Skip to main content
NewsInsightsComplianceServices ComplianceHome Featured

Digital Assets in Focus: SEC’s Latest Enforcement Drives New Compliance Standards

By November 4, 2024No Comments

With crypto assets included in the SEC’s 2025 Exam Priorities, coupled with a recent wave of enforcement actions against digital asset firms, one thing remains clear: the SEC’s regulatory oversight over this asset class has intensified like never before.

In fact, SEC Commissioner Hester Peirce recently emphasized the regulator’s position on crypto at the NYSBA Global Conference, underscoring that the SEC’s approach leans heavily toward enforcement, a stance that has left many crypto firms struggling to find their footing in a regulatory landscape that feels increasingly ambiguous. Underscoring this position are the recent enforcement actions that we have seen levied against digital asset firms. For example, the SEC’s recent settlement with eToro USA LLC (eToro) restricted the platform to trading only Bitcoin, Bitcoin Cash and Ether in the U.S., casting a spotlight on unregistered broker activity. With penalties of $1.5 million and a mandate to cease trading in all other assets, the settlement signals that digital asset managers who fall short of SEC compliance standards may face similar actions.

For digital asset managers, now is the time to examine compliance processes, address any gaps and proactively align operations with SEC standards. By reinforcing key compliance practices, engaging with third-party custodians and staying updated on evolving regulatory expectations, firms can prepare for examinations, avoid costly missteps and demonstrate resilience in an increasingly scrutinized market.

The Silver Compliance Team has delved into this topic before, featuring a thought leadership piece in our Q3 newsletter; participating in a recent webinar on the subject; and dedicating October’s Silver Salon Series event to this asset class. However, given that this subject matter remains top of mind for regulators who continue to tighten the compliance reigns, we wanted to provide a roadmap for digital asset managers to consider as we close out 2024.

Custody Risks: Navigating Uncharted Territory in Digital Asset Management

Custody has long been one of the central challenges for digital asset managers, as many crypto exchanges and private key management systems fail to meet the “qualified custodian” definition outlined in the SEC’s Custody Rule. The issue is compounded by recent regulatory actions, such as the September 3, 3024 enforcement action in which the SEC charged a former registered investment adviser, Galois Capital Management LLC (Galois), for failing to ensure that certain “crypto assets that were offered and sold as securities” held by its private fund client were maintained with a qualified custodian, as required by Rule 206(4)-2 of the Investment Advisers Act of 1940 (referred to as the “Custody Rule”).  The SEC has brought nine other Custody Rule actions against advisers this fiscal year, usually stemming from advisers’ failure to conduct audits or distribute audited financial statements to investors within the required time period. These steps taken by the SEC support the fact that the onus is clearly on fund managers to carefully select custody partners who prioritize security and regulatory alignment.

Qualified custodians offer a higher level of asset protection and align with the SEC’s strict standards, which are increasingly enforced in digital assets. A firm’s choice of custodian should be guided by rigorous due diligence processes that assess security protocols, audit practices and risk management standards. Moreover, it’s essential to document the rationale behind these custody decisions, as transparency around custody can bolster an examiner’s confidence in the firm’s commitment to safeguarding assets in accordance with SEC expectations. With evolving custody rules, digital asset managers should also monitor any future guidance from the SEC on digital asset custody.

Portfolio Management: Classifying Digital Assets and Assessing Counterparty Risk

A unique challenge in digital asset portfolio management involves accurately classifying assets and navigating counterparty risk. The eToro settlement demonstrates the SEC’s intensified focus on identifying which digital assets qualify as securities, placing fund managers under greater pressure to adopt procedures that ensure only compliant assets are traded. Although the SEC has not explicitly labeled assets as securities in most settlements, eToro’s restriction of all assets but Bitcoin, Bitcoin Cash and Ether suggests regulatory limitations.

Best practices for portfolio management in this context include developing and maintaining clear frameworks for assessing whether a given digital asset may be considered a security. This involves analyzing the asset’s underlying technology, the rights it grants holders and its intended use within a network, all criteria central to the Howey test for securities. Additionally, fund managers must conduct comprehensive reviews of counterparties, including exchanges and custodians, to evaluate such counterparties’ regulatory standing and market practices. This dual focus on asset classification and counterparty risk not only strengthens compliance, but also creates a more resilient, well-informed investment strategy.

Marketing Compliance: Precision and Accuracy in Digital Asset Claims

The SEC has demonstrated an increased focus on marketing compliance, with particular scrutiny of digital asset managers’ promotional claims. In this regulatory climate, exaggerated or unverifiable claims, such as describing oneself as “one of the first in the space,” can lead to heightened examiner attention or even enforcement actions. Managers should, therefore, ensure all marketing content is rigorously fact-checked and compliant with the SEC’s expectations for accuracy and transparency.

Marketing compliance can be strengthened by implementing pre-approval processes for materials, including websites, presentations and social media. A team of compliance professionals or legal advisors should review marketing content to ensure it presents an accurate picture of the firm’s track record and regulatory commitment. Ensuring marketing materials emphasize the firm’s compliance focus, rather than speculative claims, positions the firm more favorably in an exam setting.

Cybersecurity Threats: Protecting Private Keys and Strengthening Incident Response

For digital asset firms, cybersecurity is paramount, particularly the protection of private keys that grant access to digital assets. The SEC is increasingly attuned to these risks, making robust cybersecurity measures a vital component of compliance. Managers should develop and regularly update an incident response plan that specifically addresses potential threats, such as private key compromise, phishing and other cyberattacks.

This response plan should be integrated into the firm’s broader business continuity planning, covering the steps necessary to secure assets, notify affected parties and report incidents. Managers should ensure all personnel receive training around cybersecurity best practices, including phishing awareness and secure private key storage. Cybersecurity diligence not only helps protect assets, but also strengthens exam readiness, demonstrating to the SEC that the firm has implemented industry-leading security practices.

Anti-Money Laundering (AML): Adapting to Digital Asset Realities

Anti-money laundering (AML) compliance is critical in digital assets, where the risk of illicit transactions is inherently higher. The recent eToro settlement highlights the importance of a strong AML framework, as digital asset d managers must address unique challenges, such as tracing the origin of in-kind crypto contributions. To meet AML requirements, firms should implement policies designed to verify the legitimacy of funds entering and exiting the portfolio.

This monitoring of the portfolio involves integrating digital asset-specific AML solutions, such as blockchain analysis tools that track asset provenance, and ensuring compliance with know-your-customer (KYC) regulations. Engaging third-party AML specialists can further enhance a firm’s ability to meet heightened regulatory standards, demonstrating a proactive stance toward preventing money laundering and mitigating reputational risks.

Record Retention: Meeting SEC Standards in a Digital Environment

SEC-compliant record retention is essential, particularly as the digital nature of assets complicates traditional methods of data storage. Blockchain transaction records, electronic communications and trade documentation must be retained and organized to facilitate examiner access. Firms should evaluate digital asset-specific recordkeeping solutions or develop internal systems capable of storing blockchain records in a manner that aligns with SEC standards.

Effective record retention practices extend beyond simple storage; they also include having organized, easily searchable archives that examiners can readily access. Digital asset managers who adopt this level of diligence not only streamline the exam process, but also build a stronger compliance posture.

The Collaborative Examination Process: Engaging Third-Party Experts

The SEC examination process benefits from a collaborative approach, involving third-party custodians, compliance consultants and legal advisors. By leveraging custodians with an expertise and focus on digital assets or specialized compliance firms, digital asset managers can navigate complex regulatory requirements more effectively, preparing organized responses and ensuring examiner confidence. Building a compliance strategy that engages expert partners reduces operational strain, allowing internal teams to focus on core responsibilities.

Conclusion: Taking Action Now to Prepare for SEC Exams in Digital Assets

As the SEC intensifies its grip around digital asset regulations and enforcement actions, digital asset managers must act decisively to address compliance challenges. By implementing sound compliance practices, engaging with industry partners and aligning with SEC standards, digital asset firms can create resilient operations ready to face SEC examinations and uphold investor trust.

Please feel free to contact us at [email protected] with any questions or concerns you might have regarding anything mentioned above and how Silver can help prepare your firm for a possible SEC examination.