Blockchain Bites: A big Ripple in the regulatory waters with judgment finding token is NOT a security under US law, Singapore proposes new crypto custody rules, UK brings crypto within regulatory perimeter, EU agrees rules for banks’ crypto holdings

A big Ripple in the regulatory waters with judgment finding token is NOT a security under US law

In a highly-anticipated decision between Ripple Labs, Inc. (Ripple) and the US Securities and Enforcement Commission (SEC), Ripple has achieved what is being called a historical win with a summary judgment decision that the token XRP “is not in and of itself a “contract, transaction[,] or scheme” that embodies the Howey requirements of an investment contract.” and as a result the token itself is not a security under US law.

The judgement was handed down by the US District Court of the Southern District of New York on 13 July 2023. The Court ruled that Ripple did not violate US Federal securities laws by selling its XRP token on public exchanges. This is the first victory for a cryptocurrency company in a case brought by the SEC, however it is not quite as simple as Ripple wins! As the SEC also had success in relation to a claim that the sale of XRP to institutional investors was an investment contract.

The SEC alleged that Ripple sold over USD$1.38 billion in XRP over a six year period to fund Ripple’s operations, which sale was an unregistered securities offering. The crux of the case is whether the XRP is a security. The matter of whether there was in fact any way for Ripple to register the offering under US law is a matter which has also been the subject of debate.

When cryptocurrency is not a security

The Court applied the (now famous in crypto circles) Howey test to determine whether XRP was a security, being an “investment contract”, noting the test is:

a contract, transaction[,] or scheme whereby a person [(1)] invests his money [(2)] in a common enterprise and [(3)] is led to expect profits solely from the efforts of the promoter or a third party.

In previous cases brought by the SEC, findings have been made that the cryptocurrencies at issue were securities for the purposes of jurisdiction and most enforcement actions brought by the SEC to date in the US have been settled by the parties targeted.

However, in Ripple’s case, the Court decides that Ripple’s XRP sales on public cryptocurrency exchanges – which the Court called “Programmatic Sales” – were not offers of securities under US law, because purchasers did not have a reasonable expectation of profit tied to Ripple’s efforts.

Specifically, the Court said those “Programmatic Sales” were:

blind bid/ask transactions, and Programmatic Buyers could not have known if their payments of money went to Ripple, or any other seller of XRP.

This means XRP sales on public cryptocurrency exchanges failed the meet the third prong of the Howey test. Further, the Court found that XRP sales by Ripple Chief Executive Brad Garlinghouse and co-founder and former CEO Chris Larsen, and other distributions including compensation to employees also did not involve securities under US law.

Partial win for the SEC

The Court granted a partial and smaller win to the SEC, by finding that Ripple’s USD$728.9 million of XRP sales to hedge funds and other institutional investors did amount to unregistered sales of securities, with the securities being offered being a promise to deliver future tokens to those investors. Specifically the Court said:

reasonable investors, situated in the position of the Institutional Buyers, would have purchased XRP with the expectation that they would derive profits from Ripple’s efforts. From Ripples communications, marketing campaign and the nature of the Institutional Sales, reasonable investors would understand that Ripple would use the capital received from its Institutional Sales to improve the market for XRP and develop uses for XRP Ledger, thereby increasing the value of XRP

This was ultimately:

pitching a speculative value proposition for XRP with potential profits to be derived from Ripple’s entrepreneurial and managerial efforts

The Court also knocked back Ripple’s defence that the SEC did not provide them a “fair notice” for potentially breaching the law. The Court said,

The law does not require the SEC to warn all potential violators on an individual or industry level

Tokens for Employees and Founders

Interestingly, the Court found that tokens granted to employees could not have been securities as there was no “investment of money” as part of the transaction.

The ripple effect of the ruling

Despite not being a complete win for Ripple, the decision is important as it considers the status of a digital asset token itself, and leans into the argument that tokens are a kind of property, which may be offered as a security / financial product, in the same way that gold or other property can be offered as a financial product, but that the token in and of itself, is not a security/financial product.

This is precisely what was argued by a number of leading crypto-legal minds, including Mr Lewis Cohen and others in The Ineluctable Modality of Securities Law: Why Fungible Crypto Assets Are not Securities and also supports what the UK has been suggesting for years be the case with most crypto-assets.

The ruling will be no doubt cited by other crypto firms who have been fighting for an end to regulation by enforcement and sensible rule setting to take place. The 2022 SEC v LBRY case was heavily cited in this judgement and builds on the growing jurisprudence in the field.

It will also help crypto projects engaging with regulators recalibrate their submissions, based on what worked and what didn’t work in Ripple’s submission.

Ripple Chief Executive Garlinghouse in an interview called the ruling was:

a huge win for Ripple but more importantly for the industry overall in the U.S.

Coinbase said it would allow trading of XRP on its platform again. Its Chief Legal Officer Paul Grewal said on Twitter:

We’ve read Judge Torres’ thoughtful decision. We’ve carefully reviewed our analysis. It’s time to relist.

This case may also assist Coinbase in their SEC case, which focuses on similar issues. It is important to note that the ruling is a summary judgement, with a full trial remaining on issues between the SEC and Ripple, and while it may be appealed including once a final judgment is issued.

The authors are not US lawyers (and of course none of this is legal advice), and for an Australian audience it should be noted that the Howey decision is markedly different to the test for a managed investment scheme or financial investment offering in Australia, but some of the underlying principles, particularly that tokens may not in and of themselves be financial products/securities, are likely to prove relevant as the law develops here. We should note that some tokens could be designed to expressly be, or represent, financial products and naturally adding a blockchain to a financial product does not move the issuer outside the regulatory perimeter laws, but neither does adding a blockchain render a digital token within the perimeter.

The key take-aways remain:

• Increasingly tokens are being recognised as property, just as the UK has been suggesting for years;
• Facts and circumstances of each sale still matter very much and are an area of significant risk;
• Marketing and offering a product as a financial investment is likely to be treated by regulators and the Courts as a financial investment (which can include secondary sales); and
• The need for fit-for-purpose regulation which addresses the technological peculiarities of blockchain technology and provides a clear path to compliant token sales and offerings is only going to increase as time passes.

Only Parliaments / Congress can properly set a policy framework to support innovation while tackling and reducing the ever rising tide of scams and fraud to protect investors and users of tokens.

Singapore proposes new crypto custody rules

The Monetary Authority of Singapore (MAS) has announced a package of reforms intended to enhance consumer protections for users of Digital Payment Token (DPT) service providers, including requirements to deposit and keep all customer assets under a statutory trust. In addition, the MAS is expected to restrict service providers from providing token lending and staking services to retail investors. Under the proposals, DPT service providers will be able to continue providing such services to institutional and accredited investors.

In a media release, the MAS announced that the new rules will:

mitigate the risk of loss or misuse of customers’ assets, and facilitate the recovery of customers’ assets in the event of a DPT service provider’s insolvency.

The new rules follow public consultations in late 2022 on regulatory measures to enhance investor protection and market integrity for crypto services. In particular, the consultation revealed widespread support for DPT service providers to:

• segregate customers’ assets from its own assets and held in trust;
• safeguard customers’ moneys;
• conduct daily reconciliation of customers’ assets and keep proper books and records;
• maintain access and operational controls to customers’ DPTs in Singapore;
• ensure that the custody function is operationally independent from other business units; and
• provide clear disclosures to customers on the risks involved in having their assets held by the DPT service provider.

While some responses supported the restrictions on token lending and staking, agreeing that it is unsuitable for retail investors due to DPTs high-risk and speculative nature, other respondents argued that concerns can be mitigated via sufficient risk disclosures and customer’s consent. The MAS has promised to:

monitor market developments and consumer risk awareness as these evolve, and will take steps to ensure that our measures remain balanced and appropriate.

The MAS is currently accepting public responses on draft legislative amendments to the Payment Services Regulations to implement the proposed changes. Further guidelines to assist consistent adoption of the above requirements are anticipated in the near future.

Finally, the MAS issued a further consultation paper to consult on new requirements to address unfair trading practices in crypto markets and prevent market abuse. Responses to the paper are also due on 3 August 2023.

The MAS reiterated its past warnings to consumers in announcing the new rules:

Regulations alone cannot protect consumers from all losses…consumers must continue to exercise utmost caution when trading in DPTs.

The latest rules follow Singapore’s consistent approach of seeking to embrace the benefits of digital money and blockchain technology while mitigating potential consumer harms, particularly for retail investors. The latest changes follow a raft of policy developments around the region, as jurisdictions like Hong Kong and South Korea, also seek to establish more comprehensive fit-for-purpose regulations for digital assets.

UK brings crypto within regulatory perimeter

The Financial Services and Markets Act 2023 (FSMA) was formally adopted into UK law on 29 June 2023 upon receiving royal assent. The legislation will enable the UK’s transition from EU-based financial services laws and bring crypto-assets within the regulation perimeter in the UK.

The new law recognizes “cryptoassets” as a form of investment bringing it within the scope of regulated financial activity. FSMA defines cryptoassets broadly:

“cryptoasset” means any cryptographically secured digital representation of value or contractual rights that—

(a) can be transferred, stored or traded electronically, and

(b) that uses technology supporting the recording or storage of data (which may include distributed ledger technology).

The Act will also bring stablecoins within the scope of payments regulations as a form of “digital settlement assets” and provides for broader regulation of promotions relating to cryptoassets.

In a press release, the UK government stated:

The Act is central to the Government’s vision to grow the economy and create an open, sustainable and technologically advanced financial services sector.

and:

The changes enable the delivery of key Edinburgh Reforms, putting the UK on course to be the most dynamic and competitive financial services hub in the world.

The reforms are intended to facilitate the “safe adoption” of cryptoassets within the UK and establish a ‘sandbox’ that accommodates the adoption of emerging technologies like blockchain in financial services. Beyond this, the Act also removes certain restrictions on wholesale markets, protects access to cash and implements protections for victims of Authorised Push Payment scams.

The Economic Secretary to the Treasury, Andrew Griffith added:

This landmark piece of legislation gives us control of our financial services rulebook, so it supports UK businesses and consumers and drives growth.

FSMA is intended to seize opportunities by ‘tailoring financial services regulation to fit UK markets’. In order to achieve its objective of enhancing regulatory scrutiny in the financial services sector for greater accountability, democratic input and transparent oversight, FSMA assigns regulators including the UK’s Treasury, Financial Conduct Authority and the Payments Systems Regulator with new and extended powers to supervise and monitor the financial system, including cryptoassets. Separately, the Treasury has been conducting consultations on crypto-specific regulation, which is anticipated to come into force within the next 12 months.

The UK’s regulatory approach is twofold – it aims to reform existing regulations where appropriate, with plans to also develop crypto-specific regulation. The broad effort by the UK to introduce a clear framework for crypto regulation is in line with their vaunted commitment to becoming a crypto hub and harnessing the benefits of innovation in financial markets.

Show me the crypto! EU agrees rules for banks’ crypto holdings

Following a negotiation between the European Parliament, the Council and the Commission of the European Union (EU) on the 27th of June, the EU agreed that banks operating across the EU’s 27 member states will face new disclosure obligations and capital requirements relating to their cryptocurrency holdings.

The deal will involve changes to the Capital Requirements Regulation and Directive and is intended to increase transparency of banks’ cryptocurrency holdings, in light of the growing involvement of large financial institutions in the industry. In 2022, many large EU banks including CACEIS and Crédit Agricole initiated cryptocurrency custody and purchase services. More recently, a number of Wall Street giants have announced new initiatives in the crypto space.

According to the press release from the European Parliament:

To address potential risks…banks will have to disclose their exposure to crypto-assets.

In addition to this disclosure requirement, a number of broader changes were agreed to enhance the stability of the EU’s banking sector including:

1. setting capital requirements for crypto assets until the Commission puts forward a specific legislative proposal;
2. introducing ESG as an important aspect in the EU’s financial legislation;
3. reinforc[ing] the governing framework for the appointment of top posts in large financial institutions; and
4. stronger requirements for third country branches.

This means that EU banks will have to declare their cryptocurrency holdings and comply with enhanced capital requirements. The changes aim to prepare EU banks to handle crypto assets while appropriately managing risks. The new rules also align with similar obligations faced by other companies within the crypto sector under the new Markets in Crypto Assets (MiCA) regulation, including exchanges and brokers, and mark an effort by the EU to establish a consistent regulatory framework.

The provisional agreement on the new banking rules now awaits approval by the Economic and Monetary Affairs Committee, a plenary vote of the Parliament and the Council’s approval.