Are all crypto exchange balances actually securities?
Dec 20, 2021
When I started writing this newsletter again I said it would help me to think out loud and develop my views on things. Well, today’s letter definitely falls in that category and I hope you’ll let me know what you think. And if you find it interesting and think a friend will too, please forward it to them.
Cryptocurrency exchanges like Coinbase, Kraken, and Gemini allow users to trade commodities like Bitcoin. Because they don’t trade securities or derivatives, they are not regulated or supervised by the SEC or CFTC. They’re not subject to securities regulation any more than a rural swap meet that hosts a lot of selling and trading of commodities.
The problem, some argue, is that crypto exchanges in practice are very, very different from other spot commodity markets. They are much more liquid and deeper and faster. They bring together market makers, retail investors, and sophisticated professional traders in the same venue. In short, they look like securities exchanges and may pose similar risks.
Faced with this situation, a serious government would first confirm (not merely assume) that real risks do exist and, if they do, say, “well, I guess we need to legislate to mitigate the risk because current law doesn’t cover this novel case.” That is, it would pass a new law to cover this unforeseen situation rather than try to fit a square peg into the round hole of existing law and regulation.
Some in Congress are doing just that. Most on-point is the proposed Digital Commodities Exchange Act being developed in the House Agriculture Committee and for which I have a soft spot in my heart. It’s not perfect but it’s pretty practical. There’s also forthcoming legislation from Sen. Lummis that I expect will also address exchange regulation.
Unfortunately, though, Congress is broken these days, so it’s not surprising that regulators in charge of protecting “the public interest” feel they must do something without waiting for Congress to act. It may not be excusable, but at least it’s understandable. And it helps explain’s SEC Chairman Gary Gensler’s campaign to have cryptocurrency exchanges register with the Commission and come under its supervision.
The problem with Gensler’s approach as I’ve observed it is that ,as far as the exchanges are concerned, they’re not trading any securities, only commodities, so the SEC has zero authority over them. To that Gensler says some version of these remarks from August:
A typical trading platform has more than 50 tokens on it. In fact, many have well in excess of 100 tokens. While each token’s legal status depends on its own facts and circumstances, the probability is quite remote that, with 50 or 100 tokens, any given platform has zero securities.
Now, the way I read the law, one has an obligation to register with the SEC if one is listing securities, not if there’s a high probability that one is. I can imagine the exchanges saying something like, “Oh boy, can you please tell us which tokens you think are securities? We’d like to delist them immediately and make sure we’re in compliance with the law.” But of course the SEC isn’t going to “classify” tokens short of an enforcement action, so it finds itself regulating through “agency threats”. This is not good for anyone involved.
The Canadian Model
So, is there some other way that the SEC can legitimately assert its authority without having to first establish that certain tokens are securities (which the exchanges can always just delist)? Canada has developed just such a novel approach and it is pretty seductive.
Essentially what Canadian securities regulators have found is that even when an exchange lists only commodities like Bitcoin, what users actually have and trade are not the commodity tokens themselves, but a security interest in them. From 2020 guidance:
Staff is aware that some Platform operators are of the view that the Platforms they operate are not subject to securities legislation because they only allow for transactions involving crypto assets that are not, in and of themselves, derivatives or securities. However, based on our analysis of how trading occurs on Platforms, we note that some Platforms are merely providing their users with a contractual right or claim to an underlying crypto asset, rather than immediately delivering the crypto asset to its users. In such cases, after considering all of the facts and circumstances, we have concluded that these Platforms are generally subject to securities legislation.
J.P. Koning has been talking about this for some time and suggesting that the U.S. consider copying this approach. From the perspective of an open source crypto rights advocate, there’s a lot to like in the approach.
First, it essentially excludes non-custodial platforms. P2P marketplaces and decentralized exchange protocols always result in actual delivery of purchased tokens, so it can’t be said there is any security interest involved. While there are other theories a securities regulator could apply to cover those platforms, it may not be worth their time if pursuing the Canadian model captures 99 percent of the market.
Second, and relatedly, such an approach could create more demand for non-custodial applications and business models. I wouldn’t mind seeing the further development of DEX ecosystems or the development of novel models that combine a centralized exchange with multisig arrangements, allowing platforms to have no control over user funds. In essence, the Canadian model creates alignment between regulation and the “not your keys, not your coins” ethos of crypto since in some respects both are aimed at the same risks.
Third, it takes a practical approach to token disclosures. This one is important but will take a little bit to explain. . .
Today, if a token represents an investment contract, then the issuer of the token has an obligation to register with the SEC and make required disclosures about the offering. This is simple enough when there is a clear issuer of a token, but in crypto there often isn’t (or isn’t anymore) a clear issuer or promoter on which investors rely. Because this is all a “facts and circumstances” analysis, however, opinions can differ on whether there is or isn’t a party who would have disclosure requirements—i.e. whether a network is “sufficiently decentralized.” The result is that we again find ourselves in a world of “agency threats” where if one is even “near the line,” one is cajoled to register.
Apart from the obvious rule of law problems with this state of affairs is the fact that it’s an invitation for sham disclosures. For example, imagine we find that Bitcoin is a security. Who would be on the hook for filing the registration and disclosures? I can imagine that Craig Wright would be the first in line to do it. You can also imagine that we find that Ethereum is a security. Imagine further that upon such a finding, Vitalik and everyone remotely associated with the Ethereum Foundation takes their cyanide capsule. Ethereum would continue to operate just the same (giving the lie to it being reliant on any person’s efforts), but technically someone would have to file a registration if it was ever to trade legally.
By saying that the security in question is not the token itself, but the derivative contract being offered by the exchange, the Canadian model puts the onus for disclosures on the regulated exchanges. This is very practical and potentially avoids the thorny questions above.
What kind of disclosures would exchanges have to make? In Canada, regulators have granted crypto exchanges “prospectus relief” exempting them from the full standard disclosures they would otherwise have to make and instead they require lighter, crypto-specific disclosures including “a description of the Crypto Asset, including the background of the team that first created the Crypto Asset, if applicable,” and “any risks specific to the Crypto Asset,” etc.
In sum, this seems like a good approach since regulators get to apply the supervision they presume is lacking, exchanges get clarity, investors get protections they didn’t previously have, and the decentralized, open source elements of crypto are left alone.
The Catch
Unfortunately, the Canadian model seems pretty legally suspect to me—at least as it could be applied in the U.S.
To start with, Canadian regulators find that exchanges are issuing “crypto contracts” when they find that a platform is “merely providing their users with a contractual right or claim to an underlying crypto asset, rather than immediately delivering the crypto asset to its users.” But if you look at the terms of service of major U.S. exchanges, you find that the contractual right customers have is explicitly not a claim but actual title. Here’s Coinbase for example:
2.6.1 Ownership. Title to Digital Currency shall at all times remain with you and shall not transfer to Coinbase. … None of the Digital Currencies in your Digital Currency Wallet are the property of, or shall or may be loaned to, Coinbase; Coinbase does not represent or treat assets in User’s Digital Currency Wallets as belonging to Coinbase. Coinbase may not grant a security interest in the Digital Currency held in your Digital Currency Wallet.
I mean, it seems pretty clear that what Coinbase is engaged in here is a bailment and not a securities offering. From what I can tell, it’s perfectly legit to have bailments in fungible commodities even if they are commingled with those of other bailees as with grain at a silo. This stands in direct contrast to what payment app providers tend to do. For example, here is PayPal’s terms of service:
Any balance in your Balance Account represents an unsecured claim against PayPal. … PayPal combines your Balance Account balance with the balances of other Balance Account holders and invests those funds in liquid investments in accordance with state money transmitter laws. PayPal owns the interest or other earnings on these investments. However, the claim against PayPal represented by your balance held in your Balance Account is not secured by these investments and you do not have any ownership interest (either legal or beneficial) in these investments.
Between the two, which one looks more like a security? (I’ve been riding this hobby horse for a while.) Nevertheless, from what I understand it seems Canadian regulators expect the likes of Coinbase to register and are in ongoing discussions with them. In my view, such an expectation essentially leaves no room for the existence of bailments, which is nonsensical.
Canadian regulators appear to have an incredibly narrow view of what it takes to avoid creating a derivative. It’s not enough that you have a clear contract with the customer spelling out full title. Instead, here’s the guidance they give:
Platforms would not generally be subject to securities legislation if each of the following apply:
the underlying crypto asset itself is not a security or derivative; and
the contract or instrument for the purchase, sale or delivery of a crypto asset
results in an obligation to make immediate delivery of the crypto asset, and
is settled by the immediate delivery of the crypto asset to the Platform’s user according to the Platform’s typical commercial practice.
Only by effectuating “immediate delivery” can one seemingly avoid application of the securities laws. What constitutes “immediate delivery”?
We generally will consider immediate delivery to have occurred if:
the Platform immediately transfers ownership, possession and control of the crypto asset to the Platform’s user, and as a result the user is free to use, or otherwise deal with, the crypto asset without
further involvement with, or reliance on the Platform or its affiliates, and
the Platform or any affiliate retaining any security interest6 or any other
legal right to the crypto asset; and
following the immediate delivery of the crypto asset, the Platform’s user is not exposed to insolvency risk (credit risk), fraud risk, performance risk or proficiency risk on the part of the Platform.
Later on in the guidance they give an example of what immediate delivery would look like for a Bitcoin trade and it includes that the transfer to the customer be “immediately reflected on the Bitcoin blockchain[.]” This strikes me as unreasonable.
Again, the Canadian model seems to preclude the possibility of bailment arrangements, or at the very least would require that a customer accept sole possession of the crypto before they could send it right back to the platform for bailment (in order to take advantage of the safekeeping services or to be better positioned to execute a quick trade or for whatever reason). It really is nonsensical, again, given the clear contractual agreement between user and exchange that the user retains full title to the commodity.
Check me
Now, I’ve written all this in order to help me figure out what I think about the Canadian model. Writing is a great way to think through a problem. And by sharing it with you hopefully you can call me out where I’m wrong. I know there are a bunch of legal eagles who read this and I hope they’ll hit reply and let me know where I got my facts, assumptions, or analysis wrong. There are also some things I still haven’t mulled through on which I’d appreciate thoughts:
While it’s the SEC that’s often told to look at what the Canadians are doing, shouldn’t it really be the CFTC? After all, wouldn’t “crypto contracts” be commodity derivatives?
The CFTC has its own definition of what constitutes “actual delivery” of crypto commodities, but this is only relevant in the context of products where there is some margin trading or other leveraged transactions, right?
What else did I miss? What’s the best case crypto balances on U.S. exchanges are securities? How do the Canadians square their rules with what I imagine is similar bailment law as the U.S.?
Anyhow, I hope that gives you plenty of homework to tide you over the holiday break. I hope you all have a great Christmas and a happy New Year.