InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
SEC charges DAO for unregistered sale of crypto smart yield bonds
On December 22, 2023, the SEC announced a settlement with a decentralized autonomous organization (DAO) and a second settlement with its founders. The SEC alleged that the DAO failed to register with the Commission for its offering and sale of structured crypto-asset securities. The SEC additionally charged the organization for operating certain pools as unregistered investment companies. According to the SEC, the organization compared its structured crypto-asset securities to asset-backed securities and marketed them to the public. Furthermore, investors could acquire “senior” or “junior” interest which could be pooled and used to generate returns. The orders state that the structured crypto-asset securities attracted significant investments, totaling over $509 million, with fees paid to the organization by investors based on investment size and chosen yield.
SEC awards more than $28 million to seven whistleblowers
On December 22, 2023, the SEC announced awards totaling more than $28 million to seven whistleblowers whose information and assistance led to a successful SEC enforcement action. According to the redacted order, five of the whistleblowers provided significant information early in the investigation, participated in voluntary interviews, provided supporting documents to SEC staff, and identified key witnesses. The SEC also added that the whistleblowers made several attempts to internally report their concerns to company management. Two whistleblowers provided significantly less information than the other five later into the investigation, but still qualified for a percentage of the monetary sanctions collected in the covered action. Creola Kelly, Chief of the SEC’s Office of the Whistleblower, stated that “[t]hese whistleblowers provided valuable information and substantial assistance that played a critical role in the SEC returning millions of dollars to harmed investors.”
One claimant’s whistleblower award application was denied because they did not communicate directly with the SEC staff responsible for the Covered Action Investigation and none of the information provided by the claimant was forwarded to the responsible staff. As such, the claimant did not provide original information that led to the successful enforcement action.
Payments to whistleblowers are made out of an investor protection fund, established by Congress, which is financed entirely through monetary sanctions paid to the SEC by securities law violators.
Crypto platform to pay $22 million to resolve NY AG suit
On December 13, the New York State Supreme Court entered a stipulation and consent order resolving a suit brought in March against a crypto platform for operating as an unregistered broker-dealer, among other things. As previously covered by InfoBytes, the suit was brought by New York State Attorney General Letitia James who noted this was one of the first times a regulator claimed in court that one of the largest cryptocurrencies available in the market qualified as a security.
As a result of the consent order, the platform is obligated to refund over $16.7 million worth of crypto in its control “by allowing users to withdraw those balances and transferring any remaining balances after ninety days to a third-party fund administrator,” to more than 150,000 investors in New York. In addition, the platform must pay an additional $5.3 million to the state. As part of the agreement, the platform is barred from trading securities and commodities in New York or from making its platform available to New York residents.
NYDFS settles with title insurance company for $1 million
On November 27, the NYDFS entered into a consent order with a title insurance company, which required the company to pay $1 million for failing to maintain and implement an effective cybersecurity policy and correct a cybersecurity vulnerability. The vulnerability allowed members of the public to access others’ nonpublic information, including driver’s license numbers, social security numbers, and tax and banking information. The consent order indicates the title insurance company discovered the vulnerability as early as 2018. The title insurance company’s failure to correct these changes violated Section 500.7 of the Cybersecurity Regulation.
In May 2019, a cybersecurity journalist published an article on the existence of a vulnerability in the title insurance company’s application, that led to a public exposure of 885 million documents, some found through search engine results. The journalist noted that “replacing the document ID in the web page URL… allow[ed] access to other non-related sessions without authentication.” Following the cybersecurity journalist’s article, and as required by Section 500.17(a) of the Cybersecurity Regulation, the title insurance company notified NYDFS of its vulnerability, at which point NYDFS investigated further. The title insurance company has been ordered to pay the penalty no later than ten days after the effective date.
SEC charges crypto firm for failing to register and mitigate risk factors
On November 20, the SEC filed a complaint in the U.S. District Court of the Northern District of California against a crypto trading platform, which allows customers to buy and sell crypto assets through an online market, for allegedly acting as an unregistered securities exchange, broker, dealer, and clearing agency. The SEC is also claimed defendant’s business practices, internal controls, and recordkeeping were inadequate and presented additional risks to consumers, that would also be prohibited had defendant been properly registered with the commission. For instance, the SEC cited practices including commingling billions of dollars of consumers’ cash and crypto assets with defendant’s own crypto assets and cash, which defendant’s 2022 independent auditor identified as “a significant risk of loss."
Director of the SEC’s Division of Enforcement, Gurbir S. Grewal said, “[Defendant’s] choice of unlawful profits over investor protection is one we see far too often in this space, and today we’re both holding [defendant] accountable for its misconduct and sending a message to others to come into compliance.”
The SEC seeks to (i) permanently enjoin defendant from violating Section 5 and section 17A of the Exchange Act; (ii) permanently enjoin defendant from offering or selling securities through crypto asset staking programs; (iii) disgorge defendant’s allegedly illegal gains and pay prejudgment interest; and (iv) impose a civil money penalty.
IOSCO releases report advising country regulators on crypto asset regulation
On November 16, the International Organization of Securities Commissions (IOSCO) released a report titled “Policy Recommendations for Crypto and Digital Asset Markets” for centralized financial bodies to put forth parallel, global policies on crypto assets, including a country’s stablecoin.
IOSCO’s report aims to protect retail investors from illegal crypto-asset market activities, including regulatory non-compliance, financial crime, fraud, market manipulation, and money laundering that have led to investor losses. The report puts forth 18 policy recommendations summarized within six key themes: conflicts from firms doing too much at once; market manipulation, insider trading, and fraud; cross-border risks and regulatory cooperation; operational and technological risks; and retail access, suitability, and distribution. ISOCO maintains its principles on global regulation are within the “same activities, same risks, same regulation/regulatory outcomes.” IOSCO also mentioned it plans on releasing a second report on decentralized finance before the year’s end.
FTC, DOJ convene with G7 on AI policy future
On November 8, the FTC and DOJ met with the G7 Competition Authorities and Policymakers’ Summit on how to better regulate AI while addressing its competitive concerns. The Summit took place in Tokyo, Japan, and both the FTC’s and the DOJ’s Antitrust Division participated with the international group. The G7 issued a statement on how generative AI can pose not only anti-competitive risks, but also risks in “privacy, intellectual property rights, transparency and other concerns.” All policymakers shared concerns on how to best enforce fair competition laws with AI, iterating that “existing competition law applies to [AI]” and that they were “prepared to confront abuses if AI becomes dominated by a few players with market power.” The G7 stated a need to enforce competition laws and “develop policies necessary to ensure that principles of fair competition are applied to digital markets.”
The G7’s report outlines its initiatives to promote and protect competition in digital markets, its commitment to address competition concerns, and its recognition of the need for internal cooperation on digital competition.
Bank of England and Financial Conduct Authority seek feedback on stablecoin regulatory proposals
On November 6, the Bank of England and the Financial Conduct Authority (FCA) requested feedback on their proposal to regulate a form of cryptocurrency known as stablecoins. Stablecoins are a cryptoasset that “maintain a stable value relative to a fiat currency by holding assets as backing” and fall within the UK Government’s plan to regulate them for future retail payment use. In addition to retail use, the Bank of England and FCA’s wish to regulate stablecoins is meant to “prevent money laundering… and safeguard financial stability.”
The Bank of England published a handy road map with similar regulators on how to best navigate rolling out new technological payment innovations, such as the digital pound. Each of the financial regulators provided two white papers: (i) the FCA’s discussion paper outlines how the FCA can regulate cryptoassets under the Financial Services and Markets Act 2000, including providing information on backing assets, custody requirements, and allowing overseas stablecoins used as a form of tender in the UK; and (ii) the Bank of England’s discussion paper examines proposed regulations for sterling-dominated stablecoins in the hopes of becoming widespread for retail use. Furthermore, this paper details proposed regulations for everyday use, including money transfers and providing digital wallets.
Both regulators’ comment period is open until February 6, 2024.
UK Government finalizes cryptoasset guidance with financial promotions
On November 2, the UK Financial Conduct Authority (FCA) finalized guidance informing individuals and firms regarding the communication and promotion of cryptoassets. The final guidance follows a consultation period that closed on August 10.
In UK law, Section 21 of the Financial Services and Markets Act 2000 prohibits any person from, in the course of business, communicating a financial promotion – an invitation or inducement to engage in investment activity – unless such person is an authorized person, the content is approved by an authorized person, or another exemption applies. The guidance describes the application of the financial promotion oversight regime to “qualifying cryptoassets” and expresses the expectation that all “cryptoasset financial promotions must be fair, clear and not misleading.”
The guidance reiterates that it “does not create new obligations for firms but relates to firms existing regulatory obligations” and that persons and firms that act in accordance with the guidance will be considered “as having complied with the rule or requirement to which that guidance relates.”
SEC charges crypto company with fraud and anti-registration violations
On November 1, the SEC charged a crypto company and its executive team with fraud through the unregistered sale of crypto asset securities. According to the complaint, the defendants represented in marketing materials, website, social media posts, and other communications with the public that a certain percentage of funds for each transaction would be retained and inaccessible by any party for a period of four years as a safety mechanism against asset misappropriation. Instead, the complaint alleges, the defendants accessed the funds and misappropriated tens of millions of dollars for various purposes, including manipulation of the market for the crypto asset, business expenses, investments in unrelated companies, and personal use. The complaint charges defendants with violating the registration and anti-fraud provisions of the Securities Act of 1933 and the anti-fraud provisions of the Securities Exchange Act of 1934.