iQoncept - Fotolia

FAQ: How is digitization influencing SEC compliance priorities?

As online trading and digital finance becomes the norm, updated SEC compliance regulations target these transactions in an effort to improve digital asset security.

Trading of digital assets using cryptocurrency and digital tokens has grown exponentially in recent years, and the Securities and Exchange Commission is taking note: The agency's compliance examiners have added burgeoning online trading transactions to their priority list in 2018 as they keep a lookout for fraud and demand adequate disclosure of risks.

Many of the other top issues on this year's SEC compliance exam priorities list resemble those of the past. But in an effort to improve transparency, the agency is sharing more details on these priority shifts as outlined by the Office of Compliance Inspections and Examinations (OCIE) in February.

What are the SEC's focus areas for compliance review in 2018?

The OCIE, which conducts the SEC's National Exam Program, outlined five areas of particular interest this year: compliance and risks in critical market infrastructure; protecting retail investors, including seniors and people saving for retirement; overseeing self-regulatory bodies such as the Financial Industry Regulatory Authority (FINRA) and the Municipal Securities Rulemaking Board; cybersecurity; and anti-money laundering programs.

These broad topics are familiar, but this year, examiners will be drilling down into some new areas, including cryptocurrencies, initial coin offerings (ICOs), secondary market trading and blockchain. If they determine that securities are involved in these transactions, they will monitor sales to make sure regulatory requirements are met.

Related content
SEC releases 2018 examination priorities
SEC compliance risk alert: Common violations by investment advisers that advertise

How are SEC compliance examiners seeking to protect retail investors in 2018?

Featured heavily among the 2018 compliance exam priorities is the protection of retail -- aka "Main Street" -- investors. Examiners will focus on nine areas of investor protection, beginning with the fees and expenses investors are charged, as well as how these fees are calculated and disclosed. They will examine how sales representatives are supervised and how customer orders in fixed-income securities are executed to detect practices that could create conflicts of interest.

With the cryptocurrency and ICO markets growing dramatically, the OCIE is monitoring the sale of these products. Examiners will take a close look at whether financial professionals maintain adequate controls and safeguards to protect these assets from theft and whether financial professionals adequately disclose their associated risks.

Related content
SEC starts regulatory crack down on initial coin offerings
SEC warns against unlawful online trading platforms

Why are SEC compliance rules targeting cryptocurrency and ICOs in 2018?

As part of its effort to protect retail investors, the SEC is making the trade of cryptocurrency and other digital assets a high priority. Buying digital coins or tokens in initial coin offerings is an increasingly popular investment vehicle, and some of these digital assets fall under the definition of a security. The online trading platforms where these offerings are made can also fall under the definition of an exchange. In testimony before the U.S. Senate Committee on Banking, Housing, and Urban Affairs on Feb. 2, SEC Chairman Jay Clayton noted that "simply calling something a 'currency' or a 'currency-based product' does not mean that it is not a security.

"Certain market professionals have attempted to highlight the utility or voucher-like characteristics of their proposed ICOs in an effort to claim that their proposed tokens or coins are not securities," Clayton told lawmakers. "Merely calling a token a 'utility' token or structuring it to provide some utility does not prevent the token from being a security."

Clayton warned that too many Main Street investors do not understand the risks involved in these new varieties of trading. This year, SEC examiners are focusing on whether the trade of digital assets includes adequate protections against theft and whether the risks associated with the products are being sufficiently disclosed.

Related content
SEC chairman discusses virtual currencies before the Committee on Banking, Housing, and Urban Affairs
Navigating the 'wild west' of cryptocurrencies and ICOs

How is the SEC examining cybersecurity compliance in 2018?

Every 2018 exam program will make cybersecurity a priority, according to the OCIE. Noting that both the scope and the severity of cybersecurity risks have grown dramatically, regulators are emphasizing governance and risk assessment, access rights and controls, data loss prevention, vendor management, training, and incident response.

The industry's self-regulation body, FINRA, also is focusing on cybersecurity practices this year. FINRA will be reviewing firms' approaches to cybersecurity risk management, including technology governance, system change management, risk assessments, technical controls, incident response, vendor management, data loss prevention and staff training.

Related content
Securities and Exchange Commission's cybersecurity enforcement actions
SEC to guide public companies on cybersecurity disclosures

What is the focus of compliance with the SEC's anti-money laundering initiative?

Securities firms play an ongoing role in helping law enforcement identify and crack down on organized crime, terrorist activities, corruption and other fraud. SEC examiners will be checking to see if firms have appropriately adjusted their anti-money laundering programs in light of Bank Secrecy Act regulations. Broker-dealers and investment companies must have written programs for identifying their customers, performing customer due diligence and monitoring accounts for suspicious activity. Examiners will be looking at whether firms are taking reasonable steps to grasp the purpose and nature of their customer relationships and address risks.

When a firm discovers suspicious activity, it must file a report with the Financial Crimes Enforcement Network. Examiners will look carefully at whether these firms are filing the reports in a timely, complete and accurate way, and they will assess how well firms are testing their own anti-money laundering programs.

Related content
Anti-money laundering to become an SEC priority
FINRA tips for anti-money laundering regulations

Dig Deeper on Risk management and governance

Cloud Computing
Mobile Computing
Data Center
and ESG