O’Melveny Worldwide

From New York to California: The BitLicense Goes Bicoastal

September 21, 2022

 

Seven years after New York State created the BitLicense to regulate many digital assets companies, the California legislature has followed suit with its own sweeping BitLicense law, which is awaiting Gov. Gavin Newsom’s signature. Some participants in the digital assets industry have criticized the New York BitLicense, saying it is difficult to obtain and maintain, and that it does little to protect consumers or traders. Now, California has imposed several significant reporting and operational requirements on its BitLicense holders—some of which may be even more onerous than those imposed by the New York Department of Financial Services in 2015. It remains to be seen how challenging California’s BitLicense process will be, but any company offering digital asset products or services in the Golden State will need to understand how the law applies to its business.

Who needs a California BitLicense?

Like the New York BitLicense, the California version covers a broad range of activities. Beginning on January 1, 2025, an entity may not engage in the following activities in the state without a California BitLicense: (1) exchanging, transferring, or storing a digital asset; (2) acting as an administrator over digital assets by, for example, issuing and managing digital assets; (3) holding electronic precious metals or issuing certificates or shares representing interests in electronic precious metals; and (4) exchanging digital representations of value—obtained as part of a game—for a digital asset, legal tender, or credit outside the game from the same entity where the digital representation of value originated.

Unlike the California edition, the New York BitLicense regulation does not expressly address “electronic precious metals” or “digital representations of value within a game,” presumably because such assets had not been meaningfully developed by 2015, when New York created its BitLicense regime.

Both California and New York carve out certain activities or entities from the licensure requirement. California exempts:

  • Banks, and trust companies incorporated as banks;
  • Credit unions;
  • Payment clearing, processing, or settlement services;
  • Nodes confirming transactions and miners;
  • Companies providing data storage or security services for digital asset businesses;
  • Personal or academic uses of digital assets;
  • People whose digital asset business activity for California residents is valued at $50,000 or less per year;
  • Attorneys providing escrow services; and
  • Anyone who does not receive compensation for providing digital asset products.

Like California, New York exempts banks and trust companies incorporated as banks, as well as those who use digital assets to buy or sell goods or services, or who use digital assets for their own investment purposes. New York also exempts those who merely develop software that might be a digital asset.

Once I get a California BitLicense, what does the law require me to do?

The California BitLicense law imposes more reporting and operational obligations on licensees than the New York regulation. For example, California requires license-holders to disclose, among other things, the following:

  • whether the product or service offered by the license holder is covered by insurance (and at what U.S. dollar value);
  • the basis for recovery for accidental or unauthorized transfers of users’ digital assets; 
  • a list of instances in the past 12 months when the licensee’s service was unavailable to 10,000 or more customers due to a service outage; and
  • its data security policy, which must be approved by the California Department of Financial Protection and Innovation, “to protect the confidentiality, integrity, and availability of any nonpublic personal information or digital financial asset it receives, maintains, or transmits.”

California BitLicense-holders that facilitate trades of digital assets are required to evaluate these criteria before listing a digital asset: 

  • the probability that the asset is a security;
  • whether the digital asset offers utility or potential utility “other than as a method for speculative investment”;
  • how vulnerable the digital asset is to hacks or exploits that would cause it to rapidly lose value;
  • if the issuer of the digital asset is subject to U.S. law; and
  • if any key person involved in the design, management, or promotion of the digital asset has been convicted of fraud or malfeasance.

Some platforms may already use these criteria to evaluate a potential listing. One criterion that may be difficult to analyze is determining whether a digital asset’s technical design renders it vulnerable to attack, but the California BitLicense law also imposes other potentially challenging operational standards on digital-asset trading platforms. For example, platforms will be obligated to use “reasonable diligence to ascertain the best market for a digital asset and exchange it in that market so that the outcome to the [California] resident is as favorable as possible under prevailing market conditions.” This language seems intended to track the federal regulatory requirement that broker-dealers of securities seek the most favorable terms reasonably available under the circumstances for a customer’s transaction. It is unclear whether and to what extent California regulators will apply this language the same way the SEC does when it looks at broker-dealers of securities.

The California BitLicense law does not appear to shield any documents or information provided to the state government from disclosure under the California Public Records Act (CPRA). So, any applicant for or holder of a California BitLicense should be prepared for the possibility that its documents and information will be made public through a CPRA request.

Does the California BitLicense law say anything about stablecoins?

Yes. Beginning on January 1, 2028, California will prohibit BitLicense-holders from exchanging, transferring, or storing stablecoins unless the stablecoin issuer (1) has a California BitLicense or the stablecoin is issued by a bank; and (2) has at all times eligible assets backing the stablecoin that exceed the amount of all outstanding stablecoins issued or sold in the U.S.

Conclusion

As digital assets companies seek to determine the practicalities and costs of complying with the California BitLicense requirements, some may decide to opt out of the Golden State. Indeed, several cryptocurrency exchanges exited the New York market after the state introduced its BitLicense. Others decided against entering the New York market, deciding that the challenges of obtaining and keeping a New York BitLicense were not worth the benefits of serving New York users. Still, others applied for the BitLicense, only to be denied or made to wait before a decision was issued.

California has the opportunity to develop a meaningful regulatory regime for digital assets, ensuring efficient markets and basic protections for participants. Through the BitLicense, California regulators will gain insight into the digital-assets companies doing business in the state, and residents will learn from the companies’ mandated disclosures. Assuming the governor signs the BitLicense bill, California’s regulatory guidance will need to balance such benefits with the likely regulatory burdens on the companies if the state wants to encourage the industry’s growth and innovation.

This memorandum is a summary for general information and discussion only and may be considered an advertisement for certain purposes. It is not a full analysis of the matters presented, may not be relied upon as legal advice, and does not purport to represent the views of our clients or the Firm. Michael Dreeben, an O’Melveny partner licensed to practice law in the District of Columbia, Steven J. Olson, an O’Melveny partner licensed to practice law in California, William K. Pao, an O’Melveny partner licensed to practice law in California, Sid Mody, an O’Melveny partner licensed to practice law in Texas, David L. Kirman, an O’Melveny partner licensed to practice law in California, Greta Lichtenbaum, an O’Melveny partner licensed to practice law in the District of Columbia, Bill Martin, an O’Melveny counsel licensed to practice law in New York, and Damilola G. Arowolaju, an O’Melveny associate licensed to practice law in the District of Columbia, contributed to the content of this newsletter. The views expressed in this newsletter are the views of the authors except as otherwise noted.

© 2022 O’Melveny & Myers LLP. All Rights Reserved. Portions of this communication may contain attorney advertising. Prior results do not guarantee a similar outcome. Please direct all inquiries regarding New York’s Rules of Professional Conduct to O’Melveny & Myers LLP, Times Square Tower, 7 Times Square, New York, NY, 10036, T: +1 212 326 2000.

Related Professionals

Steven J. Olson
Partner
D: +1 213 430 7855
William K. Pao
Partner
D: +1 213 430 7272
Greta L. Nightingale
Partner
D: +1 202 383 5249
David L. Kirman
Partner
D: +1 310 246 6825
Sid Mody
Partner
D: +1 945 221 1645
Bill Martin
Counsel
D: +1 212 728 5942
Related Practices
Privacy
Financial Services Regulation
National Security
Securities Regulation
Data Strategy, Security & Privacy
Regulatory & Advisory
Related Industries
Digital Assets & Web3
Fintech