The SEC’s New Focus on Fraud

In recent years, cyber-enabled fraud has surged, exploiting technological advancements to deceive investors. In response, the U.S. Securities and Exchange Commission (SEC) established the Cyber and Emerging Technologies Unit (CETU) in February of this year. Replacing the Crypto Assets and Cyber Unit, CETU’s new mission is to focus on combating fraud involving artificial intelligence, social media schemes, hacking, blockchain technologies, and ensuring compliance with cybersecurity regulations. The creation of CETU and its focused mission shows that the SEC is re-focusing on fraud for future enforcement actions.

In 2024 alone, the FBI reported $13.7 billion in losses from cyber-enabled fraud, accounting for 83% of total financial losses that year. Notably, in January 2024, hackers compromised the SEC’s official X (formerly Twitter) account through a SIM-swapping attack, falsely announcing the approval of Bitcoin ETFs, which temporarily inflated each Bitcoin’s value by almost $3,000.  At least as troubling, fraudulent investment schemes have proliferated, with scammers posing as financial advisors on platforms like WhatsApp, luring victims into fake trading portals that mimic legitimate financial institutions.

Leading CETU is Laura D’Allaird, a seasoned attorney with a robust background in securities regulation. D’Allaird has been with the SEC for 8 years, and investigated numerous cyber-related investigations, including the Edgar hacking case and matters relating to Reg S-ID and Reg S-P.  Before her current role, D’Allaird served as Co-Director of the SEC’s Crypto Assets and Cyber Unit and as counsel to SEC Commissioner Jaime Lizárraga. Her unit will have 30-50 specialists to focus on fraud in cyber and emerging technologies.

While CETU’s broad mandate allows for flexibility in addressing various forms of cyber misconduct, it also obviously presents challenges in prioritizing enforcement actions over such a huge area of fraud.  The SEC has not fully detailed how CETU will coordinate with other regulatory bodies or adapt to rapidly evolving technologies. Moreover, balancing the promotion of technological innovation with appropriate enforcement remains a delicate task, requiring careful calibration to avoid stifling beneficial advancements.

Whistleblowers, individuals reporting misconduct and lawyers are looking for the Cyber and Emerging Technologies Unit (CETU) to take a proactive and technologically informed approach to enforcement. Given CETU’s emphasis on cyber-enabled fraud and its roots in the SEC’s broader enforcement apparatus, the unit is likely to prioritize actionable tips that involve digital deception, undisclosed cybersecurity incidents, or misuse of emerging technologies all serious fraudulent activity on the rise.

In any event, the SEC’s Whistleblower Program continues to offer strong protection and potential monetary awards to individuals who provide original information that leads to successful enforcement actions. With CETU’s dedicated focus, whistleblowers in the fintech, AI, and crypto sectors may find increased responsiveness and specialized investigative capacity, especially as the unit ramps up efforts to identify patterns of fraud and ensure compliance with disclosure obligations. As always, under the SEC confidentiality is safeguarded, and whistleblowers can report wrongdoing anonymously through counsel.

While whistleblowers typically submit information to the SEC through the Tips, Complaints, and Referrals (TCR) system, some may wonder whether they can or should reach out directly to CETU. Although it’s not required, experienced practitioners can provide CETU with a brief heads-up—either prior to or shortly after filing a TCR—especially if the matter involves significant or time-sensitive issues; doing so can help ensure the submission is reviewed promptly by the right team.

This piece was written by Vivek Kothari, Chair of Whistleblower Law Partners. This piece was edited by Tony Munter of Price Benowitz.