Regular communication between regulators such as FINRA and the SEC and companies operating in the rapidly evolving world of digital finance is key if those companies do not want to run afoul of securities laws, EY’s senior manager for forensic and integrity services Aaron Mendelsohn said.
After obtaining his law degree from Northwestern, Mr. Mendelsohn worked with the United States Department of Justice in Washington, DC and the U.S. Attorney’s office in Washington, DC and Newark, NJ where he spent a decade prosecuting white collar crimes such as securities, bank and tax fraud. He then served as senior counsel in FINRA’s Enforcement Department for two years.
Mr. Mendelsohn’s responsibilities at EY include working with counsel at client organizations to help them respond to regulatory inquiries from FINRA, the SEC or the Department of Justice. An important part of his job is to keep in close contact with the regulators, who in turn do the same with the industry so they have clarity on emerging issues.
Such communication is key as firms begin to explore big data and data analytics, issues that were not present a decade or more in the past. Regulators have responded by developing cyber task forces devoted to analyzing the numbers for indications of insider trading or other violations, Mr. Mendelsohn said. Sandboxes encourage further dialogue between regulators and industry, and regulators from different countries also speak to each other to stay on top of emerging trends.
“I personally think ‘regulatory sandboxes,’ which have led to increased communication between regulators, businesses, and others, is a great innovation.” Mr. Mendelsohn said of the increased methods of communication.
In that exchange of hacking incidents and securities issues, firms and regulators are fostering an ongoing dialogue that will come in handy as new regulations related to data security and privacy are on their way, Mr. Mendelsohn said. For some the future is now, as the European Union becomes accustomed to GDPR and California readies itself for new regulations coming into effect Jan. 1, 2020.
ICOs and digital assets are a high priority for the SEC and FINRA, Mr. Mendelsohn said. In fact, ICOs have been highlighted on examination priority letters for the past three or four years. In 2018 the SEC engaged in more than one dozen enforcement actions and FINRA took its first case against a cryptocurrency when it investigated the HempCoin.
“In the complaint, FINRA alleges that, from January 2013 through October 2016, (Timothy Tilton) Ayre attempted to lure public investment in his worthless public company, Rocky Mountain Ayre, Inc. (RMTN) by issuing and selling HempCoin – which he publicized as “the first mineable coin backed by marketable securities” – and by making fraudulent, positive statements about RMTN’s business and finances,” FINRA said in a release dated Sept. 11, 2018. “RMTN was quoted on the Pink Market of OTC Markets Group and traded over the counter.”
Mr. Ayre allegedly bought the rights to HempCoin and repackaged it as a security backed by RMTN common stock. He marketed HempCoin as equity ownership in a public company and told investors each coin was equivalent to one-tenth of an RMTN share. Investors mined more than 81 million HempCoins, buying and selling them on a pair of exchanges. Mr. Ayre was charged with making materially false statements and omissions regarding RMTN business and financial statements and for failing to disclose his creation and unlawful distribution of HempCoin.
While Mr. Mendelsohn would not specifically comment on digital assets as securities, he did say that cryptocurrency fraud often follows similar patterns to other fraud types like Ponzi schemes and they fail to disclose critical information. On the reverse side, those companies wishing to be in compliance will move toward registering, Mr. Mendelsohn said.
“If the SEC is considering cryptocurrencies to be securities, that is the direction cryptocurrency offerings need to go in if there is to be compliance.”
Looking ahead, a continuing trend will see global and domestic regulators keep communicating in an effort to stay on top of trends and international activities, Mr. Mendelsohn said. EY works with clients around the world to help them conform with KYC regulations, which, when cryptocurrencies are involved, can be more challenging. Look for more states to model data privacy regulations after California. That makes continued training and communication efforts all the more important.
“The SEC had two sweeps related to cybersecurity and a third is coming,” Mr. Mendelsohn said. “We are making sure financial firms have the appropriate polices and procedures in place.”