Learn all about the regulatory landscape of crypto - including major enforcement authorities, international guidelines, and licenses required to operate a crypto business.
The world of crypto is fraught with rules and regulations that change by the very minute, and navigating them should be taken with extreme caution. To make matters more confusing, there are certain rules that apply only to individual assets and not their exchanges - that have been restricted or banned in various countries. Ripple (XRP) is a classic example of this, as it has been delisted from many US-based exchanges but still trades around the world.
But, fear not. Whether you're a legal expert, or if you balk at the slightest thought of legal terminology - we've compiled an easy guide to bring you up to speed on the regulatory landscape of crypto.
Who are the major regulatory players today?
The United States is the leading country that sets precedence for all future crypto regulations. For better or worse, other countries look to the US as an example for how they might restructure their cryptocurrency laws. It should come as no surprise then, that the Securities and Exchange Commission (SEC) is the most infamous regulatory body in the entire world.
According to their official website, the mission of the SEC is to "protect investors, maintain fair, orderly, and efficient markets, and facilitate capital formation." In recent years, the SEC has butted heads with some of the most dominant players in the crypto space - such as Ripple, Coinbase, Celsius, Voyager Digital, Gemini - and now Binance. At the center of the conflict lies one simple question: do the services provided qualify as investments, and are the assets used considered securities?
The Howey Test states that an investment contract exists if there is an "investment of money in a common enterprise with a reasonable expectation of profits to be derived from the efforts of others." Naturally, this vague definition has spurred hot debate over whether or not the SEC is providing clear enough grounds to have jurisdiction over cryptocurrencies.
Perhaps the far more likeable cousin of the SEC is the Commodities and Futures Trading Commission (CFTC). Unlike the SEC, the CFTC primarily has jurisdiction over commodities, derivatives, and futures trading. It has classified Bitcoin and Ethereum as commodities, rather than currencies - and plays a limited role in policing fraudulent and manipulative activities in interstate commerce. The CFTC cannot demand a spot crypto exchange to register with their regulatory body, and has "enforcement jurisdiction" rather than "registration jurisdiction" which rests with the SEC.
Both the SEC and CFTC are embroiled in a fierce battle over which body should hold greater regulatory power, but may find themselves sharing joint authority.
The Financial Crimes Enforcement Network (FinCEN) is a special bureau of the U.S. Department of the Treasury that is dedicated to combating financial crime and terrorism. It adopts an entirely different set of rules and regulations separate from international AML/CFT requirements, and is involved in the registration, reporting, recordkeeping, and regulation of all financial transactions - including those of virtual currencies.
Last but not least, the Federal Reserve Board (FRB) and the Federal Open Market Committee (FOMC) are parts of the Federal Reserve System - the most powerful central bank in the world. They are responsible for regulating the activity of all banks in the United States, and fiscal monetary policy. Since the US dollar is the dominant reserve currency, it would not be an exaggeration to say that their every move - especially regarding inflation and deflation - can make waves in the financial markets.
What international rules apply to cryptocurrency businesses?
- In addition to following country-specific guidelines, international anti-money laundering/combating the financing of terrorism (AML/CFT) rules apply to cryptocurrency businesses as well. This includes but is not limited to: reporting transaction sizes beyond a certain threshold, reporting the number of transactions for an individual in a set time period, reporting the identities of the parties involved in a transaction, documentation requirements, and setting the criteria for eligibility for certain services.
- The Know-Your-Customer (KYC) process is designed to protect investors from identity theft and fraud - as well as gather information and weed out bad players and blacklisted individuals. During KYC, both your proof of identity and proof address are "bound" to your registered crypto account and unique private key. While your POI and POA are in use, they cannot be registered again to the same type of account - nor can they be used to pass KYC again. Why is this important? Passing KYC comes with privileges, such as enhanced daily withdrawal limits. AML guidelines restrict unverified individuals from moving large sums of money until they are proven trustworthy. Therefore, we highly urge you to pass KYC as soon as possible to keep your funds liquid in the event of an emergency.
- The Travel Rule is a Financial Action Task Force (FATF) guideline that recommends all virtual asset providers (VASPs) to share information with each other about the senders and recipients of cryptocurrency transactions worth over 1000 USD/euros. This information includes the name, address, and account numbers of the individuals involved.
- While not considered an international rule, the Bank Secrecy Act (BSA) has played a major role in cryptocurrency regulation. It requires the reporting of any transactions worth over 10,000 USD, as well as suspicious activity reports (SARs). The BSA is much more stringent than the travel rule, and requires execution dates, the name of the financial institution used, and additional identifiers of the senders/recipients when made available.
What licenses are required to operate a crypto business?
A virtual asset service provider (VASP) license is the cornerstone of all cryptocurrency business operations, and allows it to operate in a specified country or jurisdiction. Businesses required to apply as VASPs include those:
- Exchanging virtual assets with fiat currencies
- Exchanging virtual assets for other virtual assets
- Transferring virtual assets
- Safekeeping of virtual assets as a custodian
However, before applying as a VASP - a business must furnish a Certificate of Authority to operate as a money service business (MSB). For more information on what qualifies as an MSB, please click here.
Once established as a VASP, the business must meet and maintain additional requirements such as minimal capital requirements, internal control systems, AML/CTF training, due diligence checks on consumers, and wallet security checks.
The Takeaway:
Despite increasing legislation, cease-and-desist letters, and investigations targeting crypto exchanges and VASPs - the future of crypto has never looked so bright. Admittedly, a quick glance at the markets might not paint such a picture - but one must remember that beyond the short-term price and value of individual assets lies a deeper ideology that is slowly being embraced into the mainstream.
Regulation should not be viewed solely as a detractor; rather it should be taken as a sign of acknowledgment by governments and policymakers that crypto is indeed powerful, and a force capable of change. But first, that force must be understood and controlled before being promoted to the masses.
Thanks for reading! Please subscribe if you haven't already - and stay tuned for our next article, which explain everything you need to know about Finblox.
This content is provided for informational purposes only, and should not be relied upon as legal, business, investment, or tax advice. You should consult your own advisers as to those matters. Charts, graphs and references to any digital assets are for informational and illustrative purposes only.