The Security and Exchange Commission’s Division of Examinations published today a blueprint for investment managers and institutions on how the Division will inspect the handling of cryptoassets, or “digital asset securities,” moving forward.
The Division (formerly the Office of Compliance Inspections and Examinations, or OCIE) is the second largest wing of the SEC, and is tasked with overseeing securities industry players to ensure regulatory compliance.
Targeted towards investment advisors, broker-dealers, exchanges, and transfer agents, this Risk Alert provided a broad list of specific procedural, bookkeeping, and advisory steps the Division will be expecting from securities companies in future examinations.
“As more securities industry participants seek to engage in digital asset-related activities, this Risk Alert provides transparency about areas of focus for the Division’s future examinations,” the office wrote.
Investment advisors should be aware of risks associated with forks and airdrops, and the Division will be reviewing advisors’ “fulfillment of their fiduciary duty with respect to investment advice,” a comment presumably related to disclosing the risks associated with crypto.
Investment custodians, meanwhile, should have “continuity plans” in situations where key executives have access to private keys, and the Division will be examining private key management going forward.
Among the most thorough sections concerned guidance around AML considerations for broker-dealers, which the Division seemed to imply has been a point of failure for some institutions.
“Certain pseudonymous aspects of distributed ledger technology present unique challenges to the robust implementation of an AML program,” the Division wrote.
“The staff has observed broker-dealer AML programs that have not consistently addressed or implemented routine searches or, to the extent they implemented routine searches, have not updated those searches to check against the Specially Designated Nationals list maintained by the Office of Foreign Assets Control (“OFAC”) at the U.S. Department ofthe Treasury.”
The Risk Alert also noted “inadequate” AML procedures and documentation, noting that they would be examining for “filing suspicious activity reports and performing customer due diligence.”