This report has been collaboratively authored by teams from Galaxy and PwC.
In recent years, the cryptocurrency industry experienced the collapse of multiple large firms whose shortcomings increased regulatory focus on the industry
The regulatory pressure and requirements digital asset firms face is similar to that of traditional financial institutions – but unlike traditional firms, digital asset firms lack clarity on a variety of regulatory issues
Actively engaging with regulatory bodies with a focus on education, in conjunction with operating a strong, reg-focused change management program can help the industry and its participants achieve more positive outcomes
Regulatory attitudes and attention have evolved over the years since cryptocurrency’s inception as an industry. As digital assets have established and cemented their legitimacy not only as technology but also as a meaningful piece of the financial system, regulatory focus has commensurately increased. The digital asset industry is global and borderless, and rules and oversight can vary widely between international, state, and local jurisdictions. The complex, shifting, and disparate regulatory frameworks emerging worldwide create risk for digital asset industry participants. Recent market events over the last several years have demonstrated some of these challenges.
Today, in the US, many digital asset firms feel as though regulatory expectations and messaging are not entirely clear. Most industry participants act in good faith and are determined to be compliant. Unfortunately, requirements can shift quickly – at times leaving firms with sunk compliance costs as they pivot and invest time and capital into new compliance measures. The global industry as a whole has been resilient to this, but for the US in particular, this can be a hurdle for future innovation.
Financial institutions are under a great deal of pressure to be regulatorily compliant. The Office of the Comptroller of the Currency’s (OCC) website expresses, “National banks and federal savings associations are among the most highly regulated institutions in the country, with many laws and regulations that govern their activities.”[] Similar to their traditional finance counterparts, digital asset institutions are required to comply with regulations; however, there is still an unknown set of regulatory requirements for digital assets when compared to their traditional counterparts. Regulators, whether of traditional finance or digital asset institutions, expect institutions, custodians, exchanges, brokerages, and issuers to establish policies and procedures with clearly defined risks, controls, and reporting and escalation procedures. Traditional and digital asset institutions are also required to have cybersecurity, anti-money laundering, customer identification, transaction monitoring, compliance, fraud, and market integrity programs, to name a few, as well as keep up with regulatory changes that may occur each month across the various state, federal, and international regulatory bodies.
Traditional financial services trade associations, whether they are in banking, credit unions, capital markets, insurance, or other sectors, can benefit from having well defined legal parameters and clear rules such that they can exist to the benefit of their members. Further, traditional finance is often segmented by customers they serve – there are large banks, small banks, and banks with diversified business models that are participating in the capital markets beyond their pure depository and lending services. Then, there are trade associations that represent the interest of capital markets participants, the securities marketplace, alternative investment managers, and broker dealers. Across the spectrum of the financial services sector, there are trade associations representing most interests, segments, and sizes of industry participants. Needless to say, in traditional financial services, there is ample representation in policy and regulatory communities wherein the industry is well represented before legislative and regulatory bodies.
In the digital asset economy, there are numerous trade associations that represent the sector. The distinction between many of these trade associations versus traditional finance is the regulatory status, specifically legal uncertainty for the digital asset industry. This has led to a call for enacting federal regulation for the digital asset economy by many in the sector and the government. Another foundational distinction between traditional financial services trade associations and those in the digital asset sector is that the digital asset trade associations are advocating not only for legal clarity, but are also advocating against incumbent interests, and they are often doing so with diverse and unique interests. Put simply, among the traditional financial trades not one is expected nor required to advocate for their industry’s existence.
As previously mentioned, there has been renewed interest in digital assets oversight, which is bringing additional regulation, especially related to fraud, anti-money laundering, and other anti-crime areas. In addition, the guidepost on who regulates digital assets has been changing, the latest guidance provided on April 6, 2023, in a Treasury brief stating, “The nature of the activities in which a person engages is the key factor in determining whether and how that person must register with the Commodities Future Trading Commission (CFTC) (for FCMs and introducing brokers), the Financial Crimes Enforcement Network (FinCEN) (for MSBs), or the Securities and Exchange Commission (SEC) (for broker-dealers and mutual funds)”.[] Recent action by the SEC against players in the industry that includes new claims on which tokens could be viewed as a security only serves to further roil the regulatory pond. Finally, in more recent news, a federal judge ruled that a particular digital asset was not offered as a security when sold on public exchanges, but the managing entity was found to have offered unregistered securities through institutional sales of the very same asset[] . It remains to be seen what effect this recent decision will have on regulatory goalposts and the digital asset industry at large.
Being compliant can be an ongoing challenge for digital asset institutions. It is not always clear to an institution who is their primary regulator. For example, at present we know that there is an active regulatory and legislative debate surrounding token classification and who has explicit market authority over digital asset securities and digital asset commodities. Ambiguity as to whether a crypto-asset is a commodity or a security arises when a new token is created, issued, and/or sold as a new crypto-network or platform is being developed. While it can be clear which classifications result in which regulator, it is often made unclear in practice as asset classifications seem to be fluid and difficult to predict. In practice, digital assets are novel instruments that can serve a variety of purposes. Therefore, there is ambiguity around which regulations an institution is required to adhere to unless the institution is guided by a particular state license. Furthermore, there is lack of clarity on which rules supersede others at a state or federal level. Keeping up with the changing regulations and hierarchy of requirements as well as responding to regulator inquiries require additional expenses, constant review of regulatory rules, guidance from legal counsel on what regulations a particular institution must follow and may hinder innovation and entry into the market. The timeline below illustrates the changing regulatory landscape, and the lack of clarity on asset classification and current relevant governing legislation.
Internationally, there is no overarching law that governs digital asset institutions. The laws vary by country and asset. Across the board, governments and regulators are still working out ways to govern digital asset use. Many countries agree that consumers and businesses should be protected from fraudulent activity and preventative measures should be implemented to fight illicit crypto uses. Many countries are progressing, but it is a slow and controversial process.[]
Engage | With the operational and technical complexities involved in navigating the digital asset industry, it can be difficult for those in traditional finance or government to understand digital assets and their nuances. Industry outsiders at times equate the incidents over the past year with failures in the digital asset ecosystem, and not with individual firm’s failures in risk and governance or fraud. To help demystify the industry and how digital assets work, it is important to engage with regulators in a positive, proactive way about the types of governance mechanisms, frameworks, controls, processes your company has established, and the plans in place to accomplish regulatory compliance.
Educate | We also encourage you to engage in general education with regulators, policymakers, and other government agencies. The more you can do to educate, the more relevant and thorough the legislation or regulations related to the industry can be. It is important to stress how digital assets differ from traditional finance and the pros and cons of the processes and tools that are used, so that lawmakers and regulators can make effective and informed decisions when it comes to digital asset policy and regulation.
Manage Regulatory Change | Additionally, it is critical to maintain a strong regulatory change management program, including continuous monitoring. This program may include a centralized register of regulations and ongoing monitoring of new and upcoming regulations, as well as any amendments to existing regulations. Ongoing monitoring should include an assessment to determine how regulatory changes may impact your organization, including regulatory requirements for policies, processes, risks, controls, and communications. Required changes should be tracked and implemented accordingly so your internal policies and procedures reflect the most current set of laws and regulations.