3 Tips for Crypto Startups Preparing for Continued Compliance
Between the decline in cryptocurrency prices and the bankruptcy of several major players in the industry, today’s cryptocurrency companies face no shortage of challenges. However, cryptocurrency companies should not lose sight of their day-to-day obligations, especially those related to compliance.
In fact, both state and federal regulators continue to take enforcement action against cryptocurrency companies for alleged noncompliance, resulting in significant monetary penalties and, in extreme cases, even the arrest of the companies’ founders.
The risk of inadequate compliance shows no signs of abating. Early stage cryptocurrency companies can lay a foundation for future success by continuously assessing their compliance obligations through a risk-based approach, and quickly addressing any deficiencies, especially during periods of rapid expansion, as well as by vigilantly monitoring for new regulatory developments.
It’s no secret that cryptocurrency regulation remains complicated, with multiple public regulators adopting different and sometimes competing approaches.
1. Assess your company’s compliance risk and build a well-resourced compliance function
Cryptocurrency companies of all shapes and sizes will benefit from conducting a dispassionate assessment of the compliance risk facing the company. The Financial Action Task Force (FATF), an independent intergovernmental body that publishes global anti-money laundering standards for both companies and governments, recommends that financial institutions, including cryptocurrency companies, adopt a risk-based approach to compliance.
This approach involves evaluating a company’s products, services, business model, customers, geography and other factors to assess, and then address, the greatest risks to the company. As a company develops and grows over time, these risks should be continually reassessed to ensure the company stays ahead of any evolving compliance risks.
Cryptocurrency companies are often regulated by an alphabet soup of government entities. Some of the most common and well-known regulations include, for example:
- Registration and licensing requirements. Cryptocurrency companies are often required to register with various government regulators in order to operate, although companies may not always immediately recognize the requirement. For example, many cryptocurrency exchanges or ATMs are required to register as money services businesses with the US Treasury Department’s Financial Crimes Enforcement Network. Similarly, the New York State Department of Financial Services (NYSDFS) requires cryptocurrency companies to obtain a “bit license” if they do business in New York or with New York residents, which is likely to include many companies not physically based in New York. .
- Fight money laundering and know your customer rules. Many cryptocurrency companies must comply with Know Your Customer (KYC) regulations, which require these companies to collect essential information about their customers during the onboarding process. Anti-money laundering (AML) laws also require companies to monitor transactions and report potentially suspicious activity. Together, these laws are designed to combat criminal activity and terrorist financing, as well as prevent transactions with sanctioned entities and individuals. Although these laws are widely known, compliance in practice can prove difficult and cryptocurrency companies continue to be cited for alleged AML/KYC compliance failures.