On the 20th of February, 2025, the US Securities and Exchange Commission (SEC) announced the creation of Cyber and Technologies Unit (CETU). In a press release by SEC, the objective of the new unit is to “combat cyber-related misconduct and to protect retail investors from bad actors in the emerging technologies space”.
The newly created unit CETU, led by Laura D’Allaird is to replace the Crypto Assets and Cyber Unit. It consists of approximately 30 fraud specialists and attorneys across multiple SEC offices. The unit will also be working alongside the Crypto Task Force formed in January 2025, (which focuses on developing regulatory framework for crypto assets) led by Commissioner Hester Pierce.
As the digital market continues to evolve, the need for a specialized unit like the CETU becomes crucial. Cryptocurrencies being a globally recognized digital token, first emerged as Bitcoin in 2009 and gained popularity in 2011.
Cryptocurrency stands as an independent entity that cannot be controlled/regulated by centralized institutions as it is decentralized, limited and based on math and code that cannot be altered. However, due its decentralized nature and the pseudonymization of its blockchain technology, it has become a point of attraction for bad actors.
Cryptocurrency’s “almost anonymous” system has given rise to illicit activities like: the sale of illegal products, guns and drugs; unlawful gambling; ponzi schemes; identity theft; facilitating assassinations and human trafficking; and identity theft. All these activities require anonymity from regulators which cryptocurrency lacks.
The CETU will target a wide range of illicit activities ranging from: the wrong use of social media; the dark web; hacking to obtain non-public information and fraud involving blockchain technology and crypto assets. The unit will ensure that the digital market operates within the bounds of the law as it will allow the SEC to deploy enforcement resources judiciously.
In the article released by SEC, the CETU will be focusing the following priority areas:
- Fraud committed using AI and Machine Learning.
Scammers make use of AI and machine learning to create deep fake videos or audios of prominent individuals to endorse fake crypto projects; create automated bots to send out large-scale phishing emails/messages; create market manipulations; generate personalized messages that mimic genuine online interactions and create fake tokens and promotions.
- Fraud committed through the dark web, social media and false websites.
- Hacking activities targeted at obtaining materials not available to the public.
- Takeovers of retail brokerage accounts. Criminals tend to take advantage of brokerage accounts by gaining unauthorized access to steal or manipulate assets, which can include traditional currencies and cryptocurrency.
- Fraud involving blockchain technology and crypto assets. This includes “Rug Pulls” (fake cryptocurrency projects), fake Initial Coin Offerings (ICOs), Pump and Dump scheme, hacking and theft, social engineering and phishing.
- Regulated entities’ compliance with cybersecurity rules and regulations. This will ensure that businesses involved with cryptocurrency would take the necessary steps to prevent their systems and users from cyber threats.
- Public issuer fraudulent disclosure relating to cybersecurity regarding transparency and investor protection.
The SEC is actively amplifying its efforts to curb the rate of crimes committed in the digital space and also regulate the cryptocurrency market. Its efforts however, depend on its ability to balance between aiding innovation and growth in the digital market, maintaining market integrity and protecting investors.
