alerts & publications
Do All ICO Issuers Have to Register as Money Service Businesses with FinCEN?March 16, 2018
New FinCEN Statement Says Many Token Sellers Will Be Considered Money Services Business
ICO issuers commonly screen purchasers in initial token or “coin” offerings (ICOs) for anti-money laundering (AML) and “Know-Your-Customer” (KYC) purposes using online vendors. But there has been uncertainty as to whether, and under what conditions, an ICO issuer would need to go as far as registering as a money service business (MSB)1 with the Treasury Department’s Financial Crimes Enforcement Network (FinCEN). However, in a letter that became public last week (but was dated February 13, 2018), FinCEN clearly expressed its view, stating:
A developer that sells convertible virtual currency, including in the form of ICO coins or tokens, in exchange for another type of value that substitutes for currency is a money transmitter and must comply with AML/CFT requirements that apply to [MSBs].
The language in the letter and its potential application is broad, but the facts and circumstances applicable to each ICO issuer must still be evaluated to determine whether they will cause the issuer to fall under FinCEN’s MSB rules. Failure to register and meet related requirements for MSBs may subject a business and its employees to both criminal and civil penalties.
Any ICO issuer that qualifies as an MSB must:
- Register with FinCEN
- Implement a formal AML program with these four elements:
- written AML policies and procedures
- a designated AML compliance officer
- independent review and monitoring of the AML program, and
- a training program for relevant personnel regarding their AML responsibilities
- Monitor for suspicious transactions and filing Suspicious Activity Reports, or SARs, with FinCEN
- Maintain records of certain transactions, payment instructions, and customer identification records
- Conduct enhanced due diligence when working with foreign agents or counterparties. Under these circumstances, there are extra requirements for understanding a foreign partner’s business model, customers, and the foreign partner’s own AML program. Importantly, an MSB must be ready to end its relationship with any foreign partner who does not meet necessary standards.
FinCEN’s letter also noted that, to the extent an ICO involves securities or derivatives, it might instead be subject to the authority of the Securities and Exchange Commission or Commodity Futures Trading Commission, each of which has separate—although similar—AML/KYC requirements.
Even if not required to register as an MSB, what should all ICO issuers do now?
Perform AML/KYC screening aimed at identifying the red flags of potential money laundering. Federal money laundering laws require businesses to avoid conducting transactions involving criminal proceeds, and there are several ways to run afoul of these laws. A transaction may raise red flags that the funds involved—whether fiat or cryptocurrency—originate from a fraud scheme, a hacking incident, or some other unlawful source. A business cannot turn a blind eye to these red flags.
Have a system in place in the event red flags indicate the need for more information about the nature or source of funds being used to purchase their tokens. Be aware that criminal laws prohibit transactions with funds that a person knows originate from unlawful activity, even if the person does not know exactly the type of unlawful activity involved. More serious penalties apply where a person takes intentional steps to conceal aspects of the transaction. Even “clean” funds, if transferred internationally, may comprise a money laundering violation if sent to promote criminal activity. Finally, under conspiracy laws, a person may be liable for actions of business partners who engage in money laundering transactions.
Comply with the sanctions screening requirements administered by the Treasury Department’s Office of Foreign Assets Control (OFAC). In offering tokens for sale in a public or private sale, every ICO issuer is required to ensure that none of its purchasers are on the list of prohibited individuals or entities maintained by OFAC. The OFAC sanctions list is highly complex and frequently changes, so most businesses outsource screening to a third-party servicer. Nonetheless, OFAC imposes strict liability for screening failures, so an ICO issuer should be sure to understand the screening its service provider is doing and take its own steps to engage in a robust customer identification program.
Be prepared to address inquiries from regulators and law enforcement. If a regulator or law enforcement agency contacts an ICO issuer, one of the first demands it is likely to make is that the issuer provide a copy of its AML program and policies as well as its customer identification procedures and screening protocols. If the issuer is equipped with these written policies and procedures, including a clear allocation of responsibility within the company for ensuring compliance, it will be off to a good start.
It is worth noting that the federal agencies involved in overseeing the marketplace for token sales have publicly recognized the societal value of blockchain-based emerging technologies. While the burden of compliance in this area is not light, prior planning may help to protect an ICO issuer’s investment of time and resources and create room for greater innovation.
1 An MSB is broadly defined as including a business that accepts “currency, funds, or other value that substitutes for currency” from one person and transmits it to another person or location.
This memorandum is a summary for general information and discussion only and may be considered an advertisement for certain purposes. It is not a full analysis of the matters presented, may not be relied upon as legal advice, and does not purport to represent the views of our clients or the Firm. Laurel Loomis Rimon, an O'Melveny senior counsel licensed to practice law in California, and Eric Sibbitt, an O'Melveny partner licensed to practice law in California and New York, contributed to the content of this newsletter. The views expressed in this newsletter are the views of the authors except as otherwise noted.
© 2018 O’Melveny & Myers LLP. All Rights Reserved. Portions of this communication may contain attorney advertising. Prior results do not guarantee a similar outcome. Please direct all inquiries regarding New York’s Rules of Professional Conduct to O’Melveny & Myers LLP, Times Square Tower, 7 Times Square, New York, NY, 10036, T: +1 212 326 2000.
Thank you for your interest. Before you communicate with one of our attorneys, please note: Any comments our attorneys share with you are general information and not legal advice. No attorney-client relationship will exist between you or your business and O’Melveny or any of its attorneys unless conflicts have been cleared, our management has given its approval, and an engagement letter has been signed. Meanwhile, you agree: we have no duty to advise you or provide you with legal assistance; you will not divulge any confidences or send any confidential or sensitive information to our attorneys (we are not in a position to keep it confidential and might be required to convey it to our clients); and, you may not use this contact to attempt to disqualify O’Melveny from representing other clients adverse to you or your business. By clicking "accept" you acknowledge receipt and agree to all of the terms of this paragraph and our Disclaimer.