Reports of FTX Group’s demise has been inescapable since news first broke of potential insolvency and misuse of customer funds. This blog post provides some background on the situation as well as some thoughts on what is likely to come next. Please see our blog post here on the enforcement storm that is about to hit the cryptocurrency industry—we will be posting additional blog posts on related topics here as well.

The Background

In late 2017, Sam Bankman-Fried founded Alameda Research (Alameda), a quantitative cryptocurrency trading firm headquartered in Hong Kong. Alameda provided a platform for trading in every cryptocurrency market, and was known for pursuing aggressive trading strategies. In 2019, Bankman-Fried founded FTX, a cryptocurrency exchange currently headquartered in the Bahamas, out of Alameda. Bankman-Fried built significant wealth through Alameda and FTX—in early 2022, FTX was reportedly worth $32 billion. While it was known early on that Alameda traded on FTX, industry understanding was that the two entities were distinct aside from common ownership. Shortly after Bankman-Fried founded FTX, the CEO of Binance, Changpeng Zhao (CZ), purchased a controlling stake in the company. FTX bought out Binance’s stake in 2021, for which Binance received over $2 billion, much of which was in FTT, the native token of FTX.

On November 2, 2022, Coindesk published an article discussing a report that revealed that a significant portion of Alameda’s assets were held in FTT. The article observed that “Alameda rests on a foundation largely made up of a coin that a sister company invented, not an independent asset like a fiat currency or another crypto.” Specifically, of the $14.6 billion in assets indicated on the Alameda balance sheet, $3.66 billion was in unlocked FTT and $2.16 billion was in FTT collateral.

The Collapse

On November 6, 2022, CZ announced on Twitter that Binance planned to liquidate its remaining FTT, citing “post-exit risk management.” In response, Alameda offered to purchase all of Binance’s FTT at $22 per coin, which Binance refused. Instead, Binance began to sell its FTT on the open market, resulting in a significant price drop for FTT. While FTX had already seen an increase in withdrawals since the Coindesk article was published, withdrawals rose dramatically following CZ’s announcement and the subsequent rejection of the Alameda offer—that evening, Bankman-Fried posted on Twitter that FTX “had already processed billions of dollars of deposits/withdrawals” that day. By the evening of November 6, fears arose among FTX customers about the solvency of FTX and Alameda.

On November 7, 2022, Bankman-Fried once again took to Twitter, this time stating (in now-deleted tweets) that FTX and customer assets were fine, that FTX had “enough to cover all client holdings,” and that FTX did not invest client assets. However, by the morning of November 8, 2022, customer withdrawals were taking longer to complete, and soon FTX stopped processing them. Reuters reported that FTX had seen $6 billion in withdrawals in the 72 hours prior, which appeared to cause a liquidity crisis for FTX. Later that morning, Bankman-Fried announced an agreement to sell FTX to Binance, pending due diligence, which was non-binding on Binance. In the same thread of tweets, Bankman-Fried highlighted that “the important thing is that customers are protected.” Much of the industry was, however, skeptical of the FTX-Binance deal.

On November 9, 2022, Binance backed away from the agreement to acquire FTX after reviewing FTX’s financial records. That day, Bankman-Fried sought help from Wall Street investors, stating during a call that FTX needed $8 billion in emergency funding to meet demand for client withdrawals. It was soon revealed that Bankman-Fried allegedly transferred at least $4 billion from FTX to Alameda when the trading firm suffered losses during the industry downturn of summer 2022, some of which was customer funds. Some reports indicated that Alameda owed FTX upwards of $10 billion—FTX had $16 billion in customer funds, and reportedly loaned half of those funds to Alameda. Notably, loaning customer funds was explicitly forbidden in the FTX terms of service, which stated that title to assets remained with the customer. Apparently, Bankman-Fried moved the funds through a “back door” built into FTX’s bookkeeping system that allowed him to alter the company’s financial records without alerting internal compliance.

On November 11, 2022, FTX filed for Chapter 11 bankruptcy protection, along with Alameda and over 130 other FTX-affiliated entities. Bankman-Fried also resigned as CEO of FTX. FTX could owe money to over 1 million customers.

What’s Next?

The collapse of FTX has shaken the crypto industry, particularly because FTX was viewed as one of the most trusted exchanges in the sector. FTX customers are most directly affected by the situation. The only potential reprieve for FTX customers is through bankruptcy proceedings. After filing for Chapter 11 bankruptcy, a business must submit a reorganization plan to the bankruptcy court, agreed upon by the debtor and its major creditors, and the court must confirm the plan. Typically, the goal should be to maximize recovery for creditors. This will not be a typical bankruptcy proceeding, however. Looming jurisdictional disputes between the Bahamas and the United States are likely to add to the complications. 

Following the bankruptcy proceedings, FTX customers should, in theory, receive some portion of the company’s remaining assets. However, it remains unclear what assets, if any, will remain to be disbursed given the recordkeeping discrepancies reported in the press. Another issue arises with respect to who owns the customer deposits. If deemed to be owned by FTX, the deposits would be pooled with the total remaining assets to be divided to pay all creditors, resulting in much lower payments for customers.             

Policymakers in Washington, D.C. are shocked by the apparent deception displayed by one of the most vocal advocates for a new crypto regulatory regime. Hearings are beginning to be scheduled to learn the details of what exactly happened and why in the FTX collapse, and it can be assured that more hearings and potential legislation will be discussed in the new Congress. Finally, federal prosecutors in New York are reportedly investigating the FTX collapse, and specifically the company’s handling of customer funds. This probe joins investigations by the Securities and Exchange Commission (SEC), the Commodity Futures Trading Commission (CFTC),

With the collapse of FTX and Alameda so close on the heels of Celsius, one thing is clear – the regulatory and enforcement storm so many anticipated coming to crypto is now here.  Unfortunately, regardless of what the facts surrounding FTX and Alameda ultimately turn out to be, incidents like this serve to reinforce the biases of enforcement agencies against all crypto companies, regardless of their construction, design, operation, or leadership. For some prosecutors and investigators, this incident will be seen as validation of the view that everything and everyone in the crypto space is dirty, or a scam (or both).

That’s not true, and it’s not fair, but it’s the reality crypto companies are facing.  And these effects will linger long after the fall of FTX is a memory. 

Even in the best of times, it’s hard to get enforcement agencies not to paint all crypto companies with the same brush. These are not the best of times – and all it takes is one or two high-profile incidents to undo years of progress, and we’ve now had more than that just in the past few months.

So what should crypto companies be doing now, with these storm clouds clearly on the horizon?

First, line up counsel now, so you are prepared for the day when subpoenas arrive and agents start knocking on doors to interview your people. Decisions made in the initial moments of an investigation can have far-reaching consequences, so it’s important to think through those scenarios and issues in advance.  

Second, this is the time for a “wellness check” of sorts – a review of the areas of your business that are most likely to draw interest from DOJ and other agencies. AML/KYC.  Sanctions. Disclosures to customers or counterparties. Lending arrangements.  Arrangements among companies with shared or overlapping ownership. All of these should be scrutinized by your company now, because agencies will scrutinize them later.  And to be most useful, this type of review should be done by a different firm than the one that helped design your systems or drafted your policies. In these circumstances, a fresh set of eyes is better, and more credible with the government, than having a firm check its own work. This doesn’t mean displacing that firm – it means making sure you have covered all of your bases. Doing this type of review won’t prevent a company from being targeted, just as storm shutters can’t prevent a hurricane. But it will increase the chances that the company can mitigate the pain associated with any such investigation and put the company in a stronger position to get through it successfully.

Exchanges and other VASPs, decentralized exchanges and decentralized finance platforms, and others in the digital asset space would be wise to prepare now – the calm before the storm is over, and the storm will be with us for quite some time. 

On October 11, 2022, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) and Financial Crimes Enforcement Network (FinCEN) announced enforcement actions against Bittrex, Inc. (Bittrex), a privately-owned digital asset trading platform based in Bellevue, Washington, for apparent violations of anti-money laundering (AML) laws and of multiple sanctions programs. A settlement of over $24 million was announced by OFAC and a $29 million fine was announced by FinCEN. FinCEN will credit payment of the OFAC settlement amount toward Bittrex’s potential liability with FinCEN, meaning Bittrex will pay just over $29 million in total. Joint enforcement action between OFAC and FinCEN is uncommon—the settlements mark the first instance of parallel enforcement actions by OFAC and FinCEN in the digital asset sector.

The parallel settlements provide insight into certain sanctions and AML risks in the digital asset sector and illustrate how OFAC and FinCEN rules intersect and overlap in part: for example, that OFAC violations can trigger suspicious activity report filing obligations.

Continue Reading OFAC and FinCEN Announce Enforcement Actions Against Bittrex

On October 10, 2022, the Organisation for Economic Co-Operation and Development (OECD) released its new global tax reporting standards for cryptocurrency and other digital assets, the Crypto-Asset Reporting Framework (CARF) and Amendments to the Common Reporting Standard.[1] The CARF provides standards that, if adopted by jurisdictions, would require cryptocurrency exchanges, intermediaries, and other service providers to report to tax authorities required tax information related to certain crypto-asset transactions.

In response to the rapid use and adoption of cryptocurrency, the G-20 mandated the OECD develop a framework for the exchange of tax information for crypto-assets. According to the OECD, crypto-assets are often transferred without the use of traditional financial intermediaries and the CARF addresses coverage gaps in the Common Reporting Standard (CRS) to develop an international reporting framework to ensure standardized tax reporting for crypto-asset transactions.

The CARF includes model rules and commentary for countries to implement domestic laws to collect information related to crypto-asset transactions and is focused on four key areas: (1) the scope of crypto-assets to be covered, (2) the entities and individuals subject to reporting, (3) the transactions subject to reporting, and (4) due diligence procedures.

Continue Reading OECD Releases New Global Tax Reporting Framework for Cryptocurrency

On August 30, 2022, further amendments to the UK’s nine thematic and 29 geographic sanctions regulations came into effect, which expand financial sanctions reporting obligations to cryptoasset exchanges and custodian wallet providers.  The amendments, which were introduced under the Sanctions (EU Exit) (Miscellaneous Amendments) Regulations 2022 and the Sanctions (EU Exit) (Miscellaneous Amendments) (No.2) Regulations 2022 (Amending Regulations), revise the definition of a “relevant firm” to which mandatory financial sanctions reporting obligations apply.

For more information on how these developments could impact your organization, contact Alexandra Melia, in Steptoe’s Economic Sanctions team in London.

Continue Reading New UK Sanctions Legislation Expands Mandatory Financial Sanctions Reporting Obligations to Include Crypto Providers

On August 1, Robinhood Crypto, LLC (RHC) entered a consent order with the New York State Department of Financial Services (DFS) requiring RHC to pay a $30 million fine for violating (1) New York’s virtual currency regulatory regime known as the BitLicense, (2) a Supervisory Agreement entered with DFS as a condition of its BitLicense, (3) anti-money laundering (AML) requirements applicable to money transmitters, and (4) other requirements related to transaction monitoring, filtering, and cybersecurity. The consent order, which is DFS’s first enforcement action under the BitLicense regime or against a digital currency business, offers several important takeaways for blockchain companies operating or seeking to operate in the state, including (1) the importance of scaling up compliance processes commensurate with business growth, (2) the risks of relying on compliance programs of affiliated entities, (3) the importance of well-developed reporting lines in compliance programs, and (4) the consequences of filing “improper” certifications under DFS’s transaction monitoring and cybersecurity rules.

Continue Reading DFS’s First Enforcement Action Against a Blockchain Company: Lessons Learned

On August 8, 2022, the US Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced the imposition of sanctions on the decentralized digital asset mixer Tornado Cash. The action marks the first time OFAC has targeted an on-chain decentralized protocol. To date, OFAC has not issued any guidance specific to decentralized finance (DeFi) as part of its broader sanctions guidance for the “virtual currency” industry, but the Tornado Cash action lays down an important marker and makes clear that OFAC will target projects or protocols engaged in illicit activity regardless of their centralized or decentralized status. (Our prior blog post on OFAC’s general virtual currency guidance is available here).

According to OFAC, Tornado Cash was “used to launder more than $7 billion worth of virtual currency since its creation in 2019,” including over $455 million stolen by the Lazarus Group, a North Korean-backed hacking group that was previously targeted by OFAC sanctions. In announcing the action, Under Secretary of the Treasury for Terrorism and Financial Intelligence Brian Nelson explained, “Despite public assurances otherwise, Tornado Cash has repeatedly failed to impose effective controls designed to stop it from laundering funds for malicious cyber actors on a regular basis and without basic measures to address its risks.”

Continue Reading OFAC Designates Tornado Cash in First Action Against a Decentralized Platform

On July 21, 2022, the SEC filed insider trading charges in federal court against a former Coinbase product manager and two others for trading ahead of multiple announcements that certain crypto assets would be made available for trading on the platform.[1] The SEC alleged that the defendants traded ahead of listing announcements for at least 25 crypto assets, “at least nine” of which the Commission asserted are investment contracts under the federal securities laws. The complaint includes a Howey[2] analysis for the nine crypto assets that serve as the basis for the SEC’s jurisdiction in this matter. In a parallel action, the Department of Justice charged the same individuals for wire fraud, notably not pursuant to a securities fraud theory.[3]

The charges against the individuals, should the alleged activity prove to be true, are deserved, and evidently resulted from internal efforts by Coinbase to detect frontrunning of listings. The DOJ’s wire fraud case therefore has a high likelihood of success, again should the allegations prove to be true, because wire fraud can occur regardless of whether the assets at issue are securities. The trouble for the industry comes from the fact that the SEC has made allegations in its civil complaint against nine token projects that are not parties to the action, and in at least some cases, had not previously been subject to a direct investigation by the SEC. Moreover, the SEC’s investment contract allegations are jurisdictional; that is, the SEC must obtain a holding that at least one of the tokens is in fact a security for its insider trading case, based on frontrunning securities listings under US securities laws, to succeed. This creates strong incentives for the SEC to drive the case towards such a finding, and gives little opportunity for the projects at issue—or the industry at large—to effectively refute the SEC’s claims or to contest the SEC’s methods.

Industry problem number one, therefore, is a seeming casting aside of due process considerations with respect to SEC determinations concerning specific tokens or projects. Unarguably, the parties in the best position to defend against the charge that the crypto assets are securities are the projects that launched the crypto assets and the platforms that list them. These entities are not parties to the lawsuit, and at least some were never aware of any investigation by the SEC nor were they solicited for information or legal positions. Moreover, five of the nine projects do not appear to be based in the U.S. and therefore may have little incentive to attempt to intervene or engage with U.S. courts on the matter, since the SEC may not even have jurisdiction over them as entities. Accordingly, the action has placed one platform and nine entities—and by extension, the industry—in a corner, subject to a potentially adverse legal decision without the ability to mount a defense.

The fact that this is an industry problem is illustrated by industry problem number two: the relatively generic nature of the crypto assets that the SEC chose to name in the complaint. Strike out the names of the tokens and their issuers and read only the descriptions of the projects, and the nine tokens sound a lot like representatives of classes or categories of sub-assets within the digital asset ecosystem: payment tokens; native platform tokens; governance tokens, etc. The projects also seemingly represent various sectors of the digital asset industry: payment platforms; decentralized liquidity pools and automated market makers; and projects governed via decentralized autonomous organizations (DAOs). As a result, the complaint portends trouble for the entire digital asset industry, as the SEC uses various factors—some listed in its 2019 FinHub guidance,[4] some not—to support elements of its Howey analysis that are common to many projects across the industry.

As specific examples, the SEC’s Howey analysis for the nine projects reveals the SEC’s views on several common features in DeFi:

Governance TokensThree of the crypto assets identified by the Commission may be characterized as governance tokens. While governance tokens are intended to be a vehicle through which projects can achieve true decentralization, the SEC’s complaint suggests that it will not be persuaded by such efforts, regardless of the level of decentralization via the governance token, when a core development team holds governance tokens and can therefore both vote and derive economic benefit from those tokens. As a result, should the SEC prevail, any governance token could be characterized by the SEC as a security where a core development team (either as individuals or as members of unrelated development companies or labs) holds more than a de minimis number of the tokens.

Staking, Liquidity Pool Tokens, Yield Farming – Decentralized platforms often feature native tokens that enable decentralized liquidity pool trading and automated market making, and often permit (or even require) the staking of a certain number of those tokens in order to access the features of the platform. These functions of the native tokens are commonly considered to represent their utility, and they enable decentralization. However, the SEC relies on these activities and features across a number of the identified crypto assets in order to establish the existence of a common enterprise and a reasonable expectation of profits (two elements of the Howey test). As a result, the complaint is tantamount to an SEC assertion that these common features of DeFi protocols irrevocably taint these tokens as securities.

Offshore DAO StructuresThe SEC’s complaint summarily and repeatedly describes organizational structures consisting of some combination of a U.S.-based company providing software development services, an offshore foundation company, and an offshore unincorporated DAO, as a single entity. The SEC paints with a broad brush, collapsing corporate structures without consideration of applicable provisions of corporate law, ignoring jurisdictional considerations, and conflating platforms and protocols with for-profit corporations and LLCs, foundation and other non-stock entities, and unincorporated entities. While there are no details about the arrangements between these entities, the complaint signals that the SEC may be skeptical of the separation of offshore structures from a U.S. development team, and will not hesitate to make assumptions and allegations concerning the relationship of corporate entities without examination of underlying corporate structures and relationships.

Secondary Market Trading – While the SEC has long represented that the presence of a secondary market for tokens is a factor to consider in determining whether a reasonable expectation of profits exists, the SEC’s complaint focuses on this factor to an unusual degree. The complaint declares that statements emphasizing the ability of purchasers to resell tokens in secondary markets is “a crucial inducement to investors and essential to the market”[5] for crypto assets, and focuses much of its arguments for the nine crypto assets on this factor. As a result, the SEC announces almost a de facto finding of an investment contract if there is secondary market trading of the asset.

It is also worth noting that the Commission’s Howey analysis in this complaint marks an important shift from prior actions. In prior cases like those involving Kik, Telegram, and Ripple, the entities were the subjects of SEC investigations, had the opportunity to provide evidence in their own defense, and had the ability to submit a written legal justification prior to any action being filed (called a Wells submission) presenting its arguments against the security status of the asset. Here, the nine analyses are formulaic: the Commission identifies statements intended to establish that the token issuers promoted (1) the value of the token, (2) the ability for purchasers to engage in secondary trading of the token, and (3) the expertise of the token issuers, at both the time of the sale of tokens to the public and on an ongoing basis. No evidence from the company is included, and in at least some cases, none was ever solicited, nor were the companies provided the ability to advocate their own positions.

In sum, the outcome of the SEC’s complaint is likely to reverberate beyond not only the defendants in the case, the nine crypto asset issuers identified in the complaint, and the platforms that list the nine tokens. Many other DeFi protocols and participants in the larger crypto ecosystem engage in similar activities to the projects identified in the complaint. Many have not had engagement with the SEC, or to the extent that they have, they may believe these interactions to not have reached a point where the SEC would make an allegation concerning their asset in court. To the extent the SEC is successful in obtaining a favorable judgment finding these nine crypto assets to be securities, such a finding will likely be used to underpin additional enforcement actions against larger and more established players in the industry.

Civil insider trading cases are often stayed pending the outcome of the criminal proceeding, so there is time for the industry to react. However, criminal wire fraud cases tend to have the effect of focusing individual defendants’ attention, and there is a real risk that the SEC will attempt to leverage that criminal case to secure the defendants’ agreement to the language of a settlement of the SEC’s civil claims that could be ratified by the court and used as a cudgel against the industry.

For more information on how to assess the potential impact of the SEC’s complaint to your entity, platform, asset, or fund, please contact a member of Steptoe’s Blockchain & Cryptocurrency practice.



[1] Complaint, SEC v. Wahi, et al., 2:22-cv-01009 (W.D. Wash. Jul. 21, 2022), available at (hereinafter “SEC Complaint”).

[2] SEC v. W.J. Howey Co., 328 U.S. 293 (1946).

[3] Indictment, U.S. v. Wahi, et al., (S.D.N.Y. Jul, 21, 2022), available at

[4] SEC FinHub Staff, Framework for “Investment Contract” Analysis of Digital Assets (Apr. 3, 2019),

[5] SEC Complaint at 22.

On June 7, 2022, Senator Cynthia Lummis (R-WY) and Senator Kirsten Gillibrand (D-NY) introduced the Responsible Financial Innovation Act (RFIA), which seeks to create a complete regulatory framework for digital assets. This is the second in a series of blogs on this groundbreaking bipartisan legislation. Click here for a general overview of the bill and a summary of the tax provisions included in the RFIA.

The RFIA attempts to create a clear standard for determining which digital assets are securities and which are commodities, and draws clear jurisdictional lines between the SEC and CFTC. The SEC would retain jurisdiction over the sale of investment contracts, while the CFTC would gain jurisdiction over the digital asset spot markets. CFTC Chairman Rostin Benham quickly declared his support of the proposed division of labor, while SEC Chairman Gary Gensler has expressed concerns that the legislation may undermine existing market regulations for stock exchanges, mutual funds, and public companies.[1] The policy debate over which of the two agencies is best situated to regulate the crypto markets will likely grow louder in the wake of this proposal.

With respect to securities laws, the RFIA seeks to solve the long-standing problem of the application of the Howey test to digital assets: how long does the security label attach to a digital asset that was initially sold as an investment contract? Application of the full panoply of securities laws to every transaction in a digital asset can stifle the growth of a network and create headaches for entities seeking to comply with complex rules that don’t always fit the underlying conduct.

This update provides a summary of the securities law provisions and obligations placed upon the SEC in the RFIA.

Continue Reading Securities Law Implications of Lummis-Gillibrand Bill

On June 7, 2022, Senator Cynthia Lummis (R-WY) and Senator Kirsten Gillibrand (D-NY) introduced the Responsible Financial Innovation Act (RFIA). This highly anticipated legislation is the first attempt at developing a comprehensive regulatory framework for cryptocurrency and digital assets.

The RFIA builds off proposals introduced this Congress and includes a number of provisions related to securities and commodities regulation. In addition, the RFIA amends the Internal Revenue Code to address and clarify issues related to the taxation and reporting of cryptocurrency and digital assets. Interestingly, the RFIA adopts one of the substantive provisions relating to digital assets in the Biden Administration’s “General Explanation of the Administration’s Fiscal Year 2023 Revenue Proposals,” known as the “Greenbook,” but not the other provision. Specifically, the RFIA adopts the provision permitting tax-free loans of digital assets, but not the provision permitting mark-to-market tax accounting for digital asset traders and dealers.

While this legislation attempts to address some of the largest outstanding questions related to the regulation and taxation of cryptocurrency and digital assets, it faces an uphill battle to be signed into law before the end of the 117th Congress. Heading into the 2022 mid-term elections, a number of Biden Administration and Democratic priorities are still awaiting action and will likely take priority this summer and fall over legislation like the RFIA. Further, this legislation will likely need to overcome the 60-vote threshold in the Senate to end a filibuster. However, the introduction of the RFIA in the Senate sets a new marker and will likely serve as a starting point in the next Congress for any legislation to regulate and tax cryptocurrency and other digital assets.

This update provides a summary of the tax provisions included in the RFIA.

Continue Reading New Bipartisan Senate Legislation Seeks to Address Cryptocurrency and Digital Asset Tax Issues