Gold mine or minefield
Blockchain is reshaping the way businesses transact across the globe; applied to achieve real-time transaction processing, minimize the risk of data loss, and reduce costs by eliminating middlemen. From smart contracts to securitization; blockchain promises to change the way we interact, the speed at which we interact, and the way trust is formed.
However, where there is opportunity, there is risk – this article explores the difficulties associated with crypto with regulators and the Court’s approach to combating them in order to continue to encourage innovation while protecting the public. consumers and investors. Finally, it provides food for thought as to why directors and trustees may wish to deepen their knowledge in this area to manage any possible reputational risk to their business, but also to ensure that they carry out their duties and powers with eyes wide open.
With every innovative digital advance comes an equally innovative fraudster
You may have seen our previous articles on this topic which provide an introduction to cryptocurrency and the fundamental risks of investing in blockchain ecosystems, including our posts on speculative and operational risks. It will come as no surprise that one of the fourth categories of risk faced by those buying and trading cryptocurrencies and assets described by the United States Commodity Futures Trade Commission is “Fraud and Manipulation Risk”. .
Headlines describing crypto scams that have resulted in serious losses for investors (such as the disappearance of custodians or fraudulent currencies such as SQUID) or hackers using distributed ledger technology (DLT) to effectively “clean up” the proceeds of crime received in Bitcoin by overlaying transactions and finally converting them into regulated currencies have become part of the monthly routine. Although John Glen, UK Treasury Secretary, says: “Above all, we want to position the UK as an innovation-friendly jurisdiction… which is attractive to inward investment and to companies that have no no established basis yet. 1 it remains an incredibly volatile investment option – Just last month the price of bitcoin plunged to its lowest level since 20202 resulting in a significant loss for investors. On top of that, with £318 billion wiped out by the Terra Luna and TerraUSD collapses, it looks like even stablecoins can’t provide safe haven.3 .
Volatility aside, why is there such hype around crypto-related fraud versus general financial services?
As you know, blockchain is a shared, decentralized, digitally distributed, and immutable ledger that facilitates the process of recording transactions and tracking assets in a corporate network, the technology often referred to as DLT. One of the reasons why fraud is perhaps more prevalent in this industry could be the lack of KYC protocols – due to the decentralized nature, there are no real guarantees to say who is a good player and which is a bad one.
Added to this is the lack of regulation. The financial services sector is heavily legislated and regulated – there are reasons why this is the case, but pertinently they aim to prevent financial crime, money laundering and terrorist financing and to protect consumers and investors from falling victim to it. While the application of DLT to financial services has transformed this sector, one of the main problems is that this innovation has outgrown regulation. Initially, one challenge was understanding the technology well enough to find a new home for these services within the current regulatory framework – how do you regulate a technology that is constantly evolving and not yet fully understood? Legal issues range from intellectual property ownership, data security, fraud to jurisdiction and enforcement.
It doesn’t stop there – if you are the victim of fraud or theft, for example, you will first have to overcome a number of hurdles in order to file a complaint. As you can transact from anywhere in the world and do so anonymously knowing that your transactions, once made, cannot be reversed, you will need to ask yourself:
(1) How to identify fraud/theft?
(2) What losses have I suffered and can they be quantified?
(3) Who will I sue for my losses?
(4) Where can I sue them?
What is the regulatory landscape?
For many years, regulators in various jurisdictions have struggled to determine how to encourage innovation while protecting the integrity of the financial system and therefore its users from financial crime. Joint report by HM Treasury, the Financial Conduct Authority and the Bank of England’s Crypto-Assets Task Force sets out the UK’s approach to crypto-assets and DLT in financial services4 , and also summarizes some of the steps taken to manage this developing sector. These include for example the creation of the FCA Regulatory Sandbox of the Bank of England Fintech Hub. With specific regard to the prevention of fraud and money laundering, the focus has been on bringing Crypto into the scope of AML legislation and finding ways to help the court. to categorize crypto assets in order to provide affected parties with a possible avenue of civil recovery.
The courts’ approach is discussed in more detail below. However, the position on regulation in Guernsey is that the GFSC is keen to continue to encourage and support innovation while ensuring consumer and investor protection. Its commitment is demonstrated in the launch of the first crypto fund last year 5 in which they reiterated their desire to help new financial services companies understand the regulatory framework. While they state that they will continue to take a careful and thoughtful approach to reviewing each application on its own merits, they will particularly focus on the safeguards and criteria applied, i.e. custody, liquidity , asset valuation and KYC. To facilitate the process, the GFSC has established the Innovation Soundbox, a center established by the regulator to assist innovative or start-up financial services firms considering applying for a regulatory license or registration.
The Court’s approach
While the GFSC has clarified its position, the Royal Court has not had many opportunities to date to test cases involving crypto. However, around the world, some examples of the Court’s approach are emerging that may provide some clarity for those seeking compensation if they have been defrauded.
Approving much of the UK Jurisdiction Taskforce’s legal statement on cryptoassets and smart contracts, the English High Court ruled that Bitcoins are “property”6 . This case stems from a ransomware attack, where hackers gained access to the plaintiff’s computer system and installed malicious software that encrypted the system. The hackers then demanded a ransom for the encryption key. Bitcoins worth approx. 950,000 USD was transferred to the hackers who then sent the decryption software to allow the company to continue its daily operations.
ChainSwapseven is another good example of hackers exploiting vulnerabilities to redirect tokens to other wallets. As stated above, due to the way DLT works, it is not easy to track down the culprits or even undo the fraud. This then begs the question – who are you suing if you don’t know who you are suing or what jurisdiction they are based in? You can read more about the case here, but in short, ChainSwap was the victim of crypto-asset fraud and sued “unknown persons” for the losses they suffered and also demanded a freezing injunction to secure the assets granted by the BVI court. These types of requests against unknown defendants are becoming commonplace in the cryptosphere.
In Danisz vs. People Unknown and Huobi Global, the High Court granted the plaintiff (a Bitcoin holder) an interim property injunction against unknown persons and a cryptocurrency exchange, a global freezing order against unknown persons and a bank trust order against the cryptocurrency exchange, following a suspicion of cryptocurrency fraud. This demonstrates the Court’s willingness to provide a speedy injunction to combat cryptocurrency fraud.
Two key points to remember are – if you want to take action, 1) take decisive action on the jurisdiction in which you want to sue and try to avoid a jurisdictional battle; 2) act quickly in order to increase your chances of securing the assets before they dissipate – this principle is amplified by the fact that the identity of your potential defendant is unknown.
Why do we have to be careful
As global developments show, cryptography is here to stay and the application of DLT will only increase. While this presents a wealth of opportunities (from investing in technology to investing in crypto-assets and currencies themselves), the above demonstrates that there are significant risks involved. The scope of criminal activity is wide – hacking digital wallets, fake ICOs, Ponzi schemes leading to token hijacking, bogus or unregulated brokers, ransom payments, etc. Cyber scams are often very similar to a legitimate transaction involving a digital asset which makes it even harder to spot. As long as these regulatory loopholes remain, fraudsters will continue to exploit them and vigilance is required.
Whether you decide to invest, trade, facilitate trade, or host a platform that does so, or are a trustee responsible for managing trusted crypto assets, you will also need to understand the regulatory framework in your jurisdiction and how it might affect your statutory status. or fiduciary duties. You will also need to be aware of the global nature of any potential fraud as a claim could be made not only where you are based, but where your fraudster may be based on the theft which is often unknown or could be in several jurisdictions. .
As you can see, this is a huge and constantly evolving subject. It will be integral to companies and trust companies and their reputation moving forward to understand the regulatory landscape they are or could be subject to through transactions or ownership of assets within structures and to have a “crisis management” plan in place to deal with the downfall if they are defrauded in order to manage any possible damage to their reputation.