How Ready Are You For Change?
We are reminded that sustainable governance can be simple as tracking regulatory developments so the compliance program covers basic regulatory priorities. This edition is full of developments which are great reminders for training and policy discussions.
What’s a recent example of why an effective compliance program protects founders and companies? DOJ investigations into Tether show, why regardless of regulatory licenses, an adequate compliance program can deliver a ROI for fintech and blockchain companies.
BLOCKCHAIN & FINTECH
Risk Priorities: Need a primer on digital asset risk? Here is a good overview of the top 3 risks.
Crypto Leading Debate: Follow the important debate defining regulatory jurisdiction over securities, banking and tech services. SEC will sue Coinbase if it launches Lend, and Crypto’s Rapid Move into Banking elicits Alarm in Washington
Cash Management Clarity: How should digital advisors handle cash? This SEC matter is a good reminder to review and discuss whether fees on cash and cash management meets fiduciary obligations.
Engagement vs. Inducements: SEC Request for Comment re: Digital Engagement Practices. Track these developments to adjust risk assessments and provide advice about platform products.
Penalty for Willful Compliance Gap: CFTC and FinCEN impose $100M penalty on BitMEX in the first enforcement action against a FCM in the crypto space. The sizable penalty was because of BitMEX willful failure to implement a written AML program and among other things failed to conduct any OFAC screening, KYC screenings, failed to hire a CCO, and conducted transactions with counterparties linked to known darknet markets.
SEC ENFORCEMENT HIGHLIGHTS
Failure to Provide Sufficient Disclosure: Have you tested your breach disclosure process? SEC levies $1M penalty for allegedly misleading Cybersecurity incident disclosures.
Gaps in Cyber Protections for PII: SEC announced three actions for deficient cybersecurity procedures that resulted in exposure of PII of thousands of customers and clients at each of the eight firms.
Gensler’s interesting perspective on SEC’s priorities and what to expect in 2022 for conflicts of interest and payments for order flow.
Lack of Product Training: Reminder product training is important for IARs especially as the product offering becomes more complex. In the recent SEC Cease and Desist Order issued in Frontier Wealth Management LLC (September 3, 2021), the Commission took note of Frontier’s failure to provide policies, procedures, training and supervision concerning the features and risks of complex products and the assessment of whether such products are suitable for each client.
DATA PRIVACY
Deficient Use of Data Disclosure: Before the year end-review your data map re: data sharing and use. Confirm that your practices are aligned with your compliance program. Compliance Officers can ask for help by highlighting this new case: Facebook’s WhatsApp Fined €270Million for EU Privacy Violations. EU regulators fined the chat service for failing to be sufficiently transparent about what is does with EU resident’s data. The fine came as part of a decision that found WhatsApp advise Europeans how their personal information is gathered and used, including the sharing of their information with other Facebook units.
