The reports mandated by President Biden’s March executive order are here and seek to offer a comprehensive framework for the responsible development of digital assets (commonly known as cryptocurrencies). As noted early after the release, however, many of the items were left to be determined. But that doesn’t mean that the reports should be ignored. This series of blog posts will tease out some of the subtler points from each of the reports released on Friday.

Recommendations from the U.S. Department of Justice

The second report, “The Role of Law Enforcement in Detecting, Investigating, and Prosecuting Criminal Activity Related to Digital Assets,” came from the U.S. Department of Justice (DOJ). And as the name suggests, the DOJ was tasked with identifying how to improve the ability of law enforcement to combat cryptocurrency‐​related crimes (Section 5(b)(iii) of Executive Order 14067).

The recommendations (listed below) largely fell into the following categories: aiding prosecutions (1–5), aiding investigations (6, 7, 10, and 11), expanding penalties for cryptocurrency‐​related crimes (8 and 9), and expanding the resources available for government employees (12):

  1. Make it illegal for cryptocurrency services to notify customers when the government seeks their records.
  2. Double or triple the maximum years of imprisonment and maximum fines for operating an unlicensed money transmitting business.
  3. Add cryptocurrency payment methods to laws governing money transmitting businesses.
  4. Adopt lesser requirements for knowledge of wrongdoing when evaluating alleged violations of money transmitting business laws.
  5. Expand the statute of limitations from 5 years to 10 years for the investigation of cryptocurrency‐​related crimes.
  6. Mandate the preservation of records or enhance penalties for non‐​compliance with cryptocurrency‐​related record requests.
  7. Permit prosecution in any district where the victim of a cryptocurrency‐​related offense or other cybercrime is found.
  8. Allow for criminal, civil, and administrative forfeiture of cryptocurrency and remove the thresholds limiting that forfeiture.
  9. Expand the penalties for Bank Secrecy Act violations.
  10. Adopt the amendments to the “travel rule” proposed by FinCEN in 2020.
  11. Expand the Bank Secrecy Act to cover NFT platforms.
  12. Give the DOJ more funding for resources and hiring.

Let’s consider some of these recommendations in more detail.

As the DOJ noted, many Americans do not recognize the lack of financial privacy in the United States because it is illegal in many cases for financial institutions to notify customers when the government wants their records. Due to the novel nature of cryptocurrencies, the DOJ wrote that “no law prevents [financial institutions] from tipping off the subjects of criminal investigations when they receive a subpoena” pertaining to cryptocurrencies specifically. The DOJ thus called for this “gap” to be closed so that financial surveillance may continue to go unseen. In fact, not wasting any time, the DOJ also recommended a list of other areas that it would like to see the law cover.

To create harsher penalties for cryptocurrency‐​related crimes, the DOJ recommended doubling the maximum prison sentence from 5 years to 10 years if a money transmitting business (e.g., PayPal, Square, or Venmo) fails to get a state license, fails to register with the Financial Crimes Enforcement Network (FinCEN), or transmits known criminal funds. More so, the DOJ recommended doubling the maximum individual fines from $250,000 to $500,000 and tripling the maximum corporate fines from $500,000 to $1,500,000. Looking elsewhere in the law, the DOJ recommended to increase the penalties for “weak or non‐​existent” Bank Secrecy Act (BSA) compliance “to more accurately reflect the gravity of BSA violations.”

On the note of further strengthening enforcement, the DOJ also recommended the adoption of FinCEN’s 2020 proposed “travel rule” amendments. The DOJ seems to have been careful to describe the “travel rule” amendments as simply being something that “clarifies that the recordkeeping… regulations apply to transactions” involving cryptocurrency. What wasn’t explicitly stated was that the rule the DOJ endorsed actually proposed lowering the reporting threshold from $3,000 to just $250. Considering it was just a year ago that the American public pushed back over a proposal to lower bank reporting thresholds to $600, it is not surprising this change was not stated explicitly.

A Few Other Notes on the Report

When discussing money transmitting businesses operating illegally, the DOJ threw in a sentence that almost seemed to have been inserted by accident:

Law enforcement investigations have revealed, however, that peer‐​to‐​peer platforms that profit by connecting buyers and sellers of cryptocurrencies have openly advertised the view that they fall outside of the BSA’s AML/CFT regime, with some pointing to regulatory guidance that ties an entity’s registration obligations to, among other things, whether the entity takes custody or assumes control over the value to be exchanged.

This excerpt appears to have been an accident because it is seemingly describing two‐​party, peer‐​to‐​peer transactions when the section is making recommendations for third‐​party services. In fact, the “regulatory guidance” mentioned is likely from when FinCEN specifically stated that self‐​hosted wallets offering peer‐​to‐​peer services are not third‐​party services acting as money transmitting businesses. So there should be no issue if companies point out that U.S. financial surveillance largely hinges on the third‐​party doctrine. That the DOJ may find this reality unfavorable for their efforts is another matter entirely.

Are you ready to learn about the next report? Click the links below to jump to another report.