FTX and crypto assets in general are under the microscope again this week − but from a couple of different perspectives: criminal liability based on “aiding and abetting” and the need for additional regulatory clarity.

We suspect that we will be writing about and talking about crypto for a long time, so we welcome you to join the crypto conversation. Just drop us a line here. 

Daniel Meade 
Editor, Cabinet News and Views

By Peter Y. Malyshev

Partner | Financial Regulation

By Gina Castellano

Partner | White Collar Defense and Investigations

Churchill is credited with saying “Never let a good crisis go to waste” at the end of WWII in reference to lessons learned in rebuilding the post-war world. The rolling collapse in crypto and digital assets’ markets, and particularly a series of criminal complaints and enforcement actions in the wake of FTX’s and its sister company Alameda’s bankruptcies, are one such crisis that is testing and providing valuable guidance on various Commodity Futures Trading Commission (“CFTC”) enforcement theories under the Commodity Exchange Act (“CEA”). One such cause of action, the aiding and abetting in commission of fraud, was recently articulated in the CFTC v. Nishad Singh proposed consent order (“Consent Order”).

On February 28, the U.S. District Court for Southern District of New York entered a proposed consent order relating to CFTC’s charges of fraud by manipulation and aiding and abetting fraud relating to digital asset commodities against Nishad Singh, who was a co-owner and Director of Engineering of FTX.

Specifically, CFTC’s charges explain that: “Singh was responsible for creating or maintaining various undisclosed components in the code underlying FTX that, operating together with other features, granted Alameda functionalities that allowed it to misappropriate FTX customer assets. Among other things, these features in the FTX code favored Alameda and allowed it to execute transactions even when it did not have sufficient funds available, including, critically, a ‘can withdraw below borrow’ functionality that allowed Alameda to withdraw billions of dollars in customer assets from FTX.”

With respect to aiding and abetting liability, the court specifically states: “Defendant Singh willfully aided, abetted, counseled, commanded, induced, procured and/or committed acts in combination or concert with FTX, Alameda, and/or Bankman-Fried that constituted violations of [the CEA and CFTC regulation § 180.1]. Therefore, as a result of the conduct alleged in the Complaint, pursuant to Section 13(a) of the Act, 7 U.S.C. §13c(a), Singh is liable for FTX, Alameda, and Bankman-Fried’s violations of [the CEA and CFTC regulations].” 

CFTC regulation § 180.1 was promulgated after the Dodd-Frank Act and is analogous to its securities predecessor Rule § 10b-5 under Securities Exchange Act of 1934.

The following conclusions can be drawn as to what facts the CFTC would look for in finding aiding and abetting liability:

1. existence of a scheme to defraud (i.e., illegal use of customer assets) the markets in “commodities” (i.e., crypto);
2. knowledge of the scheme (i.e., Singh was a co-owner and a senior executive of FTX);
3. associating and participating in the fraud (i.e., deliberately wrote the code to make the commission of fraud possible);
4. technology was specifically used to perpetrate the fraud (i.e., the preferential treatment of Alameda);
5. the liability will apply equally to instances of fraud involving derivatives (i.e., swaps, futures, or options) and commodities (i.e., crypto and other digital assets).

It is not the first time the CFTC has charged aiding and abetting liability (e.g., an attorney who had assisted in perpetrating illegal metals transactions or a software developer).  

Conversely, it is clear that in merely acting as a contractor and a technology provider without the actual knowledge (or a duty to inquire) as to the purposes of the scheme, such liability will not be asserted. 

By Daniel Meade

Partner | Financial Regulation

This week, Acting Comptroller of the Currency Michael Hsu delivered remarks, titled “Trust and Global Banking: Lessons for Crypto,” at the Institute of International Bankers’ (“IIB”) Annual Washington Conference in which he discussed the lack of consolidated supervision and coordination among regulators as part of the problem with the failure of crypto exchange FTX. He also offered lessons that can be learned from how bank supervision responded to the failure of the Bank of Credit and Commerce International (“BCCI”) 30 years ago. 

Acting Comptroller Hsu noted that in some press accounts, the bankruptcy of FTX is compared to the bankruptcy and failure of Lehman Brothers in the 2008 global financial crisis, but he thinks a better comparison is the failure of BCCI. In his view, BCCI took advantage of two inherent risks when a financial institution is operating in multiple jurisdictions in our global banking system. The first is an unlevel playing field, with rules differing by jurisdiction. The second is the risk that supervisors may have limited visibility and possibly authority over a financial institution. He went on to note that the first risk can be mitigated by coordination among regulatory authorities, and the second by collaboration among home and host country supervisors. 

Acting Comptroller Hsu noted that, in the United States, part of the response to the BCCI failure was a requirement for foreign banking organizations doing business in the U.S. to show that they were subject to comprehensive consolidated supervision by their home country supervisors. He pointed out that international bodies like the Financial Stability Board, International Monetary Fund and others are working on ways to collaborate and coordinate regulation and supervision of the crypto world. He said, however, that “[u]ntil that is done, crypto firms with subsidiaries and operations in multiple jurisdictions will be able to arbitrage local regulations and potentially play shell-games using inter-affiliate transactions to obfuscate and mask their true risk profiles.”   

As we were going to press, Federal Reserve Board Vice-Chair for Supervision Michael S. Barr gave a speech on crypto-related activities to the Peterson Institute, which we will cover in our next edition. But it is important to emphasize that Vice Chair Barr and Acting Comptroller Hsu are singing from the same songbook. In today’s speech, Vice Chair Barr said: “Moreover, while crypto-assets are hyped as ‘decentralized,’ there has been an emergence of new, quite centralized intermediaries that are either not subject to or not compliant with appropriate regulation and supervision … And the lack of consolidated home country supervision and coordination with host country supervisors rekindles the kind of abuses that bank regulators long ago quashed. While such cross jurisdictional regulatory arbitrage is not new, the digital nature of these activities provides for greater opportunity to expand the reach of such entities to customers around the world."

Acting Comptroller Hsu and Vice Chair Barr could possibly be engaging in some of the coordination they are preaching or their speeches this week could just be serendipitous coincidence. Clearly, though, the coordination of regulation of crypto-related firms is something on both of their minds. 

By Christian Larson

Associate | White Collar Defense and Investigations

On March 2, the Department of Commerce, Department of Justice, and Department of the Treasury issued a Tri-Seal Compliance Note warning companies to be vigilant for Russia-related sanctions evasion. The Note sets forth a clear regulatory expectation that businesses “of all stripes,” both inside and outside the U.S., maintain effective compliance programs to minimize the risk of evasion.

The Note states that sanctions evasion compliance programs should include management commitment, internal controls, testing, auditing, and training. The Note also calls for compliance programs to be tailored to the risks businesses face, including diversion of goods and services by third-party intermediaries.

While the Note calls upon a broad range of businesses to maintain a sanctions evasion compliance program, it singles out manufacturers, distributors, resellers, and freight forwarders, calling on those entities to exercise heightened caution if they detect warning signs of potential evasion.

The note sets forth a number of red flags of sanctions and export control evasion, including:

• Use of corporate vehicles (i.e., legal entities, such as shell companies, and legal arrangements) to obscure (i) ownership, (ii) source of funds, or (iii) countries involved, particularly sanctioned jurisdictions;
• IP addresses that do not correspond to a customer’s reported location data;
• Payment coming from a third-party country or business not listed on the applicable end-user form;
• Use of personal email accounts instead of company email addresses; and
• Routing purchases through certain transshipment points commonly used to illegally redirect restricted items to Russia or Belarus.

The Note also calls upon companies to review U.S. enforcement and targeting actions that reflect tactics and methods intermediaries have used for evasion purposes. Companies that identify sanctions or export control evasion are encouraged, and in many ways incentivized, to file voluntary self-disclosures.

Implementing the Note’s recommendations will require many companies to move beyond screening goods, counterparties, and beneficial owners for potential matches to restricted persons and exports. Companies also will need to consider whether customers, counterparties, and intermediaries are who they claim to be and do what they claim to do.