Unpacking the Governments Cryptocurrency Regulatory and Enforcement Agenda | Pillsbury Winthrop Shaw Pittman LLP

The Current SEC Enforcement Landscape

In a letter to Senator Elizabeth Warren this summer, Chair Gensler stated that “[w]e haven’t yet lost a case” related to crypto assets. One reason for that impressive track record is the SEC’s focus on plain vanilla actions against crypto-related bad actors. In his letter to Senator Warren, Chair Gensler described the SEC as “prioritizing token-related cases involving fraud or other significant harm to investors.” Many of those enforcement actions also involve allegations of unregistered offerings.

For example, in June 2021, the SEC settled charges against Loci Inc. and its CEO for “making materially false and misleading statements in connection with an unregistered offer and sale of digital asset securities.” The digital assets in question were tokens called “LOCIcoin,” and they were not registered with the SEC. However, the unregistered offering was not the sole basis for the enforcement action—there are clear allegations of fraud and the SEC charged both respondents with fraud.

On August 9, the SEC announced it had settled with Poloniex for operating a digital asset platform that allowed the trading of tokens that the SEC considered to be securities. In his letter to Senator Warren four days before the SEC’s Poloniex announcement, Chair Gensler wrote that “[c]ertain rules related to crypto assets are well-settled” and reiterated his belief that “[t]he test to determine whether a crypto asset is a security [i.e., Howey] is clear.” The Chair has also referred to the crypto finance space as “the Wild West.” In written testimony on October 5 before the House of Representatives, the Chair stated that “[t]his asset class is rife with fraud, scams, and abuse in certain applications.” The focus of enforcement on unregistered offerings of securities—and the related disputes as to what is and is not a security—are closely related to the Chair’s concerns about investor protection in the face of fraud.

More recently, the Chair has told attorneys that he would “like to ask this profession, people listening, to remember you have a greater responsibility…. Think about that Supreme Court test, the Howey test, then get them to come in, get them to register.” The Chair views lawyers as the “first line of defense” in the response to securities laws violations.

And the Verdict Is…

What about other “lines of defense?” While the Chair has stated that the Howey test is “clear,” its application to digital assets may not be that simple for judges and juries. On November 2, a jury found, in a first-of-its-kind case for cryptocurrency, that the tokens at issue were not securities. Specifically, the jury held that defendant Stuart Fraser was not liable under the securities laws for fraudulent sales by GAW Miners, a company of which Mr. Fraser owned 41 percent. GAW Miners sold products including a virtual currency and a digital wallet. The jury found that they were not investment contracts, contrary to the arguments of class action plaintiffs who sued under the Connecticut Uniform Securities Act and Section 20(a) of the Securities Exchange Act of 1934.

This decision comes over four years after a federal judge ordered payment pursuant to a default judgment of over $12 million in a civil suit brought by the SEC against GAW Miners and another corporate entity; obviously, a premise of the SEC’s action was that the cryptocurrency products at issue were securities. Subsequently, however, Mr. Fraser went to trial in the customer class action. When placed in the same situation, will other defendants do the same? Mr. Gensler told Senator Warren the SEC has not yet lost a case. The SEC’s record may get tested soon.

Impact of Regulatory Uncertainty on the Digital Asset Industry

A recent public battle between cryptocurrency exchange platform Coinbase and the SEC highlights the impact of the evolving regulatory landscape on crypto market participants. This fall, Coinbase CEO Brian Armstrong alerted his Twitter followers to “some really sketchy behavior coming out of the SEC recently.” He explained that Coinbase had recently announced that it was launching a product that would allow owners of a digital stablecoin called USD Coin to lend out their digital assets and earn a return. According to Coinbase, the SEC purportedly told the company that “this lend feature is a security” and, after seeking testimony and documents, that “they will be suing us if we proceed to launch, with zero explanation as to why,” even though “plenty of other crypto companies continue to offer a lend feature.”

The ambiguity, of course, is a function of the SEC’s now-familiar refrain that “each token’s legal status depends upon its own facts and circumstances.” In the case of Coinbase’s proposed offering, the SEC seems to have concluded that lending USD Coin to earn interest tipped the Howey analysis in favor of concluding that USD Coin was a security. On September 20, 2021, Coinbase announced it was cancelling its lending product offering.

Armstrong’s main complaint appears focused on what he considered to be inconsistent and unclear guidance by the SEC—as opposed to whether or not Coinbase’s program theoretically should be considered a security. (In its Digital Asset Policy Proposal, Coinbase declared, “[i]t is time for a clear and comprehensive approach to regulating digital assets, and for regulation that is fit for purpose.”) Some members of Congress apparently share Armstrong’s view. In a recent hearing before the Senate Banking Committee, Senator Pat Toomey told Chair Gensler, “[b]ased on your public statements, it’s pretty clear that you believe that some [crypto] are securities, but others are not. So I’m frustrated by the lack of helpful SEC public guidance, explaining how you make the distinction. What makes some of them securities, while others are not securities?”

DOJ Enters the Fray

The DOJ has also increased its enforcement efforts in the cryptocurrency space. This fall, the DOJ announced the creation of the National Cryptocurrency Enforcement Team (NCET), an enforcement team dedicated to investigating and prosecuting criminal misuses of cryptocurrency. In its announcement, the DOJ noted that cryptocurrency has increasingly been used for money laundering and the operation of illegal or unregistered money services businesses. Cryptocurrency has even become the preferred payment option for illegal drugs, weapons, malware and hacking. To combat this activity, the NCET will initially focus on infrastructure providers that enable the misuse of cryptocurrency or facilitate criminal activity, including cryptocurrency exchanges and cryptocurrency mixers and tumblers (i.e., third-party services that comingle cryptocurrency funds before redistributing the funds, making it difficult to trace the source of the funds and obscuring the connection between the transacting parties). The DOJ stated that another focus of NCET will be the “tracing and recovery of assets lost to fraud and extortion, including cryptocurrency payments to ransomware groups.”

The NCET will include experts from the DOJ criminal division’s money-laundering and asset recovery section and its computer crime and intellectual property section, as well as from U.S. Attorneys’ Offices across the country.

The NCET announcement came on the same day that DOJ launched its civil Cyber-Fraud Initiative, which will leverage civil enforcement tools like the False Claims Act (FCA), to pursue government contractors, who fail to follow required cybersecurity standards. Traditionally, the FCA’s aggressive whistleblower provision incentivizes private parties to assist the government in identifying and pursing misconduct to which they are privy (in exchange for a share in any recovery). The FCA also protects whistleblowers from retaliation. The Cyber-Fraud Initiative will examine entities or individuals, who receive federal funds and yet “put U.S. information or systems at risk” by offering deficient cybersecurity products or services, misrepresenting their cybersecurity practices, or violating obligations to monitor and report cybersecurity incidents and breaches. On October 27, 2021, Bryan M. Boynton, the acting assistant attorney general of the DOJ’s Civil Division, clarified that the division will be specifically “focusing on government contractors and grantees who provide cyber services to the government.”

What’s Next?

The DOJ and SEC—as well as other regulatory agencies and Congress—will continue to develop the rules of the road for the digital assets industry. One area to watch is the extent to which authorities target platforms that operate overseas and do not permit U.S. investors to trade. Notably, the Commodity Futures Trading Commission (where Gensler previously served as Chair) has already asserted jurisdiction over such platforms where U.S. traders accessed the platform through a virtual private network. When asked directly by Rep. Ted Budd if the SEC plans to ban cryptocurrency, Gensler responded, “No, that would be up to Congress.” While no one expects that to happen any time soon, prosecutors and regulators clearly believe that more regulation and enforcement is necessary to protect investors from fraudulent and deceptive conduct.

Unless and until the SEC (or Congress) provides greater regulatory clarity, cryptocurrency issuers, funds and platforms face the difficult question of how to manage the risk that the SEC may well conclude that the digital assets they issue, invest in or list are, in fact, securities. Is there a way of identifying which digital assets are more likely to be viewed as securities than others, and would this even be helpful? Is it feasible to comply with all relevant securities laws with respect to such digital assets? Additionally, considering DOJ’s recent pronouncements and efforts, companies in the cryptocurrency industry would be well advised to examine their policies and procedures to ensure compliance with not only anti-money laundering laws but also industry standards for protecting sensitive information from breaches.