One might have thought the biggest news in the digital currency world lately was Dell announcing that it was now accepting bitcoin. However, after a series of highly-publicized hearings in January, New York State rolled out its proposed regulations surrounding bitcoin and virtual currency – the first state in the nation to propose licensing requirements for virtual currency businesses.
The July 23rd New York State Register includes a Notice of Proposed Rule Making from the New York State Department of Financial Services (the “NYSDFS”) regarding the regulation of virtual currency (“Regulation of the Conduct of Virtual Currency Businesses,” No. DFS-29-14-00015-P). The proposed rule calls for the creation of the “bitlicense” which the NYSDFS has hinted at in the past. The state agency goals are two-fold: to protect New York consumers and users and ensure the safety and soundness of New York licensed providers of virtual currency products and services. Virtual currency is still a nascent industry that is generally unregulated outside of federal anti-money laundering regulations, and while anti-establishment bitcoin pioneers may revel in the “wild west” atmosphere of the digital currency, the NYSDFS feels that their proposed regulations will protect consumers from undue risk, encourage prudent practices for those engaged in virtual currency business activity and foster the growth of the New York financial sector.
The Notice, which refers to the full text of the proposed rule originally made available by NYSDFS on July 17th, marks the beginning of a 45-day window for public comment on the proposed rule. Interestingly, the NYSDFS concurrently released a copy of the proposed regulations on the social news site Reddit to elicit debate (note, Ben Lawsky, Superintendent of Financial Services at the NYSDFS, participated in a Reddit AMA (“Ask Me Anything”) session in February as the agency was developing the rules).
The proposed rule appears to be drafted to carefully exclude merchants and bitcoin miners from the scope of the licensing requirement, but include exchanges, digital wallet services, merchant service providers and others in the virtual currency ecosystem. It imposes many of the same types of requirements that we already have in the area of money transmission and clearing house services, including capital requirements, anti-money laundering safeguards, and “know your customer” type issues. It also includes requirements with respect to business continuity and cyber security issues.
This alert will outline some of the major elements of the “bitlicense” regulations.
Under the proposed regulations, “Virtual Currency Business Activity” means any one of the following activities involving New York or a New York resident:
(1) receiving Virtual Currency for transmission or transmitting the same;
(2) securing, storing, holding, or maintaining custody or control of Virtual Currency on behalf of others;
(3) buying and selling Virtual Currency as a customer business;
(4) performing retail conversion services, including the conversion or exchange of Fiat Currency or other value into Virtual Currency, the conversion or exchange of Virtual Currency into Fiat Currency or other value, or the conversion or exchange of one form of Virtual Currency into another form of Virtual Currency; or
(5) controlling, administering, or issuing a Virtual Currency.
Such “virtual currency businesses” would have to obtain a license from the agency before engaging in any such business activity, though persons chartered under the New York Banking Law to conduct exchange services and are approved by the NYSDFS to engage in virtual currency business activity would be exempt. As previously mentioned, the proposed rules seemingly excludes consumers who buy goods and services with digital currency, merchants who accept digital currency and bitcoin miners from the scope of the licensing requirement, but explicitly include digital currency exchanges, digital wallet apps and services, merchant service providers, virtual currency issuers, and other similarly situated businesses. Specially, the agency is not seeking to regulate virtual currency used solely on online gaming platforms or digital units used exclusively for customer affinity or rewards program, but cannot be converted into fiat currency.
Other Important Requirements
- Application Details: Applicants would have to submit financial, insurance and banking particulars; organization charts and background reports for the principal officers and stockholders (along with fingerprints for officers, principals and employees); and an explanation of the methods used to calculate the value of virtual currency in fiat currency, among other things. Upon filing of an application, the agency will investigate the financial condition and responsibility of the applicant before issuing the bitlicense, and may revoke the license on sufficient grounds. Moreover, if the licensee wants to make a “material change” to an existing product or service, it would need the NYSDFS’s prior approval; similar approval would be required in the event of any changes of control or mergers and acquisitions.
- Compliance: Applicants would have to comply with all federal and state laws and regulations, appoint a compliance officer to monitor activity within the business, and maintain written compliance policies relating to anti-fraud, anti-money laundering, cybersecurity, and privacy and data security. In addition, virtual currency businesses would have to submit quarterly financial statements and audited annual financial statements to the NYSDFS.
- Capital Requirements: The proposed regulations do not outline specific capital requirements. Rather, the text suggests that licensee shall maintain levels of capital as the NYSDFS determines is sufficient to ensure financial stability, taking into account basic financial barometers. The proposed regulations also would require licensees to only invest earnings in high-quality investments with maturities of up to one year, such as certificates of deposit regulated under U.S. law, money market funds, state or municipal bonds, or U.S. Gov’t securities.
- Anti-Money Laundering: Each licensee would be expected to enforce an anti-money laundering program with adequate internal controls and training, as well as a written policy reviewed and approved by the licensee’s board. Under the regulations, virtual currency records would have to include records containing the identity and physical addresses of the parties involved, the amount of the transaction, the method of payment, the date(s) on which the transaction was initiated and completed, a description of the transaction, and special reports of any aggregate daily transactions that exceed $10,000 or otherwise involve suspicious activity. Covered businesses would also have to conduct adequate due diligence on new customers, with enhanced scrutiny for foreign entities. Such regulations are presumably similar to the March 2013 Financial Crimes Enforcement Network (“FinCEN”) Guidance (FIN-2013-G001), which clarified that federal anti-money laundering regulations covering “money services businesses” also applied to virtual currency exchanges.
- Examinations: Each licensee would have to permit the NYSDFS to examine the licensee’s accounting and operations at least once every two years to determine financial stability, business soundness and compliance.
- Cybersecurity: Under the bitlicense regulations, each licensee would have to establish an effective cybersecurity program for their electronic systems and maintain a written cybersecurity policy that covers data and network security, data governance, access controls, business continuity and disaster recovery, customer privacy, vendor management, and incident response, among others. Licensees would also have to appoint a Chief Information Security Officer responsible for implementing the cybersecurity program and also submit an annual report assessing the cybersecurity program.
- Protection of Customer Assets: The regulations would require each licensee to maintain a bond or trust account for the benefit of its customers in an amount acceptable to the NYSDFS, and hold virtual currency of the same type and amount the licensee is storing for a customer. The licensee would be prohibited from selling or encumbering virtual currency assets stored on behalf of a customer.
- Consumer Protection: The proposed regulations require certain disclosures before a consumer may enter into a transaction, including disclosure of the material risks associated with digital currency (e.g., digital currency is not legal tender, transactions are generally irreversible, values may fluctuate, and cyberattacks are a real concern), the general terms and conditions of conducting business with the licensee, and a detailed receipt following the completion of any transaction.
All entities involved in or planning on being involved in virtual currency-related businesses should study this proposed rule carefully. There is still an opportunity to voice concerns and have the final rule reflect any issues that the NYSDFS views as important (for example, some commentators have suggested that the regulations should contain exemptions for smaller digital currency start-ups that handle small transactions, while the Bitcoin Foundation suggests that the comment period should be open for a longer period of time to allow the industry to digest the proposal). It is likely that whatever is enacted in New York will be used as a model in other states that wish to enact a similar virtual currency licensing structure. Moreover, the regulations, as they stand today, require that any entity engaged in a “virtual currency business activity” would have to apply for a license within 45 days of the effective date of the regulations or risk being deemed to be conducting an unlicensed virtual currency business, further suggesting the importance in getting up to speed with the emerging digital currency regulatory environment in New York. It remains to be seen how onerous the final regulations and compliance obligations will be to both established digital currency service providers and start-ups alike.
On July 14, 2014 the Equal Employment Opportunity Commission (“EEOC”) issued its first “enforcement guidance” on the Pregnancy Discrimination Act (“PDA”) since 1983. One of the more significant aspects of the Guidance is the EEOC’s view of an employer’s duty to accommodate pregnant workers under the Americans with Disabilities Act (ADA).
The EEOC now takes the position that employers must accommodate a pregnant employee’s work restrictions to the same extent it accommodates non-pregnant employees with similar restrictions.
This means, in the EEOC’s view, that employers who offer light duty work to individuals injured on the job must also offer light duty work to pregnant employees with work restrictions, regardless of the fact that the light duty policy only applies, by its terms, to those employees who have restrictions stemming from a work related injury.
The EEOC’s Enforcement Guidance is quite extensive. The entire Guidance document can be found here.
The EEOC also issued a “Questions & Answers” document, found here.
As if that wasn’t enough summer reading, the EEOC also issued a “Fact Sheet” that summarizes the PDA’s requirements here.