FinCEN Provides Guidance On Cryptocurrency

Financial Services Law

The Financial Crimes Enforcement Network (FinCEN) has released new guidance on cryptocurrency, an attempt to “provide regulatory certainty for businesses and individuals” engaged in the burgeoning field of financial activity.

FinCEN also published an advisory alongside the new guidance to help financial institutions identify and report suspicious activity concerning criminal exploitation of cryptocurrencies for illicit financial purposes such as money laundering and evading sanctions.

What happened

The FinCEN guidance does not establish new regulatory expectations or requirements. Instead, FIN-2019-G001 consolidates existing FinCEN regulations, administrative rulings and other guidance issued since 2011.

Specifically, FinCEN issued the new guidance to remind persons subject to the Bank Secrecy Act (BSA) how existing regulations governing money services businesses (MSBs) apply to business models involving money transmission denominated in value that substitutes for currency—namely, convertible virtual currencies (CVCs).

Whether a person qualifies as an MSB subject to BSA regulation depends not on its formal business status, FinCEN said, but on the facts and circumstances of a given case. The BSA obligations of a money transmitter begins with an expectation that the entity will operate “under a culture of compliance” and continues with the development, implementation and maintenance of an effective written anti-money laundering (AML) program. To achieve compliance, MSBs should structure their programs to be risk-based, FinCEN noted.

Dating back to 2011, FinCEN has made clear that persons accepting and transmitting value that substitutes for currency—such as virtual currency—are money transmitters.

How do money transmission regulations apply to common business models involving transactions in CVC? The new guidance offers several examples, including natural persons providing CVC money transmission (P2P exchangers), CVC wallets, services provided through electronic terminals (CVC kiosks) and through decentralized applications, anonymity-enhanced CVC transactions, payment processing services involving CVC money transmission and CVC money transmission performed by internet casinos.

For instance, with regard to CVC wallets, the regulatory treatment and BSA obligations of the person acting as an intermediary between the owner of the value and the value itself depends on four criteria: (i) who owns the value, (ii) where the value is stored, (iii) whether the owner interacts directly with the payment system where the CVC runs and (iv) whether the person acting as intermediary has total independent control over the value. The guidance walks through each of the facts as it applies to the different types of CVC wallets.

Other business models involving CVC transactions may be exempt from the definition of money transmission, FinCEN said, such as CVC trading platforms and decentralized exchanges, CVC money transmission performed in the context of raising funding for development or other projects and the creators of CVC and distributed applications conducting CVC transactions.

“FinCEN expects that persons introducing innovative products or services to a highly regulated activity, such as money transmission, will ensure that the innovation complies with the regulatory framework applicable to such activity before the innovation is taken to the market,” the guidance cautions. “Persons interested in determining whether a certain new activity or variation on an existing activity may subject them to FinCEN’s regulatory requirements have several options for obtaining preliminary, general guidance or definitive regulatory interpretation.”

In a separately issued advisory, FinCEN states that CVCs are increasingly used as alternatives to traditional payment and money transmission systems to support illegal financial activity. To combat such use, FIN-2019-A003 highlights “prominent typologies and red flags associated with such activity” and identifies information that is most valuable to law enforcement, regulators and other national security agencies in the filing of suspicious activity reports (SARs).

Threats to keep an eye out for: the use of CVC in conjunction with darknet market activity (which may indicate drug purchases or sales, child exploitation or cybercrime), unregistered peer-to-peer (P2P) exchangers (which employ techniques such as blending the proceeds of their transaction with those of other users), unregistered foreign-located MSBs (a popular way to move funds in and out of the United States) and CVC kiosks.

FinCEN offered examples of each type of potentially problematic typology, including the recent civil money penalty assessed and ban from the industry issued against the operator of a P2P exchanger of CVC for willful violations of the BSA.

The advisory also lists 30 different red flags indicating the abuse of virtual currencies, from the appearance of a customer’s CVC address on public forums associated with illegal activity or linked to darknet marketplaces to the structuring of transactions just beneath the CVC kiosk daily limit to the same wallet address using multiple machines or identities tied to the same number.

As FinCEN notes, financial institutions should consider the surrounding facts and circumstances in addition to the red flags, such as a customer’s historical financial activity and whether the customer exhibits multiple indicators before a determination of suspicious activity is made.

The advisory also reminded financial institutions to provide all pertinent available information when filing a SAR, with data such as the virtual currency wallet addresses, relevant transaction history and information obtained from analysis of the customer’s public online profile and communications particularly helpful to law enforcement.

To read the FinCEN guidance, click here.

To read the advisory, click here.

Why it matters

“FinCEN was the first financial regulator to address virtual currency and the first to assign obligations to related businesses to guard against financial crime,” Director Kenneth A. Blanco said in a statement. “Our regulatory approach has been consistent and despite dynamic waves of new financial technologies, products and services, our original concepts continue to hold true. Simply stated, those who accept and transfer value, by any means, must comply with our regulations and the criminal misuse of any methodology remains our fundamental concern.” The new guidance gathers all of FinCEN’s regulations on cryptocurrency in one document and provides examples of the application of those rules to various CVC business models.



pursuant to New York DR 2-101(f)

© 2024 Manatt, Phelps & Phillips, LLP.

All rights reserved