CCA Regulatory and Legal Frameworks Questions and Answers

Question 1

An auditor is reviewing a Virtual Asset Service Provider (VASP) in a Financial Action Task Force (FATF) member country.
The VASP facilitates a $1,500 transfer between two of its customers.
The auditor notes that while the VASP has collected and retained the originator's name and account number, it has failed to collect the beneficiary's information.
This practice most directly violates the principles of which regulation?

Accepted Answer

The FATF's Recommendation 16, commonly known as the 'Travel Rule'.

Answer

The Bank Secrecy Act's (BSA) Currency Transaction Report (CTR) requirements.

Answer

The SEC's regulations based on the Howey Test for securities.

Answer

OFAC's requirements for screening Specially Designated Nationals (SDN) lists.

Question 2

A U.S.-based company offers a platform where users can buy and sell Bitcoin for U.S. Dollars. To comply with federal anti-money laundering (AML) laws, this company is required to register with which agency and be classified as what type of entity?

Accepted Answer

The Financial Crimes Enforcement Network (FinCEN) as a Money Services Business (MSB).

Answer

The Securities and Exchange Commission (SEC) as a Broker-Dealer.

Answer

The Commodity Futures Trading Commission (CFTC) as a Designated Contract Market.

Answer

The Internal Revenue Service (IRS) as a Digital Asset Broker.

Question 3

For U.S. federal income tax purposes, what is the official classification of convertible virtual currencies like Bitcoin, as established by IRS Notice 2014-21?

Accepted Answer

Property, with transactions resulting in capital gains or losses.

Answer

Foreign currency, subject to foreign exchange gain and loss rules.

Answer

A tax-exempt digital commodity, not subject to reporting unless sold.

Answer

Legal tender, treated identically to the U.S. Dollar.

Question 4

An auditor for a U.S.-based cryptocurrency exchange discovers that the platform processed a transaction involving a Bitcoin address explicitly listed on the Treasury Department's Specially Designated Nationals (SDN) list. This transaction represents a significant compliance failure related to regulations enforced by which agency?

Accepted Answer

Office of Foreign Assets Control (OFAC)

Answer

Financial Crimes Enforcement Network (FinCEN)

Answer

Securities and Exchange Commission (SEC)

Answer

Federal Bureau of Investigation (FBI)

Question 5

An auditor is evaluating the legal risk of a new crypto asset that was sold to the public to fund the development of a decentralized platform. The asset holders expect to profit from the growth of the platform, driven by the management team's efforts. Which legal framework is most critical for determining if this asset should have been registered with the SEC?

Accepted Answer

The Howey Test

Answer

The Bank Secrecy Act (BSA)

Answer

The GDPR Privacy Framework

Answer

The Miller Test

Question 6

In a forensic audit for a criminal case involving cryptocurrency, the auditor must meticulously document every step of how digital evidence was identified, collected, handled, and analyzed. What is the most critical purpose of this detailed documentation?

Accepted Answer

To ensure the evidence is admissible in court by maintaining an unbroken chain of custody.

Answer

To calculate the total value of the assets for forfeiture.

Answer

To prepare a Suspicious Activity Report (SAR) for FinCEN.

Answer

To publish the findings in a cybersecurity journal.