Consistent with the Trump administration’s shifting enforcement priorities, both the Department of Justice (DOJ) and the Commodity Futures Trading Commission (CFTC) announced they will be significantly scaling back on investigations, enforcement actions, and litigation efforts against digital asset exchanges and other in the digital asset industry.
In an April 7 memorandum, U.S. Deputy Attorney General Todd Blanche made clear that the DOJ is “not a digital asset regulator” and directed prosecutors to “stop participating in regulation by prosecution” against “virtual currency exchanges, mixing and tumbling services, and offline wallets.”
Specifically, the memorandum directed prosecutors to not charge for regulatory violations in cases involving unlicensed money transmission, violations of the Bank Secrecy Act, unregistered securities offering violations, unregistered broker-dealer violations, and other registration requirement violations under the Commodity Exchange Act (CEA). The only exception will be where evidence shows willful violations of licensing or registration requirements, the memorandum states.
Additionally, prosecutors have been directed to not bring charges for violations of the Securities Act of 1933, the Securities Exchange Act of 1934, the CEA, or their implementing regulations in cases where the charge would require the DOJ to litigate whether a digital asset is a “security” or “commodity;” and an adequate alternative criminal charge, such as mail or wire fraud, is available.
Charging considerations
The memorandum, instead, directs prosecutors to hold accountable individuals who “cause financial harm to digital asset investors and consumers,” or where digital assets are used in furtherance of organized criminal activities.
The memorandum aligns with the policy set forth in Executive Order 14178, which requires the DOJ to prioritize investigations and prosecutions targeting activities that victimize investors. It cites as examples:
- Embezzlement and misappropriation of customers’ funds on exchanges
- Digital asset investment scams
- Fake digital asset development projects (e.g., rug pulls, hacking of exchanges, and decentralized autonomous organizations resulting in the theft of funds)
- Exploiting vulnerabilities in smart contracts
The memorandum further aligns with the policy goal set forth in Executive Order 14157, calling for the total elimination of certain drug cartels, transnational criminal organizations, and foreign terrorist organizations (FTOs). Specifically, the DOJ memorandum directs prosecutors to prioritize investigations and prosecutions where drug cartels, human trafficking and smuggling rings, and FTOs use digital assets to fund their illegal operations and launder the proceeds.
Shifting resources
Consistent with the DOJ’s new enforcement priorities and charging considerations in relation to digital asset cases, the memorandum directs the Market Integrity and Major Frauds Unit to “cease cryptocurrency enforcement.” It further calls for the National Cryptocurrency Enforcement Team (NCET) to be disbanded, with immediate effect.
CFTC enforcement
CFTC Acting Chairman Caroline Pham announced a similar shift in enforcement priorities consistent with DOJ policy. Like the DOJ, the CFTC will de-prioritize actions involving violations of registration requirement under the CEA, except for willful violations, Pham said.
Furthermore, CFTC staff and the Director of Enforcement have been directed to “not take any litigating position or arguments that do not comply with the President’s executive orders, Administration policy, or DOJ policy on digital assets enforcement priorities and digital assets charging considerations.” Instead, CFTC staff have been directed to focus on cases involving “fraud and manipulation.”
Compliance considerations
As with the Trump administration’s shifting enforcement priorities under the Foreign Corrupt Practices Act (FCPA), digital asset exchanges should not take this memorandum to mean they are immune from enforcement actions altogether. In fact, some states have already begun stepping in to enforce cryptocurrency cases to fill in the enforcement gaps resulting from the dismantling of federal regulatory agencies.
In one recent case, Oregon Attorney General Dan Rayfield on April 18 filed a lawsuit against cryptocurrency platform Coinbase for violations of Oregon Securities Law. The lawsuit alleges that Coinbase “encouraged and helped the sale of unregistered cryptocurrencies” to Oregonians.
“In doing so, Coinbase has reaped millions of dollars in fees as Oregonians have faced huge losses, often devastating, from risky investments in a market that’s stacked against them and hard to navigate,” the Oregon AG’s office stated.
The Oregon AG filed the lawsuit after the SEC dropped its case against Coinbase. Rayfield said other State AGs should “fill the enforcement vacuum being left by federal regulators who are giving up under the new administration and abandoning these important cases.”
The broader message for compliance officers in the digital asset industry is to continue collaborating with business functions to champion a robust cybersecurity strategy that marries compliance processes with technology protections. Encryption and multi-factor authentication, penetration testing, regular security audits, and cybersecurity training are all measures that will continue to be relevant and critical elements of a robust compliance program, no matter the DOJ’s enforcement priorities.
What now?
Staying compliant in an environment where the target moves and the laws change rapidly certainly presents a challenge. Without the proper tools, this is made even more difficult for risk and compliance leaders. NAVEX One solutions support holistic risk and compliance management, scale with your business needs and meet global requirements. While enforcement priorities may be shifting, the need for strong GRC capabilities remains constant.
