Sec. 160.004. DUTIES OF DIGITAL ASSET SERVICE PROVIDERS. (a) Except as provided by this chapter, a digital asset service provider may not:
(1) commingle customer funds with funds belonging to the digital asset service provider, including the digital asset service provider's:
(A) operating capital;
(B) proprietary accounts;
(C) digital assets;
(D) fiat currency; or
(E) other property that is not customer funds;
(2) use customer funds to secure or guarantee a transaction other than a transaction for the customer contributing the funds; or
(3) maintain customer funds in such a manner that a digital asset customer may be unable to fully withdraw the customer's funds.
(b) In addition to any other requirements under state law, a digital asset service provider shall maintain customer funds not subject to the requirements of Chapter 151:
(1) in separate accounts for obligations to each digital asset customer; or
(2) in an omnibus account that only contains digital assets of digital asset customers and in which digital assets of digital asset customers are not strictly segregated from each other.
(c) A digital asset service provider shall create a plan to allow:
(1) each digital asset customer to view at least quarterly an accounting of:
(A) any outstanding liabilities owed to the digital asset customer; and
(B) the digital asset customer's digital assets held in custody by the digital asset service provider; and
(2) an auditor to access and view at any time a pseudonymized version of the information made available to each digital asset customer under Subdivision (1).
(d) Not later than the 90th day after the end of each fiscal year, a digital asset service provider shall file a report with the department. The report must include the following information, as of the end of the digital asset service provider's fiscal year:
(1) an attestation by the digital asset service provider of outstanding liability to digital asset customers;
(2) evidence of customer assets held by the provider;
(3) a copy of the provider's plan under Subsection (c); and
(4) an attestation by an auditor that the information in the report is true and accurate.
(e) An auditor fulfilling the requirements of this section must:
(1) be an independent certified public accountant licensed in the United States; and
(2) apply attestation standards adopted by the American Institute of Certified Public Accountants.
(f) A digital asset service provider may meet the requirements of Subsections (c)(2), (d)(1), (d)(2), and (d)(4) by filing with the department a copy of:
(1) an audit of the digital asset service provider performed in accordance with the Sarbanes-Oxley Act of 2002 (15 U.S.C. Section 7201 et seq.) or regulations adopted under that Act; or
(2) an audit of the digital asset service provider's parent company that includes an audit of the digital service provider performed in accordance with the Sarbanes-Oxley Act of 2002 (15 U.S.C. Section 7201 et seq.) or regulations adopted under that Act.
(g) A digital asset service provider may include an amount of funds, assets, or property belonging to the digital asset service provider with customer funds for the purpose of facilitating trade and operational needs to provide digital asset services. That amount of funds, assets, or other property belonging to the digital asset service provider is considered and shall be treated as customer funds. A digital asset service provider may only withdraw or assert a claim on that amount to the extent that amount exceeds the amount deposited with the digital asset service provider by or for digital asset customers.
(h) The commissioner may waive a requirement of this section or allow a digital asset service provider to submit alternative information to satisfy a requirement of this section if the commissioner determines that the waiver or alternative information is consistent with the purposes of this chapter and in the best interest of the public.
Added by Acts 2023, 88th Leg., R.S., Ch. 419 (H.B. 1666), Sec. 1, eff. September 1, 2023.