In July, we discussed the SEC’s assertion that an Initial Coin Offering (ICO) could constitute a securities offering, subject to the SEC’s jurisdiction and compliance with federal and state securities law. Last week, the SEC issued a press release announcing its creation of the Cyber Unit, a new enforcement initiative that will impact the cryptocurrency space. The creation of the Cyber Unit is timely partially due to the SEC’s report on the regulation of ICOs and partially due to the SEC’s recent disclosure that it was hacked in 2016. The SEC stated the Cyber Unit has been in the planning stages for months and will complement the SEC’s efforts to create a cybersecurity working group to coordinate information sharing and incident response efforts throughout the SEC. The Cyber Unit will focus on cyber-related:
- Market manipulation schemes;
- Hacking to obtain nonpublic information;
- Violations involving distributed ledger technology and ICOs;
- Misconduct on the dark web;
- Intrusions into retail brokerage accounts; and
- Threats to trading platforms and market infrastructure.
The SEC’s first step in regulating ICOs was its initial report in July that contained the SEC’s assertion of jurisdiction in the ICO space. The creation of the Cyber Unit is the next step in the SEC’s attempt to demonstrate to the cryptocurrency community that it intends to take ICOs and other blockchain assets seriously, especially given the broad powers the Cyber Unit possesses. Now that the SEC has firmly established its presence in the ICO space, it is unlikely any new ICOs conducted in violation of federal securities law will receive leeway in SEC enforcement. Entities planning on conducting an ICO, or otherwise dealing in virtual currencies, should consult qualified legal counsel to ensure compliance with the relevant securities laws.