On February 6, 2018, Jay Clayton, the Chairman of the Securities and Exchange Commission (SEC) made a statement at a hearing that he is open to discussions of federal regulations over cryptocurrency exchanges. Currently, in the U.S., cryptocurrency exchanges are generally regulated as “money-transmission services” at the state level. This falls outside the direct purview of either the SEC or the Commodity Futures Trading Commission (CFTC). With the events that are transpiring not just in the United States but globally vis a vis the cryptocurrency market, this will likely change.
With this backdrop, Japan serves as the perfect place to discuss the regulatory framework that has already been implemented. It should be noted that Japan is one of the world’s largest market for bitcoin trading and the first in the world to regulate cryptocurrency exchanges at the national level.
Regulations on Virtual Currencies in Japan: A General Overview
Japan amended its Payment Services Act (“PSA”) and Act on Prevention of Transfer of Criminal Proceeds (“APTCP”) in the form of the amendment of the Banking Act in May 2016, both of which have been in force since April 2017.
1.1 Payment Services Act as amended
In the new PSA, “Virtual Currency” is defined as a value that:
(i) can be used upon selling and buying of a thing or service to and from an unspecified person;
(ii) has economic value that is transferrable via electronic data processing system; and
(iii) is not a legal tender nor currency-denominated asset.
The PSA also required the “Virtual Currency Exchange Service Provider” to be registered with the examination by local finance bureaus (Article 2, Paragraph 8). The key requirements for the registration are:
(i) The company has the minimum capital of 10,000,000 yen (approx. $95,0001) and its assets are not in debt (do you mean not in debt? yes); and
(ii) it has developed a certain framework including, but not limited to:
a. secure data/ information management (Article 63-8);
b. exclusion of anti-social forces;
c. complaint procedure; and
d. supervision of outsourcing contractors.
An Exchange Service Provider is obligated to:
(i) securely manage data/ information;
(ii) establish an appropriate system risk management;
(iii) establish user protection measures (e.g., an appropriate informed consent system);
(iv) appropriately manage users’ assets (e.g., separate management of customer assets); and
(v) appropriately supervise outsourcing contractors.
1.2 Amendment of Act on Prevention of Transfer of Criminal Proceeds (“APTCP”)
The APTCP was amended for the purpose of prevention of digital currency used for money-laundering and other illicit activities. Under the act, Virtual Currency Exchange Service Providers are required to verify the identification of users in advance of their transactions:
(i) which are assumed to be done repeatedly and continuously (e.g., an agreement to open a virtual currency account);
(ii) in which a consumer sells or buys virtual currencies of over 2,000,000 yen (approx. $18,800); or
(iii) in which a consumer transfers virtual currencies of over 100,000 yen (approx. $9,400).
To verify a user’s identification, a provider should send a confirmation mail by post to his/her address (It cannot be conducted only by online process).
The Exchange Service Providers also must report to the agency such transactions suspicious of being related to criminal proceeds, to illegitimate conducts regarding organized crime or illegal drugs (Article 8, Paragraph 1). “Suspiciousness” is determined with factors such as the attribute of the customer (e.g., whether his/her nationality is of the nation which is uncooperative with money laundering measures, whether he/she is PEPs (i.e., politically exposed person), the amount and number of his/her transaction, and the kind of his/her business. The Investigation Report of Riskiness of Criminal Proceeds Transfer which is issued annually from the National Public Safety Commission points out that the cryptocurrencies are highly anonymous and its transfer is global and fast and that such transactions have the risk of being improperly used for criminal proceeds transfer. In the 2017 Report, it is reported that the Service Providers made 170 reports of suspicious transactions in 6 months from April to September, 2017.
Despite of all the above regulations, in late January, 2018, a Tokyo-based cryptocurrency exchange, “Coincheck,” was hacked. In this cyber attack, $530 million of NEM tokens, one of the many popular cryptocurrencies in the world, was stolen by hackers.
Coincheck registration under the PSA as an exchange service provider was pending at the time of the event. The PSA allows Exchange Service Providers2 that were already in existence at the time of its amendment to continue to operate without registration by applying for the registration. At the time of this writing there are 16 exchange service providers that are currently registering under the PSA.
As it turned out, Coincheck did not comply with the Guideline for the Virtual Currency Exchange Service Providers published by the Financial Services Agency (FSA) in many aspects. The Guideline states in detail the recommended conducts for Service Providers in complying with the obligations under the PSA. Coincheck stored the stolen NEM tokens in a “hot wallet” rather than in the more secure “cold wallet” which is kept on platforms cut off from the Internet and the company did not manage its own assets and users’ assets separately, even though the Guideline says otherwise. The Guideline states that Providers should manage encryption keys necessary to manage and dispose of virtual currencies on the platforms not connected to the Internet to the extent possible and not to impair the convenience of users. The Guideline, however, is just a set of factors to be considered upon implementing an appropriate management framework and cannot by itself be enforced with punishment unlike the PSA. There is no mention about the adoption of multi-signature security system in the Guideline.
In addition, Coincheck made an extremely inappropriate move by sending some $300 million right after the event occurred to a dubious account before it suspended every trading except for Bitcoins.
The FSA conducted onsite inspection and ordered Coincheck to submit a report on how it was hacked and how to prevent it. Other administrative or criminal measures, if any, remain to be seen.
Amid all this, a civil action has been already filed to recover the damages from the incident, claiming for the transfer of cryptocurrencies themselves to the plaintiffs. It is said that the Coincheck’s terms and conditions has a provision which exempts the company of all liabilities in any case without exception. If this is true, such provision is void under the Japanese Consumer Protection Act, which allows consumers to claim all the predictable damages accrued from the company’s negligence.
A New Move in the Mt. Gox Bankruptcy
In 2014, Japan experienced a massive bankruptcy the case of Mt. Gox, again a Tokyo-based exchange which once handled over 70% of all bitcoin trading in the world. Thus, it is no wonder Japan became the world’s first nation to regulate cryptocurrency exchange upon boosting the cryptocurrency movement.
There was an interesting move in the proceedings in last November regarding the bankruptcy case which I would like to introduce herein.
Like the Coincheck incident, in 2014, the CEO of Mt. Gox, Mr. Mark Marie Robert Karpelès, claimed that approximately 744,000 Bitcoins were stolen and suspended all trading. In February of the same year, it filed a petition for the commencement of reorganization proceedings with the Tokyo District Court under Japanese laws. The proceedings correspond to those of Chapter 11 bankruptcy in the United States which allow a debtor to propose a reorganization plan to keep its business alive and pay creditors over time (the so-called DIP [debtor in possession]).
The Court denied the petition due to the large number of foreigner debtors (who will have the same status as Japanese nationals under the proceedings; Reorganization Act, Article 3) and the uncertainty of the feasibility of planning reorganization. In April 2014, the Court ordered the commencement of liquidation proceedings which correspond to Chapter 7 bankruptcy in the US.
It shall be noted, that in the interim, in September 2015, Mr. Karpelès, was formally charged with embezzlement, etc.
There are approximately 200,000 BTC in the bankruptcy estate of Mt. Gox. In addition, creditors have filed proof of claims, in the amount of 45.6 billion yen ($285 million), which I speculate are sure to be approved. (Note: the 200,000 BTC is worth about 9 billion yen ($56 million) at the time of the commencement order with the rate of 1BTC=appx. 45,000 yen)
Since then, the value of bitcoins rose sharply with the rate of 1BTC= appx. 1,151,000 yen (as of February 19, 2018), which makes the bitcoins in the estate worth around 230 billion yen ($1.4 billion). This made 100% payment possible, which is a very exceptional case.
This case presents some novel legal issues. The Japanese bankruptcy law which regulates liquidation proceedings does not have a provision which allow payment or distribution in currencies other than yen or other traditional forms of currency. In addition, the value of assets in a bankruptcy estate is basically fixed at the time of the commencement order. Now that the value of bitcoin is approximately 40 times from that of April 2012, some of the investors strongly seek to be paid in bitcoins with the prospect of increase in value.
The bankruptcy trustee of Mt. Gox has been mentioning about the possibility of making distribution in bitcoins. Certainly there is a way. The trustee can sell bitcoins from the estate to creditors in exchange for an appropriate value and the creditors will receive money from the estate in the ordinary distribution process. However, the fluctuation of bitcoin value is also problematic here. The court would not permit a trustee to sell bitcoins with discounted value and there is no guarantee that the distribution would be made in (i.e., the creditors would be paid) the same amount as the amount he/she paid for the bitcoins.
Further, there is no way to cancel liquidation proceedings once they are commenced except when it is filed by the bankrupted party and that there is consent by all the creditors. (Bankruptcy Act, Article 218). Those interested in this can read Mark Karpelès’ blog where he discussed this in great length here: https://blog.magicaltux.net/article/MtGox-Bankruptcy
Therefore, some of the creditors filed a petition for the commencement of reorganization proceedings once again in November 2017. In response, the court issued an order to let an independent lawyer examine the necessity of transferring the case from liquidation proceedings to reorganization proceedings, which is very rare. Below, in part, is the order that stipulates the conditions necessary to permit transfer:
Such a transfer is permitted by the court:
(i) when there is a risk that a fact constituting the grounds for the commencement of bankruptcy proceedings (i.e., “unable to pay debts or insolvent”) would occur to a debtor; and
(ii) when it conforms to the common interests of creditors.
(Reorganization Act, Article 246)
The decision of the court whether to transfer the proceedings remains to be seen. After the filing, the value of Bitcoins dropped about 51% (as of February 19, 2018 in yen) from its peak in December 2017, which may affect the court’s decision.
Japan has already implemented one kind of a regulatory framework over virtual currencies but it might tighten its operation or even its law seeing the disastrous Coincheck scandal. And there has been legal discussions evolving around the nature of a virtual currency (i.e., whether it should be regarded as a right in rem, monetary claim or what) in case it becomes a subject of a delivery claim, a seizure, etc. Thus, Japan will continue to be an interesting place to seek for some insights for cryptocurrency regulations for quite a while.