Non-compliance with FinCEN’s Beneficial Ownership Information (BOI) reporting requirement could expose your business to significant financial and legal risks. Here’s what you need to know about the potential consequences of failing to comply with this critical regulation.
FinCEN has the authority to impose hefty fines on businesses failing to meet the BOI reporting requirement. Penalties for non-compliance is $591 per day, with no maximum cap. This means even small delays in filing could result in substantial financial costs if FinCEN targets your company.
Non-compliance with BOIR can be seen as an attempt to obscure ownership information, which could trigger further investigation into potential financial crimes.
Businesses found to be in non-compliance with the BOI reporting requirements may also suffer reputational damage. Investors, clients, and partners expect transparency in ownership structures, and failure to comply could result in a loss of trust and business opportunities.
Non-compliant businesses may find it harder to secure loans, attract investors, or engage in mergers and acquisitions. Transparency in beneficial ownership is becoming a key factor in financial and business transactions, and non-compliance could hinder growth opportunities.
As of today, there are no reported instances of fines being assessed against a company for violation of the BOI reporting rule. Nevertheless, the risks of non-compliance with FinCEN’s BOIR requirement far outweigh the effort of filing. Businesses that take proactive steps to meet the reporting deadlines and maintain accurate information will avoid fines, legal action, and reputational harm. Make compliance a priority to safeguard your business.
Business owners preparing to file their Beneficial Ownership Information (BOI) reports should be aware of common pitfalls that might lead to civil penalties or worse.
The most common mistake is identifying one owner but not identifying every individual qualifying as a beneficial owner. Even if someone owns less than 25% of the business, that person may still be considered a beneficial owner if they hold significant decision-making authority evidencing “substantial control” over the reporting company.
For example, an indirect way to exercise substantial control over a reporting company is by controlling one or more intermediary entities that separately or collectively exercises substantial control over a reporting company. The best way to avoid this mistake is to review your company’s structure carefully and consult an expert if you’re unsure about who is a potential beneficial owner.
Another likely common mistake is submitting incorrect or incomplete details for beneficial owners. Mistakes in names, dates of birth, or identification numbers can lead to rejected filings or regulatory scrutiny – and possibly even fines and jail time if done deliberately. This mistake can easily be avoided by double-checking all information before submission and ensuring you’ve provided accurate and up-to-date details.
A third common mistake is failing to timely file. Businesses underestimate how long the process can take, leading to missed deadlines. For new businesses, filing is required 90 days after formation or registration, while companies formed or registered prior to 2024 have until January 2025 to comply. Companies can avoid this potential problem by marking important dates on your calendar and preparing your filing early to avoid a last-minute rush and a possible $591 a day fine for an untimely filing.
A fourth mistake would be the failure to update information as it changes. As set forth in the applicable regulations, the failure to update beneficial ownership information as changes occur can result in non-compliance. Any changes in ownership or control must be reported within thirty days of the change. This can be avoided by Implementing an internal system to track changes in ownership and file updated reports with FinCEN when necessary.
The fifth common mistake is simply assuming the existence of an exemption without really confirming it applies. Certain businesses, like larger companies already subject to similar rules, are exempt from the BOI reporting requirement. Assuming you are covered by an exemption without having proper confirmation could lead to fines. This can be avoided by double checking your exemption status by consulting the list of exempt entities or seeking expert advice. For example, even if your company has filed for dissolution, that would not automatically exempt you as an inactive company if that dissolution took place in 2024.
Avoiding these five common mistakes will help ensure a smooth BOI reporting process. By simply taking the time to understand key requirements and double-checking your information, you can protect your business from most of these unnecessary risks.
With the Beneficial Ownership Information (BOI) reporting requirement now in effect, many businesses are wondering how to comply with this new rule issued by the Treasury Department’s Financial Crimes Enforcement Network (FinCEN). Preparing early will help you avoid fines and penalties, ensuring a smooth filing process.
The first step is determining who qualifies as a beneficial owner. This includes anyone who exerts substantial control or has ownership of 25% or more in your business. It’s crucial to assess both direct and indirect control, so be sure to evaluate individuals who might have critical influence over decision-making even if they don’t own a large percentage of equity.
You will need the following details for each beneficial owner:
Full name
Date of birth
Residential or business address
A government-issued identification number (such as from a driver’s license or passport)
Having this information on hand before filing will streamline the process and ensure accuracy.
If filing for an entity formed in 2024, you will also need to provide similar details for “applicants”, namely those persons who filed formation or registration documents with the state of formation or registration.
New businesses must file their BOI reporting information upon formation. For existing businesses, FinCEN has provided a one-year grace period to comply, meaning the deadline for companies formed or registered prior to 2024 is January 1, 2025. Don’t wait until the last minute — start preparing now.
Develop internal procedures to ensure ongoing compliance. This could involve creating a system for regularly updating beneficial ownership information when ownership or critical management changes over time.
Consider seeking advice from compliance experts to ensure whether you meet all the requirements. While the BOIR filing might seem straightforward, nuances in ownership or control structures could complicate the process. Ensuring your business is prepared for BOI reporting compliance long before the applicable deadline is the exact sort of proactive approach that will save you time, reduce stress, and help avoid costly penalties.
The Beneficial Ownership Information (BOI) reporting requirement, introduced by FinCEN (the Treasury Department’s Financial Crimes Enforcement Network) increases transparency in business ownership with the stated goal of reducing financial crimes such as money laundering and tax evasion. As a business owner, it’s essential to understand what this regulation means for you and your company.
The BOIR rule mandates that certain companies report information about their beneficial owners to FinCEN. A “beneficial owner” is any individual who directly or indirectly exercises substantial control over the company or owns 25% or more of its equity
Corporations, limited liability companies (LLCs), and similar entities created or registered by a state to do business in the United States are required to file their BOI Report. Larger companies, regulated financial institutions, and inactive companies, are exempt because they largely already have to conduct this disclosure.
Businesses must report identifying information about each beneficial owner, including:
Full legal name
Date of birth
Current residential or business address
A unique identification number from a government-issued document (such as a driver’s license or passport)
The BOIR requirement officially went into effect in January 2024, and new companies must file within 90 days after their formation. Existing companies have until the end of 2024 to comply, so it’s essential to immediately start gathering the necessary information. Compliance with FinCEN’s BOIR requirement is a crucial regulatory obligation so take the time to understand these requirements and prepare your business for the upcoming changes.
Found in the nearly 1,500-page National Defense Authorization Act of 2021, is the 21-page Corporate Transparency Act (“CTA”), 31 U.S.C. § 5336. The CTA currently requires most entities incorporated or doing business under State law to disclose personal stakeholder information to the Treasury Department’s criminal enforcement arm, Financial Crimes Enforcement Network (“FinCEN”), including Tax ID numbers, date of birth, government identification number and copies of government identification documents of all beneficial owners and company state formation applicants (collectively a Beneficial Ownership Information Report or “BOI Report”).
According to Congress, this law is intended to prevent financial crimes such as money laundering and tax evasion committed using shell corporations. The relevant Constitutional question recently put before an Alabama federal court was whether Congress’ broad powers to regulate commerce, oversee foreign affairs and national security, and impose taxes and related regulations were enough to power such a massive information grab.
In a 53-page opinion, Judge Liles C. Burke of the Northern District of Alabama answered this question in the negative and struck down the CTA as unconstitutional. SeeMem. Op. at 3 (“Because the CTA exceeds the Constitution’s limits on the legislative branch and lacks a sufficient nexus to any enumerated power to be a necessary or proper means of achieving Congress’ policy goals, the Plaintiffs are entitled to judgment as a matter of law.”). As recognized by Judge Burke, there was no comparable State or federal law to the CTA. Mem. Op. at 35.
As a result of Judge Burke’s March 1, 2024 ruling – which began its appellate journey on March 11, 2024, all the plaintiffs in that case are for the time being exempt from filing a BOI Report – including the over 65,000 businesses and entrepreneurs located in all 50 states who are members of Plaintiff National Small Business Association (“NSBA”). As for everyone else who may be a Reporting Company, the CTA very much still applies.
By way of background, FinCEN issued a final rule implementing the CTA on September 29, 2022 and made that rule effective as of January 1, 2024. 87 Fed. Reg. 59498. Because only the plaintiffs in the Alabama action are safe from the CTA’s reporting reach all other businesses operating in the United States who are considered Reporting Companies will have to comply with the Rule.
More specifically, the CTA requires disclosures from “reporting company[ies],” defined as “corporation[s], limited liability company[ies], or other similar entit[ies]” that are either “(i) created by the filing of a document with a secretary of state or a similar office under the law of a State or Indian Tribe, or (ii) formed under the law of a foreign country and registered to do business in the United States.” 31 U.S.C. § 5336(a)(11)(A). The CTA exempts twenty-three kinds of entities from its reporting requirements, including banks, insurance companies, and entities with more than twenty employees, five million dollars in gross revenue, and a physical office in the United States. 31 U.S.C. § 5336(a)(11)(B). In other words, this statute not only targets shell companies involved in criminal conduct or fraud, it expressly hits most small business owners in the country as well.
“FinCEN estimates that there will be approximately 32.6 million reporting companies in Year 1, and 5 million additional reporting companies each year in Years 2–10.” 87 Fed. Reg. at 59549. The CTA requires these millions of entities to disclose the identity and information of any “beneficial owner.” 31 U.S.C. § 5336(b)(1)(A). A beneficial owner is defined as “an individual who . . . (i) exercises substantial control over the entity; or (ii) owns or controls not less than 25 percent of the ownership interests of the entity,” with some exceptions for children, creditors, and a few others. 31 U.S.C. § 5336(a)(3).
For new entities formed or operating in the United States after January 1, 2024, the CTA requires them to disclose the identity and information of both Beneficial Owners and “Applicants,” defined as “any individual who files an application to form a corporation, LLC, or other similar entity under the laws of a State or Indian Tribe; or registers [a foreign entity] to do business in the United States.” 31 U.S.C. § 5336(a)(2). Such filings must be made within 90 days of the relevant state filings and those companies formed or operating in the United States prior to January 1, 2024 have until year end.
Reporting entities must give FinCEN a Beneficial Owner or Applicant’s full legal name, date of birth, current address, and identification number from a driver’s license, ID card, or passport. 31 U.S.C. § 5336(a)(1), (b)(2)(A). Under the final rule, reporting entities are also required to submit an image of the identifying document. 31 C.F.R. § 1010.380(b)(1)(ii)(E). If any of that information changes, the reporting company must update FinCEN, 31 U.S.C. § 5336(b)(1)(D), and FinCEN retains Applicant and Beneficial Owner information on an ongoing basis for at least five years after the reporting company terminates. 31 U.S.C. § 5336(c)(1). Determining whether someone is a Beneficial Owner can be somewhat difficult given it requires a determination of who “has substantial influence over important decisions made by the reporting company” among other potentially vague criteria. 31 C.F.R. § 1010.38 (d)(1)(i)(C).
A willful provision of false or fraudulent beneficial ownership information or failure to report “complete or updated beneficial ownership information to FinCEN” by “any person” is punishable by a $500 per day civil penalty and up to $10,000 in fines and 2 years in federal prison, 31 U.S.C. § 5336(h)(1), (3)(A); a knowing and unauthorized disclosure or use of beneficial ownership information by “any person” is punishable by a $500 per day civil penalty, along with a $250,000 fine and 5 years in federal prison, 31 U.S.C. § 5336(h)(2), (3)(B); and a knowing and unauthorized use or disclosure while violating another federal law “or as part of a pattern of any illegal activity involving more than $100,000 in a 12-month period” by “any person” is punishable with a $500,000 fine and 10 years in federal prison, 31 U.S.C. § 5336(h)(3)(B)(ii)(II). Over time, this daily penalty increased to $591 per day.
As recognized by Judge Burke, “[t]he ultimate result of this statutory scheme is that tens of millions of Americans must either disclose their personal information to FinCEN through State-registered entities, or risk years of prison time and thousands of dollars in civil and criminal fines.” Mem. Op. at 8. Given the importance of this information, FinCEN already compels banks and other financial institutions to obtain nearly identical information from State entity customers and provide it to FinCEN.
More specifically, FinCEN’s 2016 Customer Due Diligence rule requires “covered financial institutions” to “identify and verify beneficial owners of legal entity customers.” 31 C.F.R. § 1010.230(a). As with the CTA, this rule defines a “legal entity customer” as “a corporation, limited liability company, or other entity that is created by the filing of a public document with a Secretary of State or similar office, a general partnership, and any similar entity formed under the laws of a foreign jurisdiction that opens an account,” unless the entity fits into one of sixteen exemptions – seven less than the CTA exemptions. 31 C.F.R. § 1010.230(e)(1)-(2).
The CDD rule also defines beneficial owners in the same manner: “Each individual . . . who owns, directly or indirectly, 25 percent or more” of the entity; has “significant responsibility to control, manage, or direct a legal entity,” including “a Chief Executive Officer, Chief Financial Officer, Chief Operating Officer, Managing Member, General Partner, President, Vice President, or Treasurer)” and “[a]ny other individual who regularly performs similar functions.” 31 C.F.R. § 1010.230(d)(1)-(2).
In other words, FinCEN’s CDD rule and the CTA provide FinCEN with nearly identical information. The CTA itself acknowledges the similarity. See 31 U.S.C. § 5336(b)(1)(F) (requiring the Secretary of the Treasury to promulgate regulations that “collect [beneficial owner and applicant] information . . . in a form and manner that ensures the information is highly useful in . . . confirming beneficial ownership information provided to financial institutions.” (emphasis added). See also Pub. L. 116-283 § 6402 (6)(B) (134 STAT. at 4604 – 4605) (“It is the sense of Congress that . . . [collection of] beneficial ownership information . . . [will] confirm beneficial ownership information [already] provided to financial institutions.”).
According to FinCEN’s compliance with the Paperwork Reduction Act of 1995: “The estimated average burden associated with this collection of information from Reporting Companies is 90 to 650 minutes per respondent for reporting companies with simple or complex beneficial ownership structures, respectively. The estimated average burden associated with Reporting Companies updating information previously provided is 40 to 170 minutes per respondent for reporting companies with simple or complex beneficial ownership structures, respectively.”
Given the appellate route will likely take well over a year to resolve and the NSBA plaintiffs no longer have any injury to adjudicate – which might have expedited an appeal if they had, it is incumbent on business owners to take the CTA at its face value and comply with the implemented regulations of FinCEN.
One of the founders of Ethereum recently recognized, “it is rare for the interests of idealism and pragmatism to overlap” but in the case of decentralization it “is not just something we should work towards, but something we truly must deliver on.” This fixation on “decentralization” took on new life after blockchain hit the popular press.
Despite BTC reaching 21month highs, true decentralization of financial systems based on crypto usage will lack mass adoption until there is sufficient trust to render Bitcoin or any other crypto “currency” a real currency. More than likely, this lack of trust is what is stopping the acceptance of crypto for widespread purchases – an essential precursor for any currency status. This failing is likely why the IRS from the very beginning relegated decentralized finance products and crypto’s to the status of taxable financial assets.
To that point, on December 28, 2023, Barrons recognized, “crypto has a long path to relevancy beyond trading. Despite years of development, blockchain networks remain on the outskirts of mainstream finance, while hacks, theft, and money laundering continue to be among the main uses. Crypto is still gambling on an unproven technology.”
Decentralization can also take on several non-crypto flavors. For example, the decentralization of governance places local governmental structures above large centralized authorities. The World Bank considers governmental decentralization in the context of community-driven development as a driver of “economic efficiency, public accountability, and empowerment” by providing “greater voice and choice to citizens to influence decisions that affect their lives” and “allowing local governments to respond dynamically to communities”, and resulting in “allocative efficiency by matching of local needs and preferences with patterns of local public expenditure (assumes substantial fiscal autonomy).” In the same breath, the World Bank, suggests that potential dangers and challenges brought on by such decentralization include: “Elite capture, Corruption, Patronage politics, Local civil servants feeling compromised, Incomplete information, Constituents not able to hold representatives accountable, and Opaque decision-making affecting accountability upwards and downwards.”
Persistent trust issues and effective governmental interventions may curtail widespread crypto adoption and increasing decentralized governance is a non-starter for most countries, but a third major area of decentralization remains a major threat to existing centralized structures – whether such structures derive from authoritative governments – which describes most existing governmental structures, or derive from financial institutions controlling major financial levers, or even are from the tech companies currently controlling most aspects of online and offline public discourse.
Simply put, the decentralization of one’s identity and personal data using self-sovereign identity (SSI) systems represents the greatest current threat to centralized power structures. Unfortunately, this is not an easy sell or a threat that will manifest anytime soon because, for example, decentralization of one’s digital identity entails asking people to denounce their current online identity built over many years of experience in favor of a clunky and confusing decentralized online persona.
SSI specifications such as W3C VC, OpenID for Verifiable Credentials, SD-JWT – are all directly or indirectly spearheaded by large tech companies and are gaining attention due to potential adoption with European Digital Identity Architecture and Reference Framework, NIST, DHS, etc. It is not difficult to see why these centralized structures are pushing for mostly federated SSI solutions – the EU Parliament sees SSI as a means of enforcing its privacy regime while NIST sees SSI as a means of strengthening cybersecurity and the DHS wants to deploy it as a means of improving physical security.
More to the point, after centralized authorities implement their own SSI solutions their chosen centralized solutions will never really be self-sovereign given centralized access to personal data – especially personal health information, will never be willingly given up by a centralized authority. Even the much-ballyhooed HIPAA turns it back to “de-identified” data sales for “medical research”. Until March 2023, the NIH and other federal agencies previously shared COVID-19 patient health data through several Open-Access Data and Computational Resources. Indeed, there is a reason HIPAA has long had numerous disclosure exemptions that largely swallowed the law’s protective measures.
The roughly 3 billion DNA base pairs found in human DNA can provide a hard-coded template that cannot be currently mimicked . In other words, the future world of rapid-fire DNA ID testing envisioned by Gattaca may eventually be the primary means of distinguishing between individuals.
DNA harvesting for research purposes became mainstream during COVID-19 testing – which is why French President Macron refused Putin’s offer of a PCR test in 2022. The National Human Genome Research Institute describes COVID-19 PCR “amplification” tests as follows: “Polymerase chain reaction (PCR) is a common laboratory technique used in research and clinical practices to amplify, or copy, small segments of genetic material. PCR is sometimes called “molecular photocopying,” and it is incredibly accurate and sensitive. Short sequences called primers are used to selectively amplify a specific DNA sequence. PCR was invented in the 1980s and is now used in a variety of ways, including DNA fingerprinting, diagnosing genetic disorders and detecting bacteria or viruses. Because molecular and genetic analyses require significant amounts of a DNA sample, it is nearly impossible for researchers to study isolated pieces of genetic material without PCR amplification.” It should be no surprise that DNA analytics firms such as 23andMe are targeted by hackers eager to possess the ultimate insight for identity verification and the NIH deployed a wide-ranging voluntary DNA research program on the heels of the eMERGE Network.
Personal identification using DNA fingerprints will become more and more attractive as realistic simulations of human voice, gaits, and images/videos, etc. using generative AI increases the risk biometric identity systems will fail to distinguish real measures from fake ones. Indeed, some vendors now focus heavily on “liveness detection” that recognizes physiological information as signs of life as an adjunct to the associated biometric data. FaceTec is a leader in this space and even hosts its own educational site on the importance of liveness detection. Nevertheless, even these companies will eventually reach a wall in the form of quantum AI capabilities – which points to live rapid-fire DNA testing as the key identity verification tool for future robust SSI implementations.
Where does this leave decentralization in 2024? While SSI, DeFi and governmental decentralization efforts today may self-correct in the future towards true decentralization left apart from centralized authority, there are projects in play right now that might more easily mature in 2024 to further data decentralization. For example, there are efforts taking the form of improved fund distribution – one using a platform created for UNICEF by Nepal-developer, Rumsan, and one called Disburse by Scifn, offering a one-to-many approach. These and other fund distribution platforms can eventually be removed from centralized funding sources.
In addition to Polkadot, peer-to-peer communication platforms such as Veilid allow users to build their own private distributed apps – which creates peer-to-peer communications with no resulting centralized data storage. Believing that centralized social media is “harmful to society”, Spritely Institute replaces the current client-server architecture currently under-girding all existing social medium platforms with a “participatory peer-centric model” that places “people in control of their own identity and build the technology that would enable a shift to collaborative and intentional security models prioritizing active consent.” These approaches still have many mass adoption barriers – the least of which is the competitive market barriers established long ago by current data oligarchs.
SSI left only in the hands of centralized authorities will eventually lead to increased hacking and continued misuse of personal data. Until new statutory requirements bring true portability of personal data – even platform-generated data that is derivative; coupled with meaningful consent rights for existing data usage – rights that limit centralized control when off-boarding to a peer-to-peer platform; individuals will never truly “own” or have control over their personal data. In other words, decentralization of existing data silos cannot become viable until there is a complete reset of existing norms of data stewardship and lobbyists take a backseat to the preeminence of consumer rights. If 2024 brings us even a few inches closer to that reality, it will be a good year for decentralization.
In her press release, the NYAG states: “Unregistered crypto platforms pose a risk to investors, consumers, and the broader economy.” Of note, no specific NY investor is referenced as being a victim of CoinEx’s activities in New York state. Rather, a NYOAG investigator created “an account with CoinEx using a computer with a New York-based IP address to buy and sell digital tokens although CoinEx was not registered with the state.” Moreover, the “restitution” obtained by the NYOAG simplyrequired that each investor “be refunded the amount of cryptocurrency or the cash equivalent of the cryptocurrency they held in their accounts as of April 25, 2023.”
In other words, the customers of CoinEx got back what was in their accounts and not any monies lost when using the exchange services of CoinEx. Indeed, CoinEx was already voluntarily refunding and closing out U.S. accounts months earlier. CoinEx was also required to cease and desist from servicing New York customers and was required to implement geoblocking to prevent New York IP addresses from accessing their platform – something CoinEx was already planning on doing for all potential U.S. customers.
To that end, the NYOAG press release mentions that “CoinEx is also prohibited from creating any new accounts for U.S. customers and existing U.S. customers can only withdraw their crypto from the platform.” This statement is interesting for two reasons. First, CoinEx by its own accord discontinued providing services to U.S. customers in February – when the NYOAG lawsuit was first filed and long before the recent resolution of this lawsuit. Second, the NYOAG has no means to supplant the SEC’s authority or to prohibit exchanges from operating in other states.
Even though it may not be true, it certainly looks good from a PR perspective to say CoinEx was “prohibited” from operating in the U.S. based solely on the NYOAG’s enforcement action. Interestingly, the NYOAG’s crypto efforts were never strictly limited to “protecting” investors. In March 2022, the NYOAG issued a taxpayer notice to virtual currency investors and their tax advisors to accurately declare and pay taxes on their virtual investments.
The recent actions of the SEC coupled with those of New York State – the undisputed financial capital of the country if not the world, point in one direction, namely that the centralized financial institutions that currently control most levers of the financial markets have voted against decentralization and it is now up to the regulators to enforce such decision.
On June 6, 2023, the Securities and Exchange Commission filed a 101-page Complaint against the US’s leading crypto exchange, Coinbase that distills to a single sentence: “Coinbase has never registered with the SEC as a broker, national securities exchange, or clearing agency, thus evading the disclosure regime that Congress has established for our securities markets.” Complaint ¶ 1. A day earlier, the SEC filed a much more aggressive Complaint against Binance – the world’s largest crypto exchange, seeking a “preliminary injunctive relief, including, but not limited to, asset freezes, a verified accounting, repatriation of assets, expedited discovery, preservation of documents and information, prohibition on the destruction of evidence, the appointment of a receiver” as well as disgorgement of profits and fines.
The SEC claims that Coinbase trades in digital assets with “the characteristics of securities” and references billions of dollars’ worth of assets as investment contracts under the famous Howey test. The SEC lamely begins by reciting the efforts by Coinbase to demonstrate its compliance with the Supreme Court’s Howey test. Complaint ¶¶ 103 – 110. The SEC also tries to use against Coinbase the fact that the company raised in its SEC disclosures that the assets made available for trading could possibly be considered investment contracts – in effect turning Coinbase’s indisputable instance of compliance with Securities laws against the company. SeeComplaint ¶ 112.
Looking to bury deep its dagger into the heart of the crypto industry, the SEC considers the following investment contracts: “SOL, ADA, MATIC, FIL, SAND, AXS, CHZ, FLOW, ICP, NEAR, VGX, DASH and NEXO NEXO – (the “Crypto Asset Securities”)”. Complaint ¶ 114. All totaled, these digital assets have a value of $37 billion. Similarly, the SEC’s Binance Complaint also focuses on some of these assets.
The SEC also complains that Coinbase’s Staking Program as applied to two of the above assets – ADA and SOL, also gives rise to the sale of unregulated investment contracts. SeeComplaint ¶ 339. On the very same date as the SEC’s Complaint, the NJ AG’s Office issued a Summary Cease and Desist Order against Coinbase for violations of New Jersey’s Securities Laws and corresponding penalties of $5 million in connection with Coinbase’s staking offerings.
The SEC’s targeted digital assets are tied to leading networks and platforms in this space – Solano (SOL), Cardano (ADA), Polygon (MATIC); as well as the leading means of powering the IPFS protocol necessary for the storage of media/data outside of a blockchain – Filecoin (FIL); metaverse player The Sandbox (SAND) and the leading “play to earn” platform Axie Infinity (AXS). Interestingly, NEXO can only be traded using the Coinbase Wallet and the FLOW coin of Dapper Labs is already subject to a securities lawsuit. Whereas the SEC targeted dominant services and their tokens – comprising the bulk of its Complaint, the SEC ignores many others with arguably a more visible Howey problem, e.g., Civic Technologies, Inc. with its CVC utility token.
Unlike with Binance, the SEC does not look to freeze Coinbase’s assets. Nearly as bad, however, the SEC does seek injunctive relief against Coinbase that would prevent its current business from going forward as well as Coinbase’s disgorgement of profits and the assessment of fines. In effect, the SEC is looking to shutter two of the largest crypto exchanges as well as obtain a ruling that the most important crypto monetization tools in existence today are improperly fueled using unregulated securities.
It’s not exactly clear why the SEC is looking to kill the crypto industry or at drive it from the United States but one thing is certain – that is exactly what might happen if all the allegations made by the SEC turn into favorable rulings. One potential canary in the coalmine is the Ripple lawsuit filed by the SEC a few years back that will soon become ripe for adjudication. It can only be hoped that this very-well funded company makes some inroads with its defense that can spill over to Coinbase.
Probably the most important takeaway from such broad initiatives turns on the fact foundational brands have decided to supplant the prior NFT free-for-all initiated by PFP projects, artists and collectors. Despite potentially risking the same fate of Dapper Labs, Amazon will rely on a private blockchain that takes credit cards while Sotheby’s eliminates “NFTs” from the equation altogether to focus on what it calls “digital artwork” even though digital art has already been around for decades. What is clear is that Amazon’s use of its own “brand worthy” naming convention – “Amazon Digital”, elevates rather than hinders this new ecosystem.
Being swept aside by this establishment wave is OpenSea – the newly-displaced old guard and wild-west pioneer who likely never contemplated insider trading as a risk until a former OpenSea Manager was recently convicted of it. Not surprisingly, OpenSea offloads tax obligations and refers its users to CoinTracker for tax calculations. OpenSea even explicitly points out to users of the marketplace that “[y[ou are responsible for determining what, if any, taxes apply to your purchases, sales, and transfers of NFTs. If you have specific questions regarding taxes, please consult with a professional tax advisor.” OpenSea’s sole Help Center entry regarding taxes further drives home the point: “Users are responsible for determining what, if any, taxes apply to their purchases, sales, and transfers of NFTs. If you have questions about taxes, please consult with a professional tax advisor.”
In sharp contrast, the government is certainly rooting for reliable tax collectors such as Amazon, Christie’s and Sotheby’s to enter the NFT sandbox. Since 2018 – when the Supreme Court overruled decades of precedent, taxation of online sales no longer depends on physical presence within a particular state. The new guard will create the proper recipe for mass profitable usage, namely removing tech geek elements, improving user interfaces, adding brand allure, and ensuring government is happy and remaining on the right side of the regulatory fence.
As Grace Kyne of EY informed attendees at the April 13, 2023 NFT.NYC session “NFTs and Marketplaces: Opening Pandora’s Box”, there are state-specific marketplace facilitator rules that make most marketplaces subject to state tax. Not surprisingly, Amazon is front and center in pointing that hard fact out to its market participants: “Marketplace Facilitator legislation is a set of laws that shifts the sales tax collection and remittance obligations from a third party seller to the marketplace facilitator. As the marketplace facilitator, Amazon will now be responsible to calculate, collect, remit, and refund state sales tax on sales sold by third party sellers for transactions destined to states where Marketplace Facilitator and/or Marketplace collection legislation is enacted.”
In other words, pushing digital asset sales to Amazon is really every state treasurer’s dream.
This should not come as any surprise. Ever since the 2019 tax year, IRS Form 1040 has included a question regarding a taxpayer’s cryptocurrency activity. In 2021, the IRS slightly broadened the scope of its inquiry: “At any time during 2021, did you receive, sell, exchange, or otherwise dispose of any financial interest in any virtual currency?” In 2022, the scope of the latest IRS Form 1040 broadened yet again: “At any time during 2022, did you: (a) receive (as a reward, award, or payment for property or services); or (b) sell, exchange, gift, or otherwise dispose of a digital asset (or a financial interest in a digital asset)?
In other words, the IRS expressly seeks disclosure of all digital asset transactions and not merely those involving cryptocurrencies. The IRS now wants to know about a taxpayer’s NFT sales and any income generating activities where digital assets are received as payment. On April 5, 2023, the IRS released its IRS Tax Tip 2023-45 which elaborated on this new position regarding a taxpayer’s obligation to report digital asset transactions – including citation to applicable supplemental forms. By informing taxpayers of their new obligations – by way of tax forms and “tax tips”, it becomes increasingly difficult for them to argue any lack of knowledge on the topic. The easiest approach will always be one which just assumes all realized digital asset gains are taxable.
And, to the extent there was any ambiguity regarding more specific tax treatment of NFTs, that might soon evaporate given the IRS – in its March 13, 2023 Notice 2023-27, seeks to classify most NFTs as “collectibles” – a lesser form of asset for purposes of capital gains and other tax purposes.
Specifically, Notice 2023-27 – which seeks comments before June 19, 2023, announces the IRS’s and Treasury’s intention to issue guidance as to whether certain NFTs are “collectibles” under IRS Section 408(m). Currently, the only available categories of “collectibles” under this section are: “(A) any work of art, (B) any rug or antique, (C) any metal or gem, (D) any stamp or coin, (E) any alcoholic beverage, or (F) any other tangible personal property specified by the Secretary for purposes of this subsection.” See 26 USC § 408(m)(2). The IRS recognizes that NFTs do not presently constitute any of the above – including “art” given an NFT is not the art itself, it is a digital file pointing to the actual digital art typically found using an IPFS gateway such as Pinata. Moreover, Section (F) expressly references “tangible personal property” so that catchall also does not squarely fit.
While waiting for comments, the IRS will deploy a “look-through” analysis: “Under the look-through analysis, an NFT constitutes a section 408(m) collectible if the NFT’s associated right or asset is a section 408(m) collectible. For example, a gem is a section 408(m) collectible under section 408(m)(2)(C), and therefore an NFT that certifies ownership of a gem constitutes a section 408(m) collectible. Similarly, an NFT does not constitute a section 408(m) collectible if the NFT’s associated right or asset is not a section 408(m) collectible. For example, a right to use or develop a “plot of land” in a virtual environment generally is not a section 408(m) collectible, and therefore, an NFT that provides a right to use or develop the “plot of land” in the virtual environment generally does not constitute a section 408(m) collectible.” SeeIRS Notice 2023-27.
It is not clear whether the “look-through” approach would be limited to an underlying physical asset tied to the NFT or whether it might include potential money-generating components of an NFT. More than likely, however, the relevant IRS section could not be broadly interpreted to include future gains unrelated to specific associated assets. Moreover, earning rewards by way of an NFT should not be taxable given rewards are generally treated as a rebate or discount on purchases – that should be treated no differently than frequent flyer miles.
The lesson learned for businesses seeking to grow NFT adoption is that market validation and future growth opportunities are now inevitable given the tax hounds have gotten the scent. To the extent there were any previous regulatory barriers to growth opportunities, those will be lifted so long as the government gets it take.
On February 22, 2023, The Honorable Victor Marrero of the United States District Court of the Southern District of New York released a 64-page opinion providing an instant classic exposition of the Howey Test applied in a Web 3.0 context. In denying Dapper Labs’s and its CEO’s Motion to Dismiss the unregistered securities offering case brought against them, the Court relies on logic and attention to detail while using an unobstructed view of the applicable law. The decision can be easily unpacked and likely distilled to one overarching lesson: market digital assets using your own private blockchain and marketplace and you should probably hire an SEC compliance lawyer beforehand.
In Friel vs. Dapper Labs, Inc., it is the marketing and sale of NFT “Moments” that give rise to Plaintiffs’ putative class action and not Defendant’s FLOW tokens – which were sold in an initial coin offering (“ICO”) outside the United States. The Court defines NFTs as “digital assets whose authenticity and ownership can be recorded on a blockchain” and the underlying “Moments are a digital video clip of highlights from NBA games, such as a spectacular dunk or game-winning shot.” Opinion at 9 (“NBA Top Shot is a platform or application, owned and operated by Dapper Labs and built on top of the Flow Blockchain. The purpose of the NBA Top Shot application is primarily to provide a platform to sell “Moments,” the alleged security at issue in this action.”). The Court could have also labeled Moments “programmable digital assets or PDAs” given these digital assets are both programmable for purposes of writing on a blockchain as well as “programmable” for purposes of automating transactions, e.g., the use of royalty payments.
As with most PDAs/NFTs, “[o]wnership of a Moment is limited to only the NFT itself. When a person purchases a Moment, the owner does not acquire any rights to the basketball highlight depicted by the NFT or the underlying artwork or other intellectual property, and thus does not acquire any rights to exploit the highlight without the express permission of the NBA, NBAPA, and Dapper Labs.” Opinion at 10.
The Court’s ruling ultimately addressed “whether Moments are more like cardboard basketball cards, i.e., commodities, or more like crypto tokens.” Opinion at 20. And, in so doing, it was standing on new ground given that “no other courts have addressed either the exact substance or posture of the dispute here: whether allegations that an unregistered offer for purchase or sale of, specifically, an NFT constitutes an investment contract under Howey and thus survive a motion to dismiss under Rule 12(b)(6).” Id.
The Court had little problem denying the Motion to Dismiss and finding Moments could potentially constitute “investment contracts” based on “the plausible allegations that Dapper Labs maintains private control over the Flow Blockchain, which significantly, if not entirely, dictates Moments’ use and value; that Dapper Labs touted Moments as a means for purchasers to realize substantial profits through the low sale prices for packs and marketing of the substantial profits others had made through sale on Dapper Labs’s proprietary Marketplace; and that without Dapper Labs’s essential efforts in maintaining the Flow Blockchain and Marketplace, Moments would be valueless.” Opinion at 63.
The fact that Dapper Labs controls the marketplace where Moments are sold as well as the private blockchain where they are minted and associated transactions are recorded were the primary reasons why the Court ruled as it did. Opinion at 11 (“[P]eople may acquire Moments through a secondary marketplace, hosted on the NBA Top Shot application and created and controlled by Dapper Labs (the “Marketplace”). In the Marketplace, Moments owners can re-sell individual Moments they acquired in packs or that they bought from other Moments owners. They may also gift Moments. Ownership of the Moments, the price paid for the Moments, and the transfer and sale of the Moments in the Marketplace are all recorded on only the Flow Blockchain.”).
Judge Marrero begins his legal analysis by referencing the definition of an “investment contract” found in the seminal case SEC v. W.J. Howey Co. where the Supreme Court of the United States defined an “investment contract” as “a contract, transaction or scheme whereby a person invests [their] money in a common enterprise and is led profits solely from the efforts of the promoter party.” Opinion at 17 – 18 (citing SEC v. W.J. Howey Co., 328 U.S. 293, 298-99 (1946)).
As pointed out by the Court, some of the instruments that “at first blush” would not appear as securities include whiskey casks, chinchillas, and rare coins. Opinion at 19. Similarly, PDAs/NFTs may not at first blush appear like an “investment contract”. The Court reasoned that the Dapper Labs token “FLOW is part of the economic realities of the investment scheme in dispute. And, moreover, the Court finds that Defendants are wrong that Dapper Labs’s “embrac[ing] a new technology – NFTs – does not change the underlying legal analysis.” (Id.) In stark contrast to Defendants’ contention, “the involvement of blockchain technology does [] alter” the conclusion, as the Plaintiffs’ allegations make plausible that but for Dapper Labs’s creation, development, and maintenance of the private Flow Blockchain, Moments would have no value.” Opinion at 22.
Buttressing its view that the private nature of the Flow Blockchain is what sets this case apart, the Court cites a law review article for the following proposition: “Private blockchains use the same technology as public blockchains, however, a single entity administers them. This results in more control for the entity to restrict permission or allow access to only approved, or invited users.” Opinion at 4, n. 4. See alsoOpinion at 23 (“In each case, the promoters privatized their ledger, making the purchasers reliant upon the promoter for the asset’s value. That similarity is true whether the instrument is a crypto token or an NFT. And it is the critical similarity here.”).
Again, it is ultimately control over the private blockchain that drives the ruling:
The interplay among FLOW, the Flow Blockchain, and Moments is necessary to the totality of the scheme at issue. Plaintiffs have alleged that, without FLOW tokens, no transactions on the Flow Blockchain can be validated. Indeed, the “Proof-of-Stake” mechanism employed by the Flow Blockchain requires FLOW to power it and incentivize miners to validate transactions. In that respect, FLOW’s utility creates value for Moments through the network’s consensus as to ownership and the price of each transaction.
Indeed, the Court affirmatively states as much: “[T]he economic realities and technological interplay between FLOW, the Flow Blockchain, and Moments, as alleged by Plaintiffs, are what supports the Court’s conclusions.” Opinion at 23. See alsoOpinion at 62 (“The allegations that Dapper Labs created and maintains a private blockchain is fundamental to the Court’s conclusion. By privatizing the blockchain on which Moments’ value depends and restricting the trade of Moments to only the Flow Blockchain, purchasers must rely on Dapper Labs’s expertise and managerial efforts, as well as its continued success and existence. As Plaintiffs allege, this is unlike public blockchains, such as that underlying Bitcoin.”) (emphasis added).
Plaintiffs were found to allege a scheme providing directly correlated value between FLOW and Moments, “[i]nsofar as FLOW is necessary to creating the value of Moments via blockchain validation with “[t]he economic impact [being] that as more value is created on top of the Flow [B]lockchain, more demand is generated for FLOW tokens.” Opinion at 23.
As for the respective component prongs of the Howey Test, such as the “common enterprise” requirement, the Court largely relied on what it called “the ICO Cases” and found this pooling of interests prong satisfied given “allegations plausibly tied the funds received by the promoter through the offering to an improvement of the ecosystem (i.e., the private blockchain) that consequently increases the value of the token offered during the ICO.” Opinion at 28. See alsoOpinion at 32 (“Plaintiffs allege that Dapper Labs has pooled Moments purchasers’ funds to raise additional capital, outside of and along with revenue, to ensure the Flow Blockchain does not collapse. The reasonable inference to draw from these allegations is that the capital Dapper Labs raises through the offer of Moments is used to develop and maintain the Flow Blockchain.”); Opinion at 34 (“Plaintiffs have alleged that purchasers of Moments are “hitching their wagons to the continued success of NBA Top Shot, [and] to Dapper Labs and the Flow Blockchain that underlies the platform. . . . If the fortunes of Moments purchasers were entirely divorced from the success of Dapper Labs’s Flow Blockchain, then such price reactions based on Dapper Labs’s management of the Flow Blockchain would be unlikely.”); Opinion at 56 (“[I]f Dapper Labs became insolvent and purchasers were unable to trade their Moments on the Marketplace, purchasers would lose the value of their Moments.”).
Of note, the Court rejected any temporal bar that would provide a safe harbor for promoters who waited until their project was far along before introducing the purported investment contract element. Opinion at 30 (“Implementing the temporal bar that Defendants urge is impractical and would inappropriately limit the scope of investment contracts to pre-development initial offerings.”).
Shared success was found in the fact that Moments’ continued value is contingent on the success of Dapper Labs. Moreover, this was reasonably inferred given “Dapper Labs controls the Flow Blockchain” and “all that Moments purchasers own is, essentially, the line of code recorded on the Flow Blockchain, as no other rights to use or display the image are transferred.” Opinion at 36.
The Court also found that “Defendants’ public statements and marketing materials objectively led purchasers to expect profits.” Opinion at 45. Moreover, under the applicable test, the promise of profits must also be “derived from the entrepreneurial or managerial efforts of others.” Opinion at 52. More specifically, “[t]he law requires [] that . . . the efforts of the promoters . . . must be necessary to the success of the venture, such that without them, the ‘investments would be virtually worthless.’” Opinion at 53 (citation omitted). Plaintiffs easily satisfied this requirement for purposes of the Motion to Dismiss.
And finally, the Court broadly concluded that “Defendants’ failure to acknowledge the blockchain technology that underlies Moments is fatal to their Motion in this respect. Without Dapper Labs’s continued maintenance of the Flow Blockchain and the “token that powers it all,” FLOW, Plaintiffs’ [complaint] plausibly alleges that Moments would have no value.” Opinion at 54. See alsoOpinion at 56 (“a company’s efforts to develop and maintain an ecosystem for trading sufficiently establishes the third Howey prong.”); Opinion at 57 (“Dapper Labs’s implicit promise to maintain the Flow Blockchain and facilitate trades on the Marketplace drive Moments’ value.”).
While the Court made the correct ruling as to Dapper Labs, there is always the possibility a future court might misconstrue what was done to the disadvantage of others selling PDAs/NFTs using, for example, a layer 2 platform build on a public blockchain or on a platform not reliant on a native token ecosystem. Such potential future ruling would be an obvious bridge too far.
The Court recognizes the potential for such mistakes being made prior to signing off by providing a disclaimer that “[n]ot all NFTs offered or sold by any company will constitute a security, and each scheme must be assessed on a case-by-case basis.” Opinion at 62.
It is highly unlikely that the Court’s ruling could be used against a fine art PDA/NFT platform using public blockchain networks. The Court even acknowledges that truly individual and unique items such as artwork would not easily square with its ruling. SeeOpinion at 35 (“In each of the cases cited by Defendants, horizontal commonality did not exist because there was no causal connection between “unique pieces of artwork” being sold and the promoter making the offering.”) (citing Dahl v. English, 578 F. Supp. 17, 20 (N.D. Ill. 1983)); Opinion at 36 (“[I]f, hypothetically, Dapper Labs went out of business and shut down the Flow Blockchain, the value of all Moments would drop to zero. That is the critical causal connection that other collectibles cases lack, and which is alleged here.”); Id. (“Assessing those allegations in connection with the analogy Defendants favor – cardboard basketball cards – reveals the flaw in their analysis. Hypothetically, if Upper Deck or Topps, two longtime producers of physical sports trading cards, were to go out of business, the value of the cards they sold would be wholly unaffected, and may even increase, much like posthumously discovered art.”).
On the chance a PDA/NFT sale couples with the physical twin underlying it, there would stand yet another reason to distinguish this decision. SeeOpinion at 52 (“Other than Dapper Labs’s self-serving definition of Moments as “Art,” Defendants concede that the definition connects only to “the videos and pictures underlying each Moment,” which purchasers do not own, thus ignoring that the “totality of the evidence” supports a finding that Moments were purchased with “investment intent.”); Opinion at 58 (“[W]hile Moments purchasers may “own” the NFT (or line of code that indicates ownership on the blockchain) they have no rights to the underlying intellectual property the NFT depicts.”).
Fine art NFTs also retain another point of distinction with Moments given fine art NFTs will always have intrinsic value. As recognized by the Court, “Defendants’ argument that “Dapper’s marketing efforts would have no effect on the value of the basketball cards being sold, because each card has an inherent worth” is contradicted by Dapper Labs’s Terms of Use for the NBA Top Shot application, which repeats four times that Moments have “no inherent or intrinsic value.” Opinion at 57. See also SEC v. Kik Interactive, Inc., 492 F. Supp. 3d 169, 180 (S.D.N.Y. 2020) (“Unlike real estate, Kin have no inherent value and will generate no profit absent an ecosystem that drives demand.”).
Almost as an aside, it is also hoped that future courts citing this decision do not value too highly the Court’s comment regarding the hyping of sales – something every promoter or seller does in some form or another. SeeOpinion at 55 (“Plaintiffs also plausibly allege that the value of Moments in the secondary market depends upon Dapper Labs’s ability to maintain hype and keep purchasers interested in buying and trading Moments.”). Fine art gallery owners certainly routinely “hype” their artists in the secondary market and such conduct standing alone should never point the needle in any one direction.
And finally, to the extent the Court extols in general terms the virtues of blockchain technology as a way of demonstrating why the entire Flow ecosystem – including Moments, necessarily relied on Dapper Labs’s success, the failure to parse between private and public blockchains might cause a future court into mistakenly equivocating privately-run blockchain network with a true public one. SeeOpinion at 57 – 58 (“Plaintiffs plausibly allege that Moments would be worth far less without the price transparency and trust that the Flow Blockchain enables as well as Dapper Labs’s facilitation of trading on the Flow Blockchain via the Marketplace.”). Overall, this language comes off as slanted in a single direction without proper distinctions being made but this criticism remains a minor quibble in an otherwise extremely well-written decision.
There are certainly valid reasons why platforms built on private blockchains should be treated differently from public blockchains and likely why Voice wisely recently made the move to a public blockchain. Platforms that use native tokens such as Rarible with its RARI token may also have to strategize a bit after this decision. And finally, private blockchains focused on NFTs such as WAX may have to decide how the efforts of its promoters are compensated. At some point in the future, the fact that the Cayman Islands company “Exposition Park Holdings SEZC” owns the intellectual property filings referenced below may create a problem for the WAX ecosystem:
Going forward, the safest approach to take for those looking to build out a PDA marketplace is to partner with a company that has built a platform from the ground up using a public blockchain and without the use of a platform native token or any other direct means of controlling the value of the digital assets marketed using the platform. And, the PDAs/NFTs sold using such a platform least likely to be considered investment contracts are the fine art ones underlying the nascent Digital Art Movement now well underway.
