On January 26, Reuters reported SEC probes into registered investment advisers and their compliance with the custody rule for digital assets. Investment advisers should be ready to respond to any SEC inquiry and take the opportunity to review their own processes and disclosures such as, among other things:

  1. Due diligence processes for selecting custodians;
  2. Disclosure of counterparty, bankruptcy remoteness and other digital asset risks; and
  3. Any arrangements likely to result in scrutiny, such as the use of platforms not ordinarily accessible by U.S. persons.

Gavin Fearey, a member of Winstead’s Investment Management & Private Fund Industry Group, commented: 

“Investment advisers with digital asset exposure have every incentive to examine their own due diligence and compliance processes, and their disclosures, to see whether they are ready to withstand the scrutiny of regulators following market shocks and counterparty failures like FTX and Celsius. If there was ever any doubt, it is no longer difficult to justify allocating sufficient resources and paying close attention to counterparty risk, bankruptcy remoteness, internal controls, compliance and other preparations, all of which are proving essential.”

Mr. Fearey was principal contributor, with colleagues from the Wall Street Blockchain Alliance (“WSBA”), in a recent letter to the SEC’s Division of Investment Management discussing these very issues. The WSBA letter has a detailed appendix containing many questions that investment advisers can consider when evaluating potential digital asset custodians (available here and cited by CoinTelegraph).

A first step for investment advisers, or anyone else evaluating digital asset custodians, is to make sure they ask questions like those in the appendix of the WSBA’s letter. Gavin elaborated:

“Whilst more regulatory guidance is sure to follow recent events, a risk alert from the SEC’s Division of Examination also guides investment advisers on the custody rule and other topics to focus on in the specific context of digital asset securities [available here and discussed by Winstead here]. From there, the next step is to engage with lawyers, compliance consultants and other subject matter experts in digital assets to build out existing infrastructure and disclosures on digital assets and digital asset service providers.”

Anyone examining their own digital asset policies and disclosures or preparing to respond to an inquiry from a regulator such as the SEC or CFTC should take appropriate steps and consult with their legal counsel.


Gavin Fearey | 817.420.8276 | gfearey@winstead.com

Action Implicates Attorney-Client Privilege and Other Concerns

Factual Background

On January 10, 2023, the SEC filed a subpoena enforcement action against Covington, a large law firm that was victimized by the so-called Hafnium cyberattack by Chinese state actors.[1]  Hafnium reportedly was engaged in espionage to determine priorities of the incoming Biden administration in November 2020.  The SEC seeks names of Covington clients whose information was accessed by the attackers.  Covington has refused to supply the name of its clients, arguing that such information is protected by the attorney-client privilege and work-product doctrine, and that compliance with the subpoena would be unduly burdensome.

Continue Reading SEC Files Subpoena Enforcement Action Against Covington & Burling, Seeking Names of Clients Impacted by Chinese State-Sponsored Cyberattack

Recent Enforcement Action

The requirement that financial firms preserve books and records is nothing new.  But how do such firms keep track of employees’ communications on applications like Signal or WhatsApp?  Continue Reading Financial Regulators Focus on Preservation of Ephemeral Messaging

Corporate officers and directors sometimes view having a Rule 10b5-1 trading plan as an impenetrable barrier to facing insider-trading charges.  But a recent case announced by the SEC demonstrates that such plans are not bulletproof.[1]  If an executive enters into such a plan while in possession of material nonpublic information, insider-trading charges could ensue. Continue Reading SEC Charges Public Company Executives with Insider Trading Despite Trading Through Purported Rule 10b5-1 Trading Plans

Recently, in SEC v. Spartan Securities Group, Ltd, et al.[1], a Florida federal court held that the Securities and Exchange Commission (“SEC”) could seek disgorgement and direct funds to the Treasury because the defrauded victims could not be identified.[2] Continue Reading Florida District Court Permits the SEC to Pay Disgorgement to the US Treasury Where Victims of the Fraud Could not be Identified

On May 3, the SEC announced that the Cyber Unit in the Division of Enforcement is renamed the “Crypto Assets and Cyber Unit” and will expand by 20 positions to approximately 50 positions.[1]  Regulation of digital assets has been a key initiative of SEC Chair Gary Gensler, who previously chaired the CFTC.

The press release emphasizes the explosion of crypto markets in recent years and says that the Crypto Assets and Cyber Unit will be vital to protect investors and efficiently regulate financial markets.  The expanded unit will concentrate on investigating securities violations relating to: Continue Reading SEC Expands and Renames Cyber Unit to “Crypto Assets and Cyber Unit”

On April 5, the Public Company Accounting Oversight Board levied a $100,000 fine against Scott Marcello, the former Vice Chair of Audit at KPMG.  The penalty is noteworthy for two reasons: (1) it’s the largest monetary penalty ever levied by the PCAOB in a case settled with an individual; and (2) it’s the first matter in which the PCAOB has sanctioned someone for failure to reasonably supervise, despite being authorized to impose sanctions on this basis under the Sarbanes-Oxley Act of 2002 (SOX).  See Section 105(c) of the Sarbanes-Oxley Act of 2002 (SOX). Continue Reading The PCAOB Brings First Failure-To-Supervise Case

On March 16, the SEC filed a municipal bond fraud case against Crosby Independent School District and its former CFO in a $20 million bond offering.[1]  Crosby is a suburb of Houston, Texas.  The SEC also charged the district’s outside auditor with improper professional conduct and suspended her from appearing or practicing before the Commission with a right to reapply after three years. Continue Reading SEC Settles Municipal Bond Fraud Case Against Texas School District and Former CFO, and Suspends External Auditor

There has been lots of breathless commentary in the financial press and the blogosphere over the SEC’s August 2021 filing of an insider-trading case involving so-called “shadow trading.” Shadow trading as defined in a 2020 academic paper occurs when someone possessing material, nonpublic information (“MNPI”) obtained from his or her employer uses it to trade in the securities of a competitor or economically-linked public company.[1]  This is in contrast to the more usual insider trading, in which the stock being traded is that of the subject company. In Panuwat, the defendant is charged with misappropriating MNPI from his employer and using it to trade in a competitor’s securities.[2]  Earlier this week, a district court in the Northern District of California denied a motion to dismiss the SEC’s complaint, allowing the enforcement action to proceed.[3]

Continue Reading SEC Complaint Upheld in Rare – But Not Unprecedented – Shadow Trading Case