US enforcement seeks fraud among emerging, unregulated finance spaces

People exit the headquarters of the U.S. Securities and Exchange Commission (SEC) in Washington, D.C.
People exit the headquarters of the U.S. Securities and Exchange Commission (SEC) in Washington, D.C., U.S., May 12, 2021. Picture taken May 12, 2021. REUTERS/Andrew Kelly/File Photo/File Photo

After the sudden collapse of top crypto exchange FTX, which was presumed to be “doing things right,” regulators are looking harder at whether enough effective controls are in place to prevent fraud. Even before the rapid demise FTX, agency enforcers were recognizing the need to update their strategies to keep up with the velocity of digital fraud. Lawmakers who have asked regulators why they failed to head off the recent disaster were told the same.

<b>Broader crackdown in unregulated spaces</b>

In the year ahead, regulators are expected to crack down more forcefully on firms in many emerging sectors that have overlooked compliance. The FTX case showed the danger that can emerge practically overnight in an opaque market that lacks oversight. The enforcement focus will hit a wide range of complex, illiquid products and financial services where less transparent practices pose hidden risk to investors.

The FTX collapse has marked a turning point. Even crypto-friendly lawmakers and consumer advocates now want stronger enforcement against bad actors to restore trust. In fact, consumer advocates have railed against new rules that could be seen as legitimizing the novel products as mainstream investments.

Dennis Kelleher, head of the Better Markets advocacy group, said regulators came “perilously close” to allowing crypto firms to clear their own trades, adding that the FTX collapse showed that such “carve outs” sought by crypto firms posed risk to investors. Investigators blamed the FTX failure largely on a lack of securities-industry style internal oversight.

<b>FTX gives enforcement a green light</b>

When agency chiefs asserted that they had the rules to act against the unregulated, offshore FTX, and lawmakers called for more proactive enforcement, it was seen as a green light for enforcement authorities to go forward with actions against anyone who puts U.S. investors at risk.

The Securities and Exchange Commission’s (SEC’s) enforcement strategy has targeted gatekeepers who enable or ignore fraud; and SEC Chairman Gary Gensler in December issued a stern warning to lawyers and compliance units against helping crypto-clients or their advisory firms evade securities laws.

The FTX investigation showed the importance of uncovering data that points to hidden practices that can harm investors. Investigators alleged that they found a “smoking gun” showing fraud inside the crypto firm in “a few lines of computer code” an engineer wrote that automatically siphoned customer funds to the FTX trading subsidiary. Further, the agency’s broad sweep of Wall Street firms’ electronic communications practices, which resulted in $2 billion in fines last year continues.

<b>Locating hidden fraud</b>

A recent study led by a University of Toronto professor found that only one-third of frauds at public companies are ever discovered. The study concluded fraud is “like an iceberg, with significant undetected fraud beneath the surface.”

The problem of hidden fraud has become more challenging as new technology accelerates illicit exploits. By leveraging financial technology tools, firms can often grow so quickly that compliance controls can’t keep up, said Federico Baradello, chief executive officer of merger and acquisition adviser Finalis.

Whether by design or sloppiness, he said, FTX grew from startup to a $37 billion enterprise without putting controls in place. Investigators found important documents carried on “scraps of papers” that founder Sam Bankman-Fried had stuffed in his pockets. An SEC examiner in San Francisco in post-FTX inspections found investment advisers and hedge funds that allowed partners to keep encryption keys to company assets on their personal electronic devices.

The Consumer Financial Protection Bureau became an early mover among agencies in initiatives to examine and take action against “black box” applications that hide abusive practices. The agency has also launched initiatives and begun investigations of Big Tech firms and online lenders over the past year for algorithmic abuses. Its moves could foreshadow similar strategies at other agencies with regard to unregulated financial-services sectors.

The SEC itself has spent much of the past two years going through a massive rulemaking process to update regulations to reflect vast change in the way financial markets work. Chairman Gensler has largely focused on sectors where technology has reduced transparency as trade volume moved away from “lit” markets. With more visibility, more enforcement actions are expected.

In monitoring a much larger regulatory footprint, SEC enforcement will have new technology to monitor for abuse. The SEC in December disclosed the first major enforcement action using the Consolidated Audit Trail, which vastly expands the surveillance footprint for enforcement.

<b>Regulators using new tech tools</b>

In its 2023 Report on FINRA’s Examination & Risk Monitoring Program, the Financial Industry Regulatory Authority highlighted as priorities enforcement actions that target manipulative trading and financial crime that come from “insights originating in our market surveillance activities,” said Greg Ruppert, FINRA executive vice president for member supervision.

The new year began with a technology-related enforcement action by the U.S. Department of Justice (DOJ) that reflected increased cooperation among agencies and other countries in solving complex crimes like crypto that operated offshore. The DOJ arrested Anatoly Legkodymov, the Russian owner of a crypto currency exchange Bitzlato Ltd., charging him with operating a money transmitting business that failed to meet “regulatory safeguards, including anti-money laundering requirements.”

It marked the first action in a multi-agency cyber- and crypto-crime unit that U.S. Attorney Breon Peace for the Eastern District of New York said was just starting to produce results using sophisticated technology “at a pace that matches the tempo of the criminals we pursue.”

The velocity of fraud has pushed this change, and so the need to work cross-agency and cross-border have become more critical. Just as important, the effort to target safeguard controls at fintech firms. Lisa O. Monaco, Deputy U.S. Attorney General, said firms themselves can become targets if they “fail to implement safeguards required by U.S. law, safeguards that enable law enforcement to detect and to investigate financial crimes.”

Opinions expressed are those of the author. They do not reflect the views of Reuters News, which, under the Trust Principles, is committed to integrity, independence, and freedom from bias. Thomson Reuters Institute is owned by Thomson Reuters and operates independently of Reuters News.

Richard Satran, a native of Eagle River, Wisconsin, has been a regulation, finance and technology correspondent for Reuters and Thomson Reuters over the course of three decades. He has served in New York, London and San Francisco. He has also held staff writing and editing positions at Wired, CNBC, US News & World Report and was managing editor for news and investing at Fidelity. Richard began his career on newspapers in New England as an editor and investigative reporter covering financial and white collar crime. He has served as a board member for Center for Investigative Journalism, New York Financial Writers Association and Society of American Business Editors and Writers. He has also taught at the University of California, Berkeley, Montclair University and Reuters Foundation.