Risk Alert: The SEC continues to focus on Digital Asset Securities

On February 26, the SEC’s Division of Examinations (the “Division,” formerly known as the Office of Compliance Inspections and Examinations, or “OCIE”), published a risk alert detailing observations from examinations of investment advisors, broker-dealers, and transfer agents related to the offer, sale, and trading of digital assets that are securities (“Digital Asset Securities”). The risk alert is intended to provide transparency about the Division’s focus areas in future examinations.

Digital Assets, as referenced in the risk alert, are assets that are issued and/or transferred using distributed ledger or blockchain technology (collectively, “distributed ledger technology”), including, but not limited to, virtual currencies, coins, and tokens. Distributed ledger technology includes databases that maintain information across a network of computers in a decentralized or distributed manner. These networks commonly use cryptographic protocols to ensure data integrity. Blockchains are often used to issue and transfer ownership of digital assets that may be securities, depending on the facts and circumstances. Of note, certain digital assets may or may not meet the definition of “security” under the federal securities laws.

Staff Observations for Investment Advisors

In recent examinations of investment advisors managing Digital Asset Securities for their clients (in addition to other digital assets and derivative products) either directly or indirectly through pooled vehicles, the Division’s staff identified certain risks that will influence their ongoing examination focus. The examinations will focus on regulatory compliance related to:

• Portfolio Management
  • Classification of digital assets managed on behalf of their clients, including whether they are classified as securities;
  • Due diligence of digital assets;
  • Evaluation and mitigation of risks related to trading venues and trade execution or settlement facilities;
  • Management of risks and complexities associated with “forked”[1] and “airdropped”[2] digital assets;
  • Fulfillment of the advisor’s fiduciary duty with respect to investment advice across all client types.

• Books and records

• • Whether advisors are making and keeping accurate books and records, including recording trading activity in accordance with the recordkeeping requirements.

• Custody
  • The staff will review the risks and practices related to the custody of digital assets by investment advisors and examine for compliance with the custody rule (Rule 206(4)-2 under the Adviser’s Act), particularly:
    • Occurrences of unauthorized transactions, including theft of digital assets;
    • Controls around safekeeping of digital assets (e.g., employee access to private keys and trading platform accounts);
    • Business continuity plans where key personnel have exclusive access to private keys;
    • How the advisor evaluates harm due to the loss of private keys;
    • Reliability of software used to interact with relevant digital asset networks;
    • Storage of digital assets on trading platform accounts and with third party custodians; and
    • Security procedures related to software and hardware wallets.

• Disclosures
  • The staff will review disclosures made to investors in a variety of media (e.g., solicitations, marketing materials, regulatory brochures and supplements, and fund documents) regarding the unique risks associated with digital assets, including any risks that are heightened as a result of the digital nature of such assets.
  • The staff will assess disclosures regarding specific risks, including the complexities of the products and technology underlying such assets, technical, legal, market, and operational risks (including custody and cybersecurity), price volatility, illiquidity, valuation methodology, related-party transactions, and conflicts of interest.

• Pricing client portfolios
  • Because investment advisors apply a variety of valuation methods to determine the value of digital assets managed on behalf of clients, the staff acknowledges that they may face valuation challenges for digital assets due to market fragmentation, illiquidity, volatility, and the potential for manipulation.
  • Due to the above, examinations will include a review of:
    • The valuation methodologies used, including those used to determine principal markets, fair value, valuation after significant events, and recognition of forked and airdropped digital assets.
    • Disclosures related to valuation methodologies, and advisory fee calculations and the impact valuation practices have on these fees.

• Registration issues
  • Understanding how an investment advisor calculates its regulatory assets under management and how it characterizes the digital assets in the pooled vehicles it manages, as well as the status of clients. For private funds managed by investment advisors, this also includes understanding how the funds determine applicable exemptions from registration as investment companies.

Staff Observations for Broker-Dealers

Through regulatory coordination and observations from recent examinations of broker-dealers, the Division has identified certain risks that will also influence their future examinations of broker-dealers. The examinations of broker-dealers will focus on regulatory compliance related to:

• Safekeeping of funds and operations
  • Staff will seek to understand the broker-dealer’s operational activities, including operations that are unique to the safety and custody of Digital Asset Securities.

• Registration requirements
  • Staff will review the broker-dealers’ and any affiliated entities’ compliance with registration requirements. For example, if an affiliate of a registered broker-dealer engages in the business of effecting transactions in Digital Asset Securities for the accounts of others, that affiliate may be required to register as a broker-dealer.

• Anti-Money Laundering (AML)
  • In light of the Division’s observations regarding the inadequacy of broker-dealers’ AML procedures, controls, and documentation regarding Digital Asset Securities and/or failures in firms’ searches against the Specially Designations Nationals list maintained by OFAC, staff will continue to examine broker-dealer compliance with AML obligations (e.g., filing suspicious activity reports and performing customer due diligence).

• Offerings
  • Because broker-dealers may be involved in underwriting and private placement activity regarding Digital Asset Securities, examinations will include a review of the due diligence performed by broker-dealers of the Digital Asset Securities and the disclosures made by broker-dealers to customers related to the offering of Digital Asset Securities.

• Disclosure of conflicts of interest

• • Due to the staff’s observation that broker-dealers may operate in multiple capacities, including as trading platforms or proprietary traders of Digital Asset Securities on their own or other platforms, examinations will include a review of the existence and disclosures of conflicts of interest and the compliance policies and procedures to address them.

• Outside Business Activities
  • Due to observed instances of registered representatives offering services related to Digital Asset Securities outside of their employing broker-dealer, the Division’s staff will continue to review FINRA-member broker-dealer compliance processes in connection with the evaluation, approval, and monitoring of outside business activities.

Staff Observations for National Securities Exchanges

• Exchange Registration
  • Due to advancements in distributed ledger technology, including the introduction of innovative methods for facilitating electronic trading in Digital Asset Securities, the staff will examine platforms that facilitate trading in Digital Asset Securities and review whether they meet the definition of an exchange, as defined under Section 3(a)(1) of the Exchange Act[3] and Rule 3b-16(a)[4]

• Compliance with Regulation ATS
  • Examinations will include a review of whether an alternative trading system (“ATS”) that trades Digital Asset Securities is operating in compliance with Regulation ATS.

Staff Observations for Transfer Agents

• Compliance with Transfer Agent Rules
  • Distributed ledger technology is used by issuers of securities to perform various shareholder administrative functions (including recording ownership). Examinations will include a review of whether registered transfer agents servicing Digital Asset Securities are operating in compliance with applicable rules for registered transfer agents intended to facilitate prompt and accurate clearance and settlement of securities transactions.

Conclusion

The Division’s recent risk alert highlights risks, and issues related to the offering and servicing of Digital Asset Securities. It is meant to encourage firms to assess their supervisory, compliance and/or other risk management systems related to these risks and make any appropriate changes to address and strengthen such systems.

[1] Digital assets essentially operate on software running across networks of peers that create and maintain shared ledger accounting for holdings of these assets. “Forked” refers to backward-incompatible protocol changes to a distributed ledger that create additional versions of the distributed ledger, creating new digital assets.

[2] “Airdropped” refers to the distribution of digital assets to numerous addresses, usually at no monetary cost to the recipient or in exchange for certain promotional or other services.

[3] The term “exchange” means any organization, association, or group of persons, whether incorporated or unincorporated, which constitutes, maintain, or provides a market place or facilities for bringing together purchasers and sellers of securities or for otherwise performing with respect to securities the functions commonly performed by an exchange.

[4] Exchange Act Rule 3b-16 provides a functional test to assess whether an entity meets the definition of an exchange under Section 3(a)(1) of the Exchange Act. Rule 13b-16 provides that an entity can be considered an exchange if such organization, association, or group of persons: (1) brings together the orders for securities of multiple buyers and sellers; and (2) uses established, non-discretionary methods (whether by providing a trading facility or by setting rules) under which such orders interact with each other, and the buyers and sellers entering such orders agree to the terms of the trade.