On June 25, 2020, a federal district court in the Eastern District of Virginia held that a bank must produce in discovery a report generated by its cybersecurity forensic investigator following a 2019 data breach involving unauthorized access to personal information of customers and individuals who had applied for accounts. Even though the report was produced at the direction of outside counsel, the court rejected arguments that the forensic report is protected from disclosure by the work product doctrine. Instead, the court determined that the report was not produced primarily in anticipation of litigation based on several factors, including the similarity of the report to past business-related work product by the investigator and the bank’s subsequent use and dissemination of the report. This decision raises questions about the scope of work product protection for forensic expert and other similar reports in the context of an internal investigation. Continue Reading Federal Court Compels Production of Data Breach Forensic Investigation Report
On March 24, the Commodity Futures Trading Commission (“CFTC”) released its Final Interpretive Guidance on Actual Delivery for Digital Assets (“Final Interpretation”), addressing longstanding questions regarding which digital asset transactions could be deemed “retail commodity transactions” under the Commodity Exchange Act (“CEA”). The Final Interpretation comes two years after the CFTC issued proposed interpretive guidance (“Proposed Interpretation”). Continue Reading CFTC Issues Final Interpretive Guidance on Actual Delivery for Digital Assets
On January 7, 2020, the U.S. Securities and Exchange Commission (“SEC”) Office of Compliance Inspections and Examinations (“OCIE”) released its 2020 Examination Priorities (“2020 Priorities”). While at first blush the themes appear consistent with and predictable from their 2019 priorities, on closer read OCIE has provided some new insights and some unexpected focus areas. The themes for the 2020 Priorities are: retail investors, information security, financial technology (“Fintech”) and innovation (including digital assets and electronic investment advice), several areas covering registered investment advisers and investment companies, anti-money laundering, market infrastructure (clearing agencies, national securities exchanges, alternative trading systems, transfer agents), and oversight of the Financial Industry Regulatory Authority and Municipal Securities Rulemaking Board programs and policies. OCIE also stressed the challenges it faced in light of last year’s government shutdown and resource constraints, as the Division of Enforcement did in its 2019 Annual Report (see our analysis here), and the challenges in examining non-U.S. advisers due to limits that foreign data protection and privacy laws may place on cross-border information transfers. In this post, we analyze the highlights in and our takeaways from the 2020 Priorities. Continue Reading From the Expected to the Surprises: Highlights of SEC OCIE’s 2020 Priorities
On October 11, 2019, the leaders of the Commodity Futures Trading Commission, Financial Crimes Enforcement Network, and Securities and Exchange Commission issued a joint statement to remind businesses that engage in digital asset activities of their anti-money laundering (“AML”) and countering the financing of terrorism (“CFT”) obligations under the Bank Secrecy Act (“BSA”).
As market participants increasingly become involved with digital assets and related activities or services, the agencies clarified that their regulatory treatment is determined by the underlying facts, circumstances, uses, and economic realities, and not the label or terminology used to describe them.
In addition to providing a brief overview of the AML/CFT obligations that apply to certain market participants, the statement also emphasized that the nature of companies’ digital asset-related activities is the key factor in determining their registration requirements with the respective agencies. Each agency further highlighted particular concerns:
- The CFTC reminded introducing brokers and futures commission merchants that they are required to report suspicious activity and implement reasonably-designed AML programs. These requirements apply to digital assets that qualify as commodities or which are used as derivatives, and to activities that are not subject to regulation under the Commodity Exchange Act.
- The SEC informed broker-dealers and mutual funds of their similar obligations and that the rules are not limited in their application to activities involving digital assets that qualify as securities under the federal securities laws. It also noted that securities market participants that transactions in digital assets present similar or additional risks, including AML/CFT risks, as transactions in cash and cash equivalents.
- FinCEN called attention to its May 2019 interpretive guidance describing the application of FinCEN regulations governing money services businesses to certain business models involving money transmissions denominated in convertible virtual currencies. FinCEN also clarified that “any person ‘registered with, and functionally regulated or examined by, the SEC or the CFTC,’ would not be subject to the BSA obligations applicable to MSBs, but instead . . . would be subject to the BSA obligations of such a type of regulated entity.”
On September 18, 2019, the Securities and Exchange Commission (“SEC”) filed its first civil suit alleging violations of broker-dealer registration requirements in U.S. digital asset markets. In a case filed in the U.S. District Court for the Central District of California, the SEC alleged that Defendants ICOBox and its founder, Nikolay Evdokimov, illegally conducted an unregistered public securities offering for their 2017 initial coin offering (“ICO”), and have operated an unregistered brokerage service facilitating the launch of ICOs in digital asset securities since 2017. Continue Reading SEC Files First Suit Against Alleged Unregistered Broker-Dealer Operating in Digital Asset Markets
On July 25, 2019, staff of the Securities and Exchange Commission (“SEC”) granted its second no-action letter in the digital asset space to Pocketful of Quarters, Inc. (“POQ”), permitting POQ to sell digital tokens (“Quarters”) recorded on the Ethereum blockchain without satisfying registration requirements under the Securities Act of 1933 and the Securities Exchange Act of 1934 (the “Acts”). Like the SEC’s prior no-action letter to TurnKey Jet, Inc. (“TKJ”), which permitted TKJ to sell digital tokens pegged to $1.00 for the limited purpose of purchasing air charter services, Quarters will also be sold at a fixed price and limited to a purely consumptive purpose within the Quarters platform.
Due to these similarities, the POQ letter does little to clarify the SEC staff’s most recent guidance, released with the TKJ letter on April 3, 2019, that lists characteristics of a digital token that may affect its classification as a “security” under the Acts (the “Framework”). The POQ letter merely reemphasizes that projects where the platform is already fully developed and the digital asset is subject to extensive restrictions on secondary trading, like TKJ, are more likely to fall outside the scope of federal securities laws. Continue Reading SEC Provides Second No-Action Letter in the Digital Asset Space
In May 2019, the UK Jurisdiction Taskforce (the “UKJT”) of the LawTech Delivery Panel published its public consultation paper on the status of cryptoassets and distributed ledger technology, as well as the enforceability of smart contracts, under English private law. While much of the literature around cryptoassets in the legal context has been centred on their regulation, the UKJT’s consultation paper focuses on the legal characterization of these instruments themselves. In this article, we consider how cryptoassets can be defined using the existing vocabulary of English private law and the implications of this characterization. Continue Reading Are Cryptoassets Property Under English Law?
On May 2, 2019, a court in the Southern District of New York (“SDNY”) held that the Office of the Comptroller of the Currency (“OCC”) lacked the statutory authority to charter nondepository special purpose national banks (the so-called “FinTech Charter”). In denying, with one exception, the OCC’s motions to dismiss claims by New York’s Department of Financial Services (“DFS”), the Court held that the OCC could not charter a nondepository “national bank” because the National Bank Act “unambiguously requires that, absent a statutory provision to the contrary, only depository institutions are eligible to receive national bank charters from the OCC.” Continue Reading Federal District Court Rules OCC Lacks Authority to Issue FinTech Charters
On April 11, 2019, the French parliament adopted a law (the “Loi Pacte”or “Law”) that establishes a new regulatory framework for initial coin offerings (“ICOs”) of blockchain based tokens by entities established or registered in France. At the heart of the Law’s ICO provisions is an innovative framework that will allow issuers to request an optional visa from the French Financial Markets Authority (the “AMF”) prior to undertaking an ICO. ICOs of tokens that are not financial instruments will still be permitted without a visa, but the expectation is that issuers obtaining the visa for an offering of such tokens will have a distinct advantage relative to offers that lack such approval. ICO issuers that do not obtain a visa also will be subject to restrictions on certain kinds of advertising and sales methods. By “white-listing” issuers serious enough to seek and obtain an AMF visa, France hopes to give investors a new tool for screening out potentially fraudulent offers and help ICO issuers establish the investor confidence necessary to secure funding. Many of the details of the new framework will be specified in implementing regulations to be adopted by the AMF, which are expected to be issued shortly after the Law is officially promulgated. The AMF published an overview of its planned regulations on April 15, 2019, providing further clarity on how the regime will work in practice. Continue Reading France’s Parliament Adopts an Innovative New Framework for Approving Initial Coin Offerings
On April 3, 2019, staff of the Securities and Exchange Commission released (1) a framework providing principles for analyzing whether a digital asset constitutes an investment contract, and thus a security, as defined in SEC v. W.J. Howey Co. and (2) a no-action letter permitting TurnKey Jet, Inc., without satisfying registration requirements under the Securities Act of 1933 and the Securities Exchange Act of 1934, to offer and sell “tokenized” cards that are recorded on a permissioned blockchain and can be used for the limited purpose of purchasing air charter services.
The framework and no-action letter are a logical expansion of prior SEC statements and actions applying Howey to digital assets, but raises important interpretative issues for newly issued digital assets.
Please click here to read the full alert memorandum.