In our previous article—“5 key Bitcoin developments to know”—we provided an overview of top recent developments involving virtual currencies. For each, we highlighted the ways that state and federal regulators are applying traditional tools to rein in this new technology.
In this article, we’ll take a deeper look at two of the more pressing regulatory issues involving virtual currencies: anti-money laundering (AML) and consumer protection.
We chose these two topics because they reflect trends that are playing out throughout the payments industry and have a common focus on regulatory compliance and due diligence. These represent two of the big challenges that the convertible virtual currency (CVC) industry must address as it grows to join the mainstream.
AML challenges for virtual currencies
The concern over the AML risk of virtual currencies is nothing new. It has been a focus ever since Bitcoin was launched in 2009. It was not until March 2013, however, that the Financial Crimes Enforcement Network (FinCEN) issued guidance based on the premise that individuals or entities that accept and transmit CVCs as a business, or that buy or sell CVCs other than for personal use, come within FinCEN’s definition of money services businesses.
As MSBs, persons or entities performing these functions must comply with FinCEN’s AML rules. [Read “FinCen Issues Guidance On Virtual Currencies And Regulatory Responsibilities.”]
As CVCs enter wholesale commerce, an area of additional AML scrutiny is the potential use of CVCs in trade-based money laundering (TBML). Trade-based laundering involves “cleansing” the proceeds of crime through seemingly legitimate trade transactions, in an effort to obscure the source of illicit funds. As explained by the Financial Action Task Force, an international inter-governmental AML body, TBML includes false invoicing and over- and under-shipment of goods and services.
There is every reason to think that CVCs could be used as part of a trade-based laundering scheme. In fact, their fluctuating value and customs officials’ relative lack of familiarity with CVCs make them an attractive vehicle for this crime.
At least one court has already addressed this issue. In 2014, a Miami-Dade Circuit Court judge recognized the potential for CVCs to be used in trade-based laundering in a case involving the use of Bitcoins to purchase stolen credit card numbers [State of Florida v. Reid, 14-002935, Miami-Dade Circuit Court (Miami)].
It is possible that CVCs could be used in other ways to launder funds through false purchases and other fraudulent transactions.
The recent federal raid of the Los Angeles Fashion District provides an example. [Read “Trade-based laundering targeted”] According to federal indictments, L.A. garment businesses laundered funds by accepting U.S. cash from Mexican drug cartels for the purchase of goods and repaying the cartels in Mexican pesos through brokers after selling the garment businesses’ clothing in Mexico. What is to stop other cartels from engaging in similar practices in the future using CVCs instead of traditional payment instruments?
And what are the implications if CVCs are found to be susceptible to use in trade-based laundering, like any other payment instrument? The likely outcome is that banks and other financial institutions may take a harder look at their relationships with CVC intermediaries. They may even cut ties if the perceived risk proves too much to stomach.
Such “de-risking” may already be playing out in the market. In December 2014, for example, HSBC terminated its relationship with Global Advisors, a firm based on the island of Jersey that manages a Bitcoin fund, reportedly because of AML risk concerns. Although HSBC may be particularly sensitive to potential AML risk given its recent experiences in this area, many other large U.S. banks have reportedly shown a similar reluctance to provide banking services to virtual currency businesses. [Read a BBC report regarding the case.]
Although there is no empirical evidence to suggest that CVCs pose a higher risk of trade-based laundering (or any other AML risk), the reality may be that banks will hold the industry to a higher standard given concerns about the safety of the new technology and the fear of potential enforcement actions.
This cycle will likely remain a challenge for the CVC industry in coming years as banks, regulators, and the public slowly gain experience and familiarity with the technology and its potential applications.
Consumer protection and CVC processing
A separate but related issue for CVCs is the increased scrutiny of the payments industry from a consumer protection standpoint and what this means for CVCs as they try to move into the mainstream merchant market.
For the past several years, the Federal Trade Commission, the Consumer Financial Protection Bureau, and the Department of Justice have targeted banks, payment processors, and other non-bank intermediaries alleged to have facilitated merchant fraud by providing the “means and instrumentalities” necessary for a merchant to debit money from consumer accounts.
This scrutiny has led to numerous federal law enforcement actions—perhaps most notable is DOJ’s Operation Chokepoint, which targeted bank processing for the payday lending industry. This has driven much of banks’ de-risking activities.
What does all of this mean for the CVC industry? The answer, at least in the short term, is unclear. Bitcoin technology, after all, has been marketed from the start as free from government control, anonymous, and focused on peer-to-peer transactions. In reality, the industry relies on intermediaries just like any other industry. Those parties include miners, exchanges, digital wallets, or other service providers.
Therefore, it seems likely that federal and state regulators will seek to hold CVC intermediaries to similar compliance standards as those in the credit and debit card industries.
Moving forward, the CVC industry should expect government scrutiny similar to that given to “high risk” processing activities, such as payment processing for industries perceived as reflecting increased consumer risk (e.g., payday lending and dietary supplements).
Regulators have sought to push AML-type “know your customer” obligations to processors, but there is little express guidance on expected levels of screening and due diligence. Left unanswered, for example, is the degree to which a processor must monitor a merchant’s operations for compliance with each of the various laws that apply to the merchant’s business or marketing practices.
What is clear, however, is that the industry should take proactive steps to implement pro-consumer policies and procedures that minimize the potential for consumer harm (and therefore government scrutiny).
The CVC industry had a big year in 2014. To continue to grow in 2015, the industry should address potential AML and consumer protection risks—two areas that are driving compliance changes in the payments industry as a whole. Good compliance in these areas is likely to pay dividends down the road by providing banks, consumers, and government regulators the confidence that the industry does not pose risks to consumers or the financial industry.
About the authors
Ed Wilson, Jr., is a partner in Venable LLP’s Washington, D.C., office. He previously served as Deputy and Acting General Counsel in the U.S. Treasury Department. He can be reached at [email protected]
Andrew E. Bigart is counsel in Venable’s Regulatory Group. He previously worked on legal and economic policy issues at the State Department and at the Federal Trade Commission. He can be reached at [email protected]