On March 11, 2021, the Canadian Securities Administrators (CSA) published a staff notice regarding continuous disclosure and other public filings for reporting issuers with crypto and digital assets including cryptocurrencies, tokens, stablecoins, and other digital assets relying on blockchain technology who engage materially with crypto assets via mining and/or the holding/ trading of those assets (crypto asset reporting issuers or issuers).
Safeguarding of Crypto Assets
The notice provides that, where crypto asset reporting issuers self-custody their crypto assets, including multi-signature wallets, safeguarding of private keys, the use of “cold wallets” and frequent monetization of crypto assets into fiat currency, adequate disclosure of the controls and risks must be made in public filings. According to the notice, the controls that are appropriate vary depending on its size and the type and quantity of crypto assets held, as well as the frequency for which they move to and from “hot wallets” or liquidate the crypto assets. The controls that are appropriate for a given issuer may vary depending on its size and the type and quantity of crypto assets held, as well as the frequency for which they move to and from “hot wallets” or liquidate the crypto assets. Where issuers do not retain a third-party custodian, the issuer should disclose the reasons for not doing so.
According to the notice, for crypto asset reporting issuers who retain a third-party custodian to safeguard all or a substantial portion of their crypto assets, the following information would be material to investors:
- the identity and location of the third-party custodian;
- if the third-party custodian has appointed a sub-custodian to hold certain crypto assets, the identity and location of the sub-custodian(s);
- a general discussion of the services provided to the issuer by the third-party custodian (e.g., is the custodian a payment processor or just responsible for holding/ safeguarding the crypto assets);
- whether the custodian is a Canadian financial institution (as defined in NI 45-1065 ) or a foreign equivalent, and if so by whom the custodian is regulated;
- whether the issuer is aware of anything with regards to the custodian’s operations that would adversely affect the issuer’s ability to obtain an unqualified audit opinion on its audited financial statements;
- whether the custodian is a related party of the issuer;
- the quantity or percentage of the issuer’s crypto assets held by the custodian as at each reporting period end date;
- whether the crypto assets held by the custodian are insured and any limitations on the custodian’s liability in the event of the loss or theft of the issuer’s crypto assets;
- any known security breaches or other similar incidents involving the custodian as a result of which crypto assets have been lost or stolen;
- the treatment of the assets in the event of an insolvency or bankruptcy of the custodian, and
- if the custodian operates in a foreign jurisdiction, what due diligence the issuer has performed on the custodian (including the issuer’s ability to: effectively monitor the custodian and execute contingency plans and exit strategies with minimal impact on the issuer’s operation).
Where crypto asset reporting issuers that self custody their crypto assets, according to the notice, the following information would be material to investors:
- a description of the controls implemented to protect the crypto assets against the risk of loss and/or theft associated with holding crypto assets,
- whether the issuer employs multi-signature wallets,
- the manner in which private keys are safeguarded, including the nature and extent of the use of “cold wallets”,
- whether the issuer’s crypto assets are insured, and any exclusions contained in the insurance policy that would prevent the issuer from making a successful claim in the event that the crypto assets are lost or stolen,
- measures taken to mitigate cyber security risks, and
- the frequency of monetization of crypto assets into fiat currency.
Use of Crypto Asset Trading Platforms
According to the notice, to the extent that an issuer relies on a crypto asset trading platform to hold its crypto assets, the issuer should disclose, at a minimum, all the items referenced in the “Safeguarding of Crypto Assets” above and in sufficient detail to enable investors to make an informed decision about whether to buy, sell or hold the issuer’s securities.
Description of Business
According to the notice, the description of the issuer’s business in its continuous disclosure filings should include information on how the business intends to generate revenue, the specialized skill and knowledge possessed by the issuer, the competitive conditions faced by the issuer and the sources, pricing and availability of equipment used by the issuer, and any reliance on third-party service providers (e.g. trading platforms, mining pool operators, liquidity providers, etc.).
Risk Factor Disclosure
Risk factor disclosure, according to the notice, should include, among many others, risks pertaining to: (i) the availability and/or cost of electricity; (ii) potential declines in the price of crypto assets; (iii) decreased rewards for mining a particular crypto asset, and (iv) risks related to access to crypto assets held at third-party custodians and crypto asset trading platforms. The notice points out that risks related to different forms of crypto assets may differ, for example, Bitcoin or Ether, compared to other digital assets, such as digital tokens.
The notice states that crypto asset reporting issuers should not engage in promotional activities that provide unbalanced or unsubstantiated material claims about the issuer’s business and the corresponding opportunity for profit by investing in the issuer and be supported by objective data.
The notice points to the following examples of crypto asset reporting issuers failing to file material change reports: (i) entering into a custodial agreement with a third- party; (ii) changing custodians; (iii) the loss or theft of crypto assets; (iv) an acquisition or sale of crypto asset mining equipment, or (v) entering into a mining pool arrangement or an electricity supply agreement by a crypto asset mining issuer if the arrangement is significant in relation to the issuer’s existing operations.
Issuers whose Business is Investing in Crypto Assets
According to the notice, if a material aspect of an issuer’s business is investing in crypto assets and the issuer does not have other substantial operations, despite the fact that the issuer may not meet the definition of an investment fund, many of the investor protection considerations applicable to investment funds may apply.
Financial Statements/Auditing Issues
The notice refers to the unique aspects of the crypto asset industry that raise novel accounting issues and outlines considerations that apply to holdings of crypto currencies and refers to the IFRS Interpretations Committee published its agenda decision on Holdings of Cryptocurrencies in June 2019. The notice also refers to certain novel auditing challenges have arisen in the context of the crypto asset industry and encourages crypto asset reporting issuers, and their audit committees and advisors, to review guidance that has been published by the Chartered Professional Accountants of Canada and communications from the Canadian Public Accountability Board.
For a full copy of the notice: 51-363 – Observations on Disclosure by Crypto Assets Reporting Issuers [CSA Staff Notice].
For more information, please call Barbara Hendrickson at BAX Securities Law (647) 403-4606.
This publication is not intended to constitute legal advice. No one should act on it or refrain from acting on it without consulting with a lawyer. BAX does not warrant or guarantee the accuracy or currency or completeness of the publication. No part of this publication may be reproduced without the prior written permission of BAX Securities Law.