Trends
1. SEC’s approval of spot Ethereum ETFs
On May 23, 2024, the SEC approved applications from Nasdaq, CBOE and NYSE to list exchange-traded funds (ETFs) that invest in ether. While ETF issuers will be required to obtain approval of their ETF registration statements outlining investor disclosures before the product can be launched, securing this approval will be a significant step towards that launch. The SEC’s approval comes alongside the U.S. House of Representatives bill to give cryptocurrencies regulatory clarity.
2. Protection of customer information (Amendments to Regulation S-P)
On May 16, 2024, the SEC announced the adoption of amendments to Regulation S-P to modernize and enhance the rules that govern the treatment of consumers’ nonpublic personal information by certain financial institutions. The amendments update the rules’ requirements for “covered institutions” to address the expanded use of technology and corresponding risks that have emerged since the Commission originally adopted Regulation S-P in 2000. SEC Chair Gary Gensler noted that, “over the last 24 years, the nature, scale, and impact of data breaches has transformed substantially,” and “these amendments to Regulation S-P will make critical updates to a rule first adopted in 2000 and help protect the privacy of customers’ financial data.” In short, if a breach occurs, you must notify. The amendments require a covered institution to provide notice as soon as practicable, but not later than 30 days, after becoming aware that an incident involving unauthorized access to or use of customer information has occurred or is reasonably likely to have occurred. The notice must include details about the incident, the breached data, and how affected individuals can respond to the breach to protect themselves.
The amendments also require covered institutions to develop, implement and maintain written policies and procedures for an incident response program that is reasonably designed to detect, respond to and recover from unauthorized access to or use of customer information. In addition, the amendments require that the response program include procedures for covered institutions to provide notice to individuals whose sensitive customer information was or is reasonably likely to have been accessed or used without authorization, with certain exceptions.
3. Anti-money laundering
On May 13, 2024, the SEC and the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) jointly proposed a new rule that would require SEC-registered investment advisers (RIAs) and exempt reporting advisers (ERAs) to establish, document and maintain written customer identification programs (CIPs). The proposed rule aims to strengthen the anti-money laundering and countering the financing of terrorism (AML/CFT) framework in the investment sector.
The proposed rule would require RIAs and ERAs to minimally establish:
- A written CIP;
- Risk-based procedures for verifying the identity of each customer that opens an account, which includes collection of the customer’s name, date of birth or formation, address and identification number;
- Procedures for making and maintaining a record of all information collected under the CIP for at least five years;
- Procedures for determining whether a customer appears on any list of known or suspected terrorists or terrorist organizations issued by any federal government agency and designated by the Treasury in consultation with the federal functional regulators; and
- Procedures for providing customers with adequate notice that the investment adviser is requesting information to verify their identities.
This proposed rulemaking follows FinCEN’s February 2024 proposal to designate RIAs and ERAs as financial institutions under the Bank Secrecy Act and subject them to AML/CFT program requirements. The proposal largely mirrors the CIP requirements for other financial institutions.
4. “AI washing”
With the growing fervor around artificial intelligence (AI), many companies are now incorporating it into their business models. However, to combat companies embellishing their use of AI, the SEC recently renewed its commitment to combat AI washing. In a recent video on the subject, SEC Chair Gary Gensler noted that while “AI is the most transformative technology of our time,” companies that mislead the public on their use of AI may violate securities laws.
Companies that participate in AI washing potentially violate the SEC’s Investment Adviser Marketing Rule, which generally prohibits:
- Making an untrue statement of a material fact, or omitting a material fact necessary to make the statement made, in light of the circumstances under which it was made, not misleading;
- Making a material statement of fact that the RIA does not have a reasonable basis for believing it will be able to substantiate upon demand by the SEC;
- Including information that would reasonably be likely to cause an untrue or misleading implication or inference to be drawn concerning a material fact relating to the RIA;
- Discussing any potential benefits without providing fair and balanced treatment of any associated material risks or limitations;
- Referencing specific investment advice provided by the adviser that is not presented in a fair and balanced manner;
- Including or excluding performance results, or presenting performance time periods, in a manner that is not fair and balanced; and
- Including information that is otherwise materially misleading.
Chair Gensler’s warning has merit. The same day he posted the video on AI washing, the SEC announced that it had settled charges against two investment advisers, Delphia (USA) Inc. and Global Predictions Inc., for their false and misleading statements surrounding their use of AI. See below for more on these settlements.
Key cases
1. Delphia (USA) Inc. and Global Predictions Inc.
On March 18, 2024, the SEC announced that it had settled charges against Toronto-based Delphia (USA) Inc. and San Francisco-based Global Predictions Inc. for their false and misleading statements surrounding their use of AI in investment advising. The firms paid a total of $400,000 in civil penalties ($225,000 for Delphia and $175,000 for Global Predictions).
According to the SEC’s order against Delphia, from 2019 to 2023, Delphia represented that it used AI and machine learning to analyze its retail clients’ spending and social media data and to inform investment advice. Specifically, Delphia advertised that it was “the first investment advertiser to convert personal data into a renewable source of investable capital” and that it “put collective data to work to make [its] artificial intelligence smarter so it can predict which companies and trends are about to make it big and invest in them before everyone else.” The SEC found Delphia’s representations to be false and misleading, in violation of the Investment Advisers Act of 1940 (Advisers Act), because Delphia had not developed these represented capabilities. In fact, Delphia admitted that, as of mid-2021, it had never used any of its clients’ data or created an algorithm to use client data. The SEC also charged Delphia with willfully violating the Marketing Rule because it disseminated advertisements that included untrue statements of material fact.
According to the SEC’s order against Global Predictions, from the date of its registration in August 2023, Global Predictions represented that it used AI both on its website and on social media. Specifically, Global Predictions claimed that it used “expert AI-driven forecasts” and was the “first regulated AI financial advisor.” The SEC found Global Predictions’ representations to be false and misleading, in violation of the Advisers Act. The SEC also charged Global Predictions with willfully violating the Marketing Rule.
Delphia and Global Predictions consented to the entry of orders finding that they violated the Advisers Act and ordering them to be censured and to cease and desist from violating the Advisers Act.
2. Terra Luna and Do Kwon
In April, after a two-week civil trial, a jury found Terraform Labs PTE Ltd. and its founder Do Kwon liable for securities law violations, specifically for misleading cryptocurrency investors ahead of the 2022 collapse of TerraUSD. The SEC alleged in its complaint that, from at least April 2018 through May 2022, “Terraform and Kwon offered and sold crypto asset securities in unregistered transactions and perpetrated a fraudulent scheme that led to the loss of at least $40 billion of market value.” Kwon, a Stanford graduate and software engineer, started creating the “Terraform ecosystem” back in March 2018. Kwon first created the LUNA token, and later launched TerraUSD, a stablecoin, which was described as the “lynchpin” of Terraform’s interrelated crypto asset “ecosystem.” However, unlike traditional stablecoins, TerraUSD’s value was tied to the U.S. dollar through an algorithm tying TerraUSD’s value to LUNA. Terraform and Kwon repeatedly touted the stability of the crypto assets and asserted that the assets would increase in value to investors. The SEC asserted, in part, that Kwon and Terraform misled and defrauded investors by leading them to believe that the Terraform blockchain was being used by retail consumers in Korea, and marketed the products as having a real-world use. These material misrepresentations were used to solicit billions of dollars in investments by retail and institutional investors in Terraform crypto assets before the eventual collapse of the scheme in 2018. On June 12, 2024, the parties submitted a proposed settlement where Terraform would pay more than $4 billion based upon being found liable for fraud.
