in , ,

The Regulation of Virtual, Digital and Crypto-currencies

The Regulation of Virtual, Digital and Crypto-currencies 4

Cooley LLP

Introduction: currencies, money and e-money1

A virtual currency is “a digital representation of value that is neither issued by a central bank or public authority nor necessarily attached to a [fiat currency]2, but is used by … persons as a means of exchange and can be transferred, stored or traded electronically”.

A virtual currency is not necessarily the same as:

  • A “digital currency” (a digital currency is a digital representation of a virtual currency (non-fiat) or a fiat currency (e-money)); or
  • A “crypto-currency” (a crypto-currency is a mathematics-based, decentralised, convertible, virtual currency that is protected by cryptography).

Strictly, virtual currencies are not:

  • “Currencies” (currencies are (1) exchangeable with other currencies; (2) highly liquid; and (3) widely accepted in their geography. Virtual currencies often meet the first of these criteria, but not the second and third);
  • “Money” (money “performs three … functions: (1) a unit of account; (2) a means of exchange; and (3) a store of value”. Virtual currencies cannot (yet) perform all of these functions at the same time and to the same extent as (real) money);
  • “Electronic money” (“e-money” means “electronically … stored monetary value as represented by a claim on the issuer which is issued on receipt of funds for the purpose of making payment transactions[;] accepted by … person[s] other than the [e-money] issuer[;]” and a representation of a fiat currency);3 or
  • “Legal tender” ((yet). If a virtual currency was legal tender, the creditor of a payment obligation would be required to accept it at full face value, and it would be sufficient to discharge a debtor from his payment obligations); or
  • “Redeemable” (unlike e-money, virtual currencies do not represent a claim on the issuer).

There are more than 6004 virtual currencies in use around the world today. Bitcoin is one of the best known and most widely used in Europe and North America.

What is Bitcoin, and how does it work?

Bitcoin is an example of a virtual, digital and crypto-currency. A network of computers is used to create and maintain a digital file. The file includes “accounts”, “credits” and “debits”. These credits and debits have a Bitcoin value. They also have a “real-world” value because people are prepared to sell goods and provide services in exchange for an increase in the value of their Bitcoin account, and they believe others will do the same.

If the owner of one account wants to transfer value to the owner of another, he sends a message to the computers in the Bitcoin network. The message sender uses a “private key” to create and embed a transaction-specific digital signature in his message. Each computer in the network tests the signature against a “public key” to make sure it has been created by the person who owns the “private key” and the Bitcoins associated with it. If it has, the computer updates its copy of the digital file and sends the message to one or more of the other computers in the network. When every computer has received the message and updated its copy of the file, the Bitcoin value has been transferred from one account to the other.

The “public key” holds less information than the “private key”, and the keys are digital. This makes them more secure than passwords. It can also deliver complete payor / payee anonymity.

Strictly, the “credits” and “debits” are lists of input and output transactions, and the accounts do not have “balances”. Before an account owner can transfer value to the owner of another, he must reference enough Bitcoin transactions to demonstrate that he has enough unspent Bitcoins to make the proposed “payment”. When the payment instruction is given, the computers in the Bitcoin network check the previous transactions to make sure that each of these tests is met. The links between the transactions are used to pass Bitcoin ownership along in a “chain”. The validity of each transaction therefore depends on the validity of the earlier transactions.

To stop fraudulent double spending and payments “bouncing”, the Bitcoin system also uses a “blockchain”. Bitcoin transactions are gathered into groups or “blocks”. Each block is digitally linked / cross-referenced to the one before it in a blockchain. Transactions in the same block are considered to have happened at the same time, and transactions that are not yet in a block are regarded as “unconfirmed”. The blocks are filled and ordered by the computers in the Bitcoin network but, for technical reasons, “payment” transactions can move into and out of several blocks before they come to rest. It is therefore usual for vendors to wait for an hour after receiving a Bitcoin payment before regarding it as “cleared” and shipping their goods.

The Blockchain operates like a digital register of Bitcoin transactions. Every Bitcoin transaction is recorded in the blockchain. A Bitcoin only exists if it is recorded in the blockchain, and it only belongs to someone if the blockchain shows that it was transferred to that person, and that it has not yet been transferred to someone else.

The advantages of Bitcoin

The most commonly cited advantages of Bitcoin are:

  • Transaction speed—Bitcoin payments are usually much faster than other electronic payments;
  • Transaction cost—
    • It is much less expensive to transfer value using Bitcoin than it is with any other payment mechanism;
    • Bitcoins are “universal”, so they do not generate foreign exchange fees when they cross borders;
  • Transaction certainty—there are no automatic refunds, so a merchant will not lose a payment if a customer makes a (false) non-delivery claim against him;
  • Security—payments can be made and received without showing or using personal or sensitive data, so the identity theft risk is lower than it is with many other payment mechanisms;
  • Privacy—Bitcoin can be used to create and maintain payor and payee anonymity;
  • Absence of central counterparties—Bitcoins:
    • Are not controlled by governments or central banks, so they cannot be devalued for political reasons; and
    • Are transferred directly from one account to another, so the credit and privacy risks associated with transferring “money” through intermediaries are reduced or negated.

The risks associated with Bitcoin

The most commonly cited Bitcoin risks include:

  • Volatility—Bitcoins are volatile. So merchants usually change them into their local currency as soon as possible after receipt;
  • Irrevocable value destruction – Bitcoins can be irrevocably lost or destroyed:
    • On 28 October 2011, more than 2,600 Bitcoins were lost because the payor did not use the correct address for the payee; and
    • If a user “loses” his private key in a hard drive crash, he will also lose the Bitcoins associated with his corresponding public key;
  • Change of law risk—Bitcoins are largely unregulated. Until we know when and how they will be regulated, we cannot predict what impact that will have on the Bitcoin economy;
  • Liquidity risk—if a crisis occurs in the Bitcoin economy or elsewhere, the number of Bitcoin sellers could quickly and easily exceed the number of buyers. If that happens, Bitcoins may lose some or all of their value very quickly;
  • The “VHS / Betamax” risk—although Bitcoin is one of the best known and most widely used crypto-currencies in the West today, it has not fully “occupied the space”. Competing crypto-currencies may still emerge and dominate the market;
  • Fraud or theft—an apparently legitimate Bitcoin exchange may be hacked; it may also be a fraud. A Bitcoin user’s “wallet” may also be hacked; and
  • Money laundering and terrorist financing—payor / payee anonymity and the absence of intermediaries makes it easier to launder money, and the absence of an authorised intermediary makes it much less likely that suspicious transactions will be identified and reported.

Is Bitcoin widely used?

The number of companies that accept Bitcoins is growing. They include: Time Inc., Microsoft, Dell, Expedia, Zynga, Virgin Galactic, PayPal, Atomic Mail, Warner Brothers,, Etsy, Wikimedia, Save the Children, the American Red Cross and Greenpeace.

The Bank of England believes there are £60 million worth of Bitcoins circulating in the UK economy, and that 300 UK Bitcoin transactions are carried out each day.5

Each of these things seems significant, and it is. However, £60 million is less than 0.1% of the sterling notes and coins currently in issue, and less than 0.003% of broad money. Further, the European Banking Authority believes that the number of Bitcoin transactions has never exceeded 100,000 per day across the globe, compared to the 295 million conventional payment transactions that take place in Europe alone.

Is Bitcoin regulated?

The European Union’s position

The European Banking Authority (EBA) argues that virtual currencies should be regulated at a European level to protect consumers, enhance financial stability, and reduce the risk of financial crime. The EBA also argues that pan-European regulation would enhance the single European market. It has therefore invited the European Parliament, Council and Commission to develop an appropriate virtual currency regulatory regime that includes:

  • Incorporation and a system of authorisation “for several [different types of] market participant”;
  • “[T]he segregation of client accounts”;
  • “[C]apital requirements”;
  • “[T]he creation of [non-governmental] ‘scheme governing authorities’ that are accountable for the integrity of [each] virtual currency scheme and its key components, including its protocol and transaction ledge[r]”—”The scheme governance authority would be required to comply with regulatory and supervisory requirements of various kinds … [T]he mandatory creation of a scheme governance body does not imply that [virtual currency] units have to be centrally issued. This function can [still] be run through, for example, a protocol and a transaction ledger”;
  • Customer due diligence;
  • Fitness and propriety standards;
  • Transparent price information; and
  • Systems and controls that will materially reduce the risk of market abuse.

It is likely to be some considerable time before a regime of this type is developed and brought into force. In the meantime, the EBA has recommended that:

  • National supervisory authorities should discourage credit, payment and e-money institutions from buying, holding or selling virtual currencies; and
  • European Union legislators should consider “declaring market participants at the direct interface between conventional and virtual currencies, such as virtual currency exchanges, to become ‘obliged entities’ under the EU Anti Money Laundering Directive and thus subject to its anti-money laundering and counter terrorist financing requirements”.

Some national supervisory authorities are considering whether and, if so how, to discourage relevant institutions from buying, holding or selling virtual currencies (although the UK does not appear to be among them). It is not yet clear whether / when European Union legislators will declare relevant market counterparties as “obliged entities”.

The UK’s position

The UK has five potential virtual currency regulators: the Bank of England, the Prudential Regulation Authority (PRA); the Financial Conduct Authority (FCA), the Payments Systems Regulator (PSR) and Her Majesty’s Treasury.
The Bank of England does not believe that “Digital currencies … pose a material risk to monetary or financial stability in the United Kingdom”. It is not therefore proposing to do any more than monitor developments, for the time being.

The PRA regulates banks, insurers and designated asset managers. It does not therefore seem to have the power to fully regulate virtual currencies unless the law is changed.

The FCA has established an “Innovation Hub” to help innovators develop fintech products and services that meet the Authority’s requirements. It has also published a “Project Innovate: call for input” (11 July 2014), and feedback statement “FS14/2 Project Innovate: Call for Input—Feedback Statement” (October 2014), but there is nothing in any of these things which suggests that the FCA is proposing to regulate virtual currencies either.

The PSR has been established, HM Treasury has consulted on the systems and entities it will require and empower the PSR to regulate, and the PSR is consulting on its approach to regulation. HM Treasury will decide what to require and empower the PSR to regulate before, and PSR regulation will begin these things on, 1 April 2015. At this stage, it is clear that the PSR will regulate “the largest and most important payment systems which, if they were to fail or to be disrupted, would cause serious consequences for their users.” And HM Treasury has proposed that this should mean “the main interbank payment systems, namely Bacs, CHAPS, Faster Payments Service (FPS), LINK Cheque and Credit Clearing (C&CC) and … the two largest card payment systems in the UK, MasterCard and Visa.” The consultation papers do not mention virtual, digital or crypto-currencies, nor do they mention Bitcoins, suggesting that the PSR will not regulate any of these things in the short or medium term either.

Separately, HM Treasury has published a “Digital currencies: call for information”. This is part of “a major programme of work looking into digital currencies and associated technologies, with a particular focus on whether they should be regulated. The government is … considering the benefits offered by digital currencies and the technology that underpins them, and whether it should take action to support innovation in this area. At the same time, the government is examining the risks presented by digital currencies, and assessing whether action is required to mitigate any concerns”. The call for information closed on 4 December 2014. It is not clear when HM Treasury will publish its response and proposals (if it will, and if any).

We have considered how likely it is that the UK will begin to regulate virtual currencies in 2015 in a separate blog, which is available here.

The United States’ position

In most States, businesses offering financial services in virtual currencies are required to register as money transmitters, and to comply with anti-money laundering rules. The authorities have already used breaches of these requirements to close several virtual currency businesses including, for example, Liberty Reserve6, Silk Road7 and Western Express International.8

On 23 July 2014, the New York State Department of Financial Services (DFS) said that it was proposing to adopt a Bitlicencing regime. Draft legislation was published for consultation, and many responses were received. At the end of December 2014, the DFS published Superintendent Benjamin Lawsky’s initial response: the regime would be amended, and published for further consultation. The second consultation began on 4 February 2015, and it will close at the beginning of March. A final version of the Bitlicence regime is expected after that.

Under the Revised Bitlicence Framework, a business that engages in one or more of the following virtual currency activities will need a Bitlicence:

  • Receiving Virtual Currency for Transmission or transmitting virtual currency, except where the transaction is undertaken for non-financial purposes and does not involve the transfer or more than a nominal amount of Virtual Currency;
  • Storing, holding or maintaining custody or control of virtual currency on behalf of others;
  • Converting or exchanging fiat currency or other value into virtual currency, virtual currency into fiat currency or other value, or one form of virtual currency into another form of virtual currency as a “customer business” (as distinct from personal use);
  • Buying and selling virtual currency as a “customer business”; or
  • Controlling, administering, or issuing a virtual currency.

Merchants and consumers using a virtual currency to buy or sell goods or services; and firms chartered under the New York Banking Law to conduct exchange services will not need a Bitlicence if (in the latter case) they are also approved to engage in virtual currency business activities. The Revised Framework also clarifies that the development and dissemination of software in and of itself will not require a Bitlicence.

An application for a Bitlicence will require an entity that carries on any of the above business activities to include (for example):

  • The name of the applicant, form and date of organisation and jurisdiction of organisation or incorporation;
  • A list of all direct and indirect controllers of the applicant, persons controlled by the applicant or persons under a common control with the applicant;
  • A list of, detailed biographical information (including name, physical and mailing addresses, and information on each individual’s personal history, experience and qualification) for, and a background report on each Relevant Party which includes each:
    • individual applicant;
    • director;
    • executive officer;
    • shareholder that directly or indirectly owns, controls or holds power to vote 10% or more of any class or shares or a corporate entity or possesses the power to direct or cause the direction of the management of policies of the entity;
    • person entitled to 10% or more of the benefits of a trust.
  • For each Relevant Party, and every individual employed by the applicant with access to any customer funds (whether denominated in fiat or virtual currency), a set of completed fingerprints and photographs of the individuals (as applicable) must also be included.
  • An organisation chart of the applicant and its management structure;
  • A current financial statement for the applicant and each Relevant Party (as applicable);
  • A projected balance sheet and income statement for the following year of the applicant’s operation;
  • Detailed information on the applicant including:
    • a description of its proposed, current and historical business;
    • all associated website addresses;
    • jurisdictions in which the applicant is engaged in business;
    • principal place of business; and
    • physical address of any operation in New York
  • Details of all banking arrangements; and
  • An explanation of the methodology used to calculate the value of Virtual Currency in Fiat Currency.

Bitlicence holders will be required (for example) to:

  • Hold an appropriate amount and type of capital;
  • Maintain a US dollar bond or trust account for the protection of its customers;
  • Verify the identity of their account holders;
  • Tell consumers about the risks associated with virtual currencies;
  • Issue a receipt when it completes a virtual currency transaction—the receipt must include the firm’s details; the type, value, date, and time of the transaction; the fee; the exchange rate; a statement of the firm’s liability for non-delivery or delayed delivery; and a statement of its refund policy;
  • Establish and maintain written policies and procedures to resolve complaints in a fair and timely manner; and
  • Designate a qualified employee as its Chief Information Security Officer, and make him responsible for implementing and enforcing an appropriate cyber security program and policy.

It is not yet clear when the DFS will publish the final version of its Bitlicence regime, or when the regime will come into force.

China’s position

It is unlawful for authorised financial services firms domiciled in China to buy, hold or sell virtual currencies.


    1. There is more information about each of these things in the “Report of the Financial Action Task Force—Virtual Currencies: Key Definitions and Potential AML / CFT Risks” (June 2014); and the European Banking Authority’s “Opinion on Virtual Currencies” (4 July 2014). back
    2. A “currency” is a “fiat currency” if it is issued by a public authority or a central bank. back
    3. See article 2(2) of the New E-Money Directive (2009/110/EC), and the reports referred to in footnote 1. back
    4. See, for example,
    5. See The Economics of Digital Currencies, in the Bank of England’s Quarterly Bulletin 2014 Q3. back
    6. This Costa Rica-based money transmitter and seven of its principals and employees were charged with operating an unregistered money transmitter business and money laundering. Liberty Reserve had more than a million users worldwide, including 200,000 in the United States. Between 2006 (when it was established) and 2013 (when it was shut down), Liberty Mutual handled 55 million transactions, almost all of which were illegal. It had its own virtual currency (Liberty Dollars), but at each end, transfers were denominated and stored in US dollars. back
    7. Silk Road operated as a global black market to distribute drugs, weapons, and stolen identities. Hundreds of millions of US dollars were laundered through the site using illegal transactions facilitated with Bitcoins that were often purchased from and then converted back into fiat currency by legitimate Bitcoin exchanges. back
    8. A cyber-crime group used Western Express International Inc to launder more than US$35 million raised by buying and selling stolen credit card and identity information. Western Express International Inc operated as a virtual currency exchanger and unregistered money transmitter to coordinate and facilitate these activities using the virtual currencies WebMoney and e-Gold. back

The Blurred Lines Legal Precedent 8

The Blurred Lines Legal Precedent

Akerman's Latin America & the Caribbean Practice Recognized by Chambers Global 2015 9

Akerman’s Latin America & the Caribbean Practice Recognized by Chambers Global 2015