Cryptocurrency Trading Markets: Observations On The Intersection of Law and Technologybr>
Many practitioners are familiar with best practices for know your customer (KYC) and anti-money laundering (AML) checks, as well as accredited investor verification as part of a security token offering.
However, compliance responsibilities for broker dealers and issuers do not end with the issuance of tokens. A range of practical and regulatory requirements render it necessary to continue to track know the identity of each holder of a security token for the life of the token.
For example, security tokens structured as shares of equity in an issuer will trigger a range of corporate requirements. To begin with, corporations and other securities issuers are required to maintain accurate shareholder records and to make certain records available for inspection. In Delaware, where a significant percentage of companies (and a majority of public companies) are incorporated due to the state’s well established corporation laws, Section 219 of the General Corporation Law requires companies to make available a list of the names and addresses of each stockholder for at least ten days before each annual stockholder meeting.
Companies seeking to tokenize their shares in a private placement of securities under U.S. federal law, regardless of their regulation, whether under Regulation D, Regulation S or another exemption from registration, would be well-advised to think through the logistics of maintaining a shareholder base on a distributed ledger. Ideally, an issuer would partner with a technology provider with practical solutions to answer a number of day to day questions. How will shareholder communications occur? Does the technology facilitate proxy voting? Does a mechanism exist to remove the legend from restricted securities?
Perhaps the most important technological hurdle relates to effective distribution controls, governing framework built into the token that governs the token’s compliance behavior both on ledger and off.. What is required to effect a secondary transfer? Does the technology solution enable a flexible, tailored solution, or does it rely on a labor-intensive solution to handle compliance requirements.
Sole reliance on Rule 144 under the Securities Act of 1933 and a 12 month hold period by initial purchasers is not a comprehensive means of achieving distribution control. Our experience is that private companies have historically been reluctant to participate in creating an unrestricted secondary trading market because, among other things, they are leery about exposure to insider trading and market manipulation laws and, they want to maintain a say in their stockholder base, they do not want to run afoul of regulations that might require them to report public information if they reach certain stockholder thresholds, and they do not want to dedicate additional resources to process frequent transfer requests or to engage a formal transfer agent function. Additionally, issuers do not want to become subject to legal risk or cumbersome reporting requirements if residents of certain foreign jurisdictions acquire their securities. Even within the U.S., some state blue sky laws require that recipients in secondary trades be accredited investors, and, regardless of jurisdiction, when a secondary transfer is sought, the participants in the transaction (stockholder, purchaser, issuer) are generally well advised to refresh their KYC and AML checks.
Financial instruments that do not give the holder ownership rights in the issuer may avoid some of the corporate governance challenges described above. However, many instruments, whether they are structured as equity, debt, rights to certain cash flows/ or payments or otherwise, are prone to trigger reporting obligations under more than just securities laws. For instance, some well-intentioned instruments fail due to features that frustrate compliance with tax regulations, particularly the reporting of capital gains information to the IRS. The U.S. Bureau of Economic Analysis requires issuers to report certain foreign ownership interests. These regulatory requirements reinforce the necessity of a techtechnology partner providing a solution that enables an issuer to always know the identity of the holders of its securities.
To use Rule 144 to freely trade certain securities, an issuer must authorize the removal of the restrictive legend from those securities. Considerations such as those described above factor into when an issuer will permit the removal of legends under its investor and charter documents, as well as the menu of compliance actions it will take before completing effecting the removal. A technology solution needs to be able to effect the rules set by the issuer in a manner that complies with applicable law and denote the legend removal in subsequent transfers.
Because the regulatory framework across security token offerings vary, one size fits all “white lists” do not perform well as a means of distribution control. For example, the persons permitted to invest in a Reg D offering of an Investment Company under the 1940 Act vary from a more standard Reg D offering of an operating business. Since token features and investor rules differ depending on context, generating access rights for every wallet across every form of token presents significant scale challenges. This is especially true if the rules change during the life of the token (for instance, the issuer goes public or regulations change).
We believe that the optimum compliance technology for security token issuances will be secure, scalable, adaptable, and ledger agnostic. Technology solutions that automate compliance actions in a reliable manner and authorize transfers to digital wallets known to possess predefined rule sets may result in immediate trading and lower costs. Ideally, compliance solutions will enable security tokens to jump ledgers and engage in cross chain trades, or be reissued on a new ledger in the event that an entire ledger fails, and have the capability to regenerate a complete capitalization record on the new ledger. This resiliency is a critical component of the ability of a technology solution to meet the high standards of compliance, reliability, security and adaptability that will be required to build trust in security tokens, further expand access to capital for businesses and provide liquidity to investors.