The Securities and Exchange Commission is not taking things lightly when it comes to protecting investors in crypto markets and from cyber-related threats.
The Commission announced May 3 that it is allocating 20 additional positions to the newly renamed Crypto Assets and Cyber Unit (formerly known as the Cyber Unit) in the Division of Enforcement, which will grow the unit to 50 dedicated positions.
The addition of 20 additional positions into the unit will bolster the ranks of its supervisors, investigative staff attorneys, trial counsels and fraud analysts in the agency’s headquarters in Washington, DC, as well as several regional offices, according to the announcement.
“The U.S. has the greatest capital markets because investors have faith in them, and as more investors access the crypto markets, it is increasingly important to dedicate more resources to protecting them,” SEC Chairman Gary Gensler said in a statement. “By nearly doubling the size of this key unit, the SEC will be better equipped to police wrongdoing in the crypto markets while continuing to identify disclosure and controls issues with respect to cybersecurity.”
The SEC chairman further noted that the Division of Enforcement’s Crypto Assets and Cyber Unit has successfully brought dozens of cases against those seeking to take advantage of investors in crypto markets. Since its creation in 2017, the unit has brought more than 80 enforcement actions related to fraudulent and unregistered crypto asset offerings and platforms, resulting in monetary relief totaling more than $2 billion.
The expanded Crypto Assets and Cyber Unit will leverage the agency’s expertise to focus on investigating securities law violations related to:
- crypto asset offerings;
- crypto asset exchanges;
- crypto asset lending and staking products;
- decentralized finance (DeFi) platforms;
- non-fungible tokens (NFTs); and
- stablecoins.
Cybersecurity Risks
The unit has also brought numerous actions against SEC registrants and public companies for failing to maintain adequate cybersecurity controls and for failing to appropriately disclose cyber-related risks and incidents. The Crypto Assets and Cyber Unit will continue to tackle the omnipresent cyber-related threats to the nation’s markets, the SEC noted.
“Crypto markets have exploded in recent years, with retail investors bearing the brunt of abuses in this space. Meanwhile, cyber-related threats continue to pose existential risks to our financial markets and participants,” stated Gurbir Grewal, Director of the SEC’s Division of Enforcement. “The bolstered Crypto Assets and Cyber Unit will be at the forefront of protecting investors and ensuring fair and orderly markets in the face of these critical challenges.”
Coming to the Forefront
These issues have been brewing for the better part of the past year at the SEC and Labor Department.
In April 2021 the DOL issued its first formal cybersecurity guidance for plan sponsors in the form of best practices, including in handling plan service providers. Not long after the DOL started inquiring about plan’s cybersecurity practices.
In February the SEC proposed new rules that seek to address concerns about the cybersecurity preparedness of registered investment advisers and funds by requiring registrants to adopt written policies and set up a new reporting regime. The comment period for the proposed rules closed in April and it is presumed the Commission will move to finalize the rules in the coming months.
And contending that large parts of the crypto market are not operating within regulatory frameworks that protect investors, SEC Chairman Gensler has indicated that the Commission plans to take action and had called on Congress for more authority to regulate the field.
In addition, the SEC announced in March that its examination priorities will include exams of market participants engaged with crypto-assets to review the custody arrangements for such assets and that the division will assess the offer, sale, recommendation, advice and trading of crypto-assets. Also in March, the DOL published a compliance assistance bulletin cautioning plan fiduciaries to exercise extreme care before they consider adding a cryptocurrency option to a 401(k) plan’s investment menu for plan participants.
Subsequently, Fidelity announced that it plans to make available a cryptocurrency option for plan sponsors to offer on their 401(k) platforms, followed by the Department of Labor expressing its concern about that decision.
Bipartisan legislation was also introduced recently that would authorize the Commodity Futures Trading Commission (CFTC) to register and regulate trading venues offering spot or cash digital commodity markets as digital commodity exchanges. The sponsors of the legislation characterized it as filling gaps between the CFTC and the SEC’s regulation of the digital asset marketplace.
