Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On January 18, CFTC Commissioner Christy Goldsmith Romero spoke before the Wharton School and the University of Pennsylvania Carey Law School on lessons learned from the recent bankruptcy of a cryptocurrency exchange, calling the collapse a “violation of trust.” Specifically, Goldsmith Romero mentioned that the digitization of financial services and products brought convenience but also a presumed trust in crypto exchanges with name recognition, which was violated by the collapse. She pointed to the collapsed exchange’s reliance on the name recognition it made through marketing campaigns and explained that such advertising “played up the exchange’s safety and convenience for people that may be new to crypto.”
Goldsmith Romero urged Congress to avoid permitting newly-regulated crypto exchanges to self-certify products for listing under the current process that limits CFTC oversight. She stressed it “is critical to institute guardrails against regulatory arbitrage," including prohibiting self-certification.
Goldsmith Romero also called on lawyers, accountants, compliance professionals, and other gatekeepers to “step up and call for compliance, controls, and other governance.” She expressed that these gatekeepers failed their “essential duties” to protect crypto customers and market integrity, and noted that they have allowed “the promise of riches and the company’s marketing pitch to silence their objections to obvious deficiencies.” Ultimately, Goldsmith Romero advised that “[s]ound custody practices and strong cybersecurity are necessary to restore trust and protect customers.”
On December 20, the CFTC announced a settlement with a registered futures commission merchant (respondent) for allegedly violating the Commodity Exchange Act, Commission regulations, and Bank Secrecy Act compliance requirements. According to the CFTC, the respondent allegedly “failed to implement an adequate anti-money laundering  program, particularly as applied to a futures and options trading account controlled by [a customer],” and “failed to implement risk-based limits concerning trading by [a customer].” The CFTC also alleged supervisory and recordkeeping failures stemming from the inadequate anti-money laundering program. The respondent is ordered to pay a $6.5 million civil money penalty and undertake certain remedial measures relating to the violations.
On December 13, the SEC filed a complaint against the former CEO/co-founder (defendant) of a collapsed crypto exchange for allegedly orchestrating a scheme to defraud equity investors. According to the SEC, from May 2019 to November 2022, the defendant raised over $1.8 billion from investors who bought an equity stake in his company in part because they believed his representations that the platform had “top-notch, sophisticated automated risk measures in place.” The complaint alleged, among other things, that the defendant orchestrated “a massive, years-long fraud” to conceal (i) the undisclosed diversion of customers’ funds to the defendant’s privately-held crypto hedge fund; (ii) the undisclosed special treatment afforded to the hedge fund on the company platform, including providing it with a virtually unlimited “line of credit” funded by the platform’s customers; and (iii) the undisclosed risk stemming from the company’s exposure to the hedge fund’s significant holdings of overvalued, illiquid assets, such as the platform-affiliated tokens. The complaint further alleged that the defendant used commingled funds at his hedge fund to make undisclosed venture investments, purchase lavish real estate purchases, and give large political donations. The SEC’s complaint charged the defendant with violating the anti-fraud provisions of the Securities Act of 1933 and the Securities Exchange Act of 1934. The SEC is seeking injunctions against future securities law violations; an injunction that prohibits the defendant from participating in the issuance, purchase, offer, or sale of any securities, except for his own personal account; disgorgement of his ill-gotten gains; a civil penalty; and an officer and director bar.
The defendant was also indicted by a grand jury in the U.S. District Court for the Southern District of New York on wire fraud, commodities fraud, securities fraud, money laundering, and campaign finance charges.
The CFTC also filed a complaint against the former CEO/co-founder, in addition to the collapsed crypto exchange and the hedge fund for making material misrepresentations in connection with the sale of digital commodities in interstate commerce. Specifically, the CFTC alleged that the exchange’s executives, at the former CEO’s direction, created a number of exceptions to benefit his hedge fund, including adding features in the underlying code to permit the hedge fund to “maintain an essentially unlimited line of credit” on the trading platform through an “allow negative flag,” which allowed the hedge fund to withdraw billions of dollars in customer assets from the company. The CFTC is seeking restitution, disgorgement, civil monetary penalties, permanent trading and registration bans, and a permanent injunction against further violations of the Commodity Exchange Act and CFTC regulations, as charged.
Later, on December 21, the SEC and CFTC filed charges (see here and here) against the former CEO of the hedge fund and the former chief technology officer of the collapsed crypto exchange for their roles in the scheme to defraud equity investors. The agencies stated that investigations into other securities law violations and into other entities and persons relating to the alleged misconduct are ongoing.
Commissioner says CFTC should take a “same risk, same regulatory outcome” approach for addressing crypto risks
On October 26, CFTC Commissioner Christy Goldsmith Romero spoke before the International Swaps and Derivatives Association’s Crypto Forum 2022, where she presented thoughts on the financial stability risks of cryptocurrency assets. Romero cautioned that the “rapidly developing crypto market” is facing similar financial stability risks as the traditional financial system, including parallel themes from the 2008 financial crisis. She highlighted events such as those that happened earlier in the year where an algorithmic stablecoin and related crypto-asset collapsed and triggered a broad sell off of cryptocurrency that spread losses to several institutions who abruptly cut off lending. These vulnerabilities serve as a warning for growing intra-market risks, Romero said, explaining that “[j]ust as regulators could not see the true exposures or risk in 2008 due to unregulated companies and products, [regulators] cannot see that today with unregulated crypto markets.” Moreover, without additional regulatory authority, the CFTC’s ability to monitor these risks is hampered, she said, adding that “[f]inancial stability risk will increase, and could rise to the level of systemic risk if in the future there are greater interconnections between the crypto industry and traditional finance players performing critical market functions.”
Romero recognized that novel technologies bring novel risks, and said that the CFTC should address these risks by using its existing authority to follow a “same risk, same regulatory outcome” approach and establish customer protections and guardrails that investors and customers are familiar with and have come to expect from other regulated financial products and markets. She emphasized that financial institutions interested in entering the digital asset space “should undertake substantial due diligence to determine vulnerabilities” in areas such as cyber theft, money laundering, and sanctions evasion; fraud, scams, and market manipulation; customer asset segregation; and conflicts of interest.
On October 24, Democratic lawmakers sent letters to the leaders of the SEC, CFTC, Treasury Department, Federal Reserve, FDIC, OCC and CFPB regarding concerns about “the revolving door between  financial regulatory agencies and the cryptocurrency (crypto) industry.” In the letters, the lawmakers argued “that the crypto revolving door risks corrupting the policymaking process and undermining the public’s trust in our financial regulators.” The letters also noted that Treasury saw the most movement from the Treasury Department, with 31 former employees joining the crypto industry. The SEC was second with 28 former employees, according to Tech Transparency Project. The lawmakers argued that “Americans should be able to trust that financial rules are crafted to reduce risk, improve security, and ensure the fair and efficient functioning of the market,” and that “Americans should be confident that regulators are working on behalf of the public, rather than auditioning for a high-paid lobbying job upon leaving government service.” The letters requested that the agencies provide information by November 7, including answers to inquiries about each agency’s ethics guidelines and polices in place to protect the agency from being influenced by current or former employees’ potential conflicts of interest.
On October 3, the CFTC filed a complaint against an individual and the four companies he controlled (collectively, “defendants”) in the U.S. District Court for the Southern District of Florida for allegedly operating a digital asset exchange that offered futures transactions on a platform other than a designated contract market. The defendants are also charged with attempting to manipulate the price of the exchange’s native token. According to the CFTC, the defendants used web-based solicitation to obtain customers even though the individual defendant was aware that such participation subjected the exchange to U.S. regulation. The CFTC also claimed that, in addition to allegedly violating certain registration and regulatory requirements, the defendants attempted to artificially inflate the price of the exchange’s “native currency.” Among other things, the defendants are also accused of failing to implement an effective AML program, know-your-customer procedures, or a customer information program to verify the identifies of the customers who purchased the digital assets. The complaint charges the defendants with violations of the Commodity Exchange Act (CEA), and seeks full restitution, disgorgement of ill-gotten gain, civil penalties, permanent trading and registration bans, and a permanent injunction against further CEA violations.
On September 27, the SEC and CFTC announced settlements (see here and here) with numerous broker-dealers for alleged recordkeeping failures. According to the SEC, from January 2018 through September 2021, the firms’ employees communicated about business matters using text messaging applications on their personal devices. The SEC further alleged that the firms violated federal securities laws by failing to maintain or preserve the substantial majority of these off-channel communications. The SEC charged each of the firms with violating certain recordkeeping provisions of the Securities Exchange Act of 1934, and with failing to reasonably supervise and detect such violations. Additionally, an investment adviser was charged with violating certain recordkeeping provisions of the Investment Advisers of 1940. In addition to paying a total of $1.1 billion in fines, the firms were ordered to cease and desist from future violations of the relevant recordkeeping provisions and were censured. The firms agreed to retain compliance consultants to, among other things, conduct comprehensive reviews of their policies and procedures relating to the retention of electronic communications found on personal devices. The SEC recognized the firms’ cooperation with the investigation.
Separately, in a related action, the CFTC announced settlements with many of the same firms for related conduct, totaling nearly $710 million. The CFTC noted that each firm acknowledged to CFTC staff that it was aware employees used unapproved methods to engage in business-related communications. The CFTC also said that as a result of each firm’s failure to ensure that its employees complied with communication policies and procedures, the firms failed to maintain business-related communications. The CFTC found that each firm failed to diligently “supervise its business as a CFTC registrant or registrants, in violation of CFTC recordkeeping and supervision provisions.”
On September 22, the CFTC announced a settlement with a cryptocurrency business and its founders (collectively, respondents) for allegedly violating the Commodity Exchange Act (CEA), Commission regulations, and Bank Secrecy Act compliance requirements. According to the CFTC, the respondents allegedly “designed, deployed, marketed, and made solicitations concerning a blockchain-based software protocol that accepted orders for and facilitated margined and leveraged retail commodity transactions.” The protocol allowed users to leverage positions, where the value was determined by the price difference between two digital assets from the time the position was established to the time it was closed. The protocol, according to the CFTC, “purported to offer users the ability to engage in these transactions in a decentralized environment.” The CFTC found that the respondents were not registered with the CFTC and had engaged in unlawful activities that could only be lawfully performed by a registered designated contract market and other activities that could only lawfully be performed by a registered futures commission merchant (FCM). Additionally, the respondents did not comply with the Bank Secrecy Act when they failed to conduct know-your customer diligence on their customers as part of a customer identification program, as required of FCMs. The order requires the respondents to pay a $250,000 civil monetary penalty and to cease and desist from further violations of the CEA and CFTC regulations. Simultaneously, the CFTC filed a complaint in the U.S. District Court for the Northern District of California charging a decentralized autonomous organization and successor to the cryptocurrency business that operated the same software protocol with violating the same laws as the respondents. The CFTC is seeking restitution, disgorgement, civil monetary penalties, trading and registration bans, and injunctions against further violations of the CEA and CFTC regulations.
The same day, CFTC Commissioner Summer K. Mersinger published a dissenting opinion, stating that though she does “not condone[s] individuals or entities blatantly violating the CEA or our rules,” we “cannot arbitrarily decide who is accountable for those violations based on an unsupported legal theory amounting to regulation by enforcement while federal and state policy is developing.” She further argued that there is no provision in the CEA that holds members of a for-profit unincorporated association personally liable for violations of the CEA or CFTC rules committed by the association based solely on their membership status.
On September 19, CFTC Commissioner Christy Goldsmith Romero called on the agency to adopt her proposed Heightened Enforcement Accountability and Transparency (HEAT) Test, which would require defendants to admit wrongdoing in CFTC enforcement settlements. Expressing “deep concerns” with the CFTC’s practice of not seeking admissions of wrongdoing when settling the majority of enforcement cases (thus resulting in a majority of settlements where the defendant “neither admits nor denies” wrongdoing), Romero stressed that she does not support allowing defendants to settle without admitting their illegal conduct. Romero’s proposed HEAT Test would, among other things, (i) require defendants to acknowledge responsibility and wrongdoing to the public in cases where heightened accountability and acceptance of responsibility are in the public interest; (ii) require more defendants to admit their wrongdoing, thus maximizing public accountability, increasing transparency of a defendant’s wrongdoing, and heightening the deterrent impact of the agency’s enforcement settlements; and (iii) assist the CFTC in reviewing cases that may call for heightened scrutiny of these factors. Romero added that the CFTC should be more willing to take cases to trial when defendants are not willing to admit wrongdoing.
On August 30, the Subcommittee on Economic and Consumer Policy of the House Committee on Oversight and Reform announced that Representative Raja Krishnamoorthi (D-IL), Chair of the Subcommittee, sent letters to the U.S. Treasury Department, SEC, CFTC, and FTC, in addition to five digital asset exchanges, requesting information on how they are combating cryptocurrency-related fraud and scams. According to his letters, Chairman Krishnamoorthi is “concerned about the growth of fraud and consumer abuse linked to cryptocurrencies.” He further added that “[t]he lack of a central authority to flag suspicious transactions in many situations, the irreversibility of transactions, and the limited understanding many consumers and investors have of the underlying technology make cryptocurrency a preferred transaction method for scammers.” In the letters to the federal agencies, he stated that “the federal government has been slow to curb cryptocurrency scams and fraud,” and that “[e]xisting federal regulations do not comprehensively or clearly cover cryptocurrencies under all circumstances.” In one of the letters to the digital asset exchanges, Krishnamoorthi noted that “cryptocurrency exchanges must themselves act to protect consumers conducting transactions through their platforms.” The letters requested that all recipients provide information to the subcommittee outling “steps they are taking to combat cryptocurrency-related fraud and scams and additional actions that are needed to protect Americans” in order to “help Congress understand what they are doing to protect consumers and inform legislative solutions to bring stability to the digital asset industry.”