New York Department of Financial Services Guidance Complicates a Crowded Virtual Currency Regulatory Landscape


On February 7, 2018, the New York Department of Financial Services issued “Guidance on Prevention of Market Manipulation and Other Wrongful Activity” imposing stringent reporting requirements of which virtual currency companies should be aware. While it is unclear how the Guidance will be enforced, the regulatory landscape for virtual currency businesses continues to become more complex.

In Depth

The New York Department of Financial Services (DFS) issued Guidance on Prevention of Market Manipulation and Other Wrongful Activity (Guidance) on February 7, 2018, imposing stringent reporting requirements on companies already subject to regulatory overview and reporting to a number of other regulatory bodies such as the Securities and Exchange Commission (SEC), Commodities Futures and Trading Commission (CFTC), Financial Crimes Enforcement Network (FinCEN), the Internal Revenue Service (IRS), or the Department of Justice (DOJ). Virtual currency companies should be aware of the latest regulatory guidance within the web of often-overlapping regulatory regimes by state and federal agencies.

Guidance on Prevention of Market Manipulation and Other Wrongful Activity

On February 7, 2018, DFS issued the Guidance to all “virtual currency business entities that are either licensed under 23 NYCRR Part 200 [BitLicense] or chartered as a limited purpose trust company under the New York Banking Law” which the Guidance refers to as “VC Entities.” According to DFS, the Guidance also applies to VC Entities which hold a New York money transmitter license.

To prevent market manipulation and other wrongful activities, the Guidance emphasizes the following:

  • VC Entities are required to implement measures designed to effectively detect, prevent and respond to fraud, attempted fraud and similar wrongdoing; and
  • VC Entities must be especially vigilant about market manipulation.

The Guidance stressed that under the BitLicense requirements, VC Entities must implement effective measures to detect, prevent and respond to wrongful activities based on the specific risks that VC Entities are exposed to. The measures must include an effective implementation of a written policy that:

  • Identifies and assesses the full range of fraud-related and similar risk areas, including market manipulation;
  • Provides effective procedures and controls to protect against identified risks;
  • Allocates responsibility for monitoring risks; and
  • Provides for periodic evaluation and revision of the procedures, controls and monitoring mechanisms in order to ensure continuing effectiveness, including continuing compliance with all applicable laws and regulations.

The Guidance then highlights the following reporting requirements applicable to VC Entities. Immediately upon the discovery of any wrongdoing, a VC Entity must submit to DFS:

  • A report stating all pertinent details known;
  • A further report or reports of any material developments relating to the originally reported events;
  • A statement of the actions taken (or proposed to be taken) with respect to such developments; and
  • A statement of changes, if any, in the VC Entity’s operations that have been put in place, or are planned, in order to avoid repetition of similar events.

DFS expects that, in most cases, it will be practicable for a VC Entity to submit the first such further report of material developments, along with the previously noted statements, within 48 hours following submission of the original report of wrongdoing. Also, a VC Entity must maintain, for examination by DFS, records of each incident of wrongdoing.

However, the Guidance does not include detail as to what constitutes “discovery of any wrongdoing.” Also, an immediate report and DFS’s expectation that a “further report of material developments” should be submitted 48 hours after the immediate report imposes a fairly onerous burden, especially given the coinciding regulations and reporting requirements placed upon these same entities by other regulators such as FinCEN, the CFTC and the SEC.

Regulatory Overlap

In the Guidance, DFS further regulates virtual currency companies already subject to other regulatory oversight. Federal and state regulators continue to claim jurisdiction over regulating virtual currency businesses which has resulted in some confusion and regulatory overlap.

Determining whether a certain regulatory body has authority over virtual currency and related companies is largely dependent on the definition of virtual currency. A survey of various regulatory guidance, public statements, settlement agreements and legal proceedings, reveals that each interested government agency has argued for the definition of virtual currency which gives it the most regulatory authority.

The CFTC has argued that virtual currency is a commodity within its purview and has imposed significant penalties on certain market participants for engaging in virtual currency businesses without registering with the CFTC and otherwise violating the Commodities Exchange Act (CEA) and corresponding regulations. See In re Coinflip, Inc., CFTC No. 15-29, 2015 WL 5535736 (Sept. 17, 2015); In re TeraExchange LLC, CFTC No. 15-33, at 4-5, n. 3 (Sept. 25, 2015); In re BFXNA Inc. d/b/a BITFINEX, CFTC No. 16-19, 2016 WL 3137612, at *5 (June 2, 2016); see also CFTC, Customer Advisory: Beware Virtual Currency Pump-and-Dump Schemes, Feb. 15, 2018 (stating that “the CFTC maintains general anti-fraud and manipulation enforcement authority over virtual currency cash markets as a commodity in interstate commerce”).The United States District Court for the Eastern District of New York recently agreed with the CFTC, holding that “virtual currencies can be regulated by CFTC as a commodity.” CFTC v. McDonnell, et al., No. 18-cv-361, ECF No. 29 (E.D.N.Y. Mar. 6, 2018) (holding that virtual currencies “fall well-within the common definition of ‘commodity’ as well as the CEA’s definition of ‘commodities’”)(citing 7 USC § 1(a)(9)).

It could be argued that the Guidance is preempted by the CFTC for certain of the VC Entities because the Guidance regulates activity already regulated by the CFTC. 7 USC § 2(a)(1)(A) (2015) (the CFTC “shall have exclusive jurisdiction” providing for exclusive CFTC jurisdiction over commodities); CFTC v. Schor, 478 US 833, 836 (1986) (describing the “sweeping authority” entrusted to the CFTC to implement the CEA). In fact, before the BitLicense regulation had been adopted, certain market participants voiced concerns about overlapping regulations. For example, one virtual currency options exchange called LedgerX requested that DFS explicitly exclude companies already subject to the CEA from BitLicense requirements. See Letter from LedgerX to Superintendent Benjamin M. Lawsky, New York State Department of Financial Services, (Mar. 27, 2015), (citing 7 USC § 2(a)(1)(A)). DFS did not adopt language to that effect in its final BitLicense regulations. There is some decisional authority indicating that New York is not preempted from having some regulatory authority over commodities transactions, despite the general role of the CFTC to regulate commodities transactions under the CEA. See, e.g., Bishop v. Commodity Exchange, Inc., 564 F. Supp. 1557 (S.D.N.Y. 1983); Strax v. Commodity Exchange, Inc., 524 F. Supp. 936 (S.D.N.Y. 1981). At least one plaintiff sued DFS in an Article 78 proceeding arguing that the BitLicense was preempted by federal law, but the court held that the plaintiff had no standing to assert such a claim. See Chino v. New York Department of Financial Services, No. 101880/2015, 2017 NY Misc. LEXIS 5153 (Sup. Ct. Dec. 21, 2017).

Regulation of virtual currency extends beyond DFS and the CFTC. The SEC has made public statements asserting its authority over some initial coin offerings. In its efforts to bring enforcement actions in Federal Court, the SEC successfully argued, that investments with virtual currency can constitute an “investment contract” and thus, a security. SEC v. Shavers, No. 4:13-cv-416, 2013 WL 4028182, at *2 (E.D. Tex. Aug. 6, 2013).

The IRS takes the position that virtual currency is “property.” IRS Notice 2014-21.

The DOJ has taken the position that virtual currency is “money” or “funds” under 18 USC § 1960, the unlicensed money transmitter statute, and has convicted some and arrested others for operating certain virtual currency businesses without a money transmitter license. See United States v. Murgio, 209 F.3d 698 (S.D.N.Y. 2016); United States v. Budovsky, No. 13-cr-368, 2015 US Dist. LEXIS 127717 (S.D.N.Y. Sept. 23, 2015); United States v. Faiella, 39 F. Supp. 3d 544, 545-47 (S.D.N.Y. 2014); United States v. Stetkiw, No. 17-mj-30566, ECF No. 1 (filed on Oct. 25, 2017) (Complaint). The “money” or “funds” definition argued by the DOJ also lands virtual currency companies within the jurisdiction of the Department of the Treasury, and FinCEN has asserted itself as one of the key regulators over virtual currency businesses. More specifically, FinCEN has issued guidance on whether such virtual currency businesses are required to be licensed as a money transmitter, e.g., Department of the Treasury, Financial Crimes Enforcement Network, Application of FinCEN’S Regulations to Persons Administering, Exchanging, or Using Virtual Currencies, FIN-2013-G001 (Mar. 18, 2013); Department of the Treasury, Financial Crimes Enforcement Network, Application of FinCEN’s Regulations to Virtual Currency Mining Operations, FIN-2014-R001 (Jan. 30, 2014); Department of the Treasury, Financial Crimes Enforcement Network, Application of FinCEN’s Regulations to Virtual Currency Software Development and Certain Investment Activity, FIN-2014-R002, Jan. 30, 2014).

Among the regulators, courts and the legislature, there does not appear to be a consensus as to how virtual currency is best characterized. It is unknown whether there will ever be uniformity among the regulators. According to the various regulatory guidance, legal proceedings and public statements, each regulatory body’s characterization of virtual currency has been largely consistent with whatever characterization would provide that regulatory body the most jurisdiction. The recent decision from the United States District Court for the Eastern District of New York indicates that courts may accept some overlapping jurisdictional authority by multiple regulatory agencies. CFTC v. McDonnell, et al., No. 18-cv-361, ECF No. 29, at 24 (E.D.N.Y. Mar. 6, 2018). The court ruled that while the CFTC has jurisdiction over virtual currency because it is a commodity, “the jurisdictional authority of CFTC to regulate virtual currencies as commodities does not preclude other agencies from exercising their regulatory power when virtual currencies function differently than derivative commodities.” Id.


It is unclear how DFS will enforce the Guidance. However, the regulatory landscape for virtual currency businesses is becoming increasingly difficult to navigate. There has yet to be a consensus on whether virtual currency is a “commodity” (according to the CFTC), “money” or “funds” (according to the DOJ and FinCEN), “property” (according to the IRS), or whether certain virtual currency-related activity constitutes the purchase and sale of a “security” (according to the SEC). It also has yet to be tested in court whether DFS’s regulatory regime carves out permissible regulatory authority over virtual currency companies, which will likely arise once DFS seeks to actively enforce this Guidance. There is substantial regulatory uncertainty but market participants can be certain that regulators on the federal and state level will continue to focus on virtual currency and may well continue to complicate the regulatory landscape for virtual currency companies.