Home / News & Insights / Whistleblower Law Insights / SEC Sets it Sights on Cybersecurity, Cryptocurrency, and AML Programs in 2024

SEC Sets it Sights on Cybersecurity, Cryptocurrency, and AML Programs in 2024

The U.S. Securities and Exchange Commission (SEC) Division of Examinations recently released its 2024 Examination Priorities Report to inform investors and registrants of the agency’s priorities, key risks, and examination topics for the upcoming year. In 2024, the SEC’s examiners will focus on cybersecurity, cryptocurrency assets, and anti-money laundering (AML) programs.  The Division conducts examinations and inspections of SEC-registered investment advisers, investment companies, broker-dealers, transfer agents, municipal advisors, securities-based swap dealers, clearing agencies, and other self-regulatory organizations.

Last year’s priorities report highlighted environmental, social, and corporate governance (ESG) policies, among other concerns.  In 2023, the SEC established specialized teams within the different examination programs, allowing the agency to better address emerging issues and risks associated with crypto assets and financial technology, like artificial intelligence and cybersecurity. In 2024, the agency will continue their spotlight on these emerging issues.  

SEC Chair Gary Gensler said, “The Division of Examinations plays a critical role in protecting investors and facilitating capital formation. … In examining for compliance with our time-tested rules, the Division helps registrants understand the rules as well as ensures that markets work for investors and issuers alike. The Division’s efforts, as laid out in the 2024 priorities, enhance trust in our ever-evolving markets.”

This is the first year the SEC has published examination priorities at the beginning of the fiscal year, releasing the report on October 16, 2023.  The SEC report explains that this change was made “with the hope that it will better inform investors and registrants of the key risks, trends, and examination topics that we plan to focus on in the upcoming year.”

Cybersecurity – Information Security and Operational Resiliency

The Division of Examinations highlighted the importance of cybersecurity as an area of concern for fiscal year 2024, observing, “[O]perational disruption risks remain elevated due to the proliferation of cybersecurity attacks, firms’ dispersed operations, intense weather-related events, and geopolitical concerns.”

With a focus on information security and operational resiliency, the Division will concentrate on registrants’ policies and procedures, internal controls, oversight of third-party vendors, governance practices, and responses to cyber-related incidents, including ransomware attacks.

The Division’s focus on cybersecurity tracks the SEC’s greater interest in cybersecurity concerns for investors. Last year, the SEC issued a rule requiring public companies to disclose material cybersecurity incidents, as well as to report annually on their cybersecurity risk management practices and governance.

Cryptocurrency Assets and Emerging Financial Technology

In 2024, the Division will continue to examine the proliferation of certain types of investments, including cryptocurrency assets and associated products and services.  The SEC will also concentrate on the use of other emerging financial technologies, such as broker-dealer mobile applications.

According to the report, the Division will continue to pay close attention to automated investment tools, artificial intelligence, and trading algorithms and the risks associated with emerging technologies and alternative sources of data. Finance companies have not been immune to the recent explosion of companies making use of artificial intelligence, with companies applying artificial intelligence to algorithmic trading, portfolio analysis, risk management, generating personalized investment advice, and more.

Given the volatility of the cryptocurrency asset markets, the Division will also continue its focus on monitoring and conducting examinations of crypto asset registrants.  Examinations will review the offer, sale, recommendation of, advice regarding, trading in, and other activities involving crypto assets or related products. Just days ago, the SEC approved for the first time eleven U.S. listed exchange traded funds (ETFs) tracking the price of Bitcoin—a move that is sure to usher in even more of these products in the future and with it, increased scrutiny from regulators.

Anti-Money Laundering

The Report also identifies Anti-Money Laundering programs as an examination priority for 2024. The Bank Secrecy Act (BSA) requires some broker-dealers and registered investment companies to establish anti-money laundering (AML) programs designed to monitor and surveille a company’s compliance with the BSA. For example, certain financial institutions must file Suspicious Activity reports (SARs) with the Financial Crimes Enforcement Network used to help detect and combat market manipulation, insider trading, Ponzi schemes, money laundering, corruption, terrorist financing, and various other illegal activities, as well as perform due diligence on customers.

The Division will continue seeking to ensure that registered investment companies appropriately tailor their AML program to their business model and AML risks, establish adequate customer identification programs, and meet their SAR filing obligations, among other requirements. In addition, the Division will review whether broker-dealers and advisers are complying with the Office of Foreign Assets Control sanctions, which prohibit doing business in certain sanctioned countries such as Iran.

Whistleblowers Play an Important Role

While SEC examinations are a critical enforcement tool, whistleblowers are essential for reporting money laundering, cybersecurity, cryptocurrency, and other financial technology frauds that might not otherwise be detected. The SEC whistleblower provisions create a mechanism for persons with information about violations to report to the SEC.

SEC whistleblowers are entitled to receive rewards of 10 percent to 30 percent based on the monetary sanctions the SEC collects as a result of enforcement actions based on the whistleblower’s information if more than $1 million in sanctions are ordered. If monetary sanctions exceed $1 million, recoveries in related cases by other agencies also may be included in the calculation of the whistleblower award.

The money paid to whistleblowers comes from the Investor Protection Fund created by Congress and financed through monetary sanctions the SEC collects from securities law violators. No money is taken or withheld from harmed investors to pay whistleblower rewards.

Our Expertise in SEC Whistleblower Awards

Phillips & Cohen is the most successful law firm representing whistleblowers, with recoveries from cases totaling over $13 billion and 21 awards for clients under Dodd-Frank whistleblower reward programs. The firm’s partners include the former first head of the SEC Office of the Whistleblower, the former director of the CFTC’s Whistleblower Office and numerous attorneys with decades of experience representing whistleblowers.

If you are aware of money laundering, cybersecurity, or cryptocurrency fraud and would like to talk to experienced whistleblower lawyers, please contact us for a free, confidential review of your matter.

Let us help you.
Get a free, confidential case review