The U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) recently announced a Notice of Proposed Rulemaking (NPRM) that identifies international convertible virtual currency mixing as a class of transactions of primary money laundering concern and seeks to increase transparency around virtual currency mixing to combat its use by illicit actors.

On October 13, California Governor Gavin Newsom (D) signed Assembly Bill 39 (Digital Financial Assets Law). This new law broadly empowers the California Department of Financial Protection and Innovation (DFPI) to govern “digital financial asset business activity” and prohibits entities from engaging in such activity with California residents without obtaining a license from the DFPI, among other criteria.

On November 1, New York Governor Kathy Hochul announced that the state’s Department of Financial Services (NY DFS) has amended its Cybersecurity Regulations to “enhance cyber governance, mitigate risks, and protect New York businesses and consumers from cyber threats.” According to the NY DFS, key changes in the regulations include: enhanced governance requirements;  additional controls to prevent unauthorized access to information systems and mitigate the spread of an attack; requirements for more regular risk assessments, as well as a more robust incident response plans; updated notification requirements; and updated direction for companies to invest in at least annual training and cybersecurity awareness programs that are relevant to their business model. The newly amended compliance requirements will take effect in phases. 

On October 30, President Biden issued a sweeping Executive Order calling on Congress to enact privacy laws and directing federal agencies to review existing rules and potentially explore new rulemakings governing the use of artificial intelligence (AI) across various sectors of the U.S. economy. Among other things, the Executive Order will require AI system developers to submit safety test results to the federal government, establish standards for detecting AI-generated content to fight consumer fraud, and develop AI tools to identify and fix vulnerabilities in critical software. According to the White House fact sheet, the stated goal of the Executive Order is to “ensure that America leads the way in seizing the promise and managing the risks of [AI].” To that end, the Executive Order focuses on national security, privacy, discrimination and bias, healthcare safety, workplace surveillance, innovation, and global leadership.

The Securities and Exchange Commission’s Division of Examinations has outlined its 2024 Examination Priorities, with a significant focus on cryptocurrency, emerging technology, and Anti-Money Laundering (AML) laws. This has important implications for financial services. Our Regulatory Oversight blog has the details; key highlights are below.

On October 19, the Securities and Exchange Commission (SEC) dismissed its claims against Ripple Labs, Inc. (Ripple) executives Bradley Garlinghouse and Christian Larsen for allegedly aiding and abetting Ripple’s violations of the Securities Act with respect to its “institutional sales” of XRP. The Southern District of New York had deemed “institutional sales” to be unregistered securities in its July summary judgment decision, however, at that time the court reserved judgment as to the aiding and abetting claims against the executives. The matter was set for trial in 2024.

When using artificial intelligence (AI) or complex credit models, can lenders rely on the checklist of reasons provided in Regulation B sample forms for adverse action notices? According to today’s guidance issued by the Consumer Financial Protection Bureau (CFPB or Bureau), the answer to that question is, in many circumstances, no.

In the ever-evolving world of digital assets and law, Grayscale Investments, LLC (Grayscale) found itself at the pinnacle of a major decision by the Court of Appeals for the District of Columbia. On August 29, the court deemed the Securities and Exchange Commission’s (SEC) denial of Grayscale’s October 19, 2021, spot Bitcoin (BTC) exchange-traded fund (ETF) application “arbitrary and capricious” and vacated the agency’s decision. At the heart of the court of appeal’s ruling lies the Administrative Procedure Act (APA), the complex interplay between spot asset pricing and futures asset pricing, and the SEC’s current sentiment towards digital asset-based financial products.

On August 11, in the case of Yuille v. Uphold HQ Inc., the Southern District of New York was tasked with determining whether the Electronic Funds Transfer Act (EFTA) applies to digital asset-based accounts. The court concluded there was no “account” as defined by EFTA because the digital asset account at issue was not established primarily for personal, family, or household purposes.

On August 9, the Securities and Exchange Commission (SEC) sent a letter to U.S. District Judge Analisa Torres requesting leave to file an interlocutory appeal in SEC v. Ripple Labs, Inc. as to the two adverse liability determinations in her July 13, 2023 order. That order granted partial summary judgment in Ripple Labs’ favor regarding the sale of its XRP token. As we previously discussed here, the court held in deciding cross motions for summary judgment that defendants’ “programmatic” offers and sales to XRP buyers over crypto asset trading platforms and Ripple’s “other distributions” in exchange for labor and services did not involve the offer or sale of securities under the U.S. Supreme Court’s decision in SEC v. W.J. Howey Co.