Category Archives: NYDFS

What It Means if Companies Like Twitter Are ‘Systemically Important’ to Financial Regulators

When I first suggested Systemically Important Social Media Institutions (SISMIs) were the social media parallel to Systemically Important Financial Institutions (SIFIs), I did not expect the theory to be picked up by financial regulators.

As it turns out, the New York Department of Financial Services (NYDFS) essentially agrees with the argument, as seen by its investigation into the recent Twitter hacks. In the “Twitter Investigation Report,” the department recommended creating a “systemically important” designation for large social media companies, like the designation for critically important bank and non-bank financial institutions. 

Jenny Leung is a blockchain and fintech attorney at Blakemore Fallon PLLC dba Ketsal.

If you’re wondering why the New York’s financial services regulator was directed to conduct an investigation into the hack of a California-based social media platform, recall that NYDFS licenses Coinbase, Gemini and Square – all companies affected by the Twitter hack that resulted in losses of approximately $22,000 worth of bitcoin by their customers.

Considering the complex web that binds social media companies with financial companies, the economy, markets and politics, it ultimately wasn’t all that surprising to see a state regulator thrown into the mix. Even Gov. Andrew M. Cuomo noted, “This type of hack by con artists for financial gain can also be a tool of foreign actors and others to spread disinformation and – as we’ve witnessed – disrupt our elections.”

See also: What Happens if Big Tech Only Gets Bigger?

As the Twitter report highlights, more Americans are getting their news from social media. I originally argued that if certain social media institutions were to fail today, their failure would pose a significant threat to society due to their outsized influence, size, reach, society’s co-dependence on them and “their power to shape the interpretation of public events.” In other words, any changes to the way SISMIs operate could lead to rippling effects across the globe. After all, they are centralized companies with highly distributed users and employees. 

NYDFS points out that because no regulators have the authority to uniformly regulate internet-based social media platforms or to oversee their cybersecurity concerns, they recommended:

  • Creating a “systemically important” designation for these companies; i.e., labeling social media companies that cross a certain threshold so as to subject them to further regulatory oversight
  • Establishing an expert agency to oversee designated SISMIs
  • A new regulatory framework for SISMIs

Some complications arise from the imposition of a new regulatory framework. In the U.S. alone, any novel framework would need to factor in President Trump’s executive order on online censorship, the upcoming Federal Communications Commission rulemaking regarding Section 230 of the Communications Act, considerations around ever-changing state privacy laws and a proposed federal data privacy bill, Securities and Exchange Commission regulations for public companies, antitrust and related laws and regulations enforced by the Department of Justice and the Federal Trade Commission – the list goes on. 

Outside of the U.S., setting standards that work well across borders or even harmonizing the laws of various nations is not easy, nor can it be done in a reasonable amount of time. Just look at the Principles for Financial Market Infrastructures (PFMIs) – a series of global standards that apply to systemically important financial market infrastructures that took over a decade to implement.

The Twitter hack and NYDFS Twitter report highlighted an obvious need for a tailored approach to cybersecurity and social media.

Governments around the world have proven they can respond aggressively to social media: Thailand signed an order last week allowing authorities to ban media deemed threatening to national security in response to pro-democracy protests, and Iran implemented a five-day nation-wide shutdown of the internet last year. New global standards may be both necessary and appropriate for SISMIs, yet the changes were needed yesterday and will not magically coalesce tomorrow.

If a new regulatory framework for SISMIs is introduced, we may see an exodus of companies and businesses from certain regions as they engage in regulatory arbitrage. We saw this occur in 2015 when the introduction of the BitLicense resulted in numerous cryptocurrency platforms leaving New York. Similarly, many businesses chose to block European visitors from their websites, shut down completely or restructured operations in response to the introduction of the European Union’s General Data Protection Regulation (GPDR) in 2018. 

A novel framework risks fragmenting the social media ecosystem where: (1) users are granted different access, rights and protections depending on their location; and (2) users start turning to censorship-resistant alternatives.

We experienced the latter phenomenon this year in the decentralized finance (DeFi) space as significant volumes of liquidity started to move from centralized exchanges onto DeFi protocols and decentralized exchanges. For many, the attraction was the unstoppable, non-custodial and decentralized nature of the platforms, but for the regulators and enforcement agencies they present “new and unique challenges”

See also: Richard Myers – To Beat Online Censorship, We Need Anonymous Payments

The Twitter hack and NYDFS Twitter report highlighted an obvious need for a tailored approach to cybersecurity and SISMIs, but also unearthed a larger issue – SISMIs are not only too big to fail, they may also be too big to effectively regulate on both a domestic level and international level.

Also hidden in the report is the idea that cryptocurrencies like bitcoin may no longer exist solely within the realm of payments, finance, and trade. It may not be long before we realize that cryptocurrencies have also become embedded into society and economy.

The NYDFS proposals are an important starting point for regulators, policymakers and governments around the world to consider. It is also a warning for the rest of us who continue to use and rely on these centrally controlled, soon-to-be-designated platforms, that Big Brother may be coming to town. In the interim, we may have few options except to trust SISMIs to, among other things, act neutrally and protect our data and the security of their platform. As we take a collective leap of faith, I only hope the gap is shorter than it looks. 


BitGo Applies to Be Regulated Custodian in New York State

Crypto custody provider BitGo has filed paperwork with New York’s financial regulator to offer its services in the state.

In an announcement Tuesday, the company said it was seeking approval from the New York State Department of Financial Services (NYDFS) to act as a trust in the jurisdiction.

It plans, if approved, to operate as an “independent, regulated qualified” custodian under the state banking law.

BitGo said it was targeting “strong demand” from institutional investors based in New York for secure and regulated storage of large amounts of digital assets.

After July guidance from the Office of the Comptroller of the Currency allowing U.S. banks to act as crypto custodians, BitGo said it’s expecting a “dramatic increase in market demand for its products and services from banks, pension funds, hedge funds and other fiduciaries.”

BitGo Trust Company is already a qualified custodian through the South Dakota Division of Banking.

NYDFS Chief Calls Industry Reaction to BitLicense Changes ‘Beyond Positive

The crypto space has reacted positively to the new changes made to the BitLicense, Linda Lacewell, superintendent of the New York Department of Financial Services (NYDFS), said Tuesday.

Discussing recent updates to the state’s contentious crypto regulatory framework as part of the Global Leaders Webinar Series sponsored by Global Digital Finance (GDF) in partnership with Global Blockchain Business Council, Lacewell said some in the space may “curse” the regulator, but the new changes have been received rather well.

“The reaction has been very positive, and beyond positive,” she said.

The session was hosted by Jeff Bandman, former fintech adviser to the U.S. Commodity Futures Trading Commission (CFTC).

Lacewell said she was not surprised by the industry’s reaction to the updates because the regulator worked on the license in confidence with industry players – both licenced and unlicenced – and experts to understand its shortcomings. 

“We’ve even had some licensees tell us that they’re very excited and interested in pursuing additional licencing with other potential parties that are all partners in the space,” Lacewell said. 

Crypto hub?

Lacewell said when she first took office last year, she immediately assigned personnel to work through a backlog of BitLicense applications that needed reviewing and that she has made numerous application decisions since then.

For instance, it took European crypto exchange Bitstamp four years after submitting an application to receive a license. Since Lacewell was appointed in June of 2019, six entities have received NYDFS accreditation.

“But then, beyond that, the area felt a little stale. And I thought to myself, we’re coming up on five years of having this licence and we need to take a fresh look,” Lacewell said. “I was very conscious of the criticisms about the licence and that it wasn’t pragmatic and that it favored a select few and they had to have a lot of money to get into the space.” 

Lacewell added the department had not put out much in the way of guidance to help companies navigate the “complicated application” for the license.

“We knew that, at a bare minimum, we needed to clarify and explain the regulatory regime and the licencing application,” Lacewell said. 

Since then, her office has made a number of changes to the Bitlicense including creating a conditional license designed not to burden startups with the heavy costs of applying for a full BitLicense. Instead, they can partner with existing licensed entities to legally operate in New York. 

The regulator is also allowing licensed companies to self-certify virtual currencies, and has issued guidance on coin listings for licensed platforms. To encourage innovation in the space, NYDFS has entered into a partnership with the State University of New York that would allow anyone to work on innovative projects or ideas by visiting one of the 64 SUNY campuses around the state.  

During the webinar, Lacewell said she wants the industry to work.

“Look, when it first started, people said fly-by-night, crazy idea, flawed [and] worse, right? But there are responsible actors in the marketplace. Any financial service or product can be abused, misused and turned into a bad instrument,” Lacewell said. 

Finally, Lacewell said NYDFS wants innovators in emerging technologies across the board to locate in New York and flourish.

“We want innovators right here in New York, which has been the birthplace of so much invention and ingenuity, historically, and has always set the standard not just for the rest of the country but the world. That’s what it means to be the birthplace of immigration, because change agents come here and we want you here,” Lacewell said. 


The leader in blockchain news, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups.