As if hash wars and plummeting prices weren’t enough, recent SEC enforcement actions are forcing companies to course correct as they navigate through crypto’s choppy regulatory waters.
On Tuesday, just days after the SEC slapped EtherDelta’s founder Zachary Coburn with nearly $400,000 in fines for operating an “unregistered national securities exchange,” Radar Relay, another decentralized exchange (and direct competitor of EtherDelta) announced the time had come to update its regulatory strategy. Aside from continuing its “meticulous token compliance process” that aims to steer clear of listing securities, Relay says it plans to begin implementing U.S. Office of Foreign Assets Control (OFAC) compliance measures—hardcore standards used to ensure that companies eschew terrorists, narcos, and other bad actors.
“OFAC [and] Bank Secrecy Act (BSA) compliance is no joke,” says Preston Byrne, a partner at the law firm Byrne & Storm, P.C., and co-founder and former COO of blockchain company Monax.
Byrne applauded Radar Relay for unilaterally undertaking the changes, but says that “it will be hard for any system to strike a balance between calling itself ‘decentralized,’ while maintaining the necessary degree of control to fully enforce a compliance program.” How, for instance, will Relay “maintain the characteristics of a passive online bulletin board” as its statement claims, while also identifying each of its users and tracking their activity to the extent OFAC requires? Radar Relay did not respond to Decrypt’s request for comment.
In its announcement this week, Relay says “a lot has changed” in the year since it declared that it planned to remain compliant to U.S. regulators. While it didn’t cite last week’s EtherDelta settlement, the timing of the announcement appears to be more than coincidental.
It’s not the only player in the DEX space feeling the icy gusts of Uncle Sam breathing down its neck. 0x—the team behind the protocol that powers Radar Relay and other decentralized exchanges—released its own confusing statement distancing itself from the individual companies that use its code. 0x suggested that the EtherDelta case means that each DEX must continue “reviewing current securities laws,” and conduct a “good faith analysis of each token” it lists to ensure compliance. Radar Relay, as if in response, says in its statement that its own “full-time Director of Token Analysis” handles this task.
Good luck with that. While the SEC has been busily rousting all manner of transgressors in the crypto world, what exactly qualifies as a transgression continues to mystify many in the industry. For instance, can anyone be sure that any Ethereum-based token being traded isn’t an “unregistered security?”
“Generally speaking,” Byrne says, “a good indication that a token isn't a security for the purposes of federal law would be the existence of a ‘no-action letter’ issued by the SEC in relation to the underlying token offering, although even that determination is subject to what a court might say on the subject.” Phew, that’s a relief. So, how many “no-action” letters has the SEC written? Says Byrne: “To my knowledge, no such no-action letters have ever been published in relation to a cryptocurrency/ICO offering.”
It’s no wonder aspiring blockchain entrepreneurs might be tempted to take their ventures overseas (cough, Malta, cough) to seek the comfort of more forgiving regulators. But even that is a dubious approach, says Byrne. The U.S. is “known to exercise extraterritorial jurisdiction,” he says, and “startups should be prepared to deal with the U.S. dimension even if they are not planning to principally operate within it.”
Unlike EtherDelta, which Coburn sold to unnamed "foreign buyers," Radar Relay is a U.S. company, based in Colorado. It’s a “real team, of real people, here in the U.S. using blockchain technology as a way to create financial agency and accessibility, not as a way to avoid regulatory compliance,” the company says in its statement that shows a group photo of some very real-looking people standing in the snow.
What then of the promise of decentralization? “Compliance and centralization go hand-in-hand,” notes Byrne. In other words, you can run a DEX, but you can’t hide. At least, not very easily.