The New York State Department of Financial Services (NYSDFS) has proposed regulations for virtual currency use in that state, which if implemented could dramatically affect the future of Bitcoin transactions. The proposed regulations will affect businesses that function as exchanges or otherwise convert Bitcoin into currency, even if those businesses are out of state and simply interact with New York residents. Under the proposed language, the requirement of obtaining a Bitlicense and adhering to its rules could potentially affect a Bitcoin exchange operating in any location if they have a New York State customer. For this reason, it is important for every attorney to understand the scope and application of the proposed rules to prepare clients to meet the requirements.
Who Must Obtain a ‘Bitlicense’?
The Bitlicense regulations would cover any business that operates as an exchange offering services such as Bitcoin purchase and sale, conversion, transmittal and receiving, storage or otherwise administering Bitcoins on behalf of consumers. Merchants who use Bitcoins for sale of goods and services do not have to obtain a Bitlicense, and nor do consumers who use Bitcoin for personal reasons.
What Are the Requirements for a ‘Bitlicense’ Holder?
The NYSDFS states that the regulations surrounding the Bitlicense are designed to prevent illicit activity, enhance security and improve consumer protection. There would be an application process for each Bitlicense, and the license must be obtained prior to starting or continuing business activity. Once approved, Bitlicense holders must comply with the following requirements:
1. Compile Detailed Records of Each Transaction
Under the proposed Bitlicense every transaction would require a record of the name and physical address of the purchaser as well as verifying their identity with the US Treasury Department. Foreign purchasers would require additional scrutiny. Other data required would be the amount of the transaction and method of payment, including a mandate to report any single purchases over $10,000 directly to NYSDFS.
2. Maintain a Bond With NYSDFS
The bond requirement for a Bitlicense is especially problematic since under the proposed regulations there is no specific formula for an amount. The bond must be an amount that NYSDFS deems adequate, with no guidance provided for Bitlicense holders. Under this rule, a Bitlicense holder will have no way to anticipate the amount or form of bond needed to be in compliance and do business. There is also a separate requirement to maintain in a reserve account amounts equal to any Bitcoins held or stored on behalf of another party.
3. Have a Qualified Cyber Security Officer Designated
This requirement seems to be geared toward enhancing transaction security and consumer protection, and also places a directive for regular penetration tests of security measures. Although this places a burden of extra expense on exchanges, security becomes more important with Bitlicenses since all transaction and customer data will now be stored in the exchanges information systems, and subject to privacy breaches.
4. Maintain an Adequate Level of Capitalization
The capitalization requirements are as vague as the rules for obtaining a bond, and also depend on the discretion of NYSDFS. Capitalization amounts would be determined on an individual basis including factors such as financial status and liquidity. Once again, an exchange would be met with opacity if attempting to plan or meet a clear formula for capitalization. Bitlicense holders that are deemed to have unsound business models or consumer protections may be subject to higher capitalization requirements.
5. Submit Financial Statements to NYSDFS
Related to capitalization is the requirement to submit regular audited financial statements to NYSDFS, and comply with other reporting that allows NYSDFS to monitor and evaluate the Bitlicense holder’s practices. Many of the these financial and informational rules are directed at reducing money laundering and criminal activity, and resemble many of the requirements that banks and exchanges must adhere to for the same reasons under the Banking Secrecy Act.
The scope of these proposed regulations may be amended following the comment period allowed by NYSDFS which expires on October 21, 2014. That said, any lawyer with a client operating as a Bitcoin exchange-related business (or one that may otherwise fall within the broad scope of this regulation) should be prepared for the application process, and should closely monitor the application of any capitalization and bond requirements.
* The Digital Currency Council (DCC) does not advocate on policy matters. Any policy positions taken by David Berger are his personal positions only and do not reflect the position of the DCC.