What is the Bank Secrecy Act and why are most of Web3 and DAOs probably in violation of it

Ken O'Friel
May 4, 2022

The Bank Secrecy Act is US legislation that requires financial institutions to provide documentation to regulators whenever their clients deal with suspicious cash transactions involving sums over $10,000 in value. It’s part of the wider anti-money laundering (AML) and know-your-customer (KYC) programs that the US government instated to ensure there was transparency and accountability in financial transactions.

And you’re probably in breach of it.

I’m not in the US - how can this affect me?

Sure, you might not be but I bet a number of your contributors, members, or customers are. The key point to note is that this legislation applies to anyone that transacts with someone based in the US. While your Web3 organization could be completely on-chain or have an entity established in the Marshall Islands, you can still be in breach of the requirements if you buy, pay, award, grant, compensate anyone US-based.

We’re a DAO, not a financial institution, why does this matter?

Three letters; K, Y, C, know-your-customer. The anonymity of Web3 creates significant risk here. You have very little personal information on the members and contributors within your DAO and are therefore at risk of being in breach of KYC regulations.

If a contributor completes a quest, bounty or project, and you reward them with tokens over the value of $10,000 - you’re in violation. If a contributor is based in a jurisdiction currently sanctioned by the US (Iran, Russia, etc) and you compensate them in stablecoin - you’re in violation.

The New York State Department of Financial Services announced as a direct response to the ongoing Ukraine conflict that it requires all virtual currency transactions to be controlled through:

  • Use of geolocation tools and IP address identification and blocking capabilities to detect and prevent potential sanctions exposure.
  • Transaction monitoring and investigative tools, including blockchain analytics tools, to identify transaction activity involving virtual currency addresses or other identifying information associated with sanctioned individuals and entities listed on the SDN List, or located in sanctioned jurisdictions.

A recent example serves to highlight these points. Two founders and executives of BitMEX pled guilty to willfully failing to establish, implement, and maintain an AML program. They had an established entity in Seychelles but were actively transacting with customers based in the US and were deemed aware of their KYC/AML responsibilities, yet chose to ignore them. This resulted in a $20 million suspended penalty and ending all operations within the United States and no longer serving any US customers.

These regulatory pressures are not going away anytime soon either. The SEC has just announced they’re doubling the size of their Crypto Assets and Cyber Unit. With a focus on “protecting investors” from everything that the SEC views as currently unregistered securities or securities platforms. It’s a vague definition and one that suggests; they’re going to look at everything… in much greater detail.

What’s the solution?

It’s complex. In some cases, DAOs & Web3 organizations that are deemed to be “Money Service Business” will need to apply for licenses and registration, state-by-state, jurisdiction-by-jurisdiction. In others, it’s ensuring you have visibility over the necessary personal information of your DAOs members and contributors to ensure transactions aren’t non-compliant with sanctions or other regulations.

Or, you can partner with WorkDAO.

We’ve done all the hard work, set up the entities, and got the registrations. We can facilitate payroll and compensation in fiat, cryptocurrencies, or tokens, anywhere in the world. Our solution allows you to enter into full and contract employment agreements with your contributors ensuring you have visibility over their personal information and location to avoid any violations of sanctions compliance.

We’re the only crypto-native employment solution that can legally & compliantly handle payroll, tax, benefits, and HR.

If you want to get in touch: hello@theworkdao.com