On February 4, 2015, the New York State Department of Financial Services (NYDFS) released revisions to their proposed BitLicense regulation of virtual currencies. Though it will not be finalized until the end of an additional 30-day comment period at the earliest, this proposal is unlikely to undergo any more significant changes.
This series of articles will attempt to break down in full the details of the BitLicense, beginning with its purpose and scope. In future articles, I will discuss additional highlights of the BitLicense proposal, such as the application process and costs, information and record keeping obligations, and cybersecurity requirements.
What is the purpose of the BitLicense regulation?
As the virtual currency industry grows, it was inevitable that regulators would soon take notice. State and federal agencies are tasked with clear directives to enforce certain standards in the markets, and virtual currency activities were mirroring those in the already regulated money transmission space.
Existing money transmission regulations were written well before the internet existed, however, and modern updates are necessary. The NYDFS is the first to attempt to specifically regulate virtual currency businesses in order to “safeguard customer assets, protect consumers from fraud and abuse, root out money laundering and other illicit activity, and put up strong defenses against would-be hackers by emphasizing the need for robust cyber security.”
There has been a number of high profile instances of consumer fraud and theft in the virtual currency industry since its inception, most notably the Mt. Gox crash that saw the equivalent of $480 million of consumer funds disappear overnight. Safety and soundness requirements can help to build consumer confidence in the technology, leading to wider acceptance and adoption.
In addition, virtual currencies have been used for illicit activities such as drug dealing and money laundering. Of course, so has cash, but third parties that transmit dollars are already regulated, and virtual currency businesses should expect similar treatment. Allowing a thriving criminal community to exploit the technology could expose legitimate virtual currency businesses to harsh penalties.
Provided it does not unduly stifle innovation, regulation such as the BitLicense will serve to reduce regulatory risk and attract greater investment to the industry.
Who is required to obtain a BitLicense?
Any person or entity dealing in virtual currencies is potentially required to obtain a BitLicense to do business in New York, though there are a number of carve-outs from the general rule. Section 200.3(a) states that without a license obtained from the superintendent, no person shall engage in any “Virtual Currency Business Activity.” The key to the regulation’s scope lies in the definition of this term, found in Section 200.2(q), which contains five parts.
The first two parts of the definition of include “transmitting…, storing, holding, or maintaining custody or control of Virtual Currency on behalf of others[.]” This scope highlights what the BitLicense is attempting to accomplish – protecting consumers who willfully give up control of their virtual currency assets to a third party and preventing the use of third parties to carry out criminal or money laundering activities.
The second two parts of the definition include “buying and selling Virtual Currency… [or] performing Exchange Services” as a customer business. The definition of “Exchange Services,” found in Section 200.2(d), notably captures conversion between different virtual currencies in addition to conversion between fiat and virtual currencies.
It is important to observe that essentially all of the businesses covered by the definition discussed so far are already required to obtain a money transmitter license, which would impose many of the same or similar compliance requirements as the BitLicense. Very few new businesses will be captured by this regulation.
The final part of the definition covers any entity “controlling, administering, or issuing a Virtual Currency.” The definition of “Virtual Currency,” found in Section 200.2(p), is broadly written to also cover centralized virtual currencies, of which this language is sure to apply. However, the language remains unclear in the context of decentralized virtual currencies such as bitcoin. Though unlikely, it is possible for virtual currency miners to be deemed “administering” the currency and the launch of a new virtual currency or bitcoin sidechain to be deemed “issuing” the currency.
Who is NOT required to obtain a BitLicense?
It is just as important to highlight those activities that do not require a BitLicense as it is to discuss what does fall under the regulations. The NYDFS has tailored their definition of Virtual Currency Business Activity based on the public comments it has received and provided significant exemptions to the licensing requirement.
First, the definition of Virtual Currency itself in Section 200.2(p) carves out three types of “digital units” that are not to be covered by the BitLicense proposal. The first two hinge on whether the digital unit can be redeemed or converted into fiat currency, such as units contained within a gaming platform or units part of a customer rewards programs. The third merely states that digital gift cards are not intended to be covered.
Second, the NYDFS has removed the licensing requirement for those that merely “secure” a customer’s virtual currency. Unlike traditional currencies where “secure” and “control” may be analogous, the right to transfer virtual currencies is vested in holder(s) of the private key(s) associated with that entry in the public ledger. Therefore, it is possible for a third party to secure private keys without having actual control over the virtual currency, provided they do not hold the requisite number of keys to make transfers. This “multi-sig” feature is an important piece of the growing security infrastructure, and this exemption from the licensing requirement for businesses offering security services is a great method for promoting consumer protection.
Software Developers and “Bitcoin 2.0” Applications
Third, the BitLicense proposal explicitly carves out the development and dissemination of software from the definition of Virtual Currency Business Activity in Section 200.2(q). Even if that software allows for storing, transmitting, exchanging, or issuing virtual currency, only those who actually employ the software will be required to be licensed.
In addition, developers and businesses who engage in transmitting “a nominal amount” of virtual currency for “non-financial purposes” are also removed from the definition. This language is likely referring to the development of “Bitcoin 2.0” applications that are built on top of the bitcoin ledger and offer the promise of a vast array of non-financial uses of the technology. These two carve-outs do a great deal to allow innovation in the industry to flourish.
Merchants and Investors
Finally, the BitLicense proposal lists two specific exemptions from the licensing requirement in Section 200.3(c), even if the actions would have otherwise fell within the definition of Virtual Currency Business Activity. First, “merchants and consumers that utilize Virtual Currency solely for the purchase or sale of goods or services or for investment purposes” need not obtain a BitLicense. This exemption mirrors the opinion of FinCEN, which has released guidance stating that money transmission regulation will not apply to users of virtual currencies or those who exchange currencies for investment purposes rather than as a business. Second, banks that are chartered under the New York Banking Law may be exempt from licensing with approval by the superintendent.
Disclaimer: This article is provided for informational and educational purposes only and is not intended to constitute legal advice. Readers should not act or rely on any information contained in this article without first seeking the advice of an attorney.