Benjamin J.A. Sauter
Kobre & Kim
In September, Jamie Dimon, the head of JPMorgan, the largest bank in the U.S., made headlines by calling Bitcoin a “fraud.” Dimon said, “The currency isn’t going to work. You can’t have a business where people can invent a currency out of thin air and think that people who are buying it are really smart.”
He compared Bitcoin’s meteoric rise in the value this year to the Dutch tulip mania that gripped 17th Century Holland. Following the CEO’s remarks, Bitcoin’s value dropped precipitously from a high of nearly $5,000 per coin to around $3,000 (it later recovered about half of the loss the following week). Dimon went on to suggest the virtual cryptocurrency market is largely a haven for drug dealers, terrorist financiers, and money launderers.
To be sure, the early record of digital currencies has had some blemishes, and there have already been a number of high-profile government enforcement actions, including cases involving operators of allegedly fraudulent currency exchanges. Not surprisingly, financial regulators have started making noise and marking their positions. The Commodity Futures Trading Commission (CFTC) and Securities and Exchange Commission (SEC) have both filed new enforcement actions involving alleged digital currency fraud in recent weeks.
On the other hand, proponents of Bitcoin and other cryptocurrencies, including Mark Carney, governor of the Bank of England, think the technology is a groundbreaking innovation that will “transform” the infrastructure of the global financial market. They imagine cryptocurrencies will improve our lives and remodel how we interact with each other by streamlining payments, clearing, and settlement processes as well as opening up financial markets to segments of the population that are underserved by our current systems. For its part, Goldman Sachs was recently featured in The Wall Street Journal as exploring digital-currency trading operations. Numerous other trading firms have already begun such operations.
So who is right: Is Bitcoin a fraud or a panacea? Can it be both at the same time? Moreover, how will greater regulatory scrutiny impact investors? How will it impact the prospects for private litigants in matters involving fraudulent cryptocurrency schemes?
Bitcoin, the world’s first decentralized digital cryptocurrency, was born in the midst of the last global financial crisis. It launched one month after the fall of Lehman Brothers in 2008 and was optimistically intended to serve as a new currency in a reconfigured financial system. There is no centralized organization behind Bitcoin or entitlement to a share of any revenues or profits. Like other currencies, Bitcoin is acquired by those who seek to use it as a medium of exchange, to store value, and/or to speculate on changes in value.
Not all cryptocurrencies function the same way. Some cryptocurrencies may resemble interests or shares of a company or organization, entitling the holder to a share of revenues or profits. Still other cryptocurrencies may allow holders to use an organization’s services or exercise control over an organization’s decisions. Some cryptocurrencies simply track contract rights or other information flows.
Notwithstanding their differences, most cryptocurrencies are based on underlying “blockchain” technology. For example, with respect to Bitcoin, each coin is defined as a chain of digital signatures, with each new purchase or sale of a coin processed by updating the chain of all prior signatures. Each transfer involves digitally signing a “hash” (which includes the previous transaction and the public key of the next owner), such that they can be added to the end of the chain. In this way, the process records the complete chain of custody or ownership of each coin. The base architecture that underpins this process is known as the blockchain.
Cryptocurrencies are just one application of blockchain technology, and blockchain is widely thought to have applications beyond currencies and “token sales.” The blockchain is, in essence, a secure, distributed ledger, or list of entries, that acts as a public, peer-to-peer register of information on every transaction (i.e., the chain of signatures). According to proponents, this architecture offers the promise of greater efficiency and accessibility to financial markets as well as higher inherent safeguards against fraud.
In terms of efficiency and accessibility, the public ledger purportedly increases and strengthens transparency, streamlines transactional processing and interchange, and operates at a much lower cost than our current financial payment systems. The blockchain technology automates the process of authentication by offering complete and assured verification of transactional detail without the need for an outside third-party intermediary or auditor to watch over the process. The hope is this will reduce both transaction costs and regulatory burdens. All the while, proponents predict cryptocurrencies will greatly improve access for currently underserved populations to the global financial market.
In terms of fraud prevention, proponents contend the blockchain technology will reduce systematic vulnerabilities to hacking and other criminal activities. That same peer-to-peer verification feature that is central to streamlining transaction processing could also prevent unwanted participants. With each transaction instantaneously notarized and sealed cryptographically, the chances of a nefarious actor unknowingly destroying or falsifying accounting records is rendered effectively nil. It is easy to detect any such attempts because all digital fingerprints are stored forever in the blockchain. Checking the integrity of an organization’s accounting records would then be a simple exercise of comparing the accounting file to the fingerprints stored in the blockchain to confirm the two sides match with no alterations. Moreover, this process may be largely automated. Consequently, performing financial audits in a blockchain world would be a far simpler and less costly exercise. In fact, some proponents think much of the audit function will be rendered obsolete as a result of blockchain and other technologies.
Although we have seen fraud allegations involving currency exchanges and “initial coin offerings” (ICOs) or “token sales” (an ICO is a transaction in which money is exchanged for new units of cryptocurrencies, much like a traditional “initial public offering” of securities), we have yet to see substantial public disputes involving the underlying blockchain technology. That is not to say they will never come. Many companies have been filing for patents and other intellectual property protections in the space, and there is a possibility of intellectual property wars going forward.
Over the course of its history, Bitcoin has been caught up in a number of high-profile alleged fraud schemes. For instance, representatives of nearly a dozen U.S. federal and state agencies announced charges in July against BTC-e, one of the largest and most widely used virtual currency exchanges, and a Russian national identified as Alexander Vinnik. In a 21-count indictment, prosecutors asserted claims of operating an unlicensed money service business, participating in money laundering activities, and related crimes. According to Don Fort, chief of the Internal Revenue Service (IRS) Criminal Investigation unit, Vinnik’s crimes “go far beyond the lack of regulation of the Bitcoin exchange he operated. Through his actions, it is alleged that he stole identities, facilitated drug trafficking, and helped to launder criminal proceeds from syndicates around the world.”
In a Department of Justice (DOJ) press release, the U.S. Attorney’s Office for the Northern District of California highlighted the company’s alleged role in a number of cyber-criminal activities, including ransomware attacks, dark-net drug sales, and the alleged laundering of funds from the hacking of Mt. Gox, the world’s largest Bitcoin exchange in 2014 before it declared bankruptcy following the theft of approximately 750,000 coins (approximately 7% of the coins in existence at the time). It is alleged that BTC-e received deposits valued at more than $4 billion since 2011.
In addition to the charges, the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) assessed a $110 million civil money penalty against BTC-e for willfully violating U.S. anti-money laundering (AML) laws and a $12 million fine against Vinnik for his role. Vinnik was arrested in Greece following a multinational effort among U.S. and international law enforcement agencies. According to the indictment, Vinnik was the owner and operator of multiple BTC-e accounts, including administrator accounts, and a primary beneficial owner of Canton Business Corp., a shell company identified as the manager of BTC-e. The related criminal cases are ongoing.
Also in July, the DOJ announced the seizure of AlphaBay, allegedly the largest criminal marketplace on the Internet. According to the government, AlphaBay operated for more than two years on the “Tor” dark-web network and provided a forum for criminals to sell illegal drugs, stolen and fraudulent identification documents and access devices, counterfeit goods, malware and other computer hacking tools, firearms, and toxic chemicals throughout the world. The company reportedly used cryptocurrencies, including Bitcoin, monero, and ethereum, to conduct transactions, concealing the locations of its underlying servers and information about its customers. In connection, Alexandre Cazes aka Alpha02 and Admin, a Canadian national residing in Thailand, was arrested by Thai authorities and indicted by the U.S. government for his involvement in the AlphaBay scheme. Furthermore, the U.S. Attorney’s Office for the Eastern District of California filed a civil forfeiture complaint against Cazes and his wife’s assets, which includes luxury vehicles, residences, and a Thai hotel.
Amid these developments, U.S. Attorney General Jeff Sessions said, “This is likely one of the most important criminal investigations of the year – taking down the largest dark-net marketplace in history. Make no mistake, the forces of law and justice face a new challenge from the criminals and transnational criminal organizations who think they can commit their crimes with impunity using the dark net. The dark net is not a place to hide. The [DOJ] will continue to find, arrest, prosecute, convict, and incarcerate criminals, drug traffickers, and their enablers wherever they are.”
The government’s seizure effort involved the cooperation and collaboration of more than a half-dozen law enforcement agencies around the world, including authorities in Thailand, the Netherlands, Lithuania, Canada, the U.K., and France, as well as Europol. A parallel effort by Dutch law enforcement involves an investigation into Hansa Market, another purported dark-web criminal marketplace.
Recently, U.S. financial regulators have joined the fray. In July, the SEC issued a report on Bitcoin and other cryptocurrencies in which it hurled a first salvo in setting the goal posts for regulatory oversight. The SEC warned market participants that U.S. federal securities laws may apply to offerings, sales, and trading of digital assets of “virtual” organizations, which may include many (if not most) ICOs or “token sales.” Per the SEC, “issuers of distributed ledger or blockchain technology-based securities must register offers and sales of such securities unless a valid exemption applies. Those participating in unregistered offerings also may be liable for violations of the securities laws. Additionally, securities exchanges providing for trading in these securities must register unless they are exempt.”
In an initial show of teeth, the SEC in late September brought civil charges against an individual and two companies for selling “unregistered securities” in the form of an ICO. The SEC claims that the defendants essentially defrauded new investors by making misrepresentations about the companies’ activities and expected returns. The SEC also froze the defendants’ assets.
There will likely be other ICO-related enforcement actions to come from the SEC. The ICO market is vast. More than $2 billion has been raised in ICOs to date, and there are nearly 600 separate offering companies. How many of these new cryptocurrencies are simply “get rich quick” schemes? How many will actually survive longer term? Similar to other past investment crazes, it is likely that many will disappear, and perhaps a few will eventually evolve into more widespread use. Steven Peikin, Co-Director of the SEC’s Enforcement Division, said, "As the evolution of technology continues to influence how businesses operate and raise capital, market participants must remain cognizant of the application of the federal securities laws."
In connection with the release of the July report, the SEC's Office of Investor Education and Advocacy issued an investor bulletin to educate investors about ICOs. According to the bulletin, if a virtual token or coin is deemed to be a security, U.S. federal and state securities laws require any offer and sale of such coins or tokens be registered with the SEC (or be performed pursuant to an exemption from registration), and the investment professionals and their firms who offer, transact in, or advise on the securities must be licensed or registered persons.
As it pertains to the use of cryptocurrencies in fraud schemes, the SEC bulletin warns that law enforcement officials may face particular challenges in investigating any alleged wrongdoing because it may be more difficult to trace the flow of money involving Bitcoins. The lack of a central clearinghouse or authority to collect user information may make it more difficult to obtain ownership information, and it may be more difficult to freeze or secure investor funds that are held in a virtual currency wallet. Furthermore, the international scope of the cryptocurrency market may present challenges to obtaining information from other jurisdictions in a timely manner.
We are still in the early innings of the new regulatory model for cryptocurrencies. If the SEC’s claims of oversight authority over cryptocurrencies as “securities” holds, ostensibly this means any secondary trading of the securities would fall under the Section 10(b) rules in the Securities and Exchange Act of 1934, which include prohibitions against market manipulation, false statements, and insider trading activities.
Other financial regulators beyond the SEC have also waded into the waters and may soon overtake the SEC. The CFTC considers Bitcoin and other cryptocurrencies to be “commodities.” While traditionally this would place Bitcoin beyond the CFTC’s normal regulatory realm (which covers the trading of commodity derivatives as opposed to the commodities themselves), the CFTC has very recently been attempting to expand its jurisdictional limits.
The CFTC has previously brought enforcement actions involving cryptocurrencies. For example, the CFTC brought an action in June 2016 against Bitfinex, a currency exchange, for selling virtual currencies on a leveraged basis without registering with the CFTC. The CFTC has also brought actions against cryptocurrency exchanges trading in cryptocurrency derivative products. However, the CFTC has significantly escalated its enforcement activities by asserting authority over Bitcoin itself. In late September, the CFTC announced charges against Nicholas Gelfman and Gelfman Blueprint, Inc. in a federal civil enforcement action for allegedly operating a Bitcoin Ponzi scheme and making false and misleading statements to conceal the fraud. This is notable because the matter does not involve derivatives or leverage. According to James McDonald, the CFTC’s Director of Enforcement, “Through its work across the Commission, and as exemplified by the work of LabCFTC, the CFTC has demonstrated its continued commitment to facilitating market-enhancing FinTech innovation. Part of that commitment includes acting aggressively and assertively to root out fraud and bad actors in these areas.”
In the coming months, we may well see further aggressive action from the CFTC.
The regulatory response in the U.S. is juxtaposed against an even harder stance by authorities in the People’s Republic of China. Asia currently represents a significant share of the cryptocurrency market. In early September, Chinese officials announced a decision to ban new ICOs in the country. Furthermore, the regulators ordered all cryptocurrency exchanges in Beijing to cease registration of new users as of September 15. Days later, China’s central bank ordered all Bitcoin exchanges to submit plans to wind down their operations by September 20. Notably, a vast majority of cryptocurrency activity has involved exchanges in either Hong Kong or mainland China. Since the crackdown, much of the trading shifted to Japan and Korea, which now sport well more than 50% of the global Bitcoin market.
Although we still need more time to answer our original question, what is clear is we can expect further law enforcement and regulatory action as the cryptocurrency market continues to expand its investor base and U.S. regulators test new jurisdictional theories. As we follow new and ongoing investigations into alleged cryptocurrency frauds, we may see prosecutors try and test old and new mechanisms to obtain information needed to trace the flow of money. As with any new financial innovation, it is wise to remember that fraud is the result of human actions, and it is possible to exploit old and new technologies alike.