March 9, 2023
FTX and crypto assets in general are under the microscope again this week − but from a couple of different perspectives: criminal liability based on “aiding and abetting” and the need for additional regulatory clarity.
We suspect that we will be writing about and talking about crypto for a long time, so we welcome you to join the crypto conversation. Just drop us a line here.
Daniel Meade
Editor, Cabinet News and Views
Churchill is credited with saying “Never let a good crisis go to waste” at the end of WWII in reference to lessons learned in rebuilding the post-war world. The rolling collapse in crypto and digital assets’ markets, and particularly a series of criminal complaints and enforcement actions in the wake of FTX’s and its sister company Alameda’s bankruptcies, are one such crisis that is testing and providing valuable guidance on various Commodity Futures Trading Commission (“CFTC”) enforcement theories under the Commodity Exchange Act (“CEA”). One such cause of action, the aiding and abetting in commission of fraud, was recently articulated in the CFTC v. Nishad Singh proposed consent order (“Consent Order”).
On February 28, the U.S. District Court for Southern District of New York entered a proposed consent order relating to CFTC’s charges of fraud by manipulation and aiding and abetting fraud relating to digital asset commodities against Nishad Singh, who was a co-owner and Director of Engineering of FTX.
Specifically, CFTC’s charges explain that: “Singh was responsible for creating or maintaining various undisclosed components in the code underlying FTX that, operating together with other features, granted Alameda functionalities that allowed it to misappropriate FTX customer assets. Among other things, these features in the FTX code favored Alameda and allowed it to execute transactions even when it did not have sufficient funds available, including, critically, a ‘can withdraw below borrow’ functionality that allowed Alameda to withdraw billions of dollars in customer assets from FTX.”
With respect to aiding and abetting liability, the court specifically states: “Defendant Singh willfully aided, abetted, counseled, commanded, induced, procured and/or committed acts in combination or concert with FTX, Alameda, and/or Bankman-Fried that constituted violations of [the CEA and CFTC regulation § 180.1]. Therefore, as a result of the conduct alleged in the Complaint, pursuant to Section 13(a) of the Act, 7 U.S.C. §13c(a), Singh is liable for FTX, Alameda, and Bankman-Fried’s violations of [the CEA and CFTC regulations].”
CFTC regulation § 180.1 was promulgated after the Dodd-Frank Act and is analogous to its securities predecessor Rule § 10b-5 under Securities Exchange Act of 1934.
The following conclusions can be drawn as to what facts the CFTC would look for in finding aiding and abetting liability:
- existence of a scheme to defraud (i.e., illegal use of customer assets) the markets in “commodities” (i.e., crypto);
- knowledge of the scheme (i.e., Singh was a co-owner and a senior executive of FTX);
- associating and participating in the fraud (i.e., deliberately wrote the code to make the commission of fraud possible);
- technology was specifically used to perpetrate the fraud (i.e., the preferential treatment of Alameda);
- the liability will apply equally to instances of fraud involving derivatives (i.e., swaps, futures, or options) and commodities (i.e., crypto and other digital assets).
It is not the first time the CFTC has charged aiding and abetting liability (e.g., an attorney who had assisted in perpetrating illegal metals transactions or a software developer).
Conversely, it is clear that in merely acting as a contractor and a technology provider without the actual knowledge (or a duty to inquire) as to the purposes of the scheme, such liability will not be asserted.
This week, Acting Comptroller of the Currency Michael Hsu delivered remarks, titled “Trust and Global Banking: Lessons for Crypto,” at the Institute of International Bankers’ (“IIB”) Annual Washington Conference in which he discussed the lack of consolidated supervision and coordination among regulators as part of the problem with the failure of crypto exchange FTX. He also offered lessons that can be learned from how bank supervision responded to the failure of the Bank of Credit and Commerce International (“BCCI”) 30 years ago.
Acting Comptroller Hsu noted that in some press accounts, the bankruptcy of FTX is compared to the bankruptcy and failure of Lehman Brothers in the 2008 global financial crisis, but he thinks a better comparison is the failure of BCCI. In his view, BCCI took advantage of two inherent risks when a financial institution is operating in multiple jurisdictions in our global banking system. The first is an unlevel playing field, with rules differing by jurisdiction. The second is the risk that supervisors may have limited visibility and possibly authority over a financial institution. He went on to note that the first risk can be mitigated by coordination among regulatory authorities, and the second by collaboration among home and host country supervisors.
Acting Comptroller Hsu noted that, in the United States, part of the response to the BCCI failure was a requirement for foreign banking organizations doing business in the U.S. to show that they were subject to comprehensive consolidated supervision by their home country supervisors. He pointed out that international bodies like the Financial Stability Board, International Monetary Fund and others are working on ways to collaborate and coordinate regulation and supervision of the crypto world. He said, however, that “[u]ntil that is done, crypto firms with subsidiaries and operations in multiple jurisdictions will be able to arbitrage local regulations and potentially play shell-games using inter-affiliate transactions to obfuscate and mask their true risk profiles.”
As we were going to press, Federal Reserve Board Vice-Chair for Supervision Michael S. Barr gave a speech on crypto-related activities to the Peterson Institute, which we will cover in our next edition. But it is important to emphasize that Vice Chair Barr and Acting Comptroller Hsu are singing from the same songbook. In today’s speech, Vice Chair Barr said: “Moreover, while crypto-assets are hyped as ‘decentralized,’ there has been an emergence of new, quite centralized intermediaries that are either not subject to or not compliant with appropriate regulation and supervision … And the lack of consolidated home country supervision and coordination with host country supervisors rekindles the kind of abuses that bank regulators long ago quashed. While such cross jurisdictional regulatory arbitrage is not new, the digital nature of these activities provides for greater opportunity to expand the reach of such entities to customers around the world."
Acting Comptroller Hsu and Vice Chair Barr could possibly be engaging in some of the coordination they are preaching or their speeches this week could just be serendipitous coincidence. Clearly, though, the coordination of regulation of crypto-related firms is something on both of their minds.
On March 2, the Department of Commerce, Department of Justice, and Department of the Treasury issued a Tri-Seal Compliance Note warning companies to be vigilant for Russia-related sanctions evasion. The Note sets forth a clear regulatory expectation that businesses “of all stripes,” both inside and outside the U.S., maintain effective compliance programs to minimize the risk of evasion.
The Note states that sanctions evasion compliance programs should include management commitment, internal controls, testing, auditing, and training. The Note also calls for compliance programs to be tailored to the risks businesses face, including diversion of goods and services by third-party intermediaries.
While the Note calls upon a broad range of businesses to maintain a sanctions evasion compliance program, it singles out manufacturers, distributors, resellers, and freight forwarders, calling on those entities to exercise heightened caution if they detect warning signs of potential evasion.
The note sets forth a number of red flags of sanctions and export control evasion, including:
- Use of corporate vehicles (i.e., legal entities, such as shell companies, and legal arrangements) to obscure (i) ownership, (ii) source of funds, or (iii) countries involved, particularly sanctioned jurisdictions;
- IP addresses that do not correspond to a customer’s reported location data;
- Payment coming from a third-party country or business not listed on the applicable end-user form;
- Use of personal email accounts instead of company email addresses; and
- Routing purchases through certain transshipment points commonly used to illegally redirect restricted items to Russia or Belarus.
The Note also calls upon companies to review U.S. enforcement and targeting actions that reflect tactics and methods intermediaries have used for evasion purposes. Companies that identify sanctions or export control evasion are encouraged, and in many ways incentivized, to file voluntary self-disclosures.
Implementing the Note’s recommendations will require many companies to move beyond screening goods, counterparties, and beneficial owners for potential matches to restricted persons and exports. Companies also will need to consider whether customers, counterparties, and intermediaries are who they claim to be and do what they claim to do.
The EU executive responsible for financial services has indicated that the process of finalisation of a memorandum of understanding on regulatory cooperation in financial services (the "MoU") can restart once the UK has implemented the agreed-on deal on trading relations with Northern Ireland, known as the Windsor Framework.
On hold since March 2021, the MoU was trailed in a declaration that came alongside the Brexit Trade and Co-operation Agreement ("TCA"). As a post-Brexit trade agreement, the TCA is notable for what and how much it did not say about cross-border financial services, and what we know of the MoU does not exactly herald the prospect of borderless services once more. Rather, it is intended to be a framework for structured cooperation between regulatory authorities from different countries that should include not only discussions of international developments but also discussions on how to progress equivalence decisions (whereby one jurisdiction recognises another’s regulatory regimes as being equivalent enough in outcomes to grant domestic market access).
While the MoU forum will not grant equivalence itself, or indeed market access, any revival of the equivalence discussion is to be welcome, particularly given that as of February 2022, the UK had granted the UK two equivalence decisions for financial services (one of which has since expired) and the UK had granted 28. Note, though, that a report on “Recent trends in UK financial sector regulation and possible implications for the EU, including its approach to equivalence” commissioned by the ECON Committee of the European Parliament starts out with the authors’ expectation of “a limited use of the EU equivalence regime for the UK” in light of assumptions about significant divergence in regulatory requirements over the medium- to long-term.
Under a proposed amendment to the UK’s Financial Services and Markets Bill, the Prudential Regulation Authority (PRA) could be empowered to review appropriate risk weighting and capital requirements associated with a financial institution’s exposure to fossil fuel exploration, exploitation and production. The PRA is the UK’s prudential financial services regulator and is responsible for the supervision of around 1,500 banks, insurers and investment firms. The Financial Services and Markets Bill, which we reported on when it was first announced on July 20, 2022, is currently being considered by the House of Lords, the upper chamber of the UK Parliament. The proposed bill, which is at the “committee stage” in the House of Lords and was debated on March 1, 2023, would grant UK regulatory authorities new powers and revoke retained EU laws governing the regulation of financial services. The proposed amendment provides that in “setting the capital adequacy requirements of a credit institution, the Prudential Regulation Authority shall have regard to—(a) the level of exposure of an institution to climate-related financial risk; (b) the level of compliance of the institution with the recommendations of the Task Force on Climate-Related Financial Disclosure; and (c) the objectives of the Climate Change Act 2008 as amended by the Climate Change Act 2008 (2050 Target Amendment) Order 2019 (S.I. 2019/1056).”
Baroness Sheehan, a sponsor of the bill, explained during the committee debate, that “[c]limate risk is not specifically factored into either the regulatory capital risk requirements for banks or the solvency requirements for insurers.” Sheehan further argued that “billions to trillions of pounds will be invested over the near to medium term into an economy that is transforming with increasing rapidity into a low-carbon one. It is clear that climate risk is financial risk: returns on investments and the ability to pay back loans are exposed to the risks of rising temperatures, as evidenced by recent catastrophic climatic events, and action taken by policymakers to transition to a low-carbon economy, such as the US Inflation Reduction Act. Businesses, big and small alike, are poised to pull the start trigger on investments but are held back in the UK by lack of clarity about the Government’s intentions.”
The proposed climate-related amendments to the Financial Services and Markets Bill will, if enacted, also impact investment managers. Under one of the amendments to the bill, the FCA would be required to publish guidance for investment managers to consider “the impact of their investments on society and the environment” and “the long term consequences of investment decisions.” The amendment states that FCA-regulated firms must make these assessments “without undermining their fiduciary duty to act in the financial interests of clients.” On February 20, the FCA published a discussion paper seeking views on the current regime for regulating funds and asset managers. The paper has proposed changing the rules regarding a fund’s prospectus to include “example information and labelling around environmental, social and governance matters.” Interested parties have until May 22, 2023 to respond.
Taking The Temperature: The question of the impact of climate change and climate transition on financial stability remains subject to significant debate. We have reported, for instance, on climate activists advocating the adoption of a “one for one” rule, whereby for each euro/pound/dollar that finances new fossil fuel exploration or production, banks and insurers should set aside a euro/pound/dollar of their own funds against potential losses. The “rule” is based on the idea that fossil fuel assets of financial institutions will diminish in value or become worthless in connection with climate transition and that they will suffer significant losses as a result. While that rigid type of approach (sensibly) does not appear to be gaining traction, regulators are demanding that financial institutions account for risks associated with climate challenges.
Meanwhile, the complexities and the scope of the changes proposed by the Financial Services and Markets Bill, together with the implications of revoking parts of the EU law-derived legislative framework, have slowed the bill’s progress through the UK’s legislative process. On the other hand, the extensive consultation and review phase currently underway could result in clear regulation that is informed by, and, to the extent possible, aligned with, other initiatives in the EU and the U.S. As we have reported, climate-related regulation in other jurisdictions, such as the EU’s Sustainable Finance Disclosure Regulation, has come under criticism for lack of clarity. The final House of Lords committee session will be held on Tuesday, March 7. At the conclusion of the committee stage, the bill will move onto the “report stage” where all members of the Lords will be permitted to examine, and suggest amendments to, the bill. This typically commences 14 days after the committee stage has concluded.
(This article originally appeared in Cadwalader Climate, a twice-weekly newsletter on the ESG market.)