Skip to main content
Menu Icon
Close

InfoBytes Blog

Financial Services Law Insights and Observations

Filter

Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.

  • Oregon amends money transmission law with respect to a required security device

    On January 9, the State of Oregon enacted a new bill on money transmission licensing, specifically stating that “each license application shall be accompanied by a security device in the amount of $25,000.” A security device is defined by Oregon law as a surety bond or an irrevocable letter of credit. If an applicant engages in business at more than one location, the security device will increase by $5,000 per location, with a maximum of $150,000. The bill further states that in place of security devices, an applicant could deposit securities such as interest-bearing stocks, bonds, notes, etc., and be held under the same obligations as the security device. The bill concludes that the security device will remain in effect until its cancellation and remain in place no longer than five years following a licensee ceasing its money transmission operations in Oregon. In the event of the bankruptcy of the licensee, the security device will be held in trust for the benefit of purchasers and holders of the licensee’s outstanding payment instruments.

    Licensing Oregon Bond Securities

  • SEC charges DAO for unregistered sale of crypto smart yield bonds

    Securities

    On December 22, 2023, the SEC announced a settlement with a decentralized autonomous organization (DAO) and a second settlement with its founders. The SEC alleged that the DAO failed to register with the Commission for its offering and sale of structured crypto-asset securities. The SEC additionally charged the organization for operating certain pools as unregistered investment companies. According to the SEC, the organization compared its structured crypto-asset securities to asset-backed securities and marketed them to the public. Furthermore, investors could acquire “senior” or “junior” interest which could be pooled and used to generate returns. The orders state that the structured crypto-asset securities attracted significant investments, totaling over $509 million, with fees paid to the organization by investors based on investment size and chosen yield.

    Securities Enforcement Cryptocurrency

  • SEC awards more than $28 million to seven whistleblowers

    Securities

    On December 22, 2023, the SEC announced awards totaling more than $28 million to seven whistleblowers whose information and assistance led to a successful SEC enforcement action. According to the redacted order, five of the whistleblowers provided significant information early in the investigation, participated in voluntary interviews, provided supporting documents to SEC staff, and identified key witnesses. The SEC also added that the whistleblowers made several attempts to internally report their concerns to company management. Two whistleblowers provided significantly less information than the other five later into the investigation, but still qualified for a percentage of the monetary sanctions collected in the covered action. Creola Kelly, Chief of the SEC’s Office of the Whistleblower, stated that “[t]hese whistleblowers provided valuable information and substantial assistance that played a critical role in the SEC returning millions of dollars to harmed investors.”

    One claimant’s whistleblower award application was denied because they did not communicate directly with the SEC staff responsible for the Covered Action Investigation and none of the information provided by the claimant was forwarded to the responsible staff. As such, the claimant did not provide original information that led to the successful enforcement action.

    Payments to whistleblowers are made out of an investor protection fund, established by Congress, which is financed entirely through monetary sanctions paid to the SEC by securities law violators.

    Securities Enforcement Whistleblower

  • IOSCO publishes nine recommendations on decentralized finance

    Agency Rule-Making & Guidance

    On December 19, 2023, the International Organization of Securities Commissions (IOSCO) published a report on decentralized finance to address market integrity and investor protection. The report includes nine policy recommendations for decentralized financial regulators to follow. Decentralized finance structures include financial products and arrangements that use a distributed ledger or blockchain technology. IOSCO’s policy recommendations on decentralized finance complement a similar report on crypto and digital asset markets, as written about on InfoBytes, here. The policy recommendations are as follows: (i) regulators should analyze decentralized finance products, services, and activities in its jurisdiction; (ii) regulators should identify the persons or entities that could be subject to its regulatory framework; (iii) regulators should use frameworks to regulate and address risks arising from decentralized finance consistent with IOSCO standards; (iv) regulators should require responsible persons to address conflicts of interest; (v) regulators should require responsible persons to address material risks, including operational and technological ones; (vi) regulators should require responsible persons to disclose information clearly to users and investors; (vii) regulators should apply comprehensive powers to decentralized financial services to detect and enforce violations under law; (viii) regulators should cooperate and share information with other regulators and authorities; and (ix) regulators should seek to understand how decentralized finance products are linked to the crypto-asset market as well as traditional finance markets. The final section of the report summarized the feedback garnered from 45 stakeholders on eight categories.

    Agency Rule-Making & Guidance IOSCO Decentralized Finance Securities Of Interest to Non-US Persons

  • Crypto platform to pay $22 million to resolve NY AG suit

    Securities

    On December 13, the New York State Supreme Court entered a stipulation and consent order resolving a suit brought in March against a crypto platform for operating as an unregistered broker-dealer, among other things. As previously covered by InfoBytes, the suit was brought by New York State Attorney General Letitia James who noted this was one of the first times a regulator claimed in court that one of the largest cryptocurrencies available in the market qualified as a security.

    As a result of the consent order, the platform is obligated to refund over $16.7 million worth of crypto in its control “by allowing users to withdraw those balances and transferring any remaining balances after ninety days to a third-party fund administrator,” to more than 150,000 investors in New York. In addition, the platform must pay an additional $5.3 million to the state. As part of the agreement, the platform is barred from trading securities and commodities in New York or from making its platform available to New York residents. 

    Securities New York State Attorney General Consent Order Settlement

  • NYDFS settles with title insurance company for $1 million

    Privacy, Cyber Risk & Data Security

    On November 27, the NYDFS entered into a consent order with a title insurance company, which required the company to pay $1 million for failing to maintain and implement an effective cybersecurity policy and correct a cybersecurity vulnerability. The vulnerability allowed members of the public to access others’ nonpublic information, including driver’s license numbers, social security numbers, and tax and banking information. The consent order indicates the title insurance company discovered the vulnerability as early as 2018. The title insurance company’s failure to correct these changes violated Section 500.7 of the Cybersecurity Regulation.

    In May 2019, a cybersecurity journalist published an article on the existence of a vulnerability in the title insurance company’s application, that led to a public exposure of 885 million documents, some found through search engine results. The journalist noted that “replacing the document ID in the web page URL… allow[ed] access to other non-related sessions without authentication.” Following the cybersecurity journalist’s article, and as required by Section 500.17(a) of the Cybersecurity Regulation, the title insurance company notified NYDFS of its vulnerability, at which point NYDFS investigated further. The title insurance company has been ordered to pay the penalty no later than ten days after the effective date.

    Privacy, Cyber Risk & Data Security State Issues Securities NYDFS Auto Insurance Enforcement

  • DFPI orders desist and refrain against investment firm

    State Issues

    On November 16, under California Corporations Code § 25532, the California Division of Financial Protection and Innovation (DFPI) issued a desist and refrain order against a securities investment platform for allegedly making false representations and material omissions to investors.

    The DFPI alleges the investment platform sold securities in California on its website and the platform referred to them as “certificates.” The platform claimed that the certificates paid investors returns ranging from 2.5 percent to five percent in addition to guaranteed monthly returns. To solicit investors, the platform allegedly engaged in a multi-level marketing (MLM) structure that would have investors influence others to send money. DFPI alleged that the certificates were not qualified under the California Corporate Securities Law. DFPI also alleged that the platform omitted material information to investors, which included (i) falsely representing that the platform was partnered with a particular forex broker; (ii) representing that it was a licensed bank (while omitting that the “license” was granted by a “fictitious regulator”); (iii) using the terms “bank” and “banking” while omitting that it was not authorized to engage in the business of banking in California; (iv) misrepresenting profits and risk of loss; and (v) failing to disclose that its securities were not qualified in California.  

    State Issues Securities DFPI Enforcement Investment California

  • SEC charges crypto firm for failing to register and mitigate risk factors

    Securities

    On November 20, the SEC filed a complaint in the U.S. District Court of the Northern District of California against a crypto trading platform, which allows customers to buy and sell crypto assets through an online market, for allegedly acting as an unregistered securities exchange, broker, dealer, and clearing agency. The SEC is also claimed defendant’s business practices, internal controls, and recordkeeping were inadequate and presented additional risks to consumers, that would also be prohibited had defendant been properly registered with the commission. For instance, the SEC cited practices including commingling billions of dollars of consumers’ cash and crypto assets with defendant’s own crypto assets and cash, which defendant’s 2022 independent auditor identified as “a significant risk of loss."

    Director of the SEC’s Division of Enforcement, Gurbir S. Grewal said, “[Defendant’s] choice of unlawful profits over investor protection is one we see far too often in this space, and today we’re both holding [defendant] accountable for its misconduct and sending a message to others to come into compliance.”

    The SEC seeks to (i) permanently enjoin defendant from violating Section 5 and section 17A of the Exchange Act; (ii) permanently enjoin defendant from offering or selling securities through crypto asset staking programs; (iii) disgorge defendant’s allegedly illegal gains and pay prejudgment interest; and (iv) impose a civil money penalty.

    Securities SEC Cryptocurrency Enforcement California Digital Assets Broker

  • IOSCO releases report advising country regulators on crypto asset regulation

    Securities

    On November 16, the International Organization of Securities Commissions (IOSCO) released a report titled “Policy Recommendations for Crypto and Digital Asset Markets” for centralized financial bodies to put forth parallel, global policies on crypto assets, including a country’s stablecoin.

    IOSCO’s report aims to protect retail investors from illegal crypto-asset market activities, including regulatory non-compliance, financial crime, fraud, market manipulation, and money laundering that have led to investor losses. The report puts forth 18 policy recommendations summarized within six key themes: conflicts from firms doing too much at once; market manipulation, insider trading, and fraud; cross-border risks and regulatory cooperation; operational and technological risks; and retail access, suitability, and distribution. ISOCO maintains its principles on global regulation are within the “same activities, same risks, same regulation/regulatory outcomes.” IOSCO also mentioned it plans on releasing a second report on decentralized finance before the year’s end.

    Securities International Of Interest to Non-US Persons Cryptocurrency Digital Assets Risk Management

  • FTC, DOJ convene with G7 on AI policy future

    Securities

    On November 8, the FTC and DOJ met with the G7 Competition Authorities and Policymakers’ Summit on how to better regulate AI while addressing its competitive concerns. The Summit took place in Tokyo, Japan, and both the FTC’s and the DOJ’s Antitrust Division participated with the international group. The G7 issued a statement on how generative AI can pose not only anti-competitive risks, but also risks in “privacy, intellectual property rights, transparency and other concerns.” All policymakers shared concerns on how to best enforce fair competition laws with AI, iterating that “existing competition law applies to [AI]” and that they were “prepared to confront abuses if AI becomes dominated by a few players with market power.” The G7 stated a need to enforce competition laws and “develop policies necessary to ensure that principles of fair competition are applied to digital markets.”

    The G7’s report outlines its initiatives to promote and protect competition in digital markets, its commitment to address competition concerns, and its recognition of the need for internal cooperation on digital competition.

    Securities G7 FTC DOJ Antitrust AI

Pages

Upcoming Events