Whether your business is a full-scale investor in cryptocurrency and blockchain technology or whether you are simply using cryptocurrency to diversify your balance sheet or facilitate international transactions, you are assuming systemic risk. Systemic risk is basically the risk that the “system” in question will fail. The 2008 financial crisis is a recent example of the financial system’s failure due to overleveraged institutions and opaque and risky lending practices. Cryptocurrency and blockchain tech are quickly growing and becoming an integral part of the global financial markets – essentially evolving into another system. For example, sophisticated investors can self-direct their retirement accounts into cryptocurrencies and stake their entire savings on this growing tech.
Risk is part of any business. However, so is effective risk management, which particularly critical in the blockchain/cryptocurrency context, which operates outside of the safeguards and regulatory oversight common to traditional financial institutions. At the same time, existing tax, securities, commodities, and finance regulations still apply to crypto, and compliance is critical to the smooth functioning of your business. At a minimum, any business involved with blockchain tech should involve an experienced business attorney to develop their internal risk management protocols and have a plan for legal compliance, as well as systemic risk.
1. Existing Tax, Securities, and Other Laws Still Apply to Cryptocurrency.
First, and foremost, cryptocurrency is an asset and blockchain enterprises are businesses that are subject to general state and federal laws. While there is no central authority in the United States responsible for policing crypto markets, that does not mean that crypto business operate independent of the law. Government regulators are playing catch-up, and have repeatedly asserted their authority over cryptocurrency and related tech under existing laws. For example, 2020 was the first year that the IRS asked taxpayers about their crypto holdings. Enforcement units are gearing up to address tax evasion and close the multi-million dollar gap between actual income and what is reported to the IRS. The SEC and CFTC are also stepping up enforcement actions to head off fraudulent activity and lack of transparency in certain financial offerings. The Department of Treasury (through FinCen) is also stepping up oversight to enforce existing anti-money laundering frameworks.
The existing regulatory framework is far from perfect and is not well-suited to the unique characteristics of cryptocurrency. For example, why are some ICOs (initial coin offerings) securities, but established coins like Bitcoin and Ethereum are not securities? Capital gains taxes apply to cryptocurrency and stablecoins. But the IRS has not issued any guidance on NFTs. Are they going to be taxed like “property” or like collectibles, art, gold bullion, or something else? Will NFT tax rates depend on what the NFT is supposed to represent?
Stablecoins are a whole separate issue. Recently, a group of Treasury, SEC, and CFTC officials urged Congress to pass legislation to regulate stablecoins. In the “Report on Stablecoins,” the group noted existing SEC and CFTC authority to regulate these markets, but urged reform and legislation that is specific to the new technology.
For investors and innovators, legal compliance is the essential first step. Nothing stifles innovation like an IRS audit or an SEC investigation. Make sure to consult with an experienced attorney for guidance on the latest state of the quickly changing law in this area.
2. Decentralization Does Not Mean Risk-Free or Safe.
Second, the decentralized nature of cryptocurrency and blockchain tech in general lends itself to a false sense of security among investors and businesses. Some crypto advocates consider regulation unnecessary because blockchain tech is “decentralized.” The public ledger system purportedly means total transparency, equity, and fairness. In reality, a decentralized system is not immune from tampering or malfeasance.
For example, blockchain at its core is software that depends on coders and engineers upgrading the “chain,” fixing bugs, and making improvements. Someone somewhere determines forks and chain upgrades. Also, what about miners? What precludes off-chain influence (i.e. bribes) to miners that would impact the whole chains or cause them to verify certain blocks or transactions out of sequence?
Stablecoins are considered “safe” because the tokens are purportedly backed by fiat or equivalent reserves. But there is a lack of transparency between various stablecoins, different liquidity thresholds between reserves (for example, cash vs. money market vs. short term bonds), and variable redemption mechanisms and minimums. Additionally, is your stablecoin of choice based on a public blockchain or a permissioned blockchain? Permissioned blockchains limit access to the blockchain, providing more certainty as to who is responsible for the chain’s operation and integrity. At the same time, they reduce transparency and accountability.
Further, the federal government does not insure stablecoin or cryptocurrency deposits. If you stake cryptocurrency for a return, you are not insured or protected against the coin’s failure, a run, or illiquidity. If you are using a stablecoin to facilitate DeFi transactions, have a plan in case of network problems, chain disruptions, or backing failures. For instance, use several stablecoins to diffuse the risk.
As illustrated by the recent examples of the SQUID token and the Evolved Apes NFT, crypto tech is full of bad actors. The chain itself is not immune from malfeasance. Any business that fully depends on the integrity of the blockchain for its day to day operations must have safeguards. At a minimum, a crypto company must have a robust security system and team dedicated to detecting network health and chain anomalies. Financial hedging that diffuses the risk over multiple chains, cryptocurrencies, and other assets is also critical. Finally, established and documented due diligence protocols to assure investors, regulatory authorities, and lenders are a must.
3. Do Not Take the Internet For Granted.
Third, there is an inherent systemic risk to anything that depends wholly on the operation of the internet. Outages of certain sites or even network-wide service providers are not uncommon. Just recently, Facebook and Instagram were down for almost a full day. Comcast made headlines for its network outages across the United States on November 9, 2021. Directly related to cryptocurrency markets, exchanges like Coinbase have connectivity issues and other disruptions in times of market volatility. This can have direct adverse financial consequences for a business that depends on access to the crypto markets.
Due diligence protocols and internal safeguards are essential in this context. Offline copies of books and ledgers, at least backing up transactions history on a periodic basis. If you are storing crypto, look into offline (hardware) storage options for your code and data. Consider hedging and diversification.
Most important of all, have a plan. Cybercrime and ransomware insurance options are also worth looking into. Crypto and blockchain are existing, but are not without substantial risk. While government regulators are playing catch-up and are urging Congress to pass a risk control framework, legislation is not an instant process. In the meantime, plan for systemic risk as part of your business plan.
Disclaimer: This guide is for general informational and promotional purposes only. Nothing herein constitutes legal, investment, or tax advice. Every situation is different and faces its own unique set of challenges. Do not take any action or sign any contract until you have obtained specific guidance from a qualified professional.
© 2021 Artaev at Law PLLC. All rights reserved.