Guest post by William R. Daugherty and John Busch, Baker & Hostetler LLP
The U.S. Securities and Exchange Commission (SEC) recently announced a consent order settling an enforcement action brought by the SEC against Voya Financial Advisors Inc. (VFA) in connection with a data security incident that occurred in 2016. VFA is a registered broker-dealer and investment adviser with the SEC. The order memorializes the SEC’s agreement to accept $1 million in settlement of the charges alleging that VFA violated both the SEC’s “Safeguards Rule” and “Identify Theft Red Flags Rule.” This was the SEC’s first enforcement action under the Identity Theft Red Flags Rule.
Guest post by Michael S. Dicke and Alexis I. Caloza of Fenwick & West LLP
Over the past year, the U.S. Securities and Exchange Commission has ramped up its scrutiny of cryptocurrencies and other digital token offerings. On Sept. 11, 2018, the SEC escalated its crackdown when it announced a pair of settled enforcement actions against non-issuers participating in the offer and sale of cryptocurrencies it deemed unregistered securities. As with prior cryptocurrency cases, the SEC charged the defendants with offering or selling securities without filing a registration statement or having a valid exemption from registration. However, these cases mark the SEC’s first cryptocurrency enforcement actions against non-issuers for failing to register as broker-dealers and investment companies. As such, they highlight the SEC’s continuing efforts to bring the purchase and sale of cryptocurrencies within a regulated framework, including by targeting third parties who facilitate the purchase and sale of such assets.