In the absence of clear federal policy around bitcoin, state agencies will continue to coordinate their regulatory actions around users.
Regulators continue to debate how to define cryptocurrencies, such as bitcoin, and whether they are securities, commodities or properties, etc., which is critical for how regulators choose to enforce those regulations.
At the recent National Association of Attorneys General Consumer Protection Conference in November 2021, Hester Peirce, commissioner of the U.S. Securities and Exchange Commission (SEC), commented on the issue, saying “the view we are taking these days is that pretty much everything is a security.”
While the public has closely scrutinized nebulous and sometimes contrary statements made by federal regulators regarding cryptocurrency enforcement, two recent actions against BlockFi and Celsius — companies that let consumers buy, borrow and trade bitcoin — make it clear that state regulators are taking coordinated action to regulate bitcoin-related investment products and exchanges offering unregistered securities.
State regulators’ unwillingness to sit on the sidelines and watch the feds opine on the proper regulatory regime is consistent with how states have affirmatively led the charge to regulate other emerging technologies related to Bitcoin. State regulators are not scrutinizing bitcoin itself in the recent enforcement actions, instead they are targeting the technological innovations that are spurred by Bitcoin.
These technologies being investigated often involve bitcoin and other cryptocurrencies, which adds to the inherent risk to investors and consumers investing in bitcoin. Due to the volatility of bitcoin’s price, legal probes into emerging technologies may affect the price of bitcoin and thus, emerge as a consumer protection requiring further actions by state regulators.
All players in cryptocurrencies should be keeping an eye on the states’ policy priorities, because the states are clearly keeping an eye on them.
State Regulatory Action Against Bitcoin, Cryptocurrency Projects
In recent years, state regulators — primarily attorneys general and securities regulators — have led the charge to regulate perceived consumer harms. They act to fill a perceived void left by the federal government that they believe is too slow, legally limited or disinclined to do so itself, depending on the administration. Examples are abundant and include data privacy, e-cigarettes, cannabis and social media. Similarly, given the lack of comprehensive regulation from the federal government concerning cryptocurrency, state regulators are actively pursuing enforcement against interest-bearing cryptocurrency accounts.
Up until April 2018, state enforcement of cryptocurrency was relatively minor and focused on remedying overt consumer scams. That changed in April 2018, when the North American Securities Administrators Association (NASAA) initiated Operation CryptoSweep, where 40 securities regulators across North America organized a task force to share information and coordinate actions against various cryptocurrency companies trading bitcoin and other virtual currencies.
It is not a coincidence that in the same month, the New York Attorney General launched an investigation of 13 large cryptocurrency platforms, seeking a better understanding of each company’s internal controls and safeguards of consumer assets.
In a little more than three-and-a-half years, state securities regulators have issued more than 50 cease-and-desist orders to currency-related investment products, mostly related to initial coin offerings (ICOs) for failure to register and to provide resulting statements to investors. These enforcement actions are traditionally brought by one state and have resulted in the voluntary cessation of the ICO with monetary fines and promises not to offer unregistered ICOs in the future.
The breadth of who can be charged with oversight of the safety and soundness of a cryptocurrency product was expanded in September 2020, when the Massachusetts Attorney General prosecuted payment processor, Stripe, Inc. for allegedly inappropriately facilitating transactions by individuals engaged in the PlexCoin ICO, resulting in the fraudulent and unregistered offer and sale of cryptocurrency. To resolve the claims, in addition to a $120,000 payment, Stripe committed to improve its risk monitoring procedures.
States Show Coordinated Muscle In Recent Enforcement Action
The last few months have seen states moving from individual action to multistate enforcement actions against two of the largest cryptocurrency platforms: BlockFi and Celsius Network. Both companies were charged with offering unregistered securities under the guise of high interest-bearing accounts, allowing investors to use cryptocurrency such as bitcoin to earn interest at higher annual percentage yield than traditional banking institutions. Both companies use the accounts to fund their lending operations and proprietary trading. The actions stemmed from state regulators’ concerns over increased levels of risk to investors.
Underscoring the seriousness of this expansion in regulatory enforcement, these actions were coordinated by multiple states that typically fall across the political spectrum. In July, New Jersey, Texas, Alabama, Vermont and Kentucky issued cease-and-desist or “show cause” orders against BlockFi. In September, New Jersey, Texas, Alabama and Kentucky again united to file similar actions against Celsius. In October, Celsius announced that it received a request for information from New York.
Notably, New Jersey and Kentucky issued cease-and-desist orders against BlockFi and Celsius, requiring them to cease offering interest bearing accounts, as they are classified as unregistered securities. New Jersey’s orders classify the accounts as offering unregistered securities because the “[i]nvestor relinquishes control over the deposit cryptocurrency” and BlockFi and Celsius are “free to use those assets” as they see fit. The accounts are not registered with any state or federal securities regulator. The orders highlight that, due to the lack of regulatory oversight, these programs appear to pose higher levels of risk to investors.
The states’ harmonized actions communicated a unified emphasis on protection of investors. In a September 17 press release, acting New Jersey Attorney General Andrew Bruck said the action was intended to send a broader message: “Financial companies operating in the cryptocurrency marketplace are on notice. If you sell securities in New Jersey, you need to comply with New Jersey’s investor-protection laws. Companies dealing in cryptocurrencies are not immune from oversight.”
Based on past experience, we expect that additional enforcement actions will be taken against other bitcoin platforms, to the extent they employ similar business models.
Implications Of The Regulatory Actions
This year, one in ten Americans invested in cryptocurrency and bitcoin’s price rose to an all-time record in November 2021. The rise of cryptocurrency also means a rise in regulatory scrutiny, especially from state regulators who focus on consumer protection. The fact that states are taking joint coordinated action is commonplace. State regulators have biweekly or monthly calls to discuss companies they are investigating or enforcement actions they are taking. It would be unwise to think that the 46 state regulators that did not take action against BlockFi and Celsius are not paying close attention to these actions.
Yet, each of these regulators is a distinct sovereign. Even when four or five sovereign entities take coordinated action, each action must be consistent with each state’s goals and priorities. Observers should not make the mistake of thinking that coordinated action equates to like-mindedness on all issues — even in just one industry.
One thing is clear, however: when states share a common goal of consumer protection and are unified in believing a particular action will achieve that goal, states will not hesitate to act in a coordinated way across the aisle to target perceived offenders. For this reason, we are likely to see continued coordinated enforcement actions by states to regulate perceived violations of existing state laws.
This is a guest post by Stephen Piepgrass, James Stevens, Chris Carlson and Namrata Kang. Opinions expressed are entirely their own and do not necessarily reflect those of BTC Inc or Bitcoin Magazine.
The views and opinions expressed herein are the views and opinions of the author and do not necessarily reflect those of Nasdaq, Inc.