How did the mining rigs on order for your mining fund get to be invested on GLBSE?  Are you going to cancel those orders and share the BTC amonst your shareholders?  Or are you hoping they'll be forgotten and you can keep them?  You've said a few times in this thread that EVERYTHING you had was invested on GLBSE - yet that isn't actually true is it?

Was just pointing out how dumb that post by Trade Fortress was.  Yes I know about extradition treaties - but unless/until nefario was extradited (a process which takes ages with all the appeals process in the UK) he wouldn't be facing 18 months in prison for not testifying.  Not to mention that even in front of a grand jury he can't be forced to testify if doing so would incriminate himself (unless given immunity first).

Nefario's not even in the US.  There's no such thing as a grand jury in the UK where he is.

It looks like if we refuse to provide requested ID information then their designated AML complicance officer would need to make a risk assessment.  If he determined there was no reason to believe the transaction (refund) was an AML risk then they could return the funds.  Otherwise he would need to file an SAR (Suspicious Activity Report) with SOCA (Serious Organised Crime Agency - approximately UK equivalent of the US FBI) and would be unable to release the funds until either SOCA said to go ahead, or at least 7 days had passed without SOCA telling them to hold the funds.

Of course they then have to deal with the possibly tricky situation of explaining to SOCA why they're requesting AML information and making SARs without being registered with any of the AML supervisory bodies.  But that's their problem - not ours.

Silly thing is that it's likely the vast majority of accounts fall below the threshhold where they need to do any AML checks anyway.  E.g. currency exchanges only need to ask for ID for transactions above a certain amount (I can walk into a high-street bureau and exchange GBP into another currency without giving any ID information at all) .  Same for coneyancing firms (limit there is 15,000 euros - it's defined in euros as the UK law is an implementation of a eurozone-wide directive).

Pretty sure if they go to SOCA whining about someone refusing to provide ID for 10 BTC or even 100 BTC then SOCA would have far more interest in GLBSE than in the customer.

They also DO have an obligation not to unreasonably withhold service if a customer is unable to provide documentation in the form they request - not sure what policy they have for that.  e.g. if someone can't provide the documentation they request then they should be returning funds and (if they believe appropraite) filing an SAR (with a 7 day delay in refunding if they file an SAR).

Haven't seen that request, but if they're requesting personal information there's a few points they need to clear up first:

1.  If the information is for AML purposes then which AML supervisor are they registered with?  In the uK there's about 8 different supervisors, depending on the nature of your business (IF your business is one subject to the AML legislation).  The obvious one for them would be the FSA (which covers financial service providers) but there ARE others (e.g. casinos have the gambling/gaming commission).  If they're requesting information for AML purposes then they need to be registered with one of the designated supervisory bodies.

2.  If it's for AML purposes then a link please to their AML compliance policy.

3.  If not for AML purposes then what is this information going to be used for?  And how long will it be retained for?  This is information they're obligated to provide under the Data Protection Act.

4.  Irrespective of the answers above, link please to their DPA compliance policy/statement?

5.  Can GLBSE please confirm that they have professional indemnity insurance covering them against loss or misuse of clients' data.

6.  What is their intention in respect of anyone who refuses to provide the documents but requests their funds returned?  Will they just keep the money?  Report them as a suspected money launderer?  Turn their BTC over to the police?

As soon as I receive the request referred to in OP I'll be emailing requesting the above information (can't check my email right now - assume that's where it is).  If they refuse to answer the questions but persist in requesting the information then I will next send a formal request for my funds (providing my name/address but not giving any documents which would allow identity theft).

I think the point you may be missing is that before closing it down for being "illegal" he should have at least presented share-holders with evidence (e.g. a legal opinion) that it WAS illegal.  It surely can't have been the case that he woke up in the morning, suddenly realised it was illegal and pulled the plug on it.

One person "believing" something is illegal doesn't make it illegal or give them the right to prevent others doing whatever that something is.  If you believe others are doing something illegal and want them to stop them you go to LE - you don't go all vigilante and take things into your own hands.  If you're doing something (with others) and all of a sudden YOU decide it's not legal then YOU stop doing it (and report the others if you're that way inclined).  Do bear in mind this something (running the exchange) is something he's been doing for a while and claiming wasn't going to have problems with the law.

Also remember that even if running it in the UK is illegal, there may be other jurisdictions where it's perfectly fine.  Does he have the right to prevent the other shareholders from moving the business to there?

I'm in no way claiming running GLBSE in the UK was legal.  But if nefario says it wasn't (after ages of saying/acting otherwise) then he owes the other shareholders (not to mention investors) at least a decent explanation of it.  And if his explanation is compelling then I'm sure it's not impossible to remove the tag - all he has to do is explain how his opinion apaprently changed overnight and why there was absolutely no alternative other than an immediate and permanent shut-down.

1.  I had/have a tiny amount on GLBSE.
2.  I expected that when problems (inevitably) occurred they'd be more gradual and/or there'd be a chance to withdraw before the shit hit the fan.
3.  Risk v reward.
4.  I expect to get my funds back anyway.

I think the argument is that he should have gradually realised there were problems with running the business - and discusssed it with the shareholders, rather than suddenly shutting it down out of the blue.  To me THAT looks far more like naivety, denial and ignorance rather than malice - so I'm not seeing the term "scammer" as appropriate (for just that).  But if he, at any point, intentionally lied to shareholders then that all changes.

Plus if he unilaterally shut it down without providing a proper reason or considering alternatives (did he he have the option of resigning from the company and returning his shares?) then I'd likely see it as a scam.  Just because he got bored/scared of it doesn't mean he gets to take the ball away from everyone else.  If he was instructed to close it by LE then that's different - but so far I've seen no claim of that.

Have to toally agree with that.

If nefario gets a scammer tag for selling a non-viable business proposition (which seems to be the claim) then any other asset issuer who sold a non-viable business proposition should also get a scammer tag.  I find it "interesting" that apparently incompetence/ignorance is sufficent for a tag - without any need for intent to defraud.

I don't actually object to that in theory - I DO believe anyone incompent/ignorant should be banned from running a company here.  But there's a heck of a lot of tags that need to be handed out - and it should either be renamed to "Scammer/Idiot" or two seperate tags used to differentiate between the idiots and the thieves (a few people should get both).

Yeah in the UK there's also a requirement that they have to have significant financial experience (work in finance or already done X investments in the last Y years - can't be bothered to look it up).  Think the asset requirement is lower though (like £250k excluding pensions funds or similar).  There's different exclusions for owning shares in a private company though - but one of the requirements (from memory, which may be faulty) is no advertisement of it: i.e. you can't solicit strangers to invest.

Posting on a public forum would 100% be considered advertising - that was, after all, the whole purpose of it

It all depends, again, on the specific rules of your own country.  Certainly in the UK the single biggest op-out from having to be regulated is that you are not doing it "by way of business".  Even if the intent is to make profit that is not, of itself, sufficent to mean you have to be regulated.  If nefario was working full-time on GLBSE then claiming it wasn't being run "by way of a business" pretty much went out of the window.

If anyone's concerned about a specific situation then they really need to seek expert legal advice.  I have some knowledge and experience of specific areas (in particular, of relevance to GLBSE at present, compliance with the Data Protection Act - having been compliance officer for it for a company in the past) but am by no means an expert on securities.  In the UK if you do something as a hobby with only friends/acquaintances involved then you're generally fine (even if it's technically against some rule noone really gives a shit).  Once you start tryng to do it full-time (for a living) you'd best get everything right.  GLBSE went from hobby to full-time without (apparently) bothering to find out from a solicitor or the FSA or even the internet how things are actually supposed to be done.

There's some cut-off point (in terms of size of "crypto company") below which any LE are going to laugh at anyone who reports you, above which they may start to take a complaint seriously.  If you're not going to run a "proper" company then my best advice is to stay small enough that no LE/regulators will take a complaint against you seriously.  And make sure any "investors" clearly understand whatever risks there are in "investing" - as there's no minimum size for fraud (where you deliberately leave out information causing them to suffer an unexpected loss).

Yes you can - provided you mean certain criteria (which may vary depending on your country).

Typically those criteria include some of the following:

1.  Personally knowing the investors (and not advertising the investment).
2.  Only using Accredited investors (definiton of which varies from country to country - think US is based only on net-worth/income, UK/EU it also means they have significant financial knowledge/experience).
3.  A max invetsment size,
4.  A max number of investors.

Well it certainly wouldn't have helped - as requesting real life Identity information makes it rather plain they weren't running some game, simulation or educational tool.  Plus by closing down assets for investigation they also removed any possible of claiming they were something like an automated forum or just a publisher - where people dealt directly with one another: instead GLBSE arguably tried to fulfil a regulatory and/or intermediary role AND acted as an introducer (by choosing which applicants for IPOs got to be advertised on their site - rather than allowing all).

If there's ANY hope for BTC exchange to work without being regulated it has to be strictly hands-off.  Zero verification, zero restrictions (unless something is blatantly illegal) and argue that their role is simply one of a publisher/forum - where sellers and buyers (of whatever) do their own thing unsupervised (like the securities/loans section of this very board).  That would still leave the question of taking deposits - but the argument there would be that BTC isn't actually a currency so there's no requirement to be regulated as a deposit-taker.  I'm by no means convinced even that approach is bullet-proof - but it's far better than where GLBSE ended up.  As soon as you start taking ANY ID you open a huge can of worms - as taking that ID is an admission or claim that what YOU do requires ID.  Similarly by doing ANY investigation of the product of sellers you lose deniability over what's being sold - and expose yourself to claims of bad faith/lack of due diligence from buyers.

None I'd assume - scamming and cheating are (or certainly used to be) defined by the game's creators as a valid way of playing the game.

I'm afraid you can't just get around laws by defining things as legal in your TOS.  Saying something "has no value" doesn't make it true - nor would it fool any regulators.  The key is intent - and all the time people whine about how many USD worth of BTC they've been scammed out of it's a totally meritless argument - as very clearly all involved understand the securities to have real convertible value.  It COULD be that an exchange like GLBSE could insulate itself sufficiently far from "value" as to be fine in itself - but then it would have to totally stay out of such areas as verifying identities, locking down scammers assets etc.  And it would also have to avoid any asset issuer making any mention of BTC raised being used to purchase stuff with USD (e.g. mining gear) in which asset purchasers would have an interest.

You may also be at risk of confusing "isn't against the law/rules" with "the rules/laws aren't yet being enforced on minor players".

You'd only be guilty of an offence regulated by the SEC if you sold securities to someone in the USA (or were in the USA yourself).  If you sell to someone in a different country then it's the laws of that country (and your own) which apply.  Note that it's "in the USA" not "living in the USA" (which you said) - non-residents (visitors) are also covered.

Obviously if you aren't in the US and don't sell to individuals in the US then the SEC rules are totally irrelevant.  The laws in the UK (where I am and GLBSE are) on this happen to be very similar to the ones in the US - and you'll find very similar laws in most major economies.

Your last paragraph reads as though you believe the SEC has some global mandate - it doesn't.  Start with the laws of your own country to see what's legal there: I have no idea what Chinese law is on this (Believe you're in China as one of your posts included "Here in China..").

The "AML stuff" seem to be a delaying tactic rather than some reasonable issue.

Let's be clear aboiut a few things, starting with what AML actually is (I'm talking here only about its use in the UK - where GLBSE is run - it may be different in the US).

Regulated Financial Service Providers in the UK are required to attempt to identify suspicious transactions (which could be money laundering) and report them.  There is NO definition of what information they need to hold to do this - but holding information for this purpose IS a valid reason to hold personal information under the DPA (Data Protection Act).

This is a total red herring now - unless Nefario has some intention that hasn't yet been mentioned:

1.  He is not a Regulated Financial Service Provider.
2.  Unless I'm missing something, the ONLY transactions he now intends to conduct is refunding the BTC in people's accounts.  There is ZERO way identification documents could allow him to identify any of those transactions as being suspicious. 

If, instead, he's claiming he intends to go over past transactions to see if any were suspicious and then report them then that's a different case - however he'd then need far more information than just ID.  Information held for AML purposes would for legitimate companies be far wider than just ID details - things such as credit ratings, employment details etc.

It seems to me that at some stage AML has become conflated with KYC - partly through laziness (I've referred to the two together myself on occasion) nad partly through total ignorance.

Regulated Financial Service Providers DO have a requirement to know the identities of their customers.  Do note that this is NOT the case for all businesses - you can go in a shop and buy something, or employ a tradesman's service without ever giving your name let alone proving your ID.  There are a specific subset of cases where ID MUST be verified.  GLBSE is not registered or regulated in any of these categories as far as I am aware.

My concern is with adherence to the Data Protection Act.  Both the content of that Act and the guidelines for implementing it lay out the following three key points (along with others, such as ensuring that the data is accurate, giving customers access to data held on them etc):

1.  There must be a clear NEED for the data to be held.
2.  The customer must be aware what that need is (i.e. how the data will be used).
3.  The data must be destroyed once it is no longer needed.

Now IF GLBSE is claiming there is some statutory or regulatory force compelling them to hold this data, then what is it?  If, on the other hand GLBSE is NOT under any current obligation to hold that data then what precisely is the reason it is needed - and how will it be used?  If it won't be used at all then there is no reason to be asking for it.  I think what some may be missing is that just askjing for ID is no use unless GLBSE is in some way going to determine that the ID is actually the ID of the person whose account it was submitted for.  And how can they possibly do that?

I do NOT personally actually have a problem with providing my identity to GLBSE.  What I DO have a HUGE problem with is providing copies of identification documents which could then be used to impersonate me elsewhere.  I doubly have a problem with doing that to a company which appears to be closing down and doesn't have anything os any legitimate use they could conceivably actually DO with that information.

SO here's my questions to GLBSE if they want copies of personal documents:

1.  What is that information going to allow (or prevent) you from doing that you couldn't do without it?
2.  How long will that information be held for?
3.  If your claim is that you are requesting that information as though you were regulated by the FSA then who is your officer responsible for the protection of that data and where can I see a copy of your (required) policy on data protection?
4.  Could please confirm (with insurers details) that you have insurance covering claims against you caused if that data were to be accessed or used other than in accordance with the DPA?  i.e. professional indemnity insurance.  To put it simply, if you leave my documents lieing around, someone steals them and then impersonates me, then do you have cover against any claim I make for losses?  Copies of identity documents would clearly fall under "client's data" - which you should have professional indemnity insurance against losing.

If you want to play it "by the book" then do so properly.  I don't, as a habit, send personal documents to ANY company unless they jave a reasonable need for it, I am SURE they will protect it properly and KNOW I have recourse if they don't.  I'm fine with giving a name+address to send a GBP cheque to (if you think you're entitled to convery BTC to fiat on my behalf) or even with providing details of a bank account you can transfer to.  But I'm NOT fine with sending copies of ID documents.

I believe Theymos said that shutting down GLBSE was against the bylaws.  If so, then it would be ridiculous to claim he was breaking the bylaws by not sending the funds - when he knew that if he sent them they were going to be USED as part of breaking the bylaws.

It would be totally hypocritical for nefario to break the bylaws himself then whine about someone else doing it.

What puzzles me slightly is the basis on which nefario could request personal information.

In general, UK companies are NOT required by law to obtain information identifying their customers.  We can walk into a shop and buy something without ever telling our name - let alone proving our identity.  And the same is true for many other services.

The largest exception to this is Regulated Financial Service Providers - they DO have a requirement to obtain proof of identity (and also various KYC/AML obligations - though most of those are not statutory in nature).  But GLBSE is NOT regulated.  IF nefario's argument is that GLBSE SHOULD have been regulated then asking for proof of ID now is:

a) Shutting the stable door after the horse has bolted.
b) An admission of guilt.

On the first point, the whole issue is that we AREN'T gonna be his customers.  As he isn't regulated so has no regulatory obligations he would be constrained by the Data Protection Act's requirement not to keep personal data for longer than was needed.

On the second point, not having requested our identities is pretty trivial compared to his other offences IF he is claiming he has been running a Financial service that should have been regulated but wasn't.  It's like robbing a bank and handing out ear-mufflers to everyone in there as you're worried you might otherwise be breaking Health and Safety regulations if you discharge a firearm.

As far as KYC/AML obligations are concerned the primary purpose of these (in the context of AML) is to identify suspicious transactions.  What suspicious transactions could he conceivably expect to uncover when the only ones which will now be carried out are him refunding our outstanding balances?

Here's the summary of what the data protection act says:

"Data protection – looking after the information you hold

If you hold and process information about your clients, employees or suppliers, you are legally obliged to protect that information. Under the Data Protection Act, you must:

    only collect information that you need for a specific purpose;
    keep it secure;
    ensure it is relevant and up to date;
    only hold as much as you need, and only for as long as you need it; and
    allow the subject of the information to see it on request."

So what specific purpose does he need this information for?  If he's claiming a regulatory need than how (and by whom) is he claiming GLBSE is regulated?

How long is he claiming he'd need if for?  

What need does he have for it after our BTC have been returned?  If none, then on what basis does he plan to continue holding that information?  If he doesn't plan to keep holding that information then where is the need?  Or is he planning to issue everyone with personal cheques (where he WOULD need identity information)?

What is he planning to do that causes that need now, when no such need existed for prior withdrawals?

"I'd like it to have something to hand over if I'm investigated" isn't a need - nor is it a valid reason to hold personal information under the DPA, as it isn't necessary to conduct the business we have outstanding (withdrawal of BTC).

Cross-post from litecoin forums.


That depends on what happens with all the securities that were traded on GLBSE.  At present there's not a lot of volume on LTC-GLOBAL, so it would be pretty poor value for me to run a day-trading fund based on there (a long-term investment fund like yours doesn't need much daily volume, a day-trading one like mine does).  I don't see any significant number of the funds from GLBSE being likely to move to LTC-GLOBAL as being denominated in LTC would become an absolute nightmare for most of them.

If enough securities move to either Crypto or to any BTC-denominated platform created as an offshoot from the LTC-GLOBAL code then I'd be very likely to start trading there as a replacement from GLBSE.  Obviously volume would be a lot lower than GLBSE - but luckily my fund is still very tiny so doesn't need a huge amount of volume to do well (I could have used about 5-10 times the capital on GLBSE and generated the 5-20% per week I was doing on trades no problem).

Really, right now it's wait and see - until we're out of GLBSE I won't be trading anywhere other than LTC-GLOBAL for sure and I obviously can't shut down (if that was was I decided to do) until we have our BTC back and know what's happening with bitbond.

Hopefully enough securities will re-register somewhere else that the fund can continue - if not, then it wouldn't take too long to shut it down as our (non-GLBSE) assets are pretty liquid.

I haven't meantioned MPEx: it lacks range of securities and the few there are seem to have too small spreads and too stable prices for what I do.  I don't see many GLBSE securities moving there as to handle dividends for all their investors each ivnestor would have to pay 30 BTC to register to use the site.  That's just not going to happen.