For those students of history, the Mafia boss Al Capone in Chicago was ultimately convicted of tax evasion, not the other crimes he may have committed but which were harder to prove. Fast forward to March 2022, and not much has changed. The Organization for Economic Co-operation and Development (“OCED”), a 38 member country organization founded in 1961 to stimulate economic progress and world trade, released its 101 page Public Consultation Document, Crypto-Asset Report Framework (“CARF”) and Amendments to the Common Reporting Standards (“CRS”) seeking to vastly expand the tax reporting obligations under the CRS. CRS is a set of uniform tax reporting and KYC/AML rules adopted by some 97 countries starting in 2017. Members include not just the EU, Japan and other high tax jurisdictions but also the BVIs, the Cayman Islands, Jersey and Guernsey, and other tax havens. Noticeably absent from this list is Panama. Under CRS, participating countries collect tax information on locally incorporated companies and their ultimate beneficial owners (“UBOs”) and controlling persons and then report that information back to the home country in which the UBOs are located. This is all done in an effort to prevent the global tax evasion that the OECD believes is taking place.
Under CARF, participating countries will now have to seek to collect and report KYC and AML information (including name, address, date of birth, relevant tax identification number, etc.) on entities and their UBOs, and well as information on all transactions involving digital assets, including exchanges of fiat for crypto, crypto for crypto, NFTs for NFTs, air drops, and hard forks. All transactions at the exchange and the wallet level would be reportable by Reporting Crypto-Asset Service Providers (“RCASPs”), which includes all intermediaries (both corporate and individual) who as a business provide services effectuating exchange transactions for or on behalf of customers. This would include all types of exchanges, wallet providers, and brokers and dealers. The scope of CARF is very expansive. The OCED has not addressed at all some of the corollary issues that CARF will require, such as addressing the privacy rules under the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”) which may require storing customer data in the EU or in the jurisdiction in which the customer is resident, nor has it addressed, or seemingly considered at all, that compliance with such rules is time consuming, difficult, and expensive.
While the US has not adopted CRS, Congress and the IRS are likely to seek access to the same tax reporting information as participants in CRS. This could be done through existing Tax Exchange and Information Agreements that provide for an exchange of information between tax haven countries and the US or through amendments to the Foreign Account Tax Compliance Act (“FATCA”) and the FATCA agreements already in place. As we have seen over the last several years, US regulators are keen to regulate this space and have been pursuing an enforcement-driven approach to regulating cryptocurrency in lieu of any comprehensive regulatory framework, leaving companies operating in the US to review regulators’ piecemeal enforcement actions for guidance. President Biden’s EO aims to change this and implement a more comprehensive regulatory approach.
Thirdly, the day after the OECD released CARF, the International Organization of Securities Commissions released its IOSCO Decentralized Finance Report, summarizing the various ways in which Decentralized Finance transactions have been abused by bad actors around the world and urging additional regulations to protect consumers.
Fourthly, on March 28th, President Biden released his proposed 2023 Budget which would among other things expand the tax rules applicable to securities lending to digital assets, require additional information reporting by certain financial institutions and digital asset brokers, require reporting of foreign digital assets accounts and apply the mark-to-market rules to certain investors in digital assets. These new rules are projected to raise some $11 billion in revenue.
Fifthly, on March 31st, the European Union lawmakers met to discuss the Markets in Crypto Asset regulations package, a process started in 2020. The proposed regulations and explanation are some 168 pages long. At the same time, a member of the European Central Bank Board said that “cryptocurrencies are pure gambling, wasting enormous amounts of energy.”
Sixthly, in the UK, the Financial Conduct Authority (“FCA”) has been required to process permanent registration applications from crypto asset businesses for the purpose of the 5th Money Laundering Directive by March 31st, having extended its deadline to do so from last year. Over the last few months, the FCA’s reluctance to take on the mantle of the UK’s crypto asset business anti-money laundering regulator has become evident with its preference being to encourage such crypto asset businesses to withdraw their registrations and relocate elsewhere overseas. With hundreds of crypto asset businesses having taken advantage of the Temporary Registration regime, only a few have been granted a permanent registration, which does not auger well for the immediate future of such businesses in the UK. Additionally, the FCA has also signaled its intent to restrict advertising of digital assets to the UK general public beginning in the summer of this year”.
Next, the US Securities and Exchange Commission (“SEC”) has been particularly active in enforcing existing US securities regulations, developed in the 1930s, with respect to digital assets. It is not too much of an exaggeration to state that the SEC’s general view is that if a virtual currency has the potential for appreciation, it is probably a security subject to regulation by the SEC. Everyone is eagerly waiting to see what happens in the SEC’s lawsuit against Ripple regarding Ripple’s issuance of the XRP token, and whether the decision in that case will provide any additional guidance on the application of the “Howey Test” to digital assets. Time will tell whether the decision is narrowly decided so that it provides no real guidance or whether it provides more substantive guidance in this area.
Lastly, both the FCA in the UK and the Monetary Authority of Singapore have recently issued comments, based on these same general concerns mentioned above, which eventually will have the effect of restricting the marketing of digital assets to the general public. This is a trend that is likely to continue in other countries as well.
It is clear that regulators globally have focused their attention on digital assets, in large part over long-held concerns about protecting consumers from bad actors, perceived abuses in reporting cryptocurrency transactions for tax purposes and conduct of criminal activity and more recently from concerns about potential for circumvention of sanction regimes and ultimately stability of the financial system. Unlike some, our view is that the regulations that are going to be imposed are fairly consistent, in purpose and effect, with those that apply to other existing financial assets. They will not be a new form of regulation, but rather an extension of existing frameworks to digital assets, adapted to particular features of such assets.
In our view, participants have three choices and only three choices. The first is to ignore this trend and hope that it goes away – the ostrich approach. Those involved in the digital asset space that take this approach and ignore this global focus on regulating digital assets do so at their peril. The result will be, at best, that they are subject to a global patchwork of often conflicting regulations that are foisted upon them, or, at worst, that they will be subject to enforcement actions and face severe monetary and other penalties. For digital asset exchanges that operate through an entity, coping with increased tax, AML, KYC, security, custody, marketing and other regulations will be costly but feasible given their market size and cash flows. For newer companies, the burden will be significant.
The second approach is to do what others have done in similar situations and create a self-governing organization, similar to the US FINRA organization, and seek to persuade regulators to let that body enact applicable regulations, perhaps subject to the ultimate oversight of the regulators.
The third approach is somewhere in between the first two and requires an organized effort from entities in this space to appeal directly to global regulatory organizations – through traditional methods of public comment on proposed regulations, lobbying, etc. – seeking to influence global regulators to promote sensible and consistent regulations around the world.
This has the advantage of promoting uniform regulations around the world. Under the second two options, digital asset companies have an opportunity to benefit from any new regulations. For example, the first large digital asset exchange that registers as such with the SEC may be able to seize considerable additional market share. Understanding that this is a complex task given the current state of play in the US, a registered exchange may be able to work with token issuers to offer legally compliant, freely tradeable tokens to all investors, including non-accredited investors.
The situation is less clear for digital asset issuers, including artists minting NFTs and individuals who operate decentralized exchanges. Many of them will not have the financial resources, training or personnel to perform full-fledged KYC / AML / CFT reviews, much less comply with the GDPR and CCPA privacy requirements.
There is a recent TV advertisement by the crypto exchange Crypto.com featuring Matt Damon, which concludes with the Roman proverb “The Future Favors the Brave.” We disagree, in our view “The Future Favors the Prepared.”
Where do you stand?