InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
Securities regulators issue guidance and an RFC on AI trading scams
On January 25, FINRA and the CFTC released advisory guidance on artificial intelligence (AI) fraud, with the latter putting out a formal request for comment. FINRA released an advisory titled “Artificial Intelligence (AI) and Investment Fraud” to make investors aware of the growing popularity of scammers committing investment fraud using AI and other emerging technologies, posting the popular scam tactics, and then offering protective steps. The CFTC released a customer advisory called “AI Won’t Turn Trading Bots into Money Machines,” which focused on trading platforms that claim AI-created algorithms can guarantee huge returns.
Specifically in FINRA’s notice, the regulator stated that registration is a good indicator of sound investment advice, and offers the Investor.gov tool as a means to check; however, even registered firms and professionals can offer claims that sound too good to be true, so “be wary.” FINRA also warned about investing in companies involved in AI, often using catchy buzzwords or making claims to “guarantee huge gains.” Some companies may engage in pump-and-dump schemes where promoters “pump” up a stock price by spreading false information, then “dump” their own shares before the stock’s value drops. FINRA’s guidance additionally discussed the use of celebrity endorsements to promote an investment using social media; FINRA states that social media has become “more saturated with financial content than ever before” leading to the rise of “finfluencers.” Finally, FINRA mentioned how AI-enabled technology allows scammers to create “deepfake” videos and audio recordings to spread false information. Scammers have been using AI to impersonate a victim’s family members, a CEO announcing false news to manipulate a stock’s price, or how it can create realistic marketing materials.
The CFTC’s advisory highlighted how scammers use AI to create algorithmic trading platforms using “bots” that automatically buy and sell. In one case cited by the CFTC, a scammer defrauded customers into selling him nearly 30,000 bitcoins, worth over $1.7 billion at the time. The CFTC posted a Request for Comment on the Use of Artificial Intelligence in CFTC-Regulated Markets. The Request listed eight questions addressing current and potential uses of AI by regulated entities, and several more addressing concerns regarding the use of AI in regulated markets and entities for the public to respond to.
CFTC’s subcommittee report on decentralized finance highlights its findings and recommendations
On January 8, the CFTC issued a report on decentralized finance ahead of the CFTC’s event on artificial intelligence, cybersecurity, and decentralized finance. Authored by the CFTC’s Subcommittee on Digital Assets and Blockchain Technology, which is a group of fintech experts selected by the CFTC, the report urged government and industries to work together and advance the developments of decentralized finance in a responsible and compliant way.
The report lists many key findings and recommendations for policymakers to implement. For example, the report highlights how policymakers should keep in mind customer and investor protections, promotion of market integrity and financial stability, and efforts to combat illicit finance when creating regulations, among others. Recommendations for policymakers include increasing their technical understanding of this space, surveying the existing regulatory “perimeter,” identifying and cataloging risks, identifying the range of regulatory strategies, and applying regulatory framework on digital identity, KYC and AML regimes, and calibration on privacy in decentralized finance.
For further learning on decentralized finance, IOSCO released a publication on its nine recommendations, which was previously covered by InfoBytes here.
CFTC speech highlights new executives, dataset use, and AI Task Force
On November 16, the Chairman of the CFTC, Rostin Behnam, delivered a speech during the 2023 U.S. Treasury Market Conference held in New York where he showcased the CFTC’s plans to better use data and roll out an internal AI task force. One of the CFTC’s initiatives comes with the hiring of two new executive-level roles: a Chief Data Officer and a Chief Data Scientist. These executives will manage how the CFTC uses AI tools, and oversee current processes, including understanding large datasets, cleaning the datasets, identifying and monitoring pockets of stress, and combating spoofing.
The CFTC also unveiled its plans to create an AI Task Force and to “gather[] information about the current and potential uses of AI by our registered entities, registrants, and market participants in areas such as trading, risk management, and cybersecurity.” The Commission plans to obtain feedback for the AI Task Force through a formal Request for Comment process in 2024. The CFTC hopes these comments will help the agency create a rulemaking policy on “safety and security, mitigation of bias, and customer protection.”
Futures commission merchant fined $6M for communication failures
On August 8, the CFTC issued an order simultaneously filing and settling charges against a California-based futures commission merchant, requiring it to pay $6 million. The CFTC claims that the respondent violated the Commodity Exchange Act and Commission Regulations by “failing to maintain, preserve, or produce records required to be kept under CFTC recordkeeping requirements, and failing to diligently supervise matters related to its business as a CFTC registrant.” According to the order, respondent’s employees allegedly communicated through personal text messages regarding information required to be maintained under the CFTC-mandated recordkeeping requirements. The CFTC stated that if the information were to be requested, respondent would not be able to furnish the communications promptly. The CFTC further alleged that the use of unauthorized communication was also in violation of the respondent’s own policies and procedures. In addition to the $6 million civil money penalty, the order requires the respondent to cease and desist any further violations of the commission’s regulations that were previously violated. The CFTC noted that the SEC also announced an order filing and settling charges against the merchant for “related recordkeeping and supervision violations.”
EU-U.S. release statement on Joint Financial Regulatory Forum
On July 20, participants in the U.S.-EU Joint Financial Regulatory Forum, including officials from the Treasury Department, Federal Reserve Board, CFTC, FDIC, SEC, and OCC, issued a joint statement regarding the ongoing dialogue that took place from June 27-28, noting that the matters discussed during the forum focused on six themes: “(1) market developments and financial stability risks; (2) regulatory developments in banking and insurance; (3) anti-money laundering and countering the financing of terrorism (AML/CFT); (4) sustainable finance and climate-related financial risks; (5) regulatory and supervisory cooperation in capital markets; and (6) operational resilience and digital finance.”
Participants acknowledged that the financial sector in both the EU and the U.S. is exposed to risk due to ongoing inflationary pressures, uncertainties in the global economic outlook, and geopolitical tensions as a result of Russia’s war on Ukraine. During discussions, participants emphasized the significance of strong bank prudential standards, effective resolution frameworks, and robust supervision practices. They also stressed the importance of international cooperation and continued dialogue to monitor vulnerabilities and strengthen the resilience of the financial system. Participants took note of recent developments relating to, among other things, recent bank failures, digital finance, the crypto-asset market, and the potential adoption of central bank digital currencies.
Agencies charge crypto platform and former executives
On July 13, the FTC announced a proposed settlement to resolve allegations that a crypto platform engaged in unfair and deceptive acts or practices in violation of the FTC Act. The FTC also alleges that the defendants violated the Gramm-Leach-Bliley Act by acquiring customer information from a financial institution regarding someone else by providing false or misleading statements. The New Jersey-based crypto company offers various cryptocurrency products and services to customers, such as interest-bearing accounts, personal loans backed by cryptocurrency deposits, and a cryptocurrency exchange. On the heels of its bankruptcy filing in July 2022, the FTC lodged a complaint in federal court alleging that three former executives falsely promised that deposits would be “safer” than bank deposits and always available for withdrawal, and that the platform posed “no risk” or “minimal risk.”
The proposed stipulated order imposes a $4.72 million judgment against the corporate defendants, which is suspended based on their financial condition. The order also bans the corporate defendants from, among other things, “advertising, marketing, promoting, offering, or distributing, or assisting in the advertising, marketing, promoting, offering, or distributing of any product or service that can be used to deposit, exchange, invest, or withdraw assets, whether directly or through an intermediary.”
Other agencies also took action against the company and its former CEO on the same day, including the SEC, which alleges the company sold unregistered crypto asset securities in one of its program offerings. The SEC’s complaint further alleges the company made false and misleading statements and engaged in market manipulation. Additionally, the DOJ unsealed an indictment charging the former CEO and the company’s former chief revenue officer with conspiracy, securities fraud, market manipulation, and wire fraud for illicitly manipulating the price of the company’s token. Additionally, the CFTC filed a civil complaint charging the company and former CEO with fraud and material misrepresentations in connection with the operation of the company’s digital asset-based finance platform. The CFTC alleges the company operated as an unregistered commodity pool operator (CPO), and its former CEO operated as an unregistered associated person of a CPO. The complaint also accuses the former CEO of violating the Commodity Exchange Act and CFTC regulations, among other things. According to the press release, the company agreed to resolve the complaint, while the former CEO is continuing litigation.
Waters asks Treasury, SEC to comment on crypto framework
On June 23, Representative Maxine Waters solicited viewpoints, analysis, and recommendations in letters sent to the Department of Treasury and the SEC regarding a recently introduced discussion draft of cryptocurrency framework. In her letters, Waters requested insight on how the proposed legislation would impact the federal regulators’ ability to conduct oversight, among other things. Waters specifically asked the SEC for recommended amendments to existing law, outside of the bill, to further protect investors in the digital assets space. In her letter to the Treasury, she asked for insight on how the bill would address or conflict with its policy recommendations, and if the bill or specific provisions of it are needed. Waters requested that both regulators provide a written response by June 30 and be prepared to brief the House Financial Services Committee.
Introduced on June 2, the discussion draft to which Waters referred would impact the jurisdiction of the CFTC over digital commodities and the SEC’s authority over digital assets. Committee Chairman Patrick McHenry is a co-author of the discussion draft and also the primary sponsor of newly proposed bills regarding financial statement requirements of emerging growth companies that if passed, will indirectly impact regulators’ oversight in the crypto space. HR 2608 would limit the financial information an emerging growth company would be required to submit to the SEC, among other things. Specifically, “an emerging growth company is not required to present a financial statement for any period prior to the earliest audited period of the emerging growth company in connection with its initial public offering, such as a statement for an acquired company.” Additionally, HR 2610 would amend the Securities Exchange Act of 1934, so emerging growth companies would only need to submit the last 2 years of their profit and loss statements (previously 3 years). Among other things, the bill allows an issuer of securities to submit a draft registration statement to the SEC for confidential review prior to a public filing. Both bills have passed the House.
CFTC shuts down illegal trading platform
The U.S. District Court for the Northern District of California recently granted the CFTC’s motion for default judgment in an action accusing a decentralized autonomous organization of violating the Commodity Exchange Act (CEA) by operating an illegal trading platform and unlawfully acting as a futures commission merchant. (See also CFTC press release here.) The CFTC maintained that the organization’s platform and its blockchain-based software “protocol” enables users to engage in retail commodity transactions but does not provide protections or other requirements mandated under the statute. In addition to unlawfully offering leveraged and margined retail commodity transactions outside of a registered exchange, the organization is charged with failing to comply with Bank Secrecy Act obligations applicable to future commission merchants, including implementing a customer information program or conducting know your customer procedures. The default judgment requires the organization to shutter its website and remove its content from the internet, and orders permanent trading and registration bans. The organization also must pay a $643,542 civil money penalty and is enjoined from future violations of the CEA.
New York AG sues crypto trading platform for failing to register
On February 22, the New York attorney general filed a petition in state court against a virtual currency trading platform (respondent) for allegedly failing to register as a securities and commodities broker-dealer and falsely representing itself as a cryptocurrency exchange. The respondent’s website and mobile application enable investors to buy and sell cryptocurrency, including certain popular virtual currencies that are allegedly securities and commodities. According to the AG, securities and commodities brokers are required to register with the state, which the respondent allegedly failed to do. The AG further maintained that the respondent claimed to be an exchange but failed to appropriately register with the SEC as a national securities exchange or be designated by the CFTC as required under New York law. Nor did the respondent comply with a subpoena requesting additional information about its crypto-asset trading activities in the state, the AG said. The state seeks a court order (i) preventing the respondent from misrepresenting that it is an exchange; (ii) banning the respondent from operating in the state; and (iii) directing the respondent to undertake measures to prevent access to its mobile application, website, and services from within New York.
CFTC commissioner discusses crypto exchange’s collapse
On January 18, CFTC Commissioner Christy Goldsmith Romero spoke before the Wharton School and the University of Pennsylvania Carey Law School on lessons learned from the recent bankruptcy of a cryptocurrency exchange, calling the collapse a “violation of trust.” Specifically, Goldsmith Romero mentioned that the digitization of financial services and products brought convenience but also a presumed trust in crypto exchanges with name recognition, which was violated by the collapse. She pointed to the collapsed exchange’s reliance on the name recognition it made through marketing campaigns and explained that such advertising “played up the exchange’s safety and convenience for people that may be new to crypto.”
Goldsmith Romero urged Congress to avoid permitting newly-regulated crypto exchanges to self-certify products for listing under the current process that limits CFTC oversight. She stressed it “is critical to institute guardrails against regulatory arbitrage," including prohibiting self-certification.
Goldsmith Romero also called on lawyers, accountants, compliance professionals, and other gatekeepers to “step up and call for compliance, controls, and other governance.” She expressed that these gatekeepers failed their “essential duties” to protect crypto customers and market integrity, and noted that they have allowed “the promise of riches and the company’s marketing pitch to silence their objections to obvious deficiencies.” Ultimately, Goldsmith Romero advised that “[s]ound custody practices and strong cybersecurity are necessary to restore trust and protect customers.”