Bill Text: CA AB2269 | 2021-2022 | Regular Session | Amended

California Assembly Bill 2269 (Prior Session Legislation)

NOTE: There are more recent revisions of this legislation. Read Latest Draft

Bill Title: Digital financial asset businesses: regulation.

Spectrum: Partisan Bill (Democrat 4-0)

Status: (Vetoed) 2022-09-23 - Vetoed by Governor. [AB2269 Detail]

Download: California-2021-AB2269-Amended.html

Amended IN Senate June 06, 2022

CALIFORNIA LEGISLATURE— 2021–2022 REGULAR SESSION

Assembly Bill

No. 2269

Introduced by Assembly Member Grayson
(Coauthor: Assembly Member Stone)

February 16, 2022

An act to ~~amend Sections 22101 and 50121 of, and to repeal and add 22101.5, 28114, and 100008, of,~~ add Division 1.25 (commencing with Section 3101) to the Financial Code, relating to financial regulation.

LEGISLATIVE COUNSEL'S DIGEST

AB 2269, as amended, Grayson. ~~Financial regulation: fingerprinting.~~ Digital financial asset businesses: regulation.

Existing law, the Money Transmission Act, generally prohibits a person from engaging in the business of money transmission, as defined, without a license from the Commissioner of Financial Protection and Innovation.
This bill, the Digital Financial Assets Law, would, on and after January 1, 2024, prohibit a person from engaging in digital financial asset business activity, or holding itself out as being able to engage in digital financial asset business activity, with or on behalf of a resident unless any of certain criteria are met, including the person is licensed or registered with the Department of Financial Protection and Innovation, as prescribed. The bill would define “digital financial asset” to mean a digital representation of value that is used as a medium of exchange, unit of account, or store of value, and that is not legal tender, whether or not denominated in legal tender, except as specified.
This bill would, among other things, authorize the department to conduct examinations of a licensee, as prescribed, and would require a licensee or registrant to maintain, for all digital financial asset business activity with, or on behalf of, a resident for 5 years after the date of the activity, certain records, including a general ledger posted at least monthly that lists all assets, liabilities, capital, income, and expenses of the licensee or registrant.
The bill would authorize the department to take an enforcement measure against a licensee, registrant, or person that is neither a licensee nor registrant but is engaging in digital financial asset business activity with, or on behalf of, a resident in any of certain instances, including the licensee, registrant, or person materially violates the provisions of the bill, a rule adopted or order issued under the bill, or a law of this state other than the bill that applies to digital financial asset business activity of the violator with, or on behalf of, a resident. The bill would prescribe certain civil penalties for violations of its provisions.
The bill would require a licensee or registrant, before engaging in digital financial asset business activity with a resident, to make certain disclosures to the resident, including a schedule of fees and charges the licensee or registrant may assess, the manner by which fees and charges will be calculated if they are not set in advance and disclosed, and the timing of the fees and charges.
The bill would require an applicant, before submitting an application, and registrant, before registering, to create and, during licensure or registration, maintain in a record policies and procedures for, among other things, an information security program and an operational security program.
Existing law, the California Financing Law, provides for the licensure and regulation of finance lenders, brokers, and program administrators, as defined, under the supervision of the Commissioner of Financial Protection and Innovation (commissioner). Existing law, the Student Loan Servicing Act, which is administered by the commissioner, prohibits anyone from engaging in the business of servicing a student loan in this state without first obtaining a license, subject to certain exceptions. Existing law, the California Residential Mortgage Lending Act, which is also administered by the commissioner, prohibits anyone from engaging in the business of making residential mortgage loans or servicing residential mortgage loans without first obtaining a license from the commissioner. Existing law, the Debt Collection Licensing Act, also administered by the commissioner, prohibits a person from engaging in the business of debt collection in this state without first obtaining a license, as specified. The California Financing Law authorizes the commissioner, by rule, to require fingerprints submitted by an applicant to be submitted to the Nationwide Mortgage Licensing System and Registry in addition to the Department of Justice.
This bill, with regard to each of the licensing laws described above, would authorize the Commissioner of Financial Protection and Innovation to require fingerprints submitted by an applicant for a criminal background check to be submitted to the Nationwide Mortgage Licensing System and Registry.
The California Financing Law, the Student Loan Servicing Act, and the Debt Collection Licensing Act each require the Commissioner of Financial Protection and Innovation to submit finger print images to the Department of Justice in order to obtain to criminal history information and requires the Department of Justice to transmit this information to the Federal Bureau of Investigation (FBI). These laws require the Department of Justice to review information returned from the FBI and to provide a specified response to the commissioner. Existing law requires the commissioner to request subsequent arrest notification service, as specified, from the Department of Justice and requires the department to charge a fee, payable by the applicant, to cover costs related to processing requests.
~~This bill would delete these provisions and make a conforming change.~~

Vote: MAJORITY Appropriation: NO Fiscal Committee: YES Local Program: NO

The people of the State of California do enact as follows:

SECTION 1.

Division 1.25 (commencing with Section 3101) is added to the Financial Code, to read:

DIVISION 1.25. Digital Financial Assets Businesses
CHAPTER 1. General Provisions
3101.
This division shall be known as the Digital Financial Assets Law.
3102.
For purposes of this division:
(a) “Applicant” means a person that applies for a license under this division.
(b) (1) “Bank” means a federally chartered or state-chartered depository institution or holder of a charter granted by the Office of the Comptroller of the Currency to a person engaged in the business of banking other than deposit-taking.
(2) “Bank” does not include either of the following:
(A) An industrial loan company, state-chartered trust company, or a limited purpose trust company, unless incorporated as a bank or the department has authorized the company to engage in digital financial asset business activity.
(B) A trust company or limited purpose trust company chartered by a state with which this state does not have a reciprocity agreement governing trust company activities.
(c) “Control” means both of the following:
(1) When used in reference to a transaction or relationship involving a digital financial asset, power to execute unilaterally or prevent indefinitely a digital financial asset transaction.
(2) When used in reference to a person, the direct or indirect power to direct the management, operations, or policies of the person through legal or beneficial ownership of voting power in the person or under a contract, arrangement, or understanding.
(d) “Department” means the Department of Financial Protection and Innovation.
(e) (1) “Digital financial asset” means a digital representation of value that is used as a medium of exchange, unit of account, or store of value, and that is not legal tender, whether or not denominated in legal tender.
(2) “Digital financial asset” does not include either of the following:
(A) A transaction in which a merchant grants, as part of an affinity or rewards program, value that cannot be taken from or exchanged with the merchant for legal tender, bank credit, or a digital financial asset.
(B) A digital representation of value issued by or on behalf of a publisher and used solely within an online game, game platform, or family of games sold by the same publisher or offered on the same game platform.
(f) “Digital financial asset administration” means issuing a digital financial asset with the authority to redeem the currency for legal tender, bank credit, or another digital financial asset.
(g) “Digital financial asset business activity” means any of the following:
(1) Exchanging, transferring, or storing a digital financial asset or engaging in digital financial asset administration, whether directly or through an agreement with a digital financial asset control services vendor.
(2) Holding electronic precious metals or electronic certificates representing interests in precious metals on behalf of another person or issuing shares or electronic certificates representing interests in precious metals.
(3) Exchanging one or more digital representations of value used within one or more online games, game platforms, or family of games for either of the following:
(A) A digital financial asset offered by or on behalf of the same publisher from which the original digital representation of value was received.
(B) Legal tender or bank credit outside the online game, game platform, or family of games offered by or on behalf of the same publisher from which the original digital representation of value was received.
(h) “Digital financial asset control services vendor” means a person that has control of a digital financial asset solely under an agreement with a person that, on behalf of another person, assumes control of the digital financial asset.
(i) “Exchange,” when used as a verb, means to assume control of a digital financial asset from, or on behalf of, a resident, at least momentarily, to sell, trade, or convert either of the following:
(1) A digital financial asset for legal tender, bank credit, or one or more forms of digital financial assets.
(2) Legal tender or bank credit for one or more forms of digital financial assets.
(j) “Executive officer” means an individual who is a director, officer, manager, managing member, partner, or trustee of a person that is not an individual.
(k) “Insolvent” means any of the following:
(1) Having generally ceased to pay debts in the ordinary course of business other than as a result of a bona fide dispute.
(2) Being unable to pay debts as they become due.
(3) Being insolvent within the meaning of federal bankruptcy law.
(l) “Legal tender” means a medium of exchange or unit of value, including the coin or paper money of the United States, issued by the United States or by another government.
(m) “Licensee” means a person licensed under this division.
(n) (1) “Person” means an individual, partnership, estate, business or nonprofit entity, or other legal entity.
(2) “Person” does not include a public corporation, government, or governmental subdivision, agency, or instrumentality.
(o) “Reciprocity agreement” means an arrangement between the department and the appropriate licensing agency of another state which permits a licensee operating under a license granted by the other state to engage in digital financial asset business activity with or on behalf of a resident.
(p) “Record” means information that is inscribed on a tangible medium or that is stored in an electronic or other medium and is retrievable in perceivable form.
(q) “Registrant” means a person that has registered with this state under Section 3206 to conduct digital financial asset business activity.
(r) “Registration” means the ability under Section 3206 to conduct digital financial asset business activity.
(s) “Resident” means any of the following:
(1) A person who is domiciled in this state.
(2) A person who is physically located in this state for more than 183 days of the previous 365 days.
(3) A person who has a place of business in this state.
(4) A legal representative of a person that is domiciled in this state.
(t) “Responsible individual” means an individual who has managerial authority with respect to a licensee’s or registrant’s digital financial asset business activity with, or on behalf of, a resident.
(u) “Sign” means, with present intent to authenticate or adopt a record, either of the following:
(1) To execute or adopt a tangible symbol.
(2) To attach to, or logically associate with, the record an electronic symbol, sound, or process.
(v) “State” means a state of the United States, the District of Columbia, Puerto Rico, the United States Virgin Islands, or any territory or insular possession subject to the jurisdiction of the United States.
(w) “Store,” except in the phrase “store of value,” means to maintain control of a digital financial asset on behalf of a resident by a person other than the resident. “Storage” and “storing” have corresponding meanings.
(x) “Transfer” means to assume control of a digital financial asset from, or on behalf of, a resident and to subsequently do any of the following:
(1) Credit the digital financial asset to the account of another person.
(2) Move the digital financial asset from one account of a resident to another account of the same resident.
(3) Relinquish control of a digital financial asset to another person.
(y) “United States dollar equivalent of digital financial assets” means the equivalent value of a particular digital financial asset in United States dollars shown on a digital financial asset exchange based in the United States for a particular date or period specified in this division.
3103.
(a) Except as otherwise provided in subdivision (b) or (c), this division governs the digital financial asset business activity of a person, wherever located, who engages in or holds itself out as engaging in the activity with, or on behalf of, a resident.
(b) This division does not apply to the exchange, transfer, or storage of a digital financial asset or to digital financial asset administration to the extent the Electronic Fund Transfer Act of 1978 (15 U.S.C. 1693 et seq.), the Securities Exchange Act of 1934 (15 U.S.C. 78a et seq.), or the Corporate Securities Law of 1968 (Division 1 (commencing with Section 25000) of Title 4 of the Corporations Code) govern the activity. This division does not apply to activity by any of the following:
(1) The United States, a state, political subdivision of a state, agency, or instrumentality of federal, state, or local government, or a foreign government or a subdivision, department, agency, or instrumentality of a foreign government.
(2) A bank, including a trust company that is incorporated as a bank.
(3) A person whose participation in a payment system is limited to providing processing, clearing, or performing settlement services solely for transactions between or among persons that are exempt from the licensing or registration requirements of this division.
(4) A person engaged in the business of dealing in foreign exchange to the extent the person’s activity meets the definition in Section 1010.605(f)(1)(iv) of Title 31 of the Code of Federal Regulations.
(5) A person that is any of the following:
(A) A person that contributes only connectivity software or computing power to securing a network that records digital financial asset transactions or to a protocol governing transfer of the digital representation of value.
(B) A person that provides only data storage or security services for a business engaged in digital financial asset business activity and does not otherwise engage in digital financial asset business activity on behalf of another person.
(C) A person that provides only to a person otherwise exempt from this division a digital financial asset as one or more enterprise solutions used solely among each other and that does not have an agreement or a relationship with a resident that is an end user of a digital financial asset.
(6) A person using a digital financial asset, including creating, investing, buying or selling, or obtaining a digital financial asset as payment for the purchase or sale of goods or services, solely on the person’s own behalf for personal, family, or household purposes or for academic purposes.
(7) A person whose digital financial asset business activity with, or on behalf of, residents is reasonably expected to be valued, in the aggregate, on an annual basis at five thousand dollars ($5,000) or less, measured by the United States dollar equivalent of digital financial assets.
(8) An attorney to the extent of providing escrow services to a resident.
(9) A title insurance company to the extent of providing escrow services to a resident.
(10) A securities intermediary, as defined in Section 8102 of the Commercial Code, or a commodity intermediary, as defined in Section 9102 of Commercial Code, that meets both of the following criteria:
(A) The securities intermediary or commodity intermediary does not engage in the ordinary course of business in digital financial asset business activity with, or on behalf of, a resident, in addition to maintaining securities accounts or commodities accounts and is regulated as a securities intermediary or commodity intermediary under federal law, state law other than this division, or the law of another state.
(B) The securities intermediary or commodity intermediary affords a resident protections comparable to those set forth in Section 3501.5.
(11) A secured creditor under Division 9 (commencing with Section 9101) of the Commercial Code or a creditor with a judicial lien, or lien arising by operation of law, on collateral that is a digital financial asset, if the digital financial asset business activity of the creditor is limited to enforcement of the security interest in compliance with Division 9 (commencing with Section 9101) of the Commercial Code or lien in compliance with the law applicable to the lien.
(12) A digital financial asset control services vendor.
(13) A person that does not receive compensation, either directly or indirectly, from a resident for providing digital financial asset products or services or for conducting digital financial asset business activity or that is engaged in testing products or services with the person’s own funds.
CHAPTER 2. Licensure
3201.
A person shall not engage in digital financial asset business activity, or hold itself out as being able to engage in digital financial asset business activity, with or on behalf of a resident unless any of the following is true:
(a) The person is licensed in this state by the department under Section 3202.
(b) The person is registered with the department and operating in compliance with Section 3206.
(c) The person is exempt from licensure or registration under this division pursuant to Section 3103.
3202.
(a) An application for a license under this division shall meet all of the following requirements:
(1) The application shall be in a form and medium prescribed by the department.
(2) Except as otherwise provided in subdivision (b), the application shall provide all of the following information relevant to the applicant’s proposed digital financial asset business activity:
(A) The legal name of the applicant, any current or proposed business United States Postal Service address of the applicant, and any fictitious or trade name the applicant uses or plans to use in conducting the applicant’s digital financial asset business activity with or on behalf of a resident.
(B) The legal name, any former or fictitious name, and the residential and business United States Postal Service address of any executive officer and responsible individual of the applicant and any person that has control of the applicant.
(C) A description of the current and former business of the applicant for the five years before the application is submitted, or, if the business has operated for less than five years, for the time the business has operated, including its products and services, associated internet website addresses and social media pages, principal place of business, projected user base, and specific marketing targets.
(D) The name, United States Postal Service address, and telephone number of a person that manages any server the applicant expects to use in conducting the applicant’s digital financial asset business activity with, or on behalf of, a resident and a copy of any agreement with that person.
(E) A list of all of the following:
(i) Any money service or money transmitter license the applicant holds in another state.
(ii) The date the license described in clause (i) expires.
(iii) Any license revocation, license suspension, or other disciplinary action taken against the licensee in another state and any license applications rejected by another state.
(F) A list of any criminal conviction, deferred prosecution agreement, and pending criminal proceeding in any jurisdiction against all of the following:
(i) The applicant.
(ii) Any executive officer of the applicant.
(iii) Any responsible individual of the applicant.
(iv) Any person that has control over the applicant.
(v) Any person over which the applicant has control.
(G) A list of any litigation, arbitration, or administrative proceeding in any jurisdiction in which the applicant or an executive officer or a responsible individual of the applicant has been a party for the five years before the application is submitted determined to be material in accordance with generally accepted accounting principles and, to the extent the applicant would be required to disclose the litigation, arbitration, or administrative proceeding in the applicant’s audited financial statements, reports to equity owners and similar statements or reports.
(H) A list of any bankruptcy or receivership proceeding in any jurisdiction for the 10 years before the application is submitted in which any of the following was a debtor:
(i) The applicant.
(ii) An executive officer of the applicant.
(iii) A responsible individual of the applicant.
(iv) A person that has control over the applicant.
(v) A person over which the applicant has control.
(I) The name and United States Postal Service address of any bank in which the applicant plans to deposit funds obtained by its digital financial asset business activity.
(J) The source of funds and credit to be used by the applicant to conduct digital financial asset business activity with, or on behalf of, a resident and documentation demonstrating that the applicant has the net worth and reserves required by Section 3204.
(K) The United States Postal Service address and email address to which communications from the department can be sent.
(L) The name, United States Postal Service address, and email address of the registered agent of the applicant in this state.
(M) A copy of the certificate, or a detailed summary acceptable to the department, of coverage for any liability, casualty, business interruption, or cybersecurity insurance policy maintained by the applicant for itself, an executive officer, a responsible individual, or the applicant’s users.
(N) If applicable, the date on which and the state in which the applicant is formed and a copy of a current certificate of good standing issued by that state.
(O) If a person has control of the applicant and the person’s equity interests are publicly traded in the United States, a copy of the audited financial statement of the person for the most recent fiscal year or most recent report of the person filed under Section 13 of the Securities Exchange Act of 1934 (15 U.S.C. Sec. 78m).
(P) If a person has control of the applicant and the person’s equity interests are publicly traded outside the United States, a copy of the audited financial statement of the person for the most recent fiscal year of the person or a copy of the most recent documentation similar to that required in subparagraph (O) filed with the foreign regulator in the domicile of the person.
(Q) If the applicant is a partnership or a member-managed limited liability company, the names and United States Postal Service addresses of any general partner or member.
(R) If the applicant is required to register with the Financial Crimes Enforcement Network of the United States Department of the Treasury as a money service business, evidence of the registration.
(S) A set of fingerprints for any executive officer and responsible individual of the applicant.
(T) If available, for any executive officer and responsible individual of the applicant, for the five years before the application is submitted, employment history and history of any investigation of the individual or legal proceeding to which the individual was a party.
(U) The plans through which the applicant will meet its obligations under Chapter 6 (commencing with Section 3701).
(V) Any other information the department reasonably requires by rule.
(3) The application shall be accompanied by a nonrefundable fee in the amount determined by the department to cover the reasonable costs of regulation.
(b) (1) On receipt of a completed application, the department shall investigate all of the following:
(A) The financial condition and responsibility of the applicant.
(B) The relevant financial and business experience, character, and general fitness of the applicant.
(C) The competence, experience, character, and general fitness of each executive officer, each responsible individual, and any person that has control of the applicant.
(2) On receipt of a completed application, the department may investigate the business premises of an applicant.
(c) After completing the investigation required by subdivision (b), the department shall send the applicant notice of its decision to approve, conditionally approve, or deny the application. If the department does not send the applicant notice of its decision within 31 days of receiving the completed application, the application shall be deemed denied. If the department does not receive notice from the applicant that the applicant accepts conditions specified by the department within 31 days following the department’s notice of the conditions, the application shall be deemed denied.
(d) A license issued pursuant to this division shall take effect on the later of the following:
(1) The date the department issues the license.
(2) The date the licensee provides the security required by Section 3204.
(e) An applicant shall pay the reasonable costs of the department’s investigation under this section.
3203.
(a) (1) (A) A licensee shall maintain a surety bond or trust account in United States dollars for the benefit of its customers in a form and amount as determined by the department for the protection of the licensee’s customers.
(B) If a licensee maintains a trust account pursuant to this section, that trust account shall be maintained with a bank, trust company, national bank, savings bank, savings and loan association, federal savings association, credit union, or federal credit union in the state, subject to the prior approval of the department.
(2) Security deposited under this section shall be payable to this state for the benefit of a claim against the licensee on account of the licensee’s digital financial asset business activity with, or on behalf of, a resident.
(3) Security deposited under this section shall cover claims for the period the department specifies by rule and for an additional period the department specifies after the licensee ceases to engage in digital financial asset business activity with or on behalf of a resident.
(4) For good cause, the department may require the licensee to increase the amount of security deposited under this section, and the licensee shall deposit the additional security not later than 15 days after the licensee receives notice in a record of the required increase.
(5) For good cause, the department may permit a licensee to substitute or deposit an alternate form of security satisfactory to the department if the licensee at all times complies with this section.
(6) A claimant does not have a direct right to recover against security deposited under this section.
(7) Only the department may recover against the security, and the department may retain the recovery for no longer than five years and may process claims and distribute recoveries to claimants in accordance with rules adopted by the department under the Money Transmission Act (Division 1.2 (commencing with Section 2000)).
(b) In addition to the security required under subdivision (a), a licensee shall maintain at all times capital in an amount and form as the department determines is sufficient to ensure the financial integrity of the licensee and its ongoing operations based on an assessment of the specific risks applicable to the licensee. In determining the minimum amount of capital that shall be maintained by a licensee, the department may consider a variety of factors, including, but not limited to, all of the following:
(1) The composition of the licensee’s total assets, including the position, size, liquidity, risk exposure, and price volatility of each type of asset.
(2) The composition of the licensee’s total liabilities, including the size and repayment timing of each type of liability.
(3) The actual and expected volume of the licensee’s digital financial asset business activity.
(4) The amount of leverage employed by the licensee.
(5) The liquidity position of the licensee.
(6) The financial protection that the licensee provides for its customers through its trust account or bond.
(7) The types of entities to be serviced by the licensee.
(8) The types of products or services to be offered by the licensee.
(c) A licensee shall hold capital required to be maintained in accordance with this section in the form of cash, digital financial assets, or high-quality, highly liquid, investment grade assets, in proportions determined by the department.
(d) (1) A licensee or registrant may include in its calculation of net worth the value of digital financial assets other than the digital financial assets over which it has control for a resident entitled to the protections of Section 3501.5.
(2) For purposes of this subdivision, the value of digital financial assets shall be the average value of the digital financial assets in United States dollar equivalent during the prior six months.
(e) (1) For good cause, the department may require a licensee or registrant to increase the net worth or reserves required under this section.
(2) A licensee or registrant shall submit to the department evidence that it has additional net worth or reserves required pursuant to this subdivision not later than 15 days after the licensee or registrant receives notice in a record of the required increase.
3204.
(a) Absent good cause, the department shall issue a license to an applicant if the applicant complies with this chapter and pays the costs of the investigation under subdivision (e) of Section 3202 and the initial licensee fee under paragraph (3) of subdivision (a) of Section 3202 in an amount specified by the department.
(b) An applicant may appeal a denial of its application under Section 3202 pursuant to the Administrative Procedure Act, as described in Section 11370 of the Government Code, not later than 30 days after the department notifies the applicant that the application has been denied or deemed denied.
3205.
(a) Subject to subdivision (g), not later than 15 days before the anniversary date of issuance of its license under this division, a licensee may apply for renewal of the license by paying a renewal fee determined by the department, not to exceed the reasonable costs of regulation, and submitting to the department a renewal report under subdivision (b).
(b) A renewal report required by subdivision (a) shall be submitted in a form and medium prescribed by the department. The report shall contain all of the following:
(1) Either a copy of the licensee’s most recent reviewed annual financial statement, if the licensee’s digital financial asset business activity in this state was not more than two million dollars ($2,000,000) for the fiscal year ending before the anniversary date of issuance of its license under this division, or a copy of the licensee’s audited annual financial statement, if the licensee’s digital financial asset business activity in this state amounted to more than two million dollars ($2,000,000), for the fiscal year ending before the anniversary date.
(2) If a person other than an individual has control of the licensee, a copy of either of the following:
(A) The person’s most recent reviewed annual financial statement, if the person’s gross revenue was not more than two million dollars ($2,000,000) in the previous fiscal year measured as of the anniversary date of issuance of its license under this division.
(B) The person’s most recent audited consolidated annual financial statement, if the person’s gross revenue was more than two million dollars ($2,000,000) in the previous fiscal year measured as of the anniversary date of issuance of its license under this division.
(3) A description of any of the following:
(A) Material change in the financial condition of the licensee.
(B) Material litigation involving the licensee or an executive officer or responsible individual of the licensee.
(C) Federal or state investigation involving the licensee.
(D) Data security breach involving the licensee.
(4) Information or records required by Section 3305 that the licensee has not reported to the department.
(5) The number of digital financial asset business activity transactions with, or on behalf of, residents for the period since, subject to subdivision (g), the later of the date the license was issued or the date the last renewal report was submitted.
(6) (A) The amount of United States dollar equivalent of digital financial asset in the control of the licensee at, subject to subdivision (g), the end of the last month that ends not later than 30 days before the date of the renewal report.
(B) The total number of residents for whom the licensee had control of United States dollar equivalent of digital financial assets on that date.
(7) Evidence that the licensee is in compliance with Section 3501.5.
(8) Evidence that the licensee is in compliance with Section 3203.
(9) A list of any location where the licensee operates its digital financial asset business activity.
(10) The name, United States Postal Service address, and telephone number of any person that manages a server used by the licensee in conducting its digital financial asset business activity with, or on behalf of, a resident.
(c) If a licensee does not timely comply with subdivision (a), the department may use enforcement measures provided under Chapter 4 (commencing with Section 3401). Notice or hearing is not required for a suspension or revocation of a license under this division for failure to pay a renewal fee or file a renewal report.
(d) If the department suspends or revokes a license under this division for noncompliance with subdivision (a), the department may end the suspension or rescind the revocation and notify the licensee of the action if, subject to subdivision (g), not later than 20 days after the license was suspended or revoked, the licensee files a renewal report and a renewal fee and pays any penalty assessed under Section 3404.
(e) The department shall give prompt notice to a licensee of the lifting of a suspension or rescission of a revocation after the licensee complies with subdivision (d).
(f) Suspension or revocation of a license under this section does not invalidate a transfer or exchange of digital financial assets for, or on behalf of, a resident made during the suspension or revocation and does not insulate the licensee from liability under this division.
(g) For good cause, the department may extend a period under this section.
(h) A licensee that does not comply with this section shall cease operations with, or on behalf of, a resident on or before the anniversary date of issuance of its license under this division.
(i) A licensee shall pay the reasonable and necessary costs of the department’s investigation under this section.
3206.
(a) A person whose volume of digital financial asset business activity in United States dollar equivalent of digital financial assets does not exceed thirty-five thousand dollars ($35,000) annually may engage in digital financial asset business activity with, or on behalf of, a resident under a registration without first obtaining a license under this division if the person does all of the following:
(1) Files with the department a notice in the form and medium prescribed by the department of its intention to engage in digital financial asset business activity with, or on behalf of, a resident.
(2) Provides the information required for an investigation under Section 3202.
(3) States the anticipated digital financial asset business activity for its next fiscal quarter.
(4) Pays the department a registration fee in an amount determined by the department that does not exceed the reasonable costs of regulation.
(5) If required to register with the Financial Crimes Enforcement Network of the United States Department of the Treasury as a money service business, provides the department evidence of the registration.
(6) Provides evidence that the person has policies and procedures to comply with the Bank Secrecy Act (31 U.S.C. 5311 et seq.) and other applicable laws.
(7) Describes the source of funds and credit to be used by the person to conduct digital financial asset business activity with, or on behalf of, a resident and provides evidence of, and agrees to maintain, the minimum net worth and reserves required by Section 3203 and sufficient unencumbered reserves for winding down operations.
(8) Provides the department with evidence that the person has in place policies and procedures to comply with Chapter 3 (commencing with Section 3301), Chapter 5 (commencing with Section 3501), Chapter 6 (commencing with Section 3601), and any other provision of this division designated by the department.
(9) Provides the department with a copy of its most recent financial statement, whether reviewed or audited.
(b) Before the digital financial asset business activity of a registrant with, or on behalf of, residents exceeds thirty-five thousand dollars ($35,000) annually in United States dollar equivalent of digital financial assets, the registrant shall file an application for a license under this division and may continue to operate after the activity exceeds thirty-five thousand dollars ($35,000) annually while its application for license is pending.
(c) For good cause, the department may suspend or revoke a registration under this section without a prior hearing or opportunity to be heard.
(d) A registrant shall cease all digital financial asset business activity with, or on behalf of, residents pursuant to the following:
(1) If department denies the registrant’s application for a license under this division, the registrant shall cease all digital financial asset business activity one day after the registrant receives notice in a record that the department has denied the application.
(2) If the department suspends or revokes the registration, the registrant shall cease all digital financial asset business activity one day after the department sends notice of the suspension or revocation in a record to the registrant, at the address provided for receiving communications from the department, by a means reasonably selected for the notice to be received by the recipient in one day.
(3) If the digital financial asset business activity of the registrant with, or on behalf of, residents exceeds thirty-five thousand dollars ($35,000) annually in United States dollar equivalent of digital financial assets, and the registrant has not filed an application for a license under this division.
(4) On the second anniversary of the date of the registration.
3207.
A license or registration under this division is not transferable or assignable.
3208.
The department may adopt rules necessary to implement this division and issue guidance as appropriate.
CHAPTER 3. Examination
3301.
(a) (1) (A) The department may conduct an annual examination of a licensee or registrant.
(B) For good cause, the department may conduct an examination in addition to the examination authorized by subparagraph (A).
(2) The department may examine a licensee or registrant pursuant to this subdivision without prior notice to the licensee or registrant.
(b) A licensee or registrant shall pay the reasonable and necessary costs of an examination under this section.
3302.
(a) A licensee or registrant shall maintain, for all digital financial asset business activity with, or on behalf of, a resident for five years after the date of the activity, a record of all of the following:
(1) Any transaction of the licensee or registrant with, or on behalf of, the resident or for the licensee’s or registrant’s account in this state, including all of the following:
(A) The identity of the resident.
(B) The form of the transaction.
(C) The amount, date, and payment instructions given by the resident.
(D) The account number, name, and United States Postal Service address of the resident, and, to the extent feasible, other parties to the transaction.
(2) The aggregate number of transactions and aggregate value of transactions by the licensee or registrant with, or on behalf of, the resident and for the licensee’s or registrant’s account in this state expressed in United States dollar equivalent of digital financial assets for the previous 12 calendar months.
(3) Any transaction in which the licensee or registrant exchanged one form of digital financial asset for legal tender or another form of digital financial asset with, or on behalf of, the resident.
(4) A general ledger posted at least monthly that lists all assets, liabilities, capital, income, and expenses of the licensee or registrant.
(5) Any business call report the licensee or registrant is required to create or provide to the department.
(6) Bank statements and bank reconciliation records for the licensee or registrant and the name, account number, and United States Postal Service address of any bank the licensee or registrant uses in the conduct of its digital financial asset business activity with, or on behalf of, the resident.
(7) A report of any dispute with the resident.
(8) A report of any digital financial asset business activity transaction with, or on behalf of, a resident that the licensee or registrant was unable to complete.
(b) A licensee or registrant shall maintain records required by subdivision (a) in a form that enables the department to determine whether the licensee or registrant is in compliance with this division, any court order, and the laws of this state.
(c) If a licensee or registrant maintains records outside this state that pertain to transactions with, or on behalf of, a resident, the licensee or registrant shall make the records available to the department not later than three days after request, or, on a determination of good cause by the department, at a later time.
(d) All records maintained by a licensee or registrant are subject to inspection by the department.
3303.
The department may cooperate, coordinate, jointly examine, consult, and share records and other information with the appropriate regulatory agency of another state, a self-regulatory organization, federal or state regulator of banking or nondepository providers, or a regulator of a jurisdiction outside the United States, concerning the affairs and conduct of a licensee or registrant in this state.
3305.
(a) A licensee or registrant shall file with the department a report of the following, as may be applicable:
(1) A material change in information in the application for a license under this division or a registration or the most recent renewal report of the licensee under this division or for the registrant.
(2) A material change in the licensee’s or registrant’s business for the conduct of its digital financial asset business activity with, or on behalf of, a resident.
(3) A change of an executive officer, responsible individual, or person in control of the licensee or registrant.
(b) Absent good cause, a report required by this section shall be filed not later than 15 days after the change described in subdivision (a).
3306.
(a) For purposes of this section, “proposed person to be in control” means the person that would control a licensee or registrant after a proposed transaction that would result in a change in control of the licensee or registrant.
(b) The following rules apply in determining whether a person has control over a licensee or registrant:
(1) There is a rebuttable presumption of control if the person’s voting power in the licensee or registrant constitutes or will constitute at least 25 percent of the total voting power of the licensee or registrant.
(2) There is a rebuttable presumption of control if the person’s voting power in another person constitutes or will constitute at least 10 percent of the total voting power of the other person and the other person’s voting power in the licensee or registrant constitutes at least 25 percent of the total voting power of the licensee or registrant.
(3) There is no presumption of control solely because an individual is an executive officer of the licensee or registrant.
(c) At least 30 days before a proposed change in control of a licensee or registrant, the proposed person to be in control shall submit to the department in a record all of the following:
(1) An application in a form and medium prescribed by the department.
(2) The information and records that Section 3202 would require if the proposed person to be in control already had control of the licensee.
(3) A license application under Section 3202 by the proposed person to be in control.
(4) In the case of a registrant, the information that Section 3206 would require if the proposed person to be in control already had control of the registrant.
(5) In the case of a registration, a registration under Section 3206 by the proposed person to be in control.
(d) The department, in accordance with Section 3202, shall approve, approve with conditions, or deny an application for a change in control of a licensee or registrant. The department, in a record, shall send notice of its decision to the licensee or registrant and the person that would be in control if the department had approved the change in control. If the department denies the application, the licensee or registrant shall abandon the proposed change in control or cease digital financial asset business activity with or on behalf of residents.
(e) If the department applies a condition to approval of a change in control of a licensee or registrant and the department does not receive notice of the applicant’s acceptance of the condition specified by the department not later than 31 days after the department sends notice of the condition, the application is deemed denied. If the application is deemed denied, the licensee or registrant shall abandon the proposed change in control or cease digital financial asset business activity with, or on behalf of, residents.
(f) Submission in good faith of records required by subdivision (c) relieves the proposed person to be in control from any obligation imposed by this section other than subdivisions (d), (e), and (h) until the department has acted on the application.
(g) The department may revoke or modify a determination under subdivision (d), after notice and opportunity to be heard, if, in its judgment, revocation or modification is consistent with this division.
(h) If a change in control of a licensee or registrant requires approval of an agency of the state or another state with which the state has a reciprocity agreement, and the action of the other agency conflicts with that of the department, the department shall confer with the other agency. If the proposed change in control cannot be completed because the conflict cannot be resolved, the licensee or registrant shall abandon the change in control or cease digital financial asset business activity with, or on behalf of, residents.
3307.
(a) At least 30 days before a proposed merger or consolidation of a licensee or registrant with another person, the licensee or registrant shall submit all of the following, as applicable, to the department in a record:
(1) An application in a form and medium prescribed by the department.
(2) The plan of merger or consolidation in accordance with subdivision (e).
(3) In the case of a licensee, the information required by Section 3202 concerning the person that would be the surviving entity in the proposed merger or consolidation.
(4) In the case of a registrant, the information required by Section 3206 concerning the person that would be the surviving entity in the proposed merger or consolidation.
(b) If a proposed merger or consolidation would change the control of a licensee or registrant, the licensee or registrant shall comply with Section 3306 and this section.
(c) The department, in accordance with Section 3202, shall approve, conditionally approve, or deny an application for approval of a merger or consolidation of a licensee or registrant. The department, in a record, shall send notice of its decision to the licensee or registrant and the person that would be the surviving entity. If the department denies the application, the licensee or registrant shall abandon the merger or consolidation or cease digital financial asset business activity with, or on behalf of, residents.
(d) The department may revoke or modify a determination under subdivision (c), after notice and opportunity to be heard, if, in its judgment, revocation or modification is consistent with this division.
(e) A plan of merger or consolidation of a licensee or a registrant with another person shall do all of the following:
(1) Describe the effect of the proposed transaction on the licensee’s or registrant’s conduct of digital financial asset business activity with, or on behalf of, residents.
(2) Identify each person to be merged or consolidated and the person that would be the surviving entity.
(3) Describe the terms and conditions of the merger or consolidation and the mode of carrying it into effect.
(f) If a merger or consolidation of a licensee or registrant and another person requires approval of an agency of this state or another state with which this state has a reciprocity agreement and the action of the other agency conflicts with that of the department, the department shall confer with the other agency. If the proposed merger or consolidation cannot be completed because the conflict cannot be resolved, the licensee or registrant shall abandon the merger or consolidation or cease digital financial asset business activity with, or on behalf of, residents.
(g) The department may condition approval of an application under subdivision (a). If the department does not receive notice from the parties that the parties accept the department’s condition not later than 31 days after the department sends notice in a record of the condition, the application is deemed denied. If the application is deemed denied, the licensee or registrant shall abandon the merger or consolidation or cease digital financial asset business activity with, or on behalf of, residents.
(h) If a licensee or registrant acquires substantially all the assets of a person, whether or not the person’s license was approved by or registration was filed with the department, the transaction is subject to this section.
(i) Submission in good faith of the records required by subdivision (e) relieves the proposed surviving entity from any obligation imposed by this section, other than subdivisions (c), (f), and (g), until the department has acted on the application.
CHAPTER 4. Enforcement
3401.
For the purpose of this chapter, “enforcement measure” means an action to do any of the following:
(a) Suspend or revoke a license or a registration under this division.
(b) Order a person to cease and desist from doing digital financial asset business activity with, or on behalf of, a resident.
(c) Request the court to appoint a receiver for the assets of a person doing digital financial asset business activity with, or on behalf of, a resident.
(d) Request the court to issue temporary, preliminary, or permanent injunctive relief against a person doing digital financial asset business activity with, or on behalf of, a resident.
(e) Assess a penalty under Section 3404.
(f) Recover on the security under Section 3203 and initiate a plan to distribute the proceeds for the benefit of a resident injured by a violation of this division, or law of this state other than this division that applies to digital financial asset business activity with, or on behalf of, a resident.
(g) Impose necessary or appropriate conditions on the conduct of digital financial asset business activity with, or on behalf of, a resident.
(h) Seek restitution on behalf of a resident if the department shows economic injury due to a violation of this division.
3402.
(a) The department may take an enforcement measure against a licensee, registrant, or person that is neither a licensee nor registrant but is engaging in digital financial asset business activity with, or on behalf of, a resident in any of the following instances:
(1) The licensee, registrant, or person materially violates this division, a rule adopted or order issued under this division, or a law of this state other than this division that applies to digital financial asset business activity of the violator with, or on behalf of, a resident.
(2) The licensee, registrant, or person does not cooperate substantially with an examination or investigation by the department, fails to pay a fee, or fails to submit a report or documentation.
(3) The licensee, registrant, or person, in the conduct of its digital financial asset business activity with, or on behalf of, a resident, engages in any of the following:
(A) An unsafe or unsound act or practice.
(B) An unfair or deceptive act or practice.
(C) Fraud or intentional misrepresentation.
(D) Another dishonest act.
(E) Misappropriation of legal tender, a digital financial asset, or other value held by a fiduciary.
(4) An agency of the United States or another state takes an action against the licensee, registrant, or person, which would constitute an enforcement measure if the department had taken the action.
(5) The licensee, registrant, or person is convicted of a crime related to its digital financial asset business activity with, or on behalf of, a resident or involving fraud or felonious activity that, as determined by the department, makes the licensee, registrant, or person unsuitable to engage in digital financial asset business activity.
(6) Any of the following occurs:
(A) The licensee, registrant, or person becomes insolvent.
(B) The licensee, registrant, or person makes a general assignment for the benefit of its creditors.
(C) The licensee, registrant, or person becomes the debtor, alleged debtor, respondent, or person in a similar capacity in a case or other proceeding under any bankruptcy, reorganization, arrangement, readjustment, insolvency, receivership, dissolution, liquidation, or similar law, and does not obtain from the court, within a reasonable time, confirmation of a plan or dismissal of the case or proceeding.
(D) The licensee, registrant, or person applies for, or permits the appointment of, a receiver, trustee, or other agent of a court for itself or for a substantial part of its assets.
(7) The licensee, registrant, or person makes a material misrepresentation to the department.
(b) On application and for good cause, the department may do either of the following:
(1) Extend the due date for filing a document or report under paragraph (2) of subdivision (a).
(2) Waive, to the extent warranted by circumstances, including a bona fide error notwithstanding reasonable procedures designed to prevent error, an enforcement measure issued for a violation described by paragraph (2) of subdivision (a) if the department determines that the waiver will not adversely affect the likelihood of compliance with this division.
(c) In an enforcement action related to operating without a license under this division or registration in this state, it is a defense to the action that the person has in effect a customer identification program reasonably designed to identify whether a customer is a resident that failed to identify the particular customer as a resident.
(d) A proceeding under this division is subject to the Administrative Procedure Act, as described in Section 11370 of the Government Code.
3403.
(a) Except as provided in subdivision (b), the department may take an enforcement measure only after notice and opportunity for a hearing as appropriate in the circumstances.
(b) (1) (A) The department may take an enforcement measure, other than the imposition of a civil penalty under Section 3404, without notice if the circumstances require action before notice can be given.
(B) A person subject to an enforcement measure pursuant to this paragraph shall have the right to an expedited postaction hearing by the department unless the person has waived the hearing.
(2) (A) The department may take an enforcement measure, other than the imposition of a civil penalty under Section 3404, after notice and without a prior hearing if the circumstances require action before a hearing can be held.
(B) A person subject to an enforcement measure pursuant to this paragraph shall have the right to an expedited postaction hearing by the department unless the person has waived the hearing.
(3) The department may take an enforcement measure, other than the imposition of a civil penalty under Section 3404, after notice and without a hearing if the person conducting digital financial asset business activity with, or on behalf of, a resident does not timely request a hearing.
3404.
(a) If a person other than a licensee or registrant engages in digital financial asset business activity with, or on behalf of, a resident in violation of this division, the department may assess a civil penalty against the person in an amount not to exceed one hundred thousand dollars ($100,000) for each day the person is in violation of this division.
(b) If a licensee or registrant materially violates a provision of this division, the department may assess a civil penalty in an amount not to exceed twenty thousand dollars ($20,000) for each day of violation or for each act or omission in violation.
(c) A civil penalty under this section continues to accrue until the date the violation ceases.
3405.
(a) Revocation of a license under this division is effective against a licensee one day after the department sends notice in a record of the revocation to the licensee by a means reasonably selected for the notice to be received by the recipient in one day to the address provided for receiving communications from the department.
(b) Suspension of a license under this division, suspension of a registration, or an order to cease and desist is effective against a licensee, registrant, or other person one day after the department sends notice in a record of the suspension or order to the licensee, registrant, or other person, by a means reasonably selected for the notice to be received by the recipient in one day to the address provided for receiving communications from the department or, if no address is provided, to the recipient’s last known address. A suspension or order to cease and desist remains in effect until the earliest of the following:
(1) Entry of an order by the department under the Administrative Procedure Act, as described in Section 11370 of the Government Code.
(2) Entry of a court order setting aside or limiting the suspension or order to cease and desist.
(3) A date specified by the department.
(c) If, without reason to know of the department’s notice sent under this section, a licensee, registrant, or other person does not comply in accordance with the notice until the notice is actually received at the address provided, the department may consider the delay in compliance in imposing a sanction for the failure.
3406.
The department may enter into a consent order with a person regarding an enforcement measure. The order may provide that it does not constitute an admission of fact by a party.
3407.
(a) This chapter does not provide a private right of action to a resident.
(b) This section does not preclude an action by a resident to enforce rights under Section 3501.5.
CHAPTER 5. Disclosures and Protections
3501.
(a) When engaging in digital financial business activity with a resident, a licensee or registrant shall provide to a resident the disclosures required by subdivision (b) and any additional disclosure the department by rule determines reasonably necessary for the protection of residents. The department shall determine by rule the time and form required for disclosure. A disclosure required by this section shall be made separately from any other information provided by the licensee or registrant and in a clear and conspicuous manner in a record the resident may keep. A licensee or registrant may propose, for the department’s approval, alternate disclosures as more appropriate for its digital financial asset business activity with, or on behalf of, residents.
(b) Before engaging in digital financial asset business activity with a resident, a licensee or registrant shall disclose, to the extent applicable to the digital financial asset business activity the licensee or registrant will undertake with the resident, all of the following:
(1) A schedule of fees and charges the licensee or registrant may assess, the manner by which fees and charges will be calculated if they are not set in advance and disclosed, and the timing of the fees and charges.
(2) Whether the product or service provided by the licensee or registrant is covered by either of the following:
(A) A form of insurance or other guarantee against loss by an agency of the United States as follows:
(i) Up to the full United States dollar equivalent of digital financial assets placed under the control of, or purchased from, the licensee or registrant as of the date of the placement or purchase, including the maximum amount provided by insurance under the Federal Deposit Insurance Corporation or otherwise available from the Securities Investor Protection Corporation.
(ii) If not provided at the full United States dollar equivalent of the digital financial asset placed under the control of or purchased from the licensee or registrant, the maximum amount of coverage for each resident expressed in the United States dollar equivalent of the digital financial asset.
(B) Private insurance against theft or loss, including cybertheft or theft by other means.
(3) The irrevocability of a transfer or exchange and any exception to irrevocability.
(4) A description of all of the following:
(A) The licensee’s or registrant’s liability for an unauthorized, mistaken, or accidental transfer or exchange.
(B) The resident’s responsibility to provide notice to the licensee or registrant of an unauthorized, mistaken, or accidental transfer or exchange.
(C) The basis for any recovery by the resident from the licensee or registrant in case of an unauthorized, mistaken, or accidental transfer or exchange.
(D) General error resolution rights applicable to an unauthorized, mistaken, or accidental transfer or exchange.
(E) The method for the resident to update the resident’s contact information with the licensee or registrant.
(5) That the date or time when the transfer or exchange is made and the resident’s account is debited may differ from the date or time when the resident initiates the instruction to make the transfer or exchange.
(6) Whether the resident has a right to stop a preauthorized payment or revoke authorization for a transfer and the procedure to initiate a stop-payment order or revoke authorization for a subsequent transfer.
(7) The resident’s right to receive a receipt, trade ticket, or other evidence of the transfer or exchange.
(8) The resident’s right to at least 30 days’ prior notice of a change in the licensee’s or registrant’s fee schedule, other terms and conditions applicable to its operation of its digital financial asset business activity with the resident, or the policies applicable to the resident’s account.
(9) That no digital financial asset is currently recognized as legal tender by California or the United States.
(10) (A) A list of instances in the past 12 months when the licensee’s or registrant’s service was unavailable to one or more customers seeking to engage in digital financial asset business activity due to a service outage on the part of the licensee or registrant and the causes of each identified service outage.
(B) As part of the disclosure required by this paragraph, the licensee or registrant may list any steps the licensee has taken to resolve underlying causes for those outages.
(c) Except as otherwise provided in subdivision (d), at the conclusion of a digital financial asset transaction with, or on behalf of, a resident, a licensee or registrant shall provide the resident a confirmation in a record which contains all of the following:
(1) The name and contact information of the licensee or registrant, including the toll-free telephone number required under Section 3503.
(2) The type, value, date, precise time, and amount of the transaction.
(3) The fee charged for the transaction, including any charge for conversion of a digital financial asset to legal tender, bank credit, or other digital financial asset, as well as any indirect charges.
(d) If a licensee or registrant discloses that it will provide a daily confirmation in the initial disclosure under subdivision (c), the licensee or registrant may elect to provide a single, daily confirmation for all transactions with, or on behalf of, a resident on that day instead of a per transaction confirmation.
3501.5.
(a) (1) A licensee or registrant that has control of a digital financial asset for one or more persons shall at all times maintain in its control an amount of each type of digital financial asset sufficient to satisfy the aggregate entitlements of the persons to the type of digital financial asset.
(2) If a licensee or registrant violates this subdivision, the property interests of the persons in the digital financial asset are pro rata property interests in the type of digital financial asset to which the persons are entitled without regard to the time the persons became entitled to the digital financial asset or the licensee or registrant obtained control of the digital financial asset.
(b) A digital financial asset maintained for purposes of compliance with this section shall meet all of the following criteria:
(1) The digital financial asset shall be held for the persons entitled to the digital financial asset.
(2) The digital financial asset shall not be property of the licensee or registrant.
(3) The digital financial asset shall not be subject to the claims of creditors of the licensee or registrant.
3502.
(a) (1) A covered licensee or natural person who is an associated person of a covered licensee, when making a recommendation related to a digital financial asset or investment strategy involving digital financial assets to a retail customer, shall act in the best interest of the retail customer at the time the recommendation is made without placing the financial or other interest of the licensee or natural person who is an associated person of a covered licensee making the recommendation ahead of the interest of the retail customer.
(2) A covered licensee or natural person who is an associated person of a covered licensee shall be deemed in compliance with this subdivision if all of the following are true:
(A) The covered licensee or natural person who is an associated person of a covered licensee, before or at the time of the recommendation, provides the retail customer, in writing, full and fair disclosure of all material facts relating to conflicts of interest that are associated with the recommendation.
(B) The covered licensee or natural person who is an associated person of a covered licensee, in making the recommendation, exercises reasonable diligence, care, and skill to do all of the following:
(i) Understand the potential risks, rewards, and costs associated with the recommendation and have a reasonable basis to believe that the recommendation could be in the best interest of at least some retail customers.
(ii) Have a reasonable basis to believe that the recommendation is in the best interest of a particular retail customer based on that retail customer’s investment profile and the potential risks, rewards, and costs associated with the recommendation and does not place the financial or other interest of the covered licensee or natural person ahead of the interest of the retail customer.
(iii) Have a reasonable basis to believe that a series of recommended transactions, even if in the retail customer’s best interest when viewed in isolation, is not excessive and is in the retail customer’s best interest when taken together in light of the retail customer’s investment profile and does not place the financial or other interest of the covered licensee or natural person making the series of recommendations ahead of the interest of the retail customer.
(C) The covered licensee establishes, maintains, and enforces written policies and procedures reasonably designed to do all of the following:
(i) Identify and, at a minimum, disclose, in accordance with subparagraph (A), or eliminate, all conflicts of interest associated with a recommendation.
(ii) Identify and mitigate any conflicts of interest associated with recommendations that create an incentive for a natural person who is an associated person of a covered licensee to place the interest of the covered licensee or natural person ahead of the interest of the retail customer.
(iii) Identify and disclose any material limitations, including offering only proprietary or other limited range of products, placed on the digital financial assets or investment strategies involving digital financial assets that may be recommended to a retail customer and any conflicts of interest associated with those limitations and prevent the limitations and associated conflicts of interest from causing the covered licensee or a natural person who is an associated person of the covered licensee to make recommendations that place the interest of the covered licensee or natural person ahead of the interest of the retail customer.
(iv) Identify and eliminate any sales contests, sales quotas, bonuses, and noncash compensation that are based on the sales of specific digital financial assets or specific types of digital financial assets within a limited period of time.
(D) The covered licensee, in making a decision related to listing a specific digital financial asset or types of digital financial assets as available to exchange with or by the covered licensee, exercises reasonable diligence, care, and skill to evaluate the following criteria to determine whether listing the digital financial asset or type of digital financial asset is in the best interest of retail customers:
(i) The probability that a state or federal court or regulator will deem the digital financial asset a security.
(ii) If, and to what degree, the digital financial asset offers any utility or potential utility other than as a method for speculative investment.
(iii) If, and to what degree, the technical design of the digital financial asset is vulnerable to hacks or exploits that would cause the digital financial asset to rapidly lose value.
(iv) If the issuer of the digital financial asset is subject to United States law.
(v) If any key individual involved with the design, management, or promotion of the digital financial asset has been convicted for violations of laws related to fraud or malfeasance.
(E) The covered licensee establishes, maintains, and enforces written policies and procedures reasonably designed to prevent any person from exchanging, either directly or indirectly, a digital financial asset or entering into a derivative contract related to the price of a digital financial asset based on nonpublic information about the covered licensee’s plans to list the digital financial asset as available to exchange with or by the covered licensee.
(F) In addition to the policies and procedures required by subparagraph (C), the covered licensee establishes, maintains, and enforces written policies and procedures reasonably designed to achieve compliance with this section.
(b) (1) A covered licensee shall make every effort to execute a resident’s request to exchange a digital financial asset that the covered licensee receives fully and promptly.
(2) A covered licensee shall use reasonable diligence to ascertain the best market for a digital financial asset and exchange it in that market so that the outcome to the customer is as favorable as possible under prevailing market conditions. Compliance with this paragraph shall be determined by factors, including, but not limited to, all of the following:
(A) The character of the market for the digital financial asset, including price and volatility.
(B) The size and type of transaction.
(C) The number of markets checked.
(D) Accessibility of appropriate pricing.
(3) In a transaction for or with a customer, the covered licensee shall not interject a third party between the covered licensee and the best market for the digital financial asset in a manner inconsistent with this subdivision.
(4) If a covered licensee cannot execute directly with a market and employs other means in order to ensure an execution advantageous to the retail customer, the burden of showing the acceptable circumstances for doing so is on the covered licensee.
(c) For purposes of this section:
(1) “Conflict of interest” means an interest that might incline a covered licensee or a natural person who is an associated person of a covered licensee to make a recommendation that is not disinterested.
(2) “Covered licensee” means a licensee that exchanges or holds itself out as being able to exchange a digital financial asset for a retail customer.
(3) “Retail customer” means a resident who meets both of the following criteria:
(A) The resident receives a recommendation related to a digital financial asset or investment strategy involving a digital financial asset from a covered licensee or a natural person who is an associated person of a covered licensee.
(B) The resident uses the recommendation described in subparagraph (A) primarily for personal, family, or household purposes.
(4) “Retail customer investment profile” includes, but is not limited to, the retail customer’s age, other investments, financial situation and needs, tax status, investment objectives, investment experience, investment time horizon, liquidity needs, risk tolerance, and any other information the retail customer discloses to the covered licensee or a natural person who is an associated person of a covered licensee in connection with a recommendation.
(d) Failure of a particular policy or procedure adopted under this section to meet its goals in a particular instance is not a ground for liability of the licensee or registrant if the policy or procedure was created, implemented, and monitored properly. Repeated failures of a policy or procedure are evidence that the policy or procedure was not created or implemented properly.
3503.
A licensee shall prominently display on its internet website a toll-free telephone number through which a customer can contact the seller for customer service issues and receive live customer assistance. The telephone line shall be operative 24 hours per day, Monday through Sunday, excluding federal holidays.
CHAPTER 6. Prohibited Digital Financial Assets
3601.
(a) A licensee shall not exchange, transfer, or store a digital financial asset or engage in digital financial asset administration, whether directly or through an agreement with a digital financial asset control services vendor, if that digital financial asset is a stablecoin whose value relative to the United States dollar or another national or state currency is determined primarily by methods other than reserve assets.
(b) For purposes of this section:
(1) “Nominal redemption value” means the value at which a digital financial asset can be readily converted, on demand at the time of issuance, into United States dollars or any other national or state currency or a monetary equivalent or otherwise accepted in payment or to satisfy debts denominated in United States dollars or any national or state currency.
(2) “Stablecoin” means a digital financial asset that is denominated in United States dollars or pegged to the United States dollar or denominated in or pegged to another national or state currency and is issued with a fixed nominal redemption value with the intent of establishing a reasonable expectation or belief among the general public that the instrument will retain a nominal redemption value that is so stable as to render the nominal redemption effectively fixed.
CHAPTER 7. Policies and Procedures
3701.
(a) An applicant, before submitting an application, and registrant, before registering, shall create and, during licensure or registration, maintain in a record policies and procedures for all of the following:
(1) An information security program and an operational security program.
(2) A business continuity program.
(3) A disaster recovery program.
(4) An antifraud program.
(5) A program to prevent money laundering.
(6) A program to prevent funding of terrorist activity.
(7) (A) A program designed to ensure compliance with this division and other laws of this state or federal laws that are relevant to the digital financial asset business activity contemplated by the licensee or registrant with, or on behalf of, residents and to assist the licensee or registrant in achieving the purposes of other state laws and federal laws if violation of those laws has a remedy under this division.
(B) The program described by this paragraph shall specify detailed policies and procedures that the licensee undertakes to minimize the probability that the licensee facilitates the exchange of unregistered securities.
(b) A policy required by subdivision (a) shall be in a record and designed to be adequate for a licensee’s or registrant’s contemplated digital financial asset business activity with, or on behalf of, residents, considering the circumstances of all participants and the safe operation of the activity. Any policy and implementing procedure shall be compatible with other policies and the procedures implementing them and not conflict with policies or procedures applicable to the licensee or registrant under other state law. A policy and implementing procedure may be one in existence in the licensee’s or registrant’s digital financial asset business activity with, or on behalf of, residents.
(c) A licensee’s or registrant’s policy for detecting fraud shall include all of the following:
(1) Identification and assessment of the material risks of its digital financial asset business activity related to fraud, which shall include any form of market manipulation and insider trading by the licensee, its employees, or its customers.
(2) Protection against any material risk related to fraud identified by the department or the licensee or registrant.
(3) Periodic evaluation and revision of the antifraud procedure.
(d) A licensee’s or registrant’s policy for preventing money laundering and financing of terrorist activity shall include all of the following:
(1) Identification and assessment of the material risks of its digital financial asset business activity related to money laundering and financing of terrorist activity.
(2) Procedures, in accordance with federal law or guidance published by federal agencies responsible for enforcing federal law, pertaining to money laundering and financing of terrorist activity.
(3) Filing reports under the Bank Secrecy Act (31 U.S.C. Sec. 5311 et seq.) or Chapter X of Title 31 of the Code of Federal Regulations and other federal or state law pertaining to the prevention or detection of money laundering or financing of terrorist activity.
(e) A licensee’s or registrant’s information security and operational security policy shall include reasonable and appropriate administrative, physical, and technical safeguards to protect the confidentiality, integrity, and availability of any nonpublic personal information or digital financial asset it receives, maintains, or transmits.
(f) A licensee or registrant is not required to file with the department a copy of a report it makes to a federal authority unless the department specifically requires filing.
(g) A licensee’s or registrant’s protection policy under subdivision (e) for residents shall include all of the following:
(1) Any action or system of records required to comply with this division and other state law applicable to the licensee or registrant with respect to digital financial asset business activity with, or on behalf of, a resident.
(2) A procedure for resolving disputes between the licensee or registrant and a resident.
(3) A procedure for a resident to report an unauthorized, mistaken, or accidental digital financial asset business activity transaction.
(4) A procedure for a resident to file a complaint with the licensee or registrant and for the resolution of the complaint in a fair and timely manner with notice to the resident as soon as reasonably practical of the resolution and the reasons for the resolution.
(h) After the policies and procedures required under this section are created and approved by the department and the licensee or registrant, the licensee or registrant shall engage a responsible individual with adequate authority and experience to monitor each policy and procedure, publicize it as appropriate, recommend changes as desirable, and enforce it.
(i) A licensee or registrant may request advice from the department as to compliance with this section and, with the department’s approval, outsource functions, other than compliance, required under this section.
(j) Failure of a particular policy or procedure adopted under this section to meet its goals in a particular instance is not a ground for liability of the licensee or registrant if the policy or procedure was created, implemented, and monitored properly. Repeated failures of a policy or procedure are evidence that the policy or procedure was not created or implemented properly.
(k) Policies and procedures adopted under this section shall be disclosed separately from other disclosures made available to a resident, in a clear and conspicuous manner and in the medium through which the resident contacted the licensee or registrant.
3702.
(a) An applicant, before submitting its application, and a registrant, before registering, shall establish and maintain in a record a policy or procedure designed to ensure compliance with this division, and law of this state other than this division, if the other law is relevant to the digital financial asset business activity contemplated by the licensee or registrant or the scope of this division or this division could assist in the purpose of the other law because violation of the other law has a remedy under this division.
(b) A policy or procedure under subdivision (a) shall be compatible, and not conflict, with requirements applicable to a licensee or registrant under other state law or under federal law and may be a policy or procedure in existence for the licensee’s or registrant’s digital financial asset business activity with, or on behalf of, a resident.
(c) After the policies and procedures required under this section are created by the licensee or registrant and approved by the department, the licensee or registrant shall engage a responsible individual with adequate authority and experience to monitor any policy or procedure, publicize it as appropriate, recommend changes as desirable, and enforce it.
(d) A licensee or registrant may request advice from the department regarding compliance with this section and, with the department’s approval, outsource functions, other than compliance, required under this section.
(e) Failure of a particular policy or procedure adopted under this section to meet its goals in a particular instance is not a ground for liability of the licensee or registrant if the policy or procedure was created, implemented, and monitored properly. Repeated failures of a policy or procedure are evidence that the policy or procedure was not created or implemented properly.
CHAPTER 8. Miscellaneous Provisions
3801.
(a) This division applies to digital financial asset business activity with, or on behalf of, a resident on and after January 1, 2024.
(b) A person is deemed to be conducting unlicensed digital financial asset business activity with, or on behalf of, a resident in violation of this division if the person engages in digital financial asset business activity on or after January 1, 2024, and the person does not hold a license issued or recognized under this division, is not exempt from this division, and has not applied for a license or filed a registration.
3802.
The provisions of this division are severable. If any provision of this division or its application is held invalid, that invalidity shall not affect other provisions or applications that can be given effect without the invalid provision or application.

LegiScan Search

View Top 50 Searches

LegiScan Info

2024 Schedules

Price List

Voter Registration

Governor Deadlines &
Effective Dates

LegiScan Trends

View Top 50 National

LA HB581 Provides requirements and restrictions on the ability to witness election...

PA HB1976 Providing for multiple-unit dwelling zoning ordinances.

US HB9096 To establish pharmacy payment and reimbursement by pharmacy benefits managers;...

US SB4769 VET Artificial Intelligence Act Validation and Evaluation for Trustworthy...

MI HB5895 Trade: business practices; excessively increased pricing for certain goods...

DC B25-0632 Dental Specialties Licensure and Scope of Practice Amendment Act of 20...

IL SB3679 BUSINESS IMPROVEMENT DISTRICTS

MA H4938 Authorizing the county of Nantucket to convey certain parcels of land in...

MA H4942 Relative to property tax classification in the city of Boston

MA H4939 Authorizing the Massachusetts Department of Transportation to convey a...

Main menu

Bill Text: CA AB2269 | 2021-2022 | Regular Session | Amended

California Assembly Bill 2269 (Prior Session Legislation)

LEGISLATIVE COUNSEL'S DIGEST

Digest Key

Bill Text

The people of the State of California do enact as follows:

SECTION 1.

DIVISION 1.25. Digital Financial Assets Businesses

CHAPTER 1. General Provisions

3101.

3102.

3103.

CHAPTER 2. Licensure

3201.

3202.

3203.

3204.

3205.

3206.

3207.

3208.

CHAPTER 3. Examination

3301.

3302.

3303.

3305.

3306.

3307.

CHAPTER 4. Enforcement

3401.

3402.

3403.

3404.

3405.

3406.

3407.

CHAPTER 5. Disclosures and Protections

3501.

3501.5.

3502.

3503.

CHAPTER 6. Prohibited Digital Financial Assets

3601.

CHAPTER 7. Policies and Procedures

3701.

3702.

CHAPTER 8. Miscellaneous Provisions

3801.

3802.

LegiScan Search

LegiScan Info

LegiScan Trends