Crypto Headquarters: Implications of Having an Unclear Corporate Structure

Key Takeaways

• A company’s registered address is a starting point for a due diligence check.
• Keeping the corporate structure under wraps doesn’t automatically imply illicit intentions.
• “If you don’t choose a jurisdiction, you let someone else choose it for you,” says Keom Protocol CLO.

Business intelligence work often involves deciphering complex corporate structures that could conceal ownership and financial flows. This is especially relevant to the crypto space, where, ironically, transparency is not always prioritized.

In public opinion, keeping the corporate structure under wraps suggests illicit activities like tax evasion or money laundering. However, it can also serve legitimate purposes, such as protecting sensitive information or managing a company’s public image.

“Opaqueness is not always a bad thing when it comes to corporate matters, but it gives a bad impression when users realize they have no clue who to reach out to because they notice several related entities or no disclosed entity at all,” said Anne-Grace Kleczewski, Chief Legal Officer at Keom Protocol, a decentralized finance (DeFi) protocol that creates liquidity markets for lending and borrowing.

Commenting on the issue, Kleczewski reflected on the complexity of corporate structures and their implications. Her insights shed light on the delicate balance between regulatory compliance and business strategy and highlighted the importance of understanding the nuances behind a company’s organizational choices.

Gray Zones, Clarity, and Physical Threat

People may locate their business in jurisdictions deemed lenient or offering less transparency because they are aware their activities fall into a regulatory gray area, or one perceived as representing a high risk of fraud . Such is, for instance, the case of gambling, play-to-earn schemes, and some DeFi setups.

By doing so, these businesses mitigate the risk of attracting the attention of authorities known to be restrictive, and that could create hurdles for their business models or even seek to impose sanctions.

Alternatively, such jurisdictions may also be chosen to circumvent clear regulatory frameworks containing restrictions inconveniencing the project (like, a license requirement or the need to KYC users).

Regulators have been increasingly scrutinizing these spaces to ensure consumer protection. This requires drawing the line between legitimate business choices and those aimed at purposely dissimulating illicit financial flows and avoiding existing standards.

In many cases, businesses argue that their choices are dictated by the pursuit of innovation and efficiency, pushing the boundaries  of traditional regulatory frameworks. They claim that existing laws stifle their ability to implement new technologies or business strategies that could benefit consumers.

“It strikes me when some crypto clients tell their lawyer: ‘I don’t want to go to jail.’ It is mostly an exaggerated fear by founders far from promoting a scam. But these founders are told how parts of their business are in a gray zone, they hear about other founders being chased down by the SEC or CFTC. They understand they are exposing themselves to a hard-to-quantify risk.”

“So they often opt for off-shore jurisdictions just to have this perceived layer of safety until more renowned regulators made up their mind, for instance, in their own jurisdictions. Otherwise, most of them would probably give up on their project,” shared Kleczewski.

Kleczewski continued, saying that when it comes to registering in a certain jurisdiction, it’s basically an explicit choice of the regulator and legal framework you want to interact with. She explained:

“It’s like accepting that one can be chased down by the Swiss regulator rather than the French or German one, because Switzerland is where you know the rules in place and accept to abide by them. It all goes back to identifying where you feel comfortable fighting back accusations if such arise. A German project wouldn’t want to discover some day that because of a user located in Japan, a lack of choice of applicable law in their terms of use, or some other circumstance, they, all of a sudden, need to deal with Japanese law. An unwrapped DAO similarly wouldn’t want to end up being sued in the U.S. because of a random nexus.”

She highlighted that, following the FTX events, fintech platform SwissBorg published a transparency blog post containing a presentation of their corporate structure:

“Thanks to this kind of transparency, people understand why, for example, sometimes they interact with one entity and then another, it clarifies whether one replaces the other or completes it for specific purposes. It also signals an obvious logic underpinning it all, which, once presented in a diagram, does not appear as impossible to grasp from a bystander’s point of view. If your corporate structure is so odd that you could not publish it without creating uncontrollable FUD, then (maybe) there is something wrong.”

“But it’s also not about forcing businesses to disclose everything because some elements are confidential and not directly relevant to users. Users can be a big pain, specifically in Web3. They could extrapolate about the business, spread defamatory comments, address threats, or even stalk individuals involved with the project. It’s another reason founders may avoid endorsing an official position in the entity, to avoid becoming easy targets.”

“Probably, knowing that at least authorities in the main jurisdiction have a comprehensive list of all connected entities in other jurisdictions would be reassuring. But currently, mostly such full corporate transparency lacks.”

A Matter of Presence, Not Just Legal Location

According to Kleczewski, the idea of having a big team in the office sitting in the headquarters only works, once you reach a certain level:

“We have a major part of the industry that is too small to have those headquarters or the culture of working that way. Teams went decentralized and global. I’m thinking about all the major L1s and L2s. They have so many entities, and you can trace them down as you interact with them, and sign one agreement with entity X for a grant, then with entity Y for marketing purposes. You don’t have a clear structure on their website saying we have an entity there and there and there. You just figure it out because you see agreements with different entities everywhere.”

Kleczewski further said that in Web3, the main reason to disclose more details would be the context of a potential litigation case, when you need to find substance and links with a specific jurisdiction.

Or if the jurisdiction where the project wishes to register doesn’t allow it to have zero substance and requires the real leadership to be on-site, or if there are some imperative laws that even if the company is registered elsewhere, if it conducts business there, it is supposed to comply with.

Understanding the location of the executive team can provide insights into the company’s decision-making processes and its cultural and regulatory influences. This information can be crucial, especially when dealing with multinational corporations where leadership and operations are spread across different countries.

“For crypto projects, there is no central authority with an overview of everything happening with a business throughout all involved entities. Thus, only when something goes wrong, we start figuring it out and reconstructing what is de facto a group because no one had a clear vision beforehand,” elaborated Kleczewski.

The Connecting Factor

Recently, the European Union enforced the Markets in Crypto Assets (MiCA) framework, a set of rules that introduce stricter due diligence requirements for crypto asset service providers (CASP). Key aspects include the classification of crypto assets, rules for digital asset service providers, and requirements for consumer protection.

Per the new regulations, to operate as a CASP in the EU, one must be a registered legal entity  with a physical presence in the EU and have received approval from the relevant authorities. Commenting on these developments, Kleczewski noted:

“With MiCA, you will just need—if you want to operate explicitly in Europe—to have a registered office in Europe, which is quite interesting, because you don’t necessarily have to opt for the EU Member State where your board and/or team are majoritively located.”

“But then, the white paper for crypto assets is supposed to describe ‘where applicable, the group of undertakings to which the issuer belongs’. The question is: what if some entities are de facto connected by not strictly speaking a group?”

“A company’s registered address is thus merely a starting point for a due diligence check, from which a corporate tree can then be identified as we unpack the network of subsidiaries and affiliates. If you only focus on one entity, you potentially have a very limited view of the company’s operations and may not be able to fully assess its regulatory environment or potential risks”.

Kleczewski continued, highlighting at least three key factors that should be considered, such as where the user base is, where the people behind the project are, and where the entity on top is. Specifically, the user base and the location of C-level individuals could enable countries other than one of the registered addresses to claim jurisdiction over the project.

“Even if you are a DAO and/or have offices in a metaverse, you still need to pick a jurisdiction outside that metaverse. Otherwise, something doesn’t add up: what laws will you apply and courts will you turn to? You could recreate them in the metaverse, but will people trust them? Won’t they seek remedies in real courts if they disapprove of the solution? But then, what’s the point of it all?”

“At the end of the day, you’ll still be caught up by reality: if you don’t choose an existing jurisdiction, it means you open yourself to being potentially subject to any jurisdiction with a valid connecting factor, and there could be many of them,” concluded Kleczewski.