(1) Existing law, the Digital Financial Assets Law, prohibits a person, on or after July 1, 2026, from engaging in digital financial asset business activity, or holding itself out as being able to engage in digital financial asset business activity, with, or on behalf of, a resident, unless any of certain criteria are met, including that the person is licensed with the Department of Financial Protection and Innovation, as prescribed, or the person submits an application on or before July 1, 2026, and is awaiting approval or denial of that application.
This bill would revise the above-described latter criterion to specify that the person submits a completed application, as provided.
The Digital Financial Assets Law authorizes the Commissioner of Financial Protection and Innovation to issue a conditional license to an applicant who holds or maintains a license to conduct virtual currency business activity in the State of New York, as specified, provided the license was issued or approved no later than January 1, 2023.
This bill would revise the above-described authorization to require that the license be issued or approved no later than January 1, 2025.
(2) The Digital Financial Assets Law defines "digital financial asset business activity" to mean any of specified activities, including, among others, exchanging, transferring, or storing a digital financial asset, as specified, or exchanging one or more digital representations of value used within one or more online games, game platforms, or family of games, as provided.
This bill would remove exchanging one or more digital representations of value used within one or more online games, game platforms, or family of games from the definition of "digital financial business activity." The bill would specify that a "digital financial asset" does not include a transaction in which a merchant grants digital representations of value that primarily relate to an affinity or rewards program, as provided, or a digital representation of value issued by or on behalf of a publisher and used primarily within online games or game platforms and that is not otherwise a digital financial asset.
The Digital Financial Assets Law declares that its provisions do not apply to specified activity, including by a person who does not receive compensation for providing digital financial asset products or services or for conducting financial asset business activity or that is engaged in testing products or services with the person's own funds.
This bill would specify that the above-described exclusion includes a person who merely retains the ability to terminate, suspend, or interrupt a digital financial transaction solely to prevent unauthorized or fraudulent activity and who is not compensated for that service.
The Digital Financial Assets Law authorizes the commissioner to approve a stablecoin for various purposes if the commissioner determines that the stablecoin does not compromise the interests of residents who may use the stablecoin as a payment for goods and services or as a store of value. Existing law requires the commissioner to consider specified factors in determining whether to make an approval under those provisions.
This bill would include additional factors the commissioner must consider in determining whether to make an approval under those provisions, as specified.
(3) The Digital Financial Assets Law requires a licensee to submit an annual report, as provided, containing specified information, including a description of any data security breach or cybersecurity event of the licensee. Existing law requires a licensee to file with the department, as applicable, a report of, among other things, a change in the licensee's business for the conduct of its digital financial asset business activity with, or on behalf of, a resident that meets one of specified criteria, including that the proposed change might raise safety and soundness or operational concerns.
This bill would revise the above-described annual report to instead include a description of any material data security breach or cybersecurity event of the licensee. The bill would revise the specified criteria in the requirement to file the above-described report of a change in the licensee's business to instead include that the proposed change might raise material safety and soundness or operational concerns.
Before engaging in digital financial asset business activity with a resident, the Digital Financial Assets Law requires a covered person, defined as a person required to obtain a license pursuant to that law, to disclose, as provided, certain information, including the resident's right to at least 14 days' prior notice of specified changes that have a material impact on digital financial asset business activity with the resident, or the policies applicable to the resident's account. Existing law requires a covered exchange, as provided, to certify on a form provided by the department that the covered exchange has taken specified actions, except for any digital financial asset approved for listing on or before January 1, 2023.
This bill would prohibit the 14-day notice requirement from applying to changes in terms, conditions, or policies that are reasonably necessary to address a risk of loss to the resident or covered person, to the extent that the change does not relate to the fee schedule. The bill would instead exclude from the above-described certification requirement a digital financial asset approved for listing on or before January 1, 2025. The bill would require a covered person to provide and make available an up-to-date description of the order execution practices of the covered person, as specified.
The Digital Financial Assets Law requires an applicant, as provided, to create, and during licensure, maintain in a record specified policies and procedures. Existing law requires these policies and procedures be disclosed separately from other disclosures made available to a resident, as specified, except for, among other things, an adopted information security program or an operational security program.
This bill would instead exclude from the above-described requirement to disclose separately from other disclosures programs with information that is sensitive to potential security risks, as specified.

Statutes affected:
SB 97: 3102 FIN
01/23/25 - Introduced: 3102 FIN
03/12/25 - Amended Senate: 3603 FIN, 3603 FIN, 3102 FIN
03/24/25 - Amended Senate: 3102 FIN, 3102 FIN, 3603 FIN
04/10/25 - Amended Senate: 3102 FIN, 3603 FIN
05/29/25 - Amended Senate: 3102 FIN, 3103 FIN, 3103 FIN, 3201 FIN, 3201 FIN, 3205 FIN, 3205 FIN, 3211 FIN, 3211 FIN, 3307 FIN, 3307 FIN, 3501 FIN, 3501 FIN, 3505 FIN, 3505 FIN, 3603 FIN, 3701 FIN, 3701 FIN