Featured Expert Contributor, Legal & Regulatory Challenges for Digital Assets
By Daniel S. Alter, a Shareholder in the New York, NY office of Murphy & McGonigle P.C.
Would-be custodians for cryptocurrencies and other digital assets seem very bullish these days. Mike Belshe, CEO of BitGo, Inc.—a leading developer of cryptocurrency security products that was recently approved by South Dakota to operate a state-chartered trust company—opined that “[c]ustody has been the missing piece of cryptocurrency market infrastructure and this gap has kept institutional investors out of the market.”
Market observers have echoed this view. A contributor to Forbes.com wrote, “The introduction of custodianship is expected to herald the entry of institutional capital into the industry, acting as the missing link investors and fund managers have been seeking for entrance into the crypto market.”
Not so fast.
In fact, the growing urgency to find a custody solution for digital assets is somewhat of the SEC’s own making. Once the Commission determined that many ICO tokens constitute securities under the Howey test, and are therefore subject to all the requirements of federal securities regulation, the need for crypto custodians immediately became manifest. If investors were not going hold their own tokens, somebody had to—and fast.
So here we are. Under SEC regulations, a broker-dealer must maintain “physical possession or control of . . . securities carried by a broker or dealer for the account of customers.” 17 C.F. R. § 240.15c3-3(b)(1) (emphasis added). Because many broker-dealers rely on other entities to custody their clients’ securities, the issue really becomes one of control, i.e., what constitutes an acceptable location at which to place client assets so that they properly remain within the broker-dealer’s control?
SEC regulations identify seven locations in which customer securities are deemed to be permissibly within a broker-dealer’s control. See 17 C.F.R. § 240.15c3-3(c). Of those seven places, two are relevant here:
- A “bank”—as defined by the Exchange Act, 15 U.S.C. § 78c(a)(6), which, in turn, incorporates the definition of “bank” contained in 12 U.S.C. § 1813(a). Under these interlocking definitions, a bank must be an FDIC insured depository institution to qualify as a designated control location. See 17 C.F.R. § 240.15c3-3(c)(5); and
- An SEC discretionary control location—which are identified as “such other locations as the Commission shall upon application from a broker or dealer find and designate to be adequate for the protection of customer securities.” 17 C.F.R. § 240.15c3-3(c)(7).
Except for a few large banks, which so far have merely flirted with offering custodial services for cryptocurrencies, no FDIC depository has come forward to act as a permissible control location for broker-dealers in the digital asset space. Nor, as a matter of regulatory discretion, has the SEC designated any other entity as an approved location for holding customer security tokens. The latter circumstances, however, offer a wonderful opportunity for federal and state authorities to explore some cooperative and innovative regulation.
New York State has now chartered three non-depository trust companies specifically to service the fintech industry: Gemini Trust Company, Paxos Trust Company, and Coinbase Custody Trust. These are all closely supervised institutions, with strict capital requirements, tight security controls, and rigorous examination schedules imposed by the New York Department of Financial Services. Given New York State’s dedicated and developed expertise in crypto regulation, these institutions could make ideal candidates for the SEC to approve as discretionary control locations.
A joint effort by the SEC and state regulators to solve the crypto-custody challenge makes good sense both as a matter of law and policy. To start, New York State trust companies offer a compelling legal rationale for serving as a discretionary control location. Under the Investment Advisors Act, 15 U.S.C. § 80b-1 et seq., state trust companies are already authorized to act as “qualified custodians” for customer securities. See 15 U.S.C. § 80b-2(a)(2) (defining “bank” to include “a trust company . . . doing business under the laws of any state” and which is examined by [a] State . . . authority having supervision over banks”); 17 C.F.R. § 275.206(4)-2(d)(6) (designating a “bank” as defined by 15 U.S.C. § 80b-2(a)-(2) as a “qualified custodian”).
In other words, both Congress and the SEC have previously concluded and that state trust companies can protect the very same types of customer assets that are held for broker-dealers in custodial control locations. This legislative determination should dispel any doubt as to a state trust company’s presumptive institutional competence.
Indeed, considering that their sole mission for nearly five years has been to serve the fintech industry, these New York trust companies are uniquely competent to serve as control locations for digital assets. In a world new to federal oversight, the SEC would do well to draw upon the practical experience of other regulators with similar concerns. And in working with state regulators to set the criteria for discretionary approval of crypto-asset custodians, the SEC would make tremendous strides in standardizing crypto custody requirements across market sectors.
This potentially productive discussion is just one of many that can help the market for digital assets develop more quickly and responsibly. Insights come not only from the national level, and sometimes they can be quite decentralized. Call it crypto federalism.