In recent years, the rapid development of cryptocurrency has garnered global attention and discussion. The widespread adoption of cryptocurrencies such as Bitcoin has not only transformed perceptions of currency and the financial system but also spurred numerous new business models and technological innovations. In 2023, the cryptocurrency market experienced a series of significant events, including the dramatic fluctuations in Bitcoin prices, Ethereum’s successful completion of its Merge upgrade, and regulatory actions by the U.S. Securities and Exchange Commission (SEC) against several cryptocurrency exchanges. These events underscore the importance and influence of cryptocurrencies in the global financial market.

As more traditional financial institutions, such as JPMorgan Chase and Goldman Sachs, venture into the cryptocurrency field, market acceptance and legitimacy are gradually increasing. Payment giants like PayPal, Visa, and MasterCard have also begun to support cryptocurrency transactions and payments, broadening the application scenarios for digital currencies. Simultaneously, the rapid development of blockchain technology and decentralized finance (DeFi) is opening new possibilities for fintech.

However, the swift growth of the cryptocurrency market is accompanied by numerous issues and challenges, particularly in terms of legal and regulatory aspects. The collapse of the FTX exchange in 2023 triggered global financial panic, highlighting the risks and problems stemming from inadequate cryptocurrency market regulation. In response, U.S. federal and state regulatory bodies are intensifying their oversight of cryptocurrencies, seeking to regulate market behavior and protect investor interests through legislation and policy.

To thoroughly explore the legal framework and future development of U.S. cryptocurrency payment licenses, Aiying艾盈 will analyze the following key areas:

1. The Legal Basis of Cryptocurrency Payment Licenses: Reviewing the historical development of cryptocurrency laws in the U.S., analyzing the interaction between federal and state laws, and interpreting key regulations.
2. Practical Aspects of Cryptocurrency Payment Licenses: Describing the processes and conditions for companies to apply for Money Services Business (MSB) and Money Transmitter License (MTL).
3. Diverse State Regulatory Approaches: Comparing different state regulations on cryptocurrency payment licenses and analyzing the impact of both lenient and stringent policies on businesses.

I. The Legal Foundations of U.S. Cryptocurrency Payment Licenses

Historical Overview

The legal development of cryptocurrency in the United States can be described as a “regulatory marathon.” Since the advent of Bitcoin in 2009, cryptocurrency has gradually moved from niche circles into the mainstream. However, the true wave of regulation began in 2013. That year, the Financial Crimes Enforcement Network (FinCEN) of the U.S. Department of the Treasury issued the first guidance on virtual currency, categorizing cryptocurrency exchangers and administrators as “Money Services Businesses” (MSBs), subject to the requirements of the Bank Secrecy Act (BSA). This action marked the beginning of a new era in U.S. cryptocurrency regulation.

As the cryptocurrency market experienced explosive growth in the 2020s, states began to introduce their own regulatory measures. In 2023, the New York State Department of Financial Services (NYDFS) further tightened its oversight of cryptocurrency exchanges, mandating that all cryptocurrency businesses operating within the state obtain a BitLicense. At the same time, California introduced the Digital Financial Assets Law (DFAL) in 2023, establishing a regulatory framework for digital financial assets. The collapse of the FTX exchange in 2023 shocked the world and prompted more state governments to expedite their cryptocurrency legislation efforts.

1. The Interaction Between Federal and State Laws

In the U.S., federal and state laws have formed a delicate “competitive cooperation” relationship in cryptocurrency regulation. Federal regulation is primarily overseen by FinCEN, the Securities and Exchange Commission (SEC), and the Commodity Futures Trading Commission (CFTC). FinCEN regulates cryptocurrency transactions under the BSA, requiring businesses to register as MSBs and comply with stringent Anti-Money Laundering (AML) and Know Your Customer (KYC) requirements. The SEC focuses on whether cryptocurrencies qualify as securities and manages their issuance and trading. The CFTC is responsible for regulating the cryptocurrency futures and derivatives markets.

State-level regulation varies significantly. For instance, New York’s BitLicense is currently the strictest state-level cryptocurrency regulatory system, requiring businesses to obtain a license to operate within the state. Conversely, Wyoming has adopted a relatively lenient regulatory approach, enacting a series of laws that exempt certain types of cryptocurrency businesses from licensing requirements to attract cryptocurrency companies and investments. This regulatory diversity means that businesses operating in the U.S. must carefully consider the legal requirements of each state to ensure compliance.

2. Key Legal Regulations

(1) The Bank Secrecy Act (BSA)

The Bank Secrecy Act (BSA) is the cornerstone of anti-money laundering (AML) and counter-terrorism financing in the United States. Aiying艾盈 has previously discussed this in the article “The Shadow Under the Bank Secrecy Act: Cryptocurrency and AML Thresholds.” Under the BSA, any institution engaged in Money Services Business (MSB) must register with FinCEN and comply with relevant regulatory requirements, which include:

• Registration Requirements: All MSBs must register with FinCEN within 180 days of starting operations and update their registration periodically.
• AML Program: MSBs must develop and implement an effective AML program, which includes appointing a compliance officer, conducting employee training, and establishing internal controls and monitoring systems.
• Reporting Requirements: MSBs must report large cash transactions (over $10,000) and suspicious activities to FinCEN.
• Record Keeping: MSBs must retain transaction records and customer information to support AML and counter-terrorism financing investigations.

(2) The Securities Act

The Securities Act of 1933 primarily regulates the issuance and trading of securities. According to this act, any public offering of securities must be registered with the SEC or qualify for an exemption. Whether a cryptocurrency qualifies as a security depends on the “Howey Test,” which considers whether an investment involves:

• Investment of Money: The investor invests money.
• Common Enterprise: The investment funds are pooled in a common enterprise.
• Expectation of Profit: The investor expects to profit from the investment.
• Efforts of Others: The profit primarily comes from the efforts of a third party.

If a cryptocurrency is deemed a security, it must comply with SEC regulations, including registration, disclosure requirements, and compliance management.

(3) Other Key Regulations

• Commodity Exchange Act (CEA): The CFTC regulates cryptocurrency futures and derivatives markets under the CEA. The CFTC has classified Bitcoin and Ethereum as commodities, thus transactions involving these cryptocurrencies in futures and derivatives markets must comply with CEA provisions.
• Internal Revenue Code (IRC): The IRS treats cryptocurrency as property, requiring taxpayers to report transactions and pay capital gains tax on their holdings and trades.

These regulations collectively establish the legal framework within which cryptocurrency payment licenses operate in the United States, ensuring comprehensive oversight from multiple regulatory bodies at both federal and state levels.

II. Practical Application Process for Cryptocurrency Payment Licenses

2. Compliance Requirements

After obtaining a license, businesses must continually meet a series of compliance requirements that have a profound impact on their operations.

(1) Anti-Money Laundering (AML)

Businesses must develop and implement effective AML programs, which include establishing internal controls and monitoring systems to ensure all transactions comply with AML regulations. Companies are required to regularly report suspicious activity (SAR) to FinCEN and submit Currency Transaction Reports (CTR) for any single transaction exceeding $10,000.

(2) Know Your Customer (KYC)

KYC is central to compliance, requiring businesses to verify the identity of every customer to ensure the accuracy and legality of customer information. Companies must collect identification information, proof of address, and other necessary documents from customers, and conduct ongoing customer risk assessments.

(3) Data Security and Privacy Protection

Businesses must take effective measures to protect customer data and transaction information from breaches and cyberattacks. Companies need to comply with relevant regulations such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

II. Practical Application Process for Cryptocurrency Payment Licenses

2. Compliance Requirements

After obtaining a license, businesses must continually meet a series of compliance requirements that have a profound impact on their operations.

(1) Anti-Money Laundering (AML)

Businesses must develop and implement effective AML programs, which include establishing internal controls and monitoring systems to ensure all transactions comply with AML regulations. Companies are required to regularly report suspicious activity (SAR) to FinCEN and submit Currency Transaction Reports (CTR) for any single transaction exceeding $10,000.

(2) Know Your Customer (KYC)

KYC is central to compliance, requiring businesses to verify the identity of every customer to ensure the accuracy and legality of customer information. Companies must collect identification information, proof of address, and other necessary documents from customers, and conduct ongoing customer risk assessments.

(3) Data Security and Privacy Protection

Businesses must take effective measures to protect customer data and transaction information from breaches and cyberattacks. Companies need to comply with relevant regulations such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

Case Studies:

• Coinbase: As one of the largest cryptocurrency exchanges in the U.S., Coinbase applied for and obtained New York’s BitLicense in 2015, becoming one of the first companies to do so. During the application process, Coinbase faced stringent compliance requirements, including thorough background checks, financial audits, and redesigning the user registration process, which increased operational costs. To meet these challenges, Coinbase formed a professional compliance team, developed detailed AML and KYC programs, and strengthened internal management, eventually securing the license.
• FTX: At the beginning of 2023, FTX collapsed due to poor management and compliance failures, shocking the market. This event prompted other exchanges like Kraken to take immediate action to enhance their AML and KYC measures, update compliance programs, and ensure that their transactions meet regulatory requirements. Recently, regulatory bodies have intensified oversight of cryptocurrency exchanges, with stricter demands for internal controls and risk management.
• Binance.US: Binance’s compliance journey in the U.S. has been challenging. Through its subsidiary, Binance.US, it has applied for the necessary licenses in various states, collaborating with regulators to establish a robust compliance team and adopting advanced AML and KYC technologies. These efforts have allowed Binance.US to successfully establish itself in the U.S. market. As the regulatory environment continues to evolve, Binance.US continually adjusts its compliance strategies to meet new regulatory requirements and market dynamics.

3. Decentralized applications may not be able to escape the need for licenses.

This is a case that was written in the previous article of Aiying Oiya 3《Changes in U.S. encryption regulatory policies trigger legal dilemmas: wallets and Defi developers may face greater challenges and coping strategies》Since 2013, the U.S. government’s policy has been clear that developers and users of cryptocurrency wallets are not money transmitters. But the recent decision by the Department of Justice to prosecute wallet developers for unauthorized currency transfers comes as a surprise, especially since these developers do not actually control the assets that users protect with their software.

III. Different Regulatory Models Across States

1. Differentiated Regulation

In the United States, the regulations and enforcement of cryptocurrency payment licenses vary significantly from state to state, creating diverse challenges and opportunities for businesses operating in different regions.

(1) New York State

Strict BitLicense: New York State introduced BitLicense in 2015, a highly stringent cryptocurrency license. Companies must submit detailed application materials, undergo background checks, and comply with rigorous Anti-Money Laundering (AML) and Know Your Customer (KYC) requirements. This high regulatory threshold demands significant compliance efforts from businesses.

Obtaining a BitLicense is a complex and costly process. Companies need to pay substantial application fees and allocate considerable resources to meet the strict compliance standards. This high barrier deters many small cryptocurrency businesses. However, companies that obtain BitLicense often gain higher market trust and recognition. For instance, companies like Coinbase and Gemini, which hold BitLicense, enjoy high credibility among users and investors, aiding in attracting more customers and capital.

(2) Wyoming State

Lenient Regulatory Policies: Wyoming has adopted relatively lenient regulatory policies, passing multiple laws supporting cryptocurrency and blockchain technology. For example, Wyoming’s Digital Asset Law clarifies the legal status of digital assets and exempts certain businesses from licensing requirements. This approach has attracted many cryptocurrency businesses to establish operations in Wyoming.

Wyoming’s lenient policies significantly reduce compliance costs for businesses, attracting numerous cryptocurrency and blockchain enterprises. For example, Kraken established a Special Purpose Depository Institution (SPDI) in Wyoming, enabling it to offer cryptocurrency custodial services.

(3) California State

Gradually Improving Regulation: California introduced the Digital Financial Assets Law (DFAL) in 2023, requiring digital financial asset businesses to obtain licenses. This law not only defines digital financial assets but also sets stringent compliance requirements, similar to New York’s BitLicense, though differing in implementation details.

Decentralized Applications Might Also Require Licenses: This concept was previously discussed in Aiying’s article “Legal Challenges Triggered by Sudden Changes in U.S. Crypto Regulation: Wallet and DeFi Developers May Face Greater Challenges and Coping Strategies.” Since 2013, U.S. policy has been clear that cryptocurrency wallet developers and users are not considered money transmitters. However, the Department of Justice’s recent decision to prosecute wallet developers for unlicensed money transmission was unexpected, especially since these developers do not control the assets protected by their software.

Aiying艾盈 believes that in the future, states may trend towards unified standards in cryptocurrency regulation through federal and state coordination and industry standardization to enhance compliance and market stability. Additionally, states are expected to strengthen AML and KYC requirements and increase investment in data protection and cybersecurity. Promoting “regulatory sandbox” initiatives and cross-border cooperation will support innovation, providing a controlled experimental environment for businesses.

IV. The Multifaceted Nature of Cryptocurrencies and Legal Applications

Last month, the House of Representatives voted to pass the “21st Century Financial Innovation and Technology Act” (FIT21 Act). If enacted, this legislation would establish a clear regulatory framework for cryptocurrencies in the United States, facilitating the secure launch of blockchain projects and delineating the regulatory responsibilities of the SEC and CFTC, potentially ending their ongoing jurisdictional conflicts. However, the bill received mixed support, with 71 Democrats and 208 Republicans voting in favor, while 3 Republicans and 133 Democrats opposed it. President Joe Biden has expressed opposition to the bill, though he has not indicated whether he would veto it. The bill will be revised and submitted to the Senate, ultimately requiring Biden’s approval. Therefore, the following discussion is based on the current legal framework as of June 17, 2024:

1. The Multifaceted Nature of Cryptocurrencies

Cryptocurrencies are unique assets with multiple attributes, leading to complex legal and regulatory issues. Below are the primary attributes of cryptocurrencies and their corresponding legal frameworks:

(1) Commodity

• Nature: Similar to gold or oil, cryptocurrencies can function as commodities. Their prices are determined by market supply and demand, and they can be used for trading, investment, or storing value. Bitcoin is often referred to as “digital gold.”
• Legal Framework: In the U.S., the Commodity Futures Trading Commission (CFTC) regulates the futures and derivatives markets for cryptocurrencies.
• Example: The Chicago Mercantile Exchange (CME) offers Bitcoin futures contracts regulated by the CFTC.

(2) Digital Asset

• Nature: Cryptocurrencies can also serve as digital assets, akin to stocks or bonds, representing rights or ownership and tradable on exchanges. Ethereum (ETH) functions not only as a currency but also supports smart contracts and decentralized applications (DApps).
• Legal Framework: If considered digital assets, cryptocurrencies might be classified as securities by the Securities and Exchange Commission (SEC), requiring compliance with SEC regulations.
• Example: The SEC has filed lawsuits against some ICO projects for unregistered securities offerings.

(3) Personal Property

• Nature: From a tax perspective, cryptocurrencies are treated as personal property. Transactions or holdings are subject to capital gains tax, similar to real estate or art transactions. Long-term holdings (over one year) are subject to long-term capital gains tax, while short-term holdings (less than one year) are subject to short-term capital gains tax.
• Legal Framework: The Internal Revenue Service (IRS) mandates tax reporting for cryptocurrency transactions and holdings.
• Example: The IRS requires taxpayers to report gains from cryptocurrency transactions on their annual tax returns.

(4) Virtual Currency

• Nature: Cryptocurrencies can also be used as virtual currencies for purchasing goods and services, similar to fiat currencies. Payment platforms like PayPal and Visa support cryptocurrency payments, enhancing their monetary function.
• Legal Framework: The Financial Crimes Enforcement Network (FinCEN) classifies cryptocurrency transactions as Money Services Businesses (MSBs), requiring compliance with AML and KYC regulations.
• Example: Exchanges like Coinbase must comply with FinCEN regulations, including customer identity verification and transaction monitoring.

Necessity for Regulatory Coordination

Due to the combination of these attributes, cryptocurrencies encompass the properties of commodities, securities, personal property, and currency, resulting in regulatory complexity and potential overlaps or gaps. To address this issue, it is essential to clarify regulatory responsibilities. For instance, the CFTC could oversee the commodity aspects, while the SEC could handle the securities aspects, thereby reducing redundant regulation and improving efficiency. Additionally, establishing a unified federal regulatory standard and coordinating state-level enforcement could lower compliance costs for businesses and increase market transparency. Given the global nature of cryptocurrencies, international regulatory cooperation is crucial to establish a unified framework, which is why many in the industry are hopeful that the FIT21 Act will provide a consistent set of rules for stakeholders to follow.

V. Overview of Global Regulatory Policies

Let’s take a look at the regulatory approaches of several key countries around the world:

1. Singapore

Flexible Regulation and Active Innovation: Singapore adopts a flexible regulatory framework that supports innovation. The Monetary Authority of Singapore (MAS) introduced the Payment Services Act (PSA), which provides a unified regulatory framework for payment services, including cryptocurrencies. The PSA imposes different regulatory requirements on payment service providers based on their scale and risk, ensuring market safety while supporting the growth of innovative businesses. For more details, refer to Aiying艾盈’s article, “Comprehensive Interpretation of Singapore’s Payment Services Regulatory Framework and Virtual Asset DPT License Requirements.”

2. Hong Kong

Flexible Regulation and Regional Hub: As an international financial center, Hong Kong has a highly accommodating regulatory environment for cryptocurrencies. Recently, the Securities and Futures Commission (SFC) of Hong Kong updated its regulatory guidelines for cryptocurrency exchanges, requiring them to obtain licenses and comply with strict AML and KYC requirements. Additionally, the Hong Kong Monetary Authority (HKMA) introduced a Virtual Asset Service Provider (VASP) licensing regime to further regulate and promote the virtual asset industry. These measures not only increase market transparency but also enhance investor protection. Hong Kong is striving to become the Asia-Pacific region’s center for cryptocurrency and blockchain technology, attracting numerous businesses and investors. For more information, see:

• “Compliance Path for Traditional Finance Entering Hong Kong’s Web3 Virtual Asset Market”
• “Quick Overview of HKMA’s Latest Stablecoin Regulatory Policy”
• “Five Yes or No Points about Hong Kong’s VASP Legislation”
• “Hong Kong’s New Capital Investment Entrant Scheme: Comprehensive Guide to Virtual Asset Investment and VASP License Application”

3. Europe

Unified Regulation and Diverse Development: Europe employs a combination of unified and diverse strategies for cryptocurrency regulation. The European Union’s Fifth Anti-Money Laundering Directive (5AMLD) and Sixth Anti-Money Laundering Directive (6AMLD) impose clear compliance requirements on cryptocurrency exchanges and wallet service providers, promoting consistent AML and KYC practices among member states. In early 2024, the EU also adopted the Markets in Crypto-Assets (MiCA) regulation, aiming to provide a unified regulatory standard across the EU for all aspects of cryptocurrency, from issuance to trading. Countries like Germany and France have already begun implementing the MiCA framework to ensure their domestic markets align with EU standards. This unified regulatory environment reduces compliance costs for businesses and enhances market transparency and stability. For more details, see:

• “Comprehensive Analysis of MiCA: Impact on the Web3 Industry, DeFi, Stablecoins, and ICO Projects”

4. Japan

Strict Regulation and Market Discipline: Japan amended its Payment Services Act in 2017, requiring all cryptocurrency exchanges to register with the Financial Services Agency (FSA) and comply with stringent AML and KYC regulations. Although the regulations are strict, they improve market transparency and user trust, attracting many legitimate exchanges and investors to the Japanese market.

5. Switzerland

Blockchain Nation with Supportive Regulations: Switzerland, known as the “Blockchain Nation,” is home to Crypto Valley, a global hub for blockchain and cryptocurrency innovation. The Swiss Financial Market Supervisory Authority (FINMA) has issued clear guidelines providing a legal framework for cryptocurrencies and Initial Coin Offerings (ICOs). Swiss regulations are both rigorous and flexible, encouraging financial innovation and supporting the development of blockchain technology.

Regulatory Coordination Necessity

Because cryptocurrencies exhibit properties of commodities, securities, personal property, and currency, their multifaceted nature results in complex and overlapping regulatory issues. To resolve this, clear delineation of regulatory responsibilities is essential. For instance, the CFTC could oversee commodity aspects, while the SEC could handle securities-related matters, reducing redundant oversight and increasing efficiency. Establishing a unified federal regulatory standard and coordinating state enforcement could lower compliance costs and enhance market transparency. Given the global nature of cryptocurrencies, international regulatory cooperation is crucial to establish a consistent framework, making the FIT21 Act highly anticipated for providing clear rules for industry stakeholders.

statement:

1. This article is reproduced from [AiYing Compliance], the copyright belongs to the original author [Aiying Ai Ying], if you have any objections to the reprint, please contact the [Gate Learn] team , and the team will handle it as soon as possible according to relevant procedures.

2. Disclaimer: The views and opinions expressed in this article represent only the author’s personal views and do not constitute any investment advice.

3. Other language versions of the article are translated by the Gate Learn team and are not mentioned in Gate.io, the translated article may not be reproduced, distributed or plagiarized.