FATF guidance on virtual assets: NFTs win, DeFi loses, rest remains unchanged
The Financial Action Task Force (FATF) released its long-awaited guidance on virtual assets, laying out standards that have the potential to reshape the crypto industry in the United States and around the world. The guidance addresses one of the most important challenges for the crypto industry: To convince regulators, legislators and the public that it does not facilitate money laundering.
The guidance is particularly concerned with the parts of the crypto industry that have recently brought about significant regulatory uncertainty including decentralized finance (DeFi), stablecoins and nonfungible tokens (NFTs). The guidance largely follows the emerging approach of U.S. regulators toward DeFi and stablecoins. In a positive note for the industry, the FATF is seemingly less aggressive toward NFTs and arguably calls for a presumption that NFTs are not virtual assets. The guidance, however, opens the door for members to regulate NFTs if they are used for “investment purposes.” We expect this guidance to add fuel to the NFT rally that has been underway for the majority of 2021.
Related: The FATF draft guidance targets DeFi with compliance
Expanding the definition of virtual asset service providers
The FATF is an intergovernmental organization whose mandate is to develop policies to combat money laundering and terrorist financing. While the FATF cannot create binding laws or policies, its guidance exerts a significant influence on counter-terrorist financing and anti-money laundering (AML) laws among its members. The U.S. Department of the Treasury is one of the government agencies that generally follows and implements regulations based on the FATF’s guidance.
The FATF’s much-anticipated guidance takes an “expansive approach” in broadening the definition of virtual asset service providers (VASPs). This new definition includes exchanges between virtual assets and fiat currencies; exchanges between multiple forms of virtual assets; the transfer of digital assets; the safekeeping and administration of virtual assets; and participating in and providing financial services relating to the offer and sale of a virtual asset.
Once an entity is labeled as a VASP, it must comply with the applicable requirements of the jurisdiction in which it does business, which generally includes implementing Anti-Money Laundering (AML) and counter-terrorism programs, be licensed or registered with its local government and be subject to supervision or monitoring by that government.
Separately, the FATF defines virtual assets (VAs) broadly:
“A digital representation of value that can be digitally traded, or transferred, and can be used for payment or investment purposes.” But excludes “digital representations of fiat currencies, securities and other financial assets that are already covered elsewhere in the FATF Recommendations.”Taken together, the FATF’s definition of VAs and VASPs seemingly extends AML, counter-terrorism, registration and monitoring requirements to most players in the crypto industry.
Impact on DeFi
The FATF’s guidance regarding DeFi protocols is less than clear. The FATF starts by stating:
“DeFi application (i.e., the software program) is not a VASP under the FATF standards, as the Standards do not apply to underlying software or technology…”The guidance does not stop there. Instead, the FATF then explains that DeFi protocol creators, owners, operators or others who maintain control or sufficient influence over the DeFi protocol “may fall under the FATF definition of a VASP where they are providing or actively facilitating VASP services.” The guidance goes on to explain that owners/operators of DeFi projects that qualify as VASPs are distinguished “by their relationship to the activities undertaken.” These owners/operators may exert sufficient control or influence over assets or the project’s protocol. This influence can also exist by maintaining “an ongoing business relationship between themselves and users” even when it is “exercised through a smart contract or in some cases voting protocols.”
In line with this language, the FATF recommends that regulators not simply accept claims of “decentralization and instead conduct their own diligence.” The FATF goes so far as to suggest that if a DeFi platform has no entity running it, a jurisdiction could order that a VASP be put in place as the obliged entity. In this respect, the FATF has done little to move the needle on the regulatory status of most players in DeFi.
Related: DeFi: Who, what and how to regulate in a borderless, code-governed world?
Impact on stablecoins
The new guidance reaffirms the organization’s previous position that stablecoins — cryptocurrencies whose value is pegged to a store of value such as the U.S. dollar — are subject to the FATF’s standards as VASPs.
The guidance addresses the risk of “mass adoption” and examines specific design features that affect AML risk. In particular, the guidance points to “central governance bodies of stablecoins” that “will in general, be covered by the FATF standards” as a VASP. Drawing on its approach to DeFi generally, the FATF argues that claims of decentralized governance are not enough to escape regulatory scrutiny. For example, even when the governance body of stablecoins is decentralized, the FATF encourages its members to “identify obliged entities and … mitigate the relevant risks … regardless of institutional design and names.”
The guidance calls on VASPs to identify and understand stablecoins’ AML risk before launch and on an ongoing basis, and to manage and mitigate risk before implementing stablecoin products. Finally, the FATF suggests that stablecoin providers should seek to be licensed in the jurisdiction where they primarily conduct their business.
Relayed: Regulators are coming for stablecoins, but what should they start with?
Impact on NFTs
Along with DeFi and stablecoins, NFTs have exploded in popularity and are now a major pillar of the contemporary crypto ecosystem. In contrast to the expansive approach toward other aspects of the crypto industry, the FATF advises that NFTs are “generally not considered to be [virtual assets] under the FATF definition.” This arguably creates a presumption that NFTs are not VAs and their issuers are not VASPs.
However, similar to its approach toward DeFi, the FATF emphasizes that regulators should “consider the nature of the NFT and its function in practice and not what terminology or marketing terms are used.” In particular, the FATF argues that NFTs that “are used for payment or investment purposes” may be virtual assets.
While the guidance does not define “investment purposes,” the FATF probably intends to encompass those who buy NFTs with the intent to sell them at a later time for a profit. While many buyers purchase NFTs because of their connection with the artist or work, a large swath of the industry purchases them because of their potential to increase in value. Thus, while the FATF’s approach toward NFTs is seemingly not as expansive as its guidance for DeFi or stablecoins, FATF countries may rely on the “investment purposes” language to impose stricter regulation.
Related: Nonfungible tokens from a legal perspective
What the FATF guidance means for the crypto industry
The FATF guidance closely tracks the aggressive stance from U.S. regulators concerning DeFi, stablecoins and other major parts of the crypto ecosystem. As a result, both centralized and decentralized projects will find themselves increasingly pressured to comply with the same AML requirements as traditional financial institutions.
Moving forward, DeFi projects, as we are already seeing, will burrow deeper into DeFi and experiment with new governance structures such as decentralized autonomous organizations (DAOs) that approach “true decentralization.” Even this approach is not without risk because the FATF’s expansive definition of VASPs creates issues with key signers of smart contracts or holders of private keys. This is particularly important for DAOs because signers could be classed as being VASPs.
Given the expansive way that the FATF interprets who “controls or influences” projects, crypto entrepreneurs will have a tough fight ahead of them not only in the United States but also around the world.
This article was co-authored by Jorge Pesok and John Bugnacki.
The views, thoughts and opinions expressed here are the authors’ alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.
This article is for general information purposes and is not intended to be and should not be taken as legal advice.
Jorge Pesok serves as general counsel and chief compliance officer for Tacen Inc., a leading software development company that builds open-source, blockchain-based software. Before joining Tacen, Jorge developed extensive legal experience advising technology companies, cryptocurrency exchanges and financial institutions before the SEC, CFTC, and DOJ.
John Bugnacki serves as policy lead and law clerk for Tacen Inc. John is an expert on governance, security and development. His research and work have focused on the vital intersection between history, political science, economics and other fields in producing effective analysis, dialogue and engagement.