Key Takeaways from the SEC and FINRA Joint Statement on Broker-Dealer Custody of Digital Asset Securities
7 min read
As part of the continuing dialogue with market participants working toward developing methodologies for establishing possession or control by broker-dealers over their customers' digital asset securities, on July 8, 2019, the Division of Trading and Markets of the US Securities and Exchange Commission ("SEC") and the Office of the General Counsel of the Financial Industry Regulatory Authority ("FINRA") issued a joint statement regarding the broker-dealer custody issue. In particular, the SEC and FINRA address considerations regarding Rule 15c3-3 of the Securities Exchange Act of 1934, as amended (the "Exchange Act"), known as the "Customer Protection Rule," the Exchange Act requirements for books, records and financial reporting, as well as the Securities Investor Protection Act of 1970 ("SIPA"). The joint statement identifies specific scenarios that would avoid custody concerns altogether, providing valuable insights for firms and individuals seeking to participate in the marketplace for digital asset securities.
Confirmation that Securities Laws Apply to Digital Asset Securities
The joint statement confirms that the marketplace for digital asset securities is governed by the federal securities laws. As a general matter, any entity or individual engaged in the business of effecting transactions in securities, or in the buying and selling of securities for its own account is subject to federal securities laws and may be required to register with the SEC as a broker-dealer and become a member of FINRA or another self-regulatory organization ("SRO"). Registration remains a major concern for industry participants, most significantly because broker-dealers must comply with considerable obligations under the Exchange Act and SRO rules, including the financial responsibility rules under the Customer Protection Rule, which sets forth the broker-dealer custodial obligations.
The Customer Protection Rule requires registered broker-dealers to maintain cash or qualified securities owed to customers in a segregated reserve bank account in order to prevent the comingling of customers' and broker-dealers' assets, which in turn protects customers against the improper use of their assets by broker-dealers for proprietary or otherwise unauthorized activities. The Customer Protection Rule also addresses the return of customer assets in the event of a broker-dealer’s failure. If a broker-dealer were to liquidate, under SIPA, a SIPA trustee would assume the authority to transfer, sell, or otherwise dispose of assets in accordance with SIPA.
Examples of Noncustodial Arrangements
Importantly, the joint statement clarifies that several categories of digital asset securities transactions which are executable by broker-dealers may avoid the burden of compliance with the Customer Protection Rule. The SEC and FINRA provide three specific non-exhaustive scenarios that will not trigger the custody obligations under the Customer Protection Rule, so long as the broker-dealer complies with other applicable securities laws, FINRA and other SRO rules, and other relevant legal and regulatory requirements.
- Scenario 1: Broker-dealer facilitates primary market transactions in digital asset securities by sending the buyer and issuer of a digital asset security "trade-matching details", such as customer identity, price and quantity (the “Primary Market Model”). In this scenario, the broker-dealer instructs the buyer to pay the issuer, and the issuer to deliver the digital asset security to the buyer, enabling the issuer to settle the transaction directly with the buyer. The broker-dealer in this scenario never takes custody of or exercises control over any digital asset securities—it acts simply as an intermediary facilitating a bilateral transaction on the primary market.
- Scenario 2: Broker-dealer facilitates over-the-counter secondary market transactions in digital asset securities for the buyer and seller. Facilitation could entail the transmission of "trade-matching details" as described in Scenario 1. Similar to the Primary Market Model, a broker-dealer plays an intermediary role between a buyer and a seller, conducting a bilateral transaction without ever taking custody or control over the digital asset securities.
- Scenario 3: Broker-dealer engages in a market intermediary role by matching a buyer and seller of digital asset securities through a trading platform wherein trades settle bilaterally between buyer and seller. For example, a broker-dealer that operates an alternative trading system ("ATS") can facilitate a transaction without ever taking custody of or exercising control over digital asset securities. Buyer and seller are matched on the ATS, and they can settle the trade either directly, or through their respective custodians. In this scenario, the broker-dealer does not guarantee or otherwise play a role in the execution of the trade.
These scenarios serve as valuable roadmaps for entities interested in entering the digital asset securities market. The joint statement leaves the door open for further structuring solutions that may ease the regulatory burden associated with the Customer Protection Rule.
Relevant Provisions of the Customer Protection Rule
Should a broker-dealer be deemed to have custody of client assets, it will be subject to the provisions of the Customer Protection Rule that requires a broker-dealer to physically hold customers' securities or maintain them free of liens or payments at a "good control location," which is determined, in part, on the ability to maintain exclusive control over the securities. Depending on the type of securities, third-party custodians such as the Depository Trust Company, or an issuer’s transfer agent, may serve as "good control locations". These methods of asset custody protect clients from broker-dealer misappropriation and failure. In addition, the provisions of the Customer Protection Rule allow customers, via their broker-dealers, the ability to reverse or cancel mistaken or unauthorized transactions.
Such control location considerations acquire new meaning and complexity when applied to digital asset securities. The joint statement notes there are many novel issues related to the mechanics and risks associated with providing custody of digital asset securities. For example, a broker-dealer may hold a private key to customers' digital asset securities, which may be transferrable to third parties on the blockchain or other distributed ledger. The control of a private key, however, may not suffice to evidence "exclusive control" of the associated assets—other parties may have a copy. Moreover, possession of a private key may not be sufficient to allow a broker-dealer to reverse or cancel mistaken or unauthorized transactions. Such considerations make compliance with the Customer Protection Rule particularly challenging for broker-dealers of digital asset securities. The joint statement does not give any indication of other evolving models of self-custody or multiparty computation as possible solutions.
The compliance challenges inherent in transacting with digital asset securities extend to books, records and financial reporting obligations. Rules 17a-3, 17a-4 and 17a-5 of the Exchange Act, for example, require broker-dealers to maintain current ledgers reflecting assets and liabilities and a securities record of each security in the broker-dealer’s possession for the account of a customer, as well as routinely prepare financial statements. Distributed ledger technology and the specific characteristics of digital asset securities create compliance challenges for broker-dealers that take custody of such digital asset securities. The risk of insufficient evidence proving a digital asset security exists, makes it difficult to prepare and audit financial records.
SIPA Considerations
The joint statement also points to compliance with SIPA as another consideration for broker-dealers having custody of digital asset securities. Specifically, under SIPA, securities customers have priority claim to assets held by a failed broker-dealer, among other protections. SIPA protections, however, apply to a "security" and cash deposited with the broker-dealer. They do not apply to other assets, including assets that are securities under federal securities law but not a "security" under SIPA. This means there may be instances where a digital asset may fall outside the definition of a "security" under SIPA, undermining regulators' consumer protection goals.
Select Considerations Going Forward
In light of the foregoing considerations, and in order to minimize regulatory friction resulting therefrom, entities seeking to participate in the marketplace for digital asset securities have various options. First, broker-dealers could focus their business concerning digital asset securities on noncustodial scenarios to avoid needing to comply with the obligations of the Customer Protection Rule. Second, isolating digital asset securities-based broker-dealer activities from non-securities-based activities, or digital asset securities that do not require broker-dealer powers, and separating custodial and non-custodial activities, could better enable industry participants to optimize regulatory compliance.
The joint statement issued by the SEC and FINRA reaffirms the applicability of federal securities laws to the marketplace for digital asset securities. It serves to highlight unique regulatory compliance considerations inherent in digital assets securities and, importantly, provides clarification for industry participants seeking to avoid custodial and attendant consumer protection obligations of the Customer Protection Rule. As the SEC and FINRA continue to develop guidance in this area, structuring options to minimize regulatory burdens will further crystalize and create viable paths forward for industry participants dealing with digital asset securities.
Click here to download PDF.
This publication is provided for your convenience and does not constitute legal advice. This publication is protected by copyright.
© 2019 White & Case LLP