How FINCEN regulations affects cloud based solutions in payment tech.
Just a few weeks ago, the Financial Crimes Enforcement Network (FINCEN) released a ruling about the applicability of the payment processor exception to a Bitcoin based company.
As a little background, generally any company that transfers value between one party and another (or from one location to another) is deemed a money transmitter and subject to applicable regulatory controls. There is an exception for “payment processors” who merely process payments on behalf of merchants [See (5)(ii)(B) ].
In the recent ruling, the company requesting clarification wanted to accept remittance in U.S. Dollars from presumably U.S. customers of Latin American hotels and send those hotels the commensurate value in bitcoin. The company argued they fell under the payment processor exception. FINCEN disagreed. Without going into to much detail, the basis of the ruling was that for the payment processor exemption to apply, the “payment processor exemption to apply, the entity must use a clearance and settlement system that intermediates solely between BSA regulated institutions.” (BSA is the Bank Secrecy Act).
While this is bad for the company that requested the ruling, it’s even worse for the Bitcoin community at large. Why?
[Disclaimer, the following is not to be construed as legal advice and s not meant to pick on Blockchain.info. I’m a customer of blockchain.info and use their API to facilitate transactions for my privacy preserving disposable email service 1ncemail.]
Blockchain.info offers a very simple API that allows merchants to accept bitcoin on their websites and integrate such into their shopping cart or other systems. The API works like many other payment processors in that when money is received it makes a call to a URL on the merchant’s server indicating payment has been received. The merchant then appropriately credits the customer’s account.
The problem (from a regulatory perspective) is that Blockchain.info’s API generates a payment transaction wallet to accept payment for the merchant and then forwards that payment on to the merchant’s wallet. In that respect, Blockchain.info is moving value from one person (the consumer) to another (the merchant) and they can’t rely on the payment processor exception because they are going through BSA regulated entities to send value to the merchant.
Now, of course, if Blockchain.info provided the same functionality of the API in software the merchant downloaded and installed on their own servers, there wouldn’t be an issue, because they are merely providing software, not facilitating the actual transmission. I would say the API could provide the primary function (monitoring a transaction wallet address for payment and calling a URL) without running afoul of the regulations. But because Blockchain.info has control of that intermediary wallet, they are in fact a money transmitter, for the purposes of the regulations.
I actually think this ruling might be a prelude to FINCEN considering miners as money transmitters. And I hesitate to suggest, if someone presented the Bitcoin system in the abstract (without reference Bitcoin) to FINCEN asking for clarification if miners were money transmitters, they would unquestionably say yes.