The State of New York took a major step towards legitimizing Bitcoin, proposing specific rules on how the digital payment transfer method should be regulated.

PayPal Bitcoin

Bitcoin to obtain a license with the goal of preventing fraud

The rules, which resemble brokerage regulatory guidelines for knowing the customer and identifying potential acts of money laundering and fraud, will have a 45 day comment period starting after their official release on July 23. If adopted, the regulations would require those engaged in the business of managing Bitcoin transactions obtain a “BitLicense” with the goal of preventing fraud and protecting consumers.

The regulations would in-fact make Bitcoin, often referred to as a “digital currency,” trackable by law enforcement.

The regulations have anti-money laundering provisions that requires a Bitcoin business to maintain records of all transactions, including: 1) the identity and physical addresses of the parties involved; 2) the amount or value of the transaction, including in what denomination purchased, sold, or transferred, and the method of payment; 3) the date the transaction was initiated and completed, and 4) a description of the transaction.

Bitcoin customers identification required

Bitcoin firms would be required to clearly identify Bitcoin customers who open accounts, including the user’s name, physical address, and other identifying information, then check customers against the Specially Designated Nationals (“SDNs”) list maintained by the U.S. Treasury Department’s Office of Foreign Asset Control (“OFAC”), similar to opening a brokerage account.

“We have sought to strike an appropriate balance that helps protect consumers and root out illegal activity—without stifling beneficial innovation,” Benjamin Lawsky, NY’s Superintendent of Financial Services, was quoted as saying in a CNBC report. “Setting up common sense rules of the road is vital to the long-term future of the virtual currency industry, as well as the safety and soundness of customer assets.”

A key issue is cyber-security, and Lawsky proposes government review and that each firm appoint a “Chief Information Security Officer” responsible for all cyber crime issues. “Among other safeguards, each firm shall also conduct penetration testing of its electronic systems, at least annually, and vulnerability assessment of those systems, at least quarterly,” the draft regulations read.

The regulations will be formally published in the July 23, 2014 edition of the New York State Register and after the 45 day public comment period, the rules are subject to additional review and revision before being finalized.