-C", "small-offerings"] }, { "id": "sec-030", "jurisdiction": "US", "framework": "SEC", "article": "SEC Staff Accounting Bulletin No. 121 (SAB 121)", "category": "disclosure", "title": "Accounting Treatment for Crypto Custody Obligations", "content": "In March 2022, the SEC staff issued Staff Accounting Bulletin No. 121 (SAB 121), which requires entities that have obligations to safeguard crypto-assets held for their platform users to present a liability on their balance sheet to reflect those obligations, measured at fair value of the crypto-assets. Correspondingly, the entity must recognize a corresponding asset. This requirement represented a significant departure from traditional custodial accounting practices, where custodied assets are typically held off-balance-sheet. SAB 121 was particularly impactful for banks and financial institutions considering offering crypto custody services, as the on-balance-sheet treatment increased capital requirements and made crypto custody economically challenging under existing bank capital frameworks. Congress passed a bipartisan resolution under the Congressional Review Act to overturn SAB 121, but President Biden vetoed it in May 2024. However, in January 2025, the SEC staff rescinded SAB 121 through the issuance of SAB 122, which removed the requirement for entities to record crypto custody liabilities on their balance sheets, returning to traditional accounting treatment. This change was expected to encourage greater institutional participation in crypto custody services.", "effective_date": "2025-01-23", "tags": ["SAB-121", "SAB-122", "custody-accounting", "on-balance-sheet", "fair-value", "bank-custody", "rescinded"] }, { "id": "sec-031", "jurisdiction": "US", "framework": "SEC", "article": "Broker-Dealer Customer Protection Rule (15c3-3)", "category": "licensing", "title": "Broker-Dealer Custody Requirements for Digital Assets", "content": "SEC Rule 15c3-3 (Customer Protection Rule) requires broker-dealers to maintain physical possession or control of all fully paid and excess margin securities carried for the account of customers. The application of this rule to digital asset securities has presented significant challenges because the concept of physical possession or control is difficult to translate to blockchain-based assets. In December 2020, the SEC issued a statement and request for comment on the custody of digital asset securities by special purpose broker-dealers (SPBDs), providing a temporary, time-limited framework under which SEC staff would not recommend enforcement action against broker-dealers that limit their business to digital asset securities, provided they meet certain conditions. These conditions include maintaining and enforcing written policies and procedures to assess and manage risks associated with custody of digital asset securities, holding only digital asset securities that have been offered and sold as part of a registered offering or pursuant to an exemption, establishing processes to address blockchain-specific risks including protocol changes, forks, airdrops, and private key management, and providing customers with clear disclosures of the risks associated with digital asset securities including the risk of loss. The framework has been extended multiple times and remains an area of active regulatory development.", "effective_date": "2021-04-27", "tags": ["broker-dealer", "custody", "Rule-15c3-3", "SPBD", "special-purpose", "digital-asset-securities", "possession-control"] }, { "id": "sec-032", "jurisdiction": "US", "framework": "SEC", "article": "Securities Act Section 4(a)(7)", "category": "licensing", "title": "Secondary Market Resale Exemptions for Tokens", "content": "Section 4(a)(7) of the Securities Act, added by the FAST Act of 2015, provides a registration exemption for resale of restricted securities by non-issuers to accredited investors, provided certain conditions are met. This exemption is relevant to the secondary trading of tokens initially sold under Regulation D. The conditions include: the securities are sold only to accredited investors; neither the seller nor any person acting on the seller's behalf engages in general solicitation or advertising; in the case of an issuer that is not a reporting company, the seller provides the buyer with certain financial and other information about the issuer; and the securities are of a class that has been outstanding for at least 90 days. Rule 144 provides another resale framework, permitting public resale of restricted securities after a holding period of six months (for SEC reporting issuers) or one year (for non-reporting issuers), provided certain conditions are met including current public information, volume limitations, manner of sale requirements, and filing of Form 144. For non-affiliates of the issuer, restricted securities may be freely resold after a one-year holding period with no conditions. These secondary market exemptions are critical for providing liquidity to token holders who acquired tokens in private placements.", "effective_date": "2015-12-04", "tags": ["Section-4a7", "Rule-144", "resale", "restricted-securities", "accredited-investors", "holding-period", "secondary-market"] }, { "id": "sec-033", "jurisdiction": "US", "framework": "SEC", "article": "FinCEN Guidance FIN-2019-G001", "category": "aml", "title": "FinCEN 2019 Guidance on Convertible Virtual Currency", "content": "In May 2019, FinCEN issued comprehensive guidance (FIN-2019-G001) titled Application of FinCEN's Regulations to Certain Business Models Involving Convertible Virtual Currencies. The guidance clarified FinCEN's regulatory framework for various participants in the virtual currency ecosystem. Key determinations include: persons creating and selling convertible virtual currency are money transmitters if they accept and transmit value; peer-to-peer exchangers who buy and sell convertible virtual currency as a business are money transmitters; ICO issuers selling tokens that serve as a medium of exchange or substitute for currency are money transmitters; DApp developers are not money transmitters if the DApp merely facilitates peer-to-peer transactions without the developer accepting and transmitting value; anonymizing service providers (mixers, tumblers) are money transmitters because they accept value from a customer and make it available to others; payment processors accepting virtual currency on behalf of merchants and converting to fiat are money transmitters. The guidance also addressed CVC wallets, distinguishing between hosted wallets (where the provider is a money transmitter) and unhosted wallets (where the software provider is not a money transmitter if it merely provides the software without accepting and transmitting value). This guidance has served as the foundational document for FinCEN's approach to crypto regulation.", "effective_date": "2019-05-09", "tags": ["FinCEN", "guidance", "CVC", "money-transmitter", "ICO", "DApp", "mixer", "hosted-wallet", "unhosted-wallet"] }, { "id": "sec-034", "jurisdiction": "US", "framework": "SEC", "article": "SEC No-Action Letters — TurnKey Jet (April 2019)", "category": "classification", "title": "SEC No-Action Letters for Utility Tokens", "content": "The SEC has issued a limited number of no-action letters providing guidance on when digital assets may not be considered securities. In April 2019, the SEC's Division of Corporation Finance issued a no-action letter to TurnKey Jet Inc., stating it would not recommend enforcement action if TurnKey sold tokens without registration based on specific characteristics of the token. The TurnKey token had the following features: it could only be used to purchase charter jet services from TurnKey; it was transferable only on TurnKey's platform; it was sold at a price fixed at $1.00 and could only be redeemed at $1.00 (no appreciation); TurnKey would not facilitate secondary market trading; the token was immediately functional; and TurnKey would not use proceeds to develop its platform. In July 2019, the SEC issued a similar no-action letter to Pocketful of Quarters Inc. for a gaming token. These no-action letters provide a narrow template for tokens that may avoid securities classification: fixed price with no appreciation potential, immediate functionality, restricted transferability, and no use of proceeds for platform development. However, the extremely limited scope of these no-action letters — essentially requiring tokens with no investment characteristics whatsoever — has been criticized as impractical for most blockchain projects.", "effective_date": "2019-04-03", "tags": ["no-action-letter", "TurnKey-Jet", "utility-token", "non-security", "fixed-price", "immediate-functionality"] }, { "id": "sec-035", "jurisdiction": "US", "framework": "SEC", "article": "Securities Act Section 17(a), Exchange Act Section 10(b), Rule 10b-5", "category": "enforcement", "title": "Anti-Fraud Provisions Applied to Crypto", "content": "The SEC enforces anti-fraud provisions against crypto market participants under multiple statutory authorities. Section 17(a) of the Securities Act of 1933 prohibits fraud in the offer or sale of securities, encompassing schemes to defraud, material misstatements or omissions, and practices that operate as a fraud. Section 10(b) of the Securities Exchange Act of 1934 and Rule 10b-5 thereunder prohibit manipulative and deceptive devices in connection with the purchase or sale of securities, including making untrue statements of material fact, omitting material facts necessary to make statements not misleading, and engaging in any act, practice, or course of business that operates as a fraud. Importantly, Section 17(a) does not require scienter (fraudulent intent) for all subsections — Section 17(a)(2) and (3) require only negligence — while Rule 10b-5 requires scienter in all cases. The SEC has brought numerous crypto enforcement actions under these provisions, including cases involving fake ICOs, pump-and-dump schemes, Ponzi schemes using crypto-assets, and material misrepresentations in white papers. The SEC's anti-fraud authority extends to digital assets regardless of whether they are classified as securities — the CFTC exercises parallel anti-fraud jurisdiction over commodities under CEA Section 6(c)(1). The FTC also has authority under Section 5 of the FTC Act to pursue deceptive practices involving crypto-assets.", "effective_date": "1934-06-06", "tags": ["anti-fraud", "Section-17a", "Rule-10b-5", "Section-10b", "scienter", "material-misrepresentation", "enforcement"] }, { "id": "sec-036", "jurisdiction": "US", "framework": "SEC", "article": "FATF Recommendation 15 — Virtual Asset Service Providers", "category": "aml", "title": "FATF Standards for Virtual Asset Service Providers", "content": "The Financial Action Task Force (FATF) updated Recommendation 15 in June 2019 to require countries to apply AML/CFT requirements to virtual asset service providers (VASPs). Under the FATF framework, a VASP is any natural or legal person that conducts as a business one or more of the following activities: exchange between virtual assets and fiat currencies, exchange between one or more forms of virtual assets, transfer of virtual assets, safekeeping or administration of virtual assets, and participation in and provision of financial services related to an issuer's offer or sale of a virtual asset. FATF requires countries to license or register VASPs, subject them to AML/CFT supervision, and ensure they comply with Recommendations 10 through 21 including customer due diligence, record-keeping, and suspicious transaction reporting. Critically, FATF Recommendation 16 (the Travel Rule) requires VASPs to obtain, hold, and transmit originator and beneficiary information with virtual asset transfers of $1,000 or more (lower than the US FinCEN threshold of $3,000). The FATF published updated guidance in October 2021 addressing DeFi, stablecoins, peer-to-peer transactions, and the travel rule implementation. While FATF standards are not directly binding on US entities, the US implements them through FinCEN regulations, and FATF mutual evaluations assess US compliance with these standards.", "effective_date": "2019-06-21", "tags": ["FATF", "VASP", "Recommendation-15", "travel-rule", "1000-threshold", "international-standards", "DeFi"] }, { "id": "sec-037", "jurisdiction": "US", "framework": "SEC", "article": "Investment Advisers Act Section 202(a)(11)", "category": "licensing", "title": "Investment Adviser Registration for Crypto Fund Managers", "content": "Under Section 202(a)(11) of the Investment Advisers Act of 1940, an investment adviser is any person who, for compensation, engages in the business of advising others as to the value of securities or as to the advisability of investing in, purchasing, or selling securities. Fund managers and advisors managing crypto portfolios that include digital asset securities must register with the SEC as investment advisers (if managing over $100 million in regulatory assets under management) or with their state securities regulators (if managing under $100 million). Registered investment advisers (RIAs) are subject to fiduciary duties requiring them to act in clients' best interests, comprehensive disclosure requirements through Form ADV, custody rule obligations under Rule 206(4)-2 requiring qualified custodians, annual surprise examinations, and compliance program requirements under Rule 206(4)-7. The SEC has brought enforcement actions against crypto fund managers for failing to register as investment advisers, for custody violations, and for misleading investors about fund performance and risks. In February 2023, the SEC proposed enhanced custody requirements under a new safeguarding rule that would expand the custody rule to cover all assets including crypto-assets and would require RIAs to maintain client assets with qualified custodians that meet specific requirements for digital asset safeguarding.", "effective_date": "1940-08-22", "tags": ["investment-adviser", "RIA", "fiduciary-duty", "custody-rule", "Form-ADV", "crypto-fund", "qualified-custodian"] }, { "id": "sec-038", "jurisdiction": "US", "framework": "SEC", "article": "Regulation SHO — Short Selling", "category": "enforcement", "title": "Market Integrity Rules and Crypto Securities Trading", "content": "SEC regulations governing market integrity in securities trading potentially apply to digital asset securities traded on registered platforms. Regulation SHO governs short selling of securities, requiring locate and close-out obligations. Regulation NMS (National Market System) establishes rules for order routing, execution, and display designed to promote fair and efficient markets. Regulation ATS (Alternative Trading System) provides a framework for trading platforms that match buyers and sellers but do not wish to register as national securities exchanges. For crypto securities, these regulations present implementation challenges because blockchain-based assets have different settlement, delivery, and transfer characteristics than traditional securities. The SEC has noted that platforms trading digital asset securities must comply with these regulations or demonstrate why their specific technology warrants different treatment. The T+1 settlement standard (effective May 2024 for traditional securities) creates challenges for crypto assets that may settle on different timelines depending on blockchain confirmation times. Additionally, the prohibition on naked short selling under Rule 204 of Regulation SHO raises questions about how to verify locate requirements for digital asset securities, where the concept of borrowing and delivery differs from traditional securities lending markets.", "effective_date": "2005-01-03", "tags": ["Reg-SHO", "Reg-NMS", "Reg-ATS", "short-selling", "market-integrity", "settlement", "T+1"] }, { "id": "sec-039", "jurisdiction": "US", "framework": "SEC", "article": "18 U.S.C. § 1960", "category": "enforcement", "title": "Criminal Penalties for Unlicensed Money Transmission", "content": "18 U.S.C. § 1960 makes it a federal crime to operate an unlicensed money transmitting business, carrying penalties of up to five years imprisonment and forfeiture of all funds involved. The statute covers three categories of unlicensed money transmission: operating without a license required by state law, failing to register as an MSB with FinCEN as required under 31 U.S.C. § 5330, and transmitting funds known to have been derived from a criminal offense or intended to be used to promote or support unlawful activity. Federal prosecutors have used § 1960 extensively against crypto businesses. In United States v. Faiella (S.D.N.Y. 2014), the court held that Bitcoin qualifies as funds under § 1960. Notable criminal prosecutions include the operators of BTC-e (Alexander Vinnik), LocalBitcoins traders operating without state licenses, and peer-to-peer Bitcoin exchangers operating at scale without MSB registration. The Department of Justice has also used § 1960 in conjunction with money laundering charges under 18 U.S.C. § 1956 to prosecute operators of darknet marketplace exchanges and mixing services. The criminal nature of § 1960 violations — as opposed to the civil enforcement by FinCEN — makes compliance with federal and state money transmission requirements particularly critical for any business facilitating the exchange or transfer of crypto-assets.", "effective_date": "1992-10-28", "tags": ["criminal-penalties", "unlicensed-money-transmission", "1960", "DOJ", "imprisonment", "forfeiture", "BTC-e"] }, { "id": "sec-040", "jurisdiction": "US", "framework": "SEC", "article": "SEC v. Coinbase, No. 1:23-cv-04738 (S.D.N.Y. 2023)", "category": "enforcement", "title": "SEC v. Coinbase — Exchange and Staking Enforcement", "content": "In June 2023, the SEC filed a comprehensive enforcement action against Coinbase Inc. and Coinbase Global Inc. alleging that Coinbase operated as an unregistered national securities exchange, broker, and clearing agency in violation of the Securities Exchange Act. The SEC alleged that Coinbase facilitated trading in at least 13 crypto-asset securities including SOL (Solana), ADA (Cardano), MATIC (Polygon), FIL (Filecoin), SAND (The Sandbox), AXS (Axie Infinity), CHZ (Chiliz), FLOW (Flow), ICP (Internet Computer), NEAR (NEAR Protocol), VGX (Voyager Token), DASH (Dash), and NEXO (Nexo). The SEC also alleged that Coinbase's staking-as-a-service program constituted the offer and sale of unregistered securities. In March 2024, Judge Katherine Polk Failla denied Coinbase's motion to dismiss on the exchange, broker, and clearing agency claims, finding that the SEC plausibly alleged that the tokens traded on Coinbase constituted investment contracts. The court applied the Howey Test to the ecosystem contracts surrounding the tokens, not the tokens themselves, distinguishing between primary market investment contracts and secondary market trading. The case remains ongoing and represents the SEC's most ambitious attempt to establish that major crypto exchanges are operating in violation of federal securities law.", "effective_date": "2023-06-06", "tags": ["Coinbase", "enforcement", "unregistered-exchange", "broker", "clearing-agency", "staking", "13-tokens", "motion-to-dismiss"] } ]