- The Enforcement Division (Enforcement) of the U.S. Securities and Exchange Commission (SEC) has announced that it will nearly double the size of its Crypto Assets and Cyber Unit, making the unit one of the largest units within Enforcement.
- This decision reflects the SEC’s increasing priority on cryptocurrency and cybersecurity enforcement.
- Digital asset issuers, crypto exchange and lending platforms, and other industry participants should expect more frequent investigations and enforcement actions.
- Publicly traded companies and investment advisors should expect increased enforcement agency scrutiny of cybersecurity controls and disclosures, and an increase in prosecutions of violations for alleged deficiencies in these areas.
____________________________________________________________________________________
In a move that further carries out the SEC’s increasingly tough rhetoric on cryptocurrency and cybersecurity, SEC Enforcement recently announced that it will nearly double the size of its newly renamed Crypto Assets and Cyber Unit. This deployment is notable for the dramatic expansion of what was already one of Enforcement’s most high-profile forces.
Cryptocurrencies and cybersecurity have been stated to be a priority for enforcement since the unit’s founding in 2017, but the SEC said it would allocate limited resources to nearly double the unit’s headcount. ‘s decision clearly indicates that Enforcement is intended to increase the number of investigations and enforcement actions against players. So do publicly traded companies and investment advisors that the SEC deems to be taking inappropriate steps to prevent and disclose cybersecurity breaches. The announcement also confirms that the SEC is leading, if not leading, among regulators and law enforcement agencies in these areas, including the U.S. Department of Justice, the Commodity Futures Trading Commission, state regulators, and others. It also makes it clear that it is intended to play a role.
Crypto Enforcement Fronts and Centers
The agency will allocate 20 more positions to the unit, increasing to 50 dedicated positions, making it one of the largest units within the executive division, according to the SEC’s announcement. The SEC also specified that the enlarged unit would “leverage the agency’s expertise to ensure investors are protected in the crypto markets,” with a particular focus on investigations of violations related to: I’m here.
- provision of crypto assets;
- crypto asset exchange;
- Cryptocurrency lending and staking products.
- Decentralized Finance (DeFi) Platform;
- Non-Fungible Tokens (NFT); and
- stablecoin.
The expansion comes on the back of already vigorous cryptocurrency enforcement and a series of public statements by SEC Chairman Gary Gensler pointing out the need for stricter regulation of industry participants. Since its inception, the unit has resulted in more than 80 enforcement actions related to suspected fraudulent unregistered cryptocurrency offerings and platforms, resulting in more than $2 billion in revenue, according to an SEC press release. Got financial relief.
Gensler’s recent comments make it clear that the SEC is very concerned about what it perceives as a continuing lack of protection for cryptocurrency investors. In an interview in September 2021 washington postFor example, he likened stablecoins to “casino poker chips” and indicated his intention to deploy “strong authorities” in the SEC specifically to control both stablecoins and the more general cryptocurrency market. I was. Gensler echoed that view at his Penn Law Capital Markets Association’s annual meeting in April this year, noting that stablecoins in particular “raise three key sets of policy questions,” the SEC said. pointed out the need for further scrutiny by and monetary policy”; (2) “issues as to how it may be used for illegal activities”; (3) “investor protection issues”. In describing the third policy consideration, Gensler expressed concern that “the three largest stablecoins were created by the trading or lending platforms themselves” and, in his view, “conflicts of interest and raise market integrity issues, requiring more scrutiny.”
Following the crash of crypto stablecoin TerraUSD and its sister token Luna in May 2022, the institution’s focus on cryptocurrencies is expected to intensify further. His $500 billion worth in the cryptocurrency economy. Unsurprisingly, since Luna and his TerraUSD crash, Gensler and his colleagues have doubled down on their aggressive rhetoric. Speaking at his FINRA conference in Washington, D.C. on May 16, 2022, Gensler called cryptocurrencies “highly speculative,” citing a perceived lack of transparency in the market. considered a “classic asset class” and advocated basic investor protection against front-running. Customers, Operations and Fraud. Just days before those remarks, SEC Commissioner Hester Peirce (despite her vocal and repeated criticism of what she perceives as the SEC’s over-regulation of the industry) said there would be “no move” regarding tighter regulation. “One of the places where it might be seen.” around stablecoins. ”
These statements are consistent with the SEC’s broader efforts to expand its enforcement activities beyond crypto issuance. For example, in February of this year Enforcement filed its first lawsuit against a cryptocurrency lending platform, accusing BlockFi Lending LLC of accusing him of offering and selling unregistered cryptocurrency lending products. was fined $100 million. In May, the SEC disclosed to NVIDIA Corporation that cryptomining was a key factor in its significant revenue growth from the sale of graphics processing units designed and sold for gaming. I filed a lawsuit for settlement. million penalty. Most recently, the SEC reportedly investigated him for insider trading safeguards on one or more major cryptocurrency exchanges.
A recently introduced Senate bill would narrow the SEC’s jurisdiction over cryptocurrencies, but it doesn’t look like this move will make progress in the near future. In the meantime, we expect the agency to continue expanding the scope of its enforcement activities as its crypto and cyber units expand.
Focus on cyber security
With the increase in SEC enforcement in the cryptocurrency space, there has been a surge in enforcement and rulemaking activity in the cybersecurity space, especially related to the issue of data breaches. In late 2021, the SEC indicted Pearson plc and his two companies, First American Financial Corporation, respectively, for failing to make proper disclosures about cybersecurity breaches and for failing to maintain proper cybersecurity disclosure controls and procedures. . The SEC also penalized a registered broker-dealer and investment adviser with three concerted actions in which he allegedly failed cybersecurity policies and procedures. The SEC found that emails that leaked personal information of thousands of customers led to his account takeover.
Additionally, earlier this year, the SEC proposed significant new rules for public companies and investment advisors regarding cybersecurity controls and disclosures. In February, the agency proposed rules and amendments for investment advisers, registered investment companies and business development companies. This includes, among others: Address cybersecurity risks. Request advisors to report significant cybersecurity incidents to the SEC on the new Form ADV-C. Enhance disclosure of cybersecurity incidents and risks by advisors and funds to prospective and current investors.
The SEC followed up with proposed rule amendments for public companies in March. The proposed amendment would, among other things, require issuers to disclose information about cybersecurity incidents within four business days after a company is determined to have experienced a “significant cybersecurity incident,” and require updates. increase. Disclosures Regarding Previously Disclosed Cyber Incidents. The proposed rule and proposed amendments will therefore provide hardened crypto and cyber units with an even broader arsenal for tracking issuers and advisors.
We will continue to provide updates on this rapidly evolving regulatory environment.
Copyright © 2023, Foley Hogue LLP. all rights reserved.