News

Counsel Kate Gee and Associate Tom Crawford discuss tougher regulation of digital assets following the implosion of FTX in Compliance Monitor.

Kate and Tom’s article was published in Compliance Monitor, 27 January 2023, and can be found here. 

The implosion of FTX combines a lack of expertise, ignorance of corporate duties, due diligence failings and a disregard for red flags. Its immediate legacy is one of significant reputational damage that goes beyond the individuals and companies directly involved, and taints the global crypto sector.

Overriding all of this, regulators and legislators now have investor and consumer protection uppermost in their minds, having been starkly reminded about the distinct absence of effective regulation.

Since its foundation in May 2019 by Sam Bankman-Fried (SBF) and Zixiao “Gary” Wang, the Bahamas-based crypto asset platform FTX became the world’s second largest cryptocurrency exchange, valued at approximately $32 billion by mid-2022. Then began its rapid descent, culminating in last November’s Chapter 11 filing in the United States Bankruptcy Court. A dramatic run on deposits left FTX owing a reported $9 billion, and the US Securities and Exchange Commission (SEC) and the US Department of Justice (DoJ) launched widely-reported investigations into it. Allegations include the potential misappropriation of funds by SBF and companies related to him. In December, the US attorney’s office for the Southern District of New York charged SBF with wire fraud, wire fraud conspiracy, and conspiracy to commit money laundering.

Having been extradited from the Bahamas to New York, in January 2023 he pleaded not guilty and a trial date of 2 October 2023 has been set.  A $250m bail package was underpinned by two anonymous individuals, meaning that SBF is permitted to live with his parents until trial. If convicted, he faces a potential 100+ year prison sentence for what would be one of the largest financial frauds in history.

Shocking as this series of events is, and the speed at which they have unravelled, there is a sense of déjà vu about it that is reminiscent of the collapse of Lehman Brothers in September 2008.  At that time, Lehman was the fourth-largest investment bank in the US with $639 billion of assets. Yet, and by stark contrast to FTX, Lehman was operating in an environment where its financial services activities were subject to long-established regulations in the jurisdictions in which it conducted business.

Turning back to FTX, in the various jurisdictions from which it attracted more than a million investors, the crypto exchange was subject to no, or to minimal, regulation. In the UK, for example, the 80,000 Britons who invested funds via FTX are unprotected by UK regulation; crucially, they do not benefit from Financial Services Compensation Scheme (FSCS) protection, which protects up to £85,000 of an individual’s (fiat currency) savings or investments.

In the absence of regulation in respect of digital assets, the UK Financial Conduct Authority (FCA) has issued repeated warnings about the risks of cryptocurrencies – including specifically about FTX in September 2022. In November 2022, it published a policy paper on cryptoassets, which confirmed: “The FCA currently has oversight to check that cryptoasset firms have effective anti-money laundering (AML) and terrorist financing procedures in place, but generally cryptoassets themselves are not regulated.  Security tokens (tokens with specific characteristics that provide rights and obligations akin to specified investments, like a share or a debt instrument) are the only FCA-regulated cryptoasset.”

So, if FTX is crypto’s “Lehman moment”, what can we expect to fill the regulatory and compliance void?

The Lehman collapse precipitated further regulation and greater regulatory scrutiny across the banking and securities sectors on a global level. Much of it, however, took several years to put in place. In the context of crypto, things will hopefully move a lot faster.

Together, the collapse of FTX and the serious charges against SBF have provoked renewed calls from commentators and legislators for crypto regulation to be implemented, in a way that serves the global, multijurisdictional nature of the sector. In addition, a number of crypto firms have called for much tougher regulation of digital assets to be implemented, in an effort to restore investor confidence.

Internationally, some progress is being made: for example, both the Market in Crypto-Assets (MiCA) provisional agreement in Europe and the Framework for International Engagement on Digital Assets in the US.  Despite these advances elsewhere and the FCA having acknowledged last July that global rules are necessary to “keep markets clean”, crypto firms in the UK remain largely unregulated and subject only to AML requirements, and the process for regulation itself is slow.

Realistically, the implementation of standardised global rules for crypto can only be a long-term objective. In the short term, the US is taking action. With US legislators under pressure to set a new regulatory framework, the SEC, the Financial Accounting Standards Board (FASB) and the US Internal Revenue Service (IRS) are working in tandem to tighten crypto regulations and expand their oversight.  In the first half of 2023, the FASB is set to introduce accounting and disclosure requirements for entities holding crypto assets, while the SEC is asking companies to consider in their disclosures “the need to address crypto asset market developments in their filings generally, including in their business descriptions, risk factors, and management’s discussion and analysis.”

In addition, and perhaps as a prelude to stricter regulation, US regulators (the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation, and the Office of the Comptroller of the Currency) published a joint statement on crypto-asset risks to banking organisations in January 2023 about investing in crypto after the recent “failures of several large crypto-asset companies”.  The statement highlighted a “contagion risk” for banks, warning that “risk management and governance practices” in the crypto space lack “maturity and robustness.”

We anticipate that the UK may take similar steps in an effort to prevent a second crypto implosion.  As a starting point, the October amendment to the Financial Services and Markets Bill included bringing cryptocurrencies within the scope of regulated financial services. In boosting regulators’ powers over crypto firms and imposing rules on digital assets, this will require them to protect consumers, making them liable to pay fines or potentially lose their licences should they fail to comply.

However, Ashley Alder – currently chief executive of Hong Kong’s Securities & Futures Commission – has been appointed as the FCA Chair, with effect from February.  Adler has crypto regulation firmly in his sights, having told a cross-party Treasury select committee meeting in December last year: “Our experience to date of [crypto] platforms, whether FTX or others, is that they are deliberately evasive, they are a method by which money laundering happens in size.” Alder added that the way crypto firms “bundle a whole set of activities which are normally segregated . . . gives rise to massively untoward risk.”

Also in December, the FT reported that: “The Treasury is finalising plans for a package of sweeping rules to regulate the cryptocurrency industry, including limits on foreign companies selling into the UK, provisions for how to deal with the collapse of companies and restrictions on the advertising of products.”

For some time, the UK government has been finalising plans to give the FCA broader powers, which include overseeing the advertising, sales practices and management of crypto firms. However, with Alder at the helm, it may be that the FCA will take a more draconian approach to crypto regulations, and place more onerous compliance obligations on companies with exposure to crypto.

For those involved on a day-to-day basis with crypto companies or for compliance teams at UK-based financial services firms, however, the priority is still to obtain and understand detail on the substance, scope and timing of new crypto regulations so that they know what will be required, and when.  Andrew Griffith, Economic Secretary to the Treasury, said in January that regulating crypto would be a “long lead-time activity”, and that new legislation is unlikely to be ready in 2023.  Nevertheless, he committed to the launch of two public consultations in the coming weeks (one on the general regulatory approach to crypto assets and one on Central Bank Digital Currencies (CBDCs), which will also cover a digital pound) and to hold at least six roundtables with crypto industry specialists.  In the same Treasury committee hearing, he affirmed the government’s aim to be “the home of well-regulated [and] technologically-advanced financial systems”, telling the committee, “It is right to look to seek to embrace potentially disruptive technologies, particularly when [the UK has] such a strong fintech and financial sector”.

How regulators ultimately draft effective rulebooks that help to protect investors from another large-scale collapse like that of FTX remains to be seen, but further regulation and enhanced compliance requirements in this space are coming.

Investors will hope for extended regulatory oversight of centralised exchanges and the wider crypto industry in order to prevent fraudulent activity, additional collapses / insolvencies, and critically, potential losses.  However, in the meantime, investors must proceed with caution, conducting due diligence about each investment and not taking promotional material at face value.  Crucially, as soon as an investor has concerns about a company or an investment, he or she should act quickly, including taking prompt legal advice about how to prevent losses.