The cryptocurrency boom in 2017 was so sudden that many investors and regulators where left dazed confused in its wake. After this initial shell shock passed it became apparent that the financial system was not ready for the introduction of cryptocurrencies in ‘17 and as a consequence many abuses of the system were detected during this period. It should then be no surprise that after the first cases of crypto-fraud started to surface, the regulating bodies (especially in the U.S.) began a serious push to reign in miners and investors in this space with rules and regulations.

The involvement of government agencies like the Securities and Exchange Commission (SEC), Commodities and Futures Trading Commission (CFTC), and the Financial Crimes Enforcement Network (FinCEN) means that the cryptocurrency and crypto asset markets are safer for consumers, but it also means that the companies involved are now subject to heavy, confusing and complicated compliance and reporting obligations, with the possibility for large fines for non-compliance.

Not long ago it was impossible to think of fulfilling all of the compliance obligations imposed on a company without the help of a law firm or an in house counsel with a small team, spending thousands of dollars and weeks or months of work. These are yesterday’s concerns. Enter, compliance automation.

Compliance is no more than a (boring) checklist, and although the language in most regulations and directives is dry and complicated, we hope this article gives you the necessary tools to understand what you’re up against, and how to tackle it effectively and cheaply. This article covers how the regulators involved in policing the market understand cryptocurrencies, what compliance obligations each of them impose, and how to meet them without breaking a sweat.

Section I. Regulators

Since U.S. lawmakers have not issued direct, comprehensive Federal oversight of virtual currency spot markets, regulation of virtual currencies has evolved into a multifaceted, multi-regulatory approach. FinCEN doesn’t consider cryptocurrencies to be legal tender but since 2013 has considered exchanges as money transmitters (subject to their jurisdiction) on the basis that tokens are “other value that substitutes for currency”. The IRS, by contrast, regards cryptocurrencies as property – and has issued tax guidance accordingly.

Cryptocurrency exchange regulations in the United States are also in an uncertain legal territory, and several of the federal regulators claim jurisdiction. Of the major US regulatory bodies, the SEC has indicated that it considers cryptocurrencies to be securities: in March 2018 it stated that it was looking to apply securities laws comprehensively for digital wallets and exchanges. By contrast, The Commodities Futures Trading Commission CFTC has adopted a friendlier, “do no harm” approach, describing bitcoin as a commodity and allowing cryptocurrency derivatives to trade publicly.

So as you can probably tell, the type of cryptocurrency project you are undertaking is extremely important since that classification will mean you deal with one of several of the regulators referred to above.

Section II. Getting Started.

Lets go through an actual example. I’m the CLO at @mati, where we work on precisely this -automating compliance. Clients often come to us with similar problems, so the below isn’t entirely imaginary or hypothetical. I’ll scramble the info and make a new company to make a point without revealing actual cases. Let us consider the case of a company which wishes to create an alternate currency to Bitcoin, in order to raise working capital, this company (ThisCo) will issue a Token (ThisToken) that will be exchanged in the future for actual cryptocurrency (ThisCoin).

Due to the nature of ThisCo, our company is going to be subject to SEC Regulations (since a token will be issued), FinCEN Regulations (since ThisCo will issue “virtual currency”), IRS Guidelines (since all assets are subject to taxes) and general Anti Money Laundering (AML) compliance procedures.

It is also important to mention that ThisCo will operate from California in the United States, and we ‘anticipate’ most of users will come from the U.S., however, if ThisCo would choose to open ThisCoin or ThisToken for trade inside the  European Union, for instance, then ThisCo would be subject to a new, different set of Privacy, AML, and Financial compliance requirements with different regulators in the EU.

The table below serves an example of the (initial) compliance requirements ThisCo will face in the U.S., when they will need to file, and with which authority. As you will see, most of the items are easily solved with existing SaaS Products or can be done manually by any person with a little time and patience. Of course this can get considerably more complicated than that, as referenced in the previous paragraph.

If you’re still confused about  compliance in the crypto space, or if you have any questions about this topic feel free to reach out to me directly.