SEC Increases Focus on Digital Assets


Mike Seery and Anthony Perez

Publish Date


Compliance Alert

  • Compliance

On February 26, 2021, the U.S. Securities and Exchange Commission’s (SEC) Division of Examinations (the Division)1 released a Risk Alert highlighting areas of concern found by the Division in its examinations of investment advisers and broker-dealers investing and dealing in digital assets that are securities (Digital Asset Securities).

The observations noted in the Risk Alert are based upon the Division’s recent examinations of registrants and are designed to assist firms in developing and enhancing their compliance practices. The Risk Alert is also intended to provide transparency about the future areas of focus in the Division’s examinations of Digital Asset Securities advisers, broker-dealers, national securities exchanges, and transfer agents.

The Risk Alert in many ways builds upon the Digital Asset Securities focus announced by the Division in its 2021 Examination Priorities released at the beginning of March, which we summarized here. There, the Division noted that its examinations of digital asset market participants would assess:

  • whether investments are in the best interests of investors
  • portfolio management and trading practices
  • safety of client funds and assets
  • pricing and valuation
  • effectiveness of compliance programs and controls
  • supervision of representatives’ outside business activities

We believe that these recent Division observations, which were issued only weeks apart, highlight the SEC’s interest in Digital Asset Securities and are a precursor to additional scrutiny in these areas, particularly as Chair nominee Gensler’s confirmation appears imminent.

Investment Advisers

The Division grouped its concerns stemming from its examinations of investment advisers into the following categories:

Portfolio management

Addressing big issues first, but on a limited basis, the Division reminded advisers of the SEC guidance on which digital assets should be considered securities under federal securities law by referring to prior SEC publications.2 Both publications noted in the Alert take a broad view of which digital assets should be considered securities. ACA has observed that certain advisers have noted in their regulatory filings that they have included digital assets as securities (though they don’t consider them to be) following indications from the SEC staff during an examination.

Consequently, we believe the Division would prefer that advisers investing in digital assets include these assets in regulatory assets under management in their ADV and Form PF filings and, as necessary, even if the adviser holds a different view of whether these assets are in fact securities under federal securities laws.

The Risk Alert also reminded advisers of their due diligence obligations with respect to hardware and software digital wallets and other applications used to evidence ownership of digital assets. In addition, the Risk Alert also flags risks associated with trade execution, including counterparty security breaches and KYC/AML.

Books and records

The Division expressed concern that digital asset advisers were not maintaining adequate books and records, principally with respect to their trading activity. Advisers should consider whether their custodians and administrators (or the firm itself where assets are self-custodied) are maintaining books and records which meet the standards expected from the SEC for traditional securities trading activity and record retention.


The Risk Alert addressed custody and whether advisers were in compliance with the custody rule. The Division’s concerns here focused on safekeeping, unauthorized transactions, and the reliability of the software used to evidence ownership of the digital assets. In addition, the Risk Alert noted that many business continuity plans did not address situations where key personnel had access to private keys and how client assets could be accessed in that person’s absence.

Notably, the Alert did not use the term “Qualified Custodian” and did not offer insight into the Division’s view on who qualifies as one. The Division of Investment Management has been working on this question (and seeking industry input) since 2019. The Risk Alert did, however, state that in scheduled examinations it would review advisers’ use of third-party custodians. Barring further regulatory guidance, we believe that the leading providers of institutional custody services for digital assets will be accepted by the Division as qualified custodians for purposes of holding clients’ funds and securities.


The Division expressed concern whether adequate disclosures were being made to investors about the unique risks, volatility, illiquidity, valuation methodology and conflicts of interest posed by digital assets, which is consistent with the Division’s enforcement activity around ICOs in 2019 and 2020. ACA has also observed that many advisers have enhanced their disclosures related to the risks of investing in digital assets as part of their recent annual amendment to Part 2A of Form ADV.


The Risk Alert flagged that the Division expects that advisers have specific policies in place relating to the valuation of digital assets, including valuation after significant events, and recognition of forked and air-dropped assets. This guidance mirrors previous concerns expressed by the SEC regarding the treatment of these events.3

Registration issues

Unsurprisingly, and as noted above, the Division said it will look closely at how advisers classify assets for determining their registration requirements and calculating regulatory assets under management in SEC filings.


Based on its observations and examinations, the Division characterized concerns regarding broker-dealers into the following categories:

Safekeeping of funds and operations

The Risk Alert identified the Division’s interest around broker-dealers meeting the operational requirements that are unique to the custody of Digital Asset Securities. In that respect, they disclosed that they will examine broker-dealers to determine how and if broker-dealers are meeting the requirements specified in the potential regulations and guidance noted in the following statements and letter:

Some practical considerations include:

  • Becoming familiar with the statements and letters noted above and understanding how to stay within the guidance without violating any current regulations (i.e., SEA Rule 15c3-3)
  • Staying abreast of new statements, letters, and regulations issued by the SEC, FINRA, and state securities divisions
  • Creating and analyzing trading flow charts and descriptions to ensure that the activity being performed is in accordance with previous and future statements, letters, and regulations issued by the SEC, FINRA, and state securities divisions

Registration requirements

The Division raised concerns around potential registration requirements. More specifically, concerns were raised regarding the following:

  • Non-registered affiliated entities of broker-dealers that may be engaged in effecting transactions in Digital Asset Securities
  • Unregistered exchanges that facilitate electronic trading in Digital Asset Securities

Some practical considerations include:

  • Understanding the activities and products sold at your affiliates and whether or not they concern Digital Asset Securities
  • Training associated persons and compliance personnel on the differences between Digital Assets and Digital Asset Securities that are broker-dealer products
  • Maintaining Digital Asset policies and procedures to establish a process for determining if a product or activity should be done through the broker-dealer versus the affiliate

Anti-money laundering (AML)

The Division noted that broker-dealer’s AML programs did not address the inherent potential risks present with the use of distributed ledger technology. More specifically, they determined that broker-dealers had deficient AML procedures, controls, and documentation around Digital Asset Securities. In addition, the Division concluded that broker-dealers had performed inadequate and improper searches against the Specially Designated Nationals list maintained by the Office of Foreign Assets Control (OFAC) at the U.S. Department of the Treasury.

Some practical considerations include:

  • Hiring an independent third party to review your AML procedures and perform testing around Digital Asset Securities
  • Ensuring that you are using the services of third parties with adequate coverage and reputation in performing searches against AML bad actor lists through proper onboarding and annual third-party outsourcing reviews


The Risk Alert disclosed that the Division’s examinations will focus on proper due diligence and adequate disclosures regarding broker-dealers engaged in underwriting and private placement offerings of Digital Asset Securities. This coincides with FINRA’s examination priorities, which will focus on ensuring broker-dealers conspicuously describe the risks associated with digital assets, including disclosing the:

  • speculative nature of the investments
  • high degree of risk and liquidity concerns
  • regulatory uncertainty
  • potential for market manipulation

In addition, the Division represented that its staff intends to focus its examinations on if adequate disclosure of potential conflicts of interest are made. More specifically, the Division will focus its examination on disclosures made by broker-dealers that operate in various functions (e.g., broker-dealers that operate trading platforms while also being proprietary traders of Digital Asset Securities).

Some practical considerations include:

  • Performing adequate due diligence on any Digital Asset Securities being offered, including maintaining a due diligence checklist
  • Ensuring you have performed a proper conflicts of interest reviews regarding the Digital Asset Securities being offered
  • Addressing risks presented by Digital Asset Securities in your due diligence and disclosures
  • Providing a fair and balanced presentation in marketing materials and retail communications
  • Ensuring that you are not misrepresenting the extent to which Digital Assets sold through your affiliates are regulated by FINRA, federal securities laws, SEC, Securities Investor Protection Corporation (SIPC), etc.

Outside business activities

The Risk Alert noted instances where the Division found that registered representatives of broker-dealers were offering services related to digital assets apart from their employment. In these instances, the rules and regulations would require proper approval and disclosure of this activity, and the evaluation of if a private securities transaction was effected away from the broker-dealer employer.  

Some practical considerations include:

  • Understanding the unique regulatory considerations and characteristics of digital assets when reviewing digital asset outside business activities and private securities transactions (“PSTs”) (i.e., security versus not a security (BTC, ETH))
  • Providing adequate supervision and documentation of PSTs, including digital asset PSTs

Compliance with regulation ATS

The Division stated that staff examinations will focus on whether an ATS that trades Digital Asset Securities is compliant with Regulation ATS. In particular, the Division noted the need for examinations to ensure that accurate and timely disclosures of information made on the Form ATS and Form ATS-R, and that the broker-dealer maintained effective procedures to protect confidential subscriber information.

Some practical considerations include:

  • Gaining expertise with Regulation ATS and how the rules would apply to Digital Asset Securities
  • Retaining outside consultants to perform gap analysis reviews and testing of your policies and procedures regarding Regulation ATS
  • Ensuring your compliance calendar tracks important dates as it relates to required Form ATS filings

Compliance with transfer agent rules

Finally, the Division disclosed its intention of focus its examinations on whether registered transfer agents in the Digital Asset Securities space are operating in compliance with clearance and settlement rules and regulations.

Some practical considerations include:

  • Understanding transfer agent requirements and limitations through rigorous review of transfer agent laws and regulations and consultation with outside counsel
  • Ensuring that you are not acting outside of the clearance and settlement rules and regulations proposed and in existence regarding Digital Asset Securities

How we help

Our 230+ compliance consultants and analysts, and 60+ investment performance consultants, which are comprised of former SEC examiners, in-house compliance professionals, and former compliance officers, possess a great depth of experience and knowledge across all asset classes, including cryptocurrency and digital assets, and are constantly incorporating new policies and disclosures to reflect the dynamic nature of our clients’ business practices. 

Our performance consultants have performed a variety of assurance projects including focused performance reviews and independent performance certification for a variety of alternative asset classes, including cryptocurrency and digital assets track records.

Many firms use the Division’s Risk Alerts to perform a gap analysis against their current policies, processes, and disclosures to not only improve their compliance program but also to enhance their examination readiness. We can assist firms to better define their policies or procedures, or improve self-identified gaps following your review of this Risk Alert or the Division’s 2021 examination priorities. ACA is also able to assist firms assess their books and records, along with the review of performance calculation methodologies for a performance track record.

Learn more about our solutions and services for digital asset managers here or contact us directly.

1 The Division was until December 2020 known as the Office of Compliance, Inspections and Examinations.
2 Framework for “Investment Contract” Analysis of Digital Assets (Apr. 3, 2019) and Report of Investigation Pursuant to Section 21(a) of the Securities Exchange Act of 1934: The DAO (Exchange Act Rel. No. 81207) (July 25, 2017).
3 See Winkelvoss Bitcoin Trust Order (July 26, 2018).