Re: New York State Department of Financial Services proposed rule on Virtual Currency.

[Leon DuPree <duprleo () GMAIL COM>]

Excellent question.. but the answer is
A. Don't accept these currencies
B. Outsource the process to a vendor
C. Become PCI compliant and deal with this at your own peril.
On Aug 7, 2014 1:55 PM, "H Morrow Long" <morrow.long () yale edu> wrote:

> New York State's Dept of Fin Svcs recently proposed a regulatory rule on
> Virtual Currency businesses.  Yesterday (8/6/14) the Bitcoin Foundation
> asked for an extension of the comment period (
> http://dealbook.nytimes.com/2014/08/06/bitcoin-foundation-seeks-more-time-to-address-virtual-currency-rules/?_php=true&_type=blogs&_r=0
> ).
>
> Yes, it's starting to happen -- state governments are taking note of the
> Bitcoin economy (and ecosystem) as well as some of the financial dangers
> (see: Mt Gox) and the potential loss of fees and taxes due to a
> subterranean economy based on untraced digital coinage.
>
> NY is often a pioneer and sets precedents in financial industry regulation
> (and enforcement) -- because of Wall Street and other NYC based financial
> services companies.
>
> An examination of the proposed rule shows NY is definitely looking at
> having businesses which deal in crypto currencies (such as Bitcoin) to have
> them track transactions as well as secure both transactions and customer's
> financial holdings and information.
>
> Such tracking and security as written would also appear to attempt to
> defeat some of the somewhat (note not 100% at any rate anyway) anonymous
> nature of Bitcoin since the rule states that customers cannot hide or
> obfuscate their identity in order to evade the laws on limits on currency
> trades and reporting, etc.
>
> Many of the proposed measures under the rule would require that
> "exchanges" implement information security programs similar to those for
> the highest tier credit-card handling enterprises under PCI/DSS.
>
> Is it left less well-defined as to what regulations would fall upon
> organizations accepting Bitcoin (e.g. would campus organizations, centers
> and Labs which now state that they "Accept Bitcoin" be required to protect
> these transactions and virtual currency under PCI/DSS-like requirements?).
>
>
> http://www.workplaceprivacyreport.com/2014/08/articles/data-security/ny-department-of-financial-services-proposes-virtual-currency-rule/?utm_source=Jackson+Lewis+P.C.+-+Workplace+Privacy+Report&utm_campaign=41c71050b8-RSS_EMAIL_CAMPAIGN&utm_medium=email&utm_term=0_4a1c27c942-41c71050b8-70242157
>
> http://www.workplaceprivacyreport.com/wp-content/uploads/sites/162/2014/08/pr1407171-vc.pdf