5 Key Takeaways from — “Merkle Science RegWatch — The Canadian Crypto Regulation Roadmap”

With cryptocurrency trading platforms continuously gaining ground in Canada, our esteemed panelists, Jerry Qian (Co-founder Bitcoin Bay), Julia Baranovskaya (Chief Compliance Officer, NDAX.IO), Jonathan IP (Founder, Iterative Law) and Hannah Winter (CAMS, FIS, AML Compliance Ninja, Outliner Compliance Group) spoke with Merkle Science’s Director of Communications, Gaby Hui about the patchwork of laws governing the Canadian crypto space. In light of DeFi picking up steam and with the publication of the final revised Financial Action Task Force (FATF) Guidance looming in, our panelists forayed into some timely topics surrounding the opportunities and challenges for crypto businesses in the Great White North.

For those who missed the live discussion or would like to listen again, the full webinar can be found here. Below are five key takeaways that crypto businesses should take note of:

1. When Canadian Regulators bring crypto assets under the securities umbrella, what does this mean for the crypto asset trading platforms?

Julia Baranovskaya began the conversation by clarifying that crypto asset trading platforms” (CTPs) is the preferred term for cryptocurrency exchanges under Canada’s regulatory regime. The panelists then shed light on the “Staff Notice 21–329,” jointly published by both The Canadian Security Administrators (CSA) and the Investor Industry Regulatory Organization of Canada (IIROC).

With the new registration requirements around the corner, CTPs need to assess whether the security tokens that they issue or crypto asset contracts entered into by them with Canadian individuals fall under the sphere of ‘securities’ or ‘derivatives’. Under the Staff Notice, those CTPs that do not immediately provide the final settlement of the crypto trade fall under the scope of crypto asset contracts. If the users do not effectively take possession of the crypto assets in their personal wallet, then there is an obligation on the CTPs to give such users their crypto-asset, this in itself is a security and is therefore covered by the securities law.

If they can be categorized as ‘securities’ then CTPs have to, based on their business activities, further classify themselves into ‘Marketplace platforms’ or ‘Dealer platforms’. As per our panelists, registration and compliance requirements differ significantly for both these platforms and may even provide exemptions. For example, the Staff Notice states that those Dealer platforms that are already facilitating trade or distributing security tokens with prospectus exemptions and do not offer margin or leverage are to be registered as prohibited or exempt market dealers.

In order to bring their operations into compliance, panelists encouraged CTPs to seek clarification regarding the registration process and other relevant requirements directly from their local securities regulators. After seeking such clarification, they should analyze their business models and actively take steps to design an ‘internal interim regulatory plan’. The CTPs should then approach IIROC with this plan and get ‘restrictive registration’ before being accorded the full investment dealer status. Even those CTPs that operate outside Canada but have Canadian clients, should take note of these guidelines and come up with a compliance plan accordingly.

CTPs should complete these tasks within a time frame of two years to be recognized as investment dealers and receive IIROC membership. The platforms that use crypto asset contracts rather than security tokens will find some relief in form of exemptions such as dispensation from prospectus filing requirements and countertrade reporting requirements.

In line with the staff notice for the CTPs in Ontario, the Ontario Securities Regulation through its subsequent ‘OSC Notice’ set a definitive date for such compliance i.e April 19, 2021. Although the securities commissions in other provinces did not go that far in terms of setting a particular date, compliance or face potential enforcement action sentiment is shared by all of them.

[2] With new registration requirements, FINTRAC takes a stricter approach with MSBs requiring them to enhance their AML/CTF policies

While explaining the regulations governing Money Services Businesses dealing with Virtual Currency in Canada, the panelists defined and deciphered the parameters binding MSBs as set out by the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC.)

Intending to enhance its AML/CFT compliance regime, FINTRAC made it mandatory for the Virtual Currency Dealers to get registered as MSBs by June 1, 2020.

This consequently, creates new implication on MSBs as they are not only required to execute a robust internal compliance program in line with five pillars of compliance as laid down by FINTRAC but are also mandated to undertake accompanying activities to ensure compliance with such program, which includes:

1. Setting internal policies and procedures for an effective compliance program
2. Appointing compliance officers
3. Conducting requisite training programs
4. Implementing third-party auditing
5. Implementing procedures for customer due diligence (CDD).

Furthermore, MSBs are now subjected to the Travel Rule, otherwise known as Recommendation 16 of the FATF Guidelines for virtual asset service providers, whereby MSBs must obtain, hold and transmit required originator and beneficiary information in order to identify and report suspicious transactions. They are also required to monitor the availability of information, take freezing actions, and prohibit transactions with designated persons and entities

[3] The Travel Rule Deadlock: MSBs face challenges in the implementation

The Travel Rule, once again, spurs the classic debate of innovation v regulation. Hannah Winter gave her thoughts on the same, stating that, “the Travel Rule is a really good example of how old regulations are trying to force themselves upon this new technology and it’s just really not fitting.”

Unlike its traditional counterparts, the cryptocurrency space presently lacks the infrastructure to ensure swift private communication. There are two main challenges when it comes to the implementation of the Travel Rule, the first one being security issues and the second one being interoperability.

With respect to data security, in this era of data breaches and strict privacy laws, the involvement of a third party will present a new set of challenges for MSBs who in turn will have to design strict diligence requirements and privacy policies. MSBs are also encountering the “sunrise problem,” whereby the lack of regulatory cross-border clarity, a uniform timeline for implementation and widely differing regulatory expectations will affect MSPs global transactions.

When it comes to interoperability if an MSB using one solution is unable to communicate with its counterparty, who is using another solution, then the Travel Rule requirement of leaving an identifiable trail when transferring funds is rendered pointless. When it comes to interoperability it is essential to set common global technical standards for the implementation of Travel Rule solutions. Luckily, the industry has taken the first step in this direction. The interVASP Messaging Standard or IVMS101, created to set a universal language for the communication of required originator and beneficiary information between MSBs, was launched in May 2020.

[4] DeFi platforms face regulatory clampdown

One of the most notable changes in the latest FATF draft guidance for virtual asset service providers (the FATF term for crypto businesses) was triggered by the dramatic rise of decentralized finance (DeFi). More often than not, the crypto industry is keen to follow the FATF’s guidance as it provides clarity and certainty for all stakeholders involved. However, in the present case, the latest draft guidance has been a source of significant controversy.

Ahead of the release of the FATF’s latest guidance in June, our panelists discussed some of the most intensely debated shortcomings of the latest guidance. The update drastically expands the scope of virtual asset service providers (VASPs) beyond custodial financial intermediaries and attempts to bring even those entities that may have a limited or more indirect role in the provision of DeFi services, such as web developers, within its scope.

This would present two-fold problems for both the VASPs and the regulators. Firstly, due to the decentralized nature of the project, the regulators may find it difficult to identify specific VASPs responsible for implementing KYC/AML guidelines.

Secondly, DeFi platforms such as decentralized exchanges (DEXs) don’t necessarily have traditional financial sector counterparts and may not be equipped enough to ensure AML/CFT compliance. Due to its infrastructure, DeFi platforms do not have the same level of control that a traditional custodial financial intermediary does. For instance, unlike the custodial intermediaries, DEXs do not have custody or possession of their users’ assets. Under the DeFi ecosystem, users retain complete independent control over their assets and not the DEXs, therefore they will not be to comply in instances where they’re required to freeze assets.

[5] What recommendations do panelists have for Canadian crypto businesses looking to comply with local regulations?

Per the panelists, the best way for businesses is to bridge the information gap in terms of interpretation of guidelines and their implementation. Therefore, it is a good idea for them to directly reach out to the regulators and seek their assistance in navigating the nuances of crypto regulation. Secondly, to set themselves up for success, the business should seek help from experts in building a comprehensive compliance framework and putting processes in place. It is essential for businesses to be compliant and always be on their guard by acting like they already have a license even if there are no regulations governing their specific product yet. In such a case, the businesses should look at other jurisdictions and set their sights on complying with the most stringent regulatory regime as setting the bar high would be influential in building customer trust.

How Merkle Science Can Help

Merkle Science provides a predictive crypto risk and intelligence platform, setting the standard for the next generation of financial safeguards and criminal detection. Merkle Science’s highly customizable platform is easy to use and allows users to tailor the tool according to businesses’ risk policies — which may differ from jurisdiction to jurisdiction.

As the FCA will most likely extend their deadline for crypto asset licensing, crypto businesses that can proactively put compliance frameworks in place will be about to mitigate regulatory risks — giving them a clear competitive advantage. To find out how Merkle Science works for your business, please contact us via our website.