GTM Navigator: Navigating Regulatory Hurdles When Launching New Products
GTM Navigator is our ongoing series where we break down the essential components of nailing the right
go-to-market strategy.
In this episode, Matthew Cueto, Investment Analyst at Fin Capital, speaks to Laurian Cristea, Partner at
Barnes & Thonburg LLP. Laurian provides legal counsel to financial institutions on regulatory compliance,
product development, and emerging areas like digital assets.
He has deep experience with CFTC licenses, BitLicense, and state money transmitter laws, and regularly
advocates before regulators on complex financial issues. Previously, he served as Chief Legal Officer for
a digital asset exchange and held roles at the US Commodity Futures Trading Commission, London
Clearing House, and NYSE Euronext.
We hope in this edition you’ll gain insights into product licensing, estimating & eliminating regulatory
costs, and how to prevent some of the challenges that often come when building a new product in a
highly regulated space.
Key Questions Discussed:
- How should companies think about licensing as they build out a product roadmap?
- How do you create balance without limiting the scope of services and features offered?
- Compliance and licensing can be expensive, how should companies think about estimating costs and building out a business case?
- What key roles should businesses/startups consider filling early on?
- How important is it to have seasoned legal and compliance experts early in the business formation process?
- When does it make sense to hire fractional legal services?
- How do you see the regulatory landscape evolving globally, especially with the differences between jurisdictions like the U.S. vs others, such as Europe or Asia?
Transcription (edited for clarity):
Matthew Cueto (00:33): Laurian, thank you again for taking the time to join us. Awesome. So we can kick off a, can you please start off by telling us a little bit about your background and experience?
Laurian Cristea (00:36): Thanks for having me, Matthew. I appreciate it.
Matthew Cueto (00:39): Can you please start off by telling us a little bit about your background and experience?
Laurian Cristea (00:41): Right now I’m a partner at Barnes &Thornburg. It’s a top US law firm with 800 lawyers. We have 23 offices in the US and we really do focus on the US market. The group I’m in is a part of financial innovation and payments, and this really all got started for me many, many years ago when I started as an intern at the Commodity Futures Trading Commission during law school.
I’ve spent my entire life working in the financial services space, whether at the CFTC, at the New York Stock Exchange, the London Clearing House, and my longest stint was from 2014 till about 2022/2023. I worked for a small exchange called Eris Exchange or ErisX. We launched a crypto product on a futures exchange and a spot market side by side. We got all our licenses in the US, had a CFTC licensed exchange and clearing house, and it was really in the heyday of crypto and before folks were really going down the full licensing route.
We ended up selling that to Chicago Board Options Exchange (CBOE) for $550 million back in 2022. Then, I came over to Barnes and Thornburg to effectively do what I did at ErisX and just rinse and repeat, advise clients on best practices – within the financial innovation and payment space.
Matthew Cueto (02:07): Awesome. That’s a very extensive background and we’re honored to have you on to talk about the regulatory and licensing environment.
Diving into our first question, how should companies think about licensing as they build out a product roadmap and how do you balance without limiting the scope of services and features offered?
Laurian Cristea (02:30): This is tough, right? In the financial services space, I think licensing should be a consideration very, very early on. What I do advise clients on is, we don’t want the tail wagging the dog here. We don’t want the licensing to drive the product, we want the product to speak for itself.
Very early on, once you have an idea of what the product is and what you’re trying to offer to your customers, should you ask the question, “well what kind of product is this from a regulatory standpoint?” “What sort of licenses do I need?” And there’s several reasons why that’s important.
Licensing can set the direction of the company, because you effectively dedicate a good amount of money and resources to the project. If you go down the wrong route, then you have to apply for a different license, which means you’re starting over and effectively the wrong approach to licensing can deplete your runway and it could delay your launch.
When I advise companies on what they need to consider, and many companies have not been down the licensing route, they often are surprised to know that a complex structure in their entity org chart can be a red flag for regulators.
It could take them a while to go through all those structures and figure out what it means for them and who’s in charge and who’s making decisions. Unclear governance roles are an issue for regulators. For example, an observer on a board seat, paired with a significant ownership stake in the company could mean that regulators see that person as “in charge” or making significant decisions; when the reality could be different.
Or there could be complicated ownership issues such as when you have multiple layers of individuals or entities owning equity or if you have ownership from individuals from sanctioned countries. So, these are all things that I help folks think through and get ahead of before they become issues with regulators.
On the regulatory spectrum, you have regulators on the state level, whether it’s money transmitter licenses, special purpose licenses like the Wyoming Trust or the NYDFS BitLicense. Then you also have federal regulators like the SEC, the CFTC, the banking regulators.
Each one of these really focuses on a specific area and a specific offering. When you’re developing a product, it could fall into one of these categories or it could fall into multiple categories. There are strategies to how you set up your licensing program to either get broad coverage or the specific coverage that you need for your product.
One of the things that we’re seeing is folks say, well, hey, do I really need to own my own licenses? And the answer is yes, typically you should because it gives you the most flexibility.
However, you could also partner with somebody who has the regulatory licenses, or you can purchase a company that has licenses. I’ll get into a few of the fallacies here – that folks think if they piggyback their product on someone else’s license, it’s a faster time to market. Sometimes that works, but oftentimes it could be seen as risky behavior for the license holder, which means that they may not be willing to help out or launch the product.
We’ve seen situations where entrants think that they can piggyback their products on existing licenses only to cause increased risk to those license holders, and then some sort of regulatory adversity from the license holders who just don’t want to proceed down that route anymore.
There are issues where sometimes folks think that they can buy a company with existing licenses, and you’d be surprised to know that buying a company with licenses sometimes takes just as long as applying for new licenses; because the ultimate beneficial owner needs to get fingerprinted & needs to get approved.
Sometimes the same amount of due diligence that regulators do on new licenses, they also do for a new license holder. So, these are some of the fallacies.
The biggest one I’ve seen is that if “I do this and I do it for a small number of people, nobody will care about me and they’ll let me do what I do without a license” – I think that’s the biggest area of risk here. Typically if you’re working in the financial services space or you’re offering some sort of financial product, you’re likely going to face a need to license and there is no minimis exception. There is no minimis amount that you can do without requiring a license, and that can get folks into real big trouble.
Matthew Cueto (07:49) Compliance and licenses can be expensive overall, how should companies think about estimating costs and building out a business case?
Laurian Cristea (07:58): Sure, I’ll come right up front and say that I paid a lot of money when I was in-house general counsel to get all the licenses and I feel like I did it wrong. So, learning from that experience, I feel like I have a very good approach to keeping costs contained and helping folks develop a program for getting these licenses and keeping them. To start off, I think licenses are seen as a cost for the business rather than value enhancing. I really do want to argue for the value that these licenses do create. Sure there’s a cost to acquiring them, but above and beyond that, what you’re allowed to do with the license and the stamp of approval, you effectively get from the regulator that they vetted you once they continue to vet you, that your offering is reviewed by regulatory staff and that you pass muster on each examination cycle.
I think that’s very, very valuable. Companies that hold these licenses, they’re admitted into the regulatory environment and that brings value. Being admitted there keeps other people out as well. So, you’re operating in a club of sorts, and when you do that, whether it’s protectionist or what have you, it allows you to do something that others can’t. Which increases the value of the company, and that increases the possibility of an acquisition for that valuable asset.
Most people view the licensing part and the compliance part as hand in hand, but I really want to bifurcate those two approaches. Every company should have an appropriate compliance and risk management program, whether or not you have licenses, the level of compliance and risk management changes depending on what your offering is and what you need to code for. The proper controls keep the company operating appropriately and without getting into trouble.
I think the first thing to look at is building an appropriate risk management and compliance framework for the company, then acquiring a license is a layer on top of that. I alluded previously that I had used a large law firm to help me get all my licenses, all my money transmission license, the BitLicense and what have you. All in multiple states. I think we had 43 states, and 7 states that told us we didn’t need licenses. We had a BitLicense as well, and we had two federal CFTC licenses that cost us millions of dollars. Looking back on it, I’ve advised many companies on how to contain costs there, how to structure their programs to keep costs down. One of the essential things I recommend is having an internal paralegal or project manager who’s really empowered to work with the law firm or with the vendor to gather internal documents, to ask folks for information, to be able to handoff things as we get towards deadlines, and to provide documents that are needed to really make the regulatory filings.
Then, I typically recommend a vendor that can manage the entire document process such as fingerprinting, keeping track of what the regulators have acknowledged that they’ve received, what’s the next thing that the regulators are asking for, etc. And really the vendor allows companies to provide consistent information across all regulators because once you do it in one state, for example, if you are applying on a state by state basis, you apply in one state, you’ll naturally have all the documents in one place to just pay a fee and apply in another state and apply in another state.
The requirements tend to be a little bit different from state to state, but the essential packet of what you submit tends to be the same. So, where does the lawyer come in? Typically, the lawyer comes in to help direct the narrative, advise on red flags, pitfalls, and get ahead of those issues and identify those issues before they make their way to the regulators. That avoids the back and forth with regulators on questions that we see coming up over and over again.
Matthew Cueto (12:38): That’s super helpful. It actually started to lead into my next question on some of the key roles businesses and startups should have early on, and it sounds like having an internal paralegal or project manager along with the lawyers could be really good.
I’d like to kind of dive into how important is it to have seasoned legal and compliance experts early in the business formation process, and when does it make sense to hire factual legal services?
Laurian Cristea (13:06): I typically say in a regular startup, if there’s such a thing as an unregulated environment anymore, there’s so many laws that apply to all sorts of businesses that I feel like every business has legal pitfalls, but financial services space even more so. If you are building a business, and I grew up in the Bay Area and I’ve heard, “Hey, I have hired 50-60 employees, I used a contract that I used at my old company, and I’ve done everything myself”. And now with chat GPT, I’ve heard of companies really building their legal function around that product, which I don’t necessarily advise. But, in the financial services space, hiring a general counsel, a chief compliance officer, somebody in the InfoSec role, A CFO, those are all very, very crucial early hires and there’s several reasons for that.
I touched on the general counsel and compliance officer, the case for those positions and having somebody who knows this world, who knows financial services, can really help direct the path of licensing, and help direct the product development early – before things can get off rails and really deplete some of that runway or deplete some of those timelines towards launch.
The second reason is that a lot of the licenses require someone in these sorts of roles. They want to see that there’s a proper CFO in place that acts as a control function. They want to see that there’s proper legal advice and compliance. If you’re required to do AML, KYC and you’re subject to the Bank Secrecy Act, you need a BSA officer. That’s typically your compliance officer or someone else at the company.
The third reason could be that regulators generally have a distrust of companies that don’t have folks who have done similar activity before. To go just one step further, in many cases, if you’re applying for a trust license or a custodian license, you need someone who has worked as a fiduciary before. If you haven’t had that and you’re launching a company, I think there’s a much harder time to get licensed than if you were to have those as early hires in the company.
Similarly, hiring a good law firm is a very good idea. Someone who operates in the space you’re looking to enter and knows the space and can advise. I hear it every day – I hear from lawyers who are in estate planning, or they’re will lawyers, or they are commercial litigators, and they contact us saying that they’re advising a company for their buddy that has questions about financial services licensing, and they don’t know what to tell them. There are different types of lawyers out there that specialize in different things. If you want to avoid the pitfalls that come with the licensing space, I recommend hiring a good law firm who helps advise you early.
Matthew Cueto (16:26): That’s super helpful and that’s great guidance to have, especially for a lot of our listeners here, so appreciate that color. I want to go into our last question here. How do you see the regulatory landscape evolving globally, especially with the differences between jurisdictions like the US versus others such as Europe and Asia?
Laurian Cristea (16:47): What we’ve seen in the last few years is that crypto companies were offshoring, they were going into other jurisdictions where it was easier to do crypto activity where there was legal certainty, whether that’s Singapore, Asia, or the EU. What I’m seeing is there’s a lot of excitement about building businesses in the US, and I think for all its pitfalls and enforcement by regulation, what we saw under the SEC’s approach under Gary Gensler, I think the US does have a more relaxed approach to regulation than most foreign jurisdictions.
To give you an example, under the BSA, the Bank Secrecy Act, our requirements in the US typically are lower than other jurisdictions, and that might put us as a heightened risk in the global banking system where folks might look at us as “not so regulated”. However, we do have a very good framework here in the US and I think companies are still looking for ways to start and build businesses here.
I’m seeing some of the trend reversing where companies are setting up in the US for crypto activity, but they’re providing services in foreign countries. I think they were doing this in anticipation of the US figuring things out and providing some certainty around the laws. With the focus now on Washington on creating certainty in the crypto market, whether it’s through the stablecoin bill, which Circle has had a very early start on in that space, and from what I’ve seen, they’ve been advising congress on these issues. Whether it’s that or rethinking the regulatory approach at the SEC or the CFTC levels, I really think we’re at an inflection point here in the US where folks are excited to build crypto projects and they’re looking to invest more money into US crypto companies.
Matthew Cueto (18:57): That’s amazing to hear, and a great way to conclude our conversation. Laurian, really appreciate the time that you spent here with us and the insights that you shared. It was absolutely fantastic. Always love hearing from an expert such as yourself, so thank you again for spending the time.
Laurian Cristea (19:13): Thanks for your time, Matthew. I appreciate it.
