Connect with us


Law Decoded: The year of the Crypto Futures Trading Commission, Sept. 25–Oct. 2

Law Decoded: The year of the Crypto Futures Trading Commission, Sept. 25–Oct. 2



The end of the U.S. federal government's fiscal year brought a cascade of major announcements from agencies.

Every Friday, Law Decoded delivers analysis on the week’s critical stories in the realms of policy, regulation and law.

Editor's note

In a tweet late last night, President Trump said that he and Melania had tested positive for COVID-19. If you weren’t already aware of that, you may want to catch up on a deluge of wishes for life and death, alongside speculation as to Trump’s announcement being a hoax, before sitting down to this week’s Law Decoded. Or possibly not.

Every week leading up to the presidential election features more amplified headlines. Law Decoded is likely not the ideal place to keep up with that news. By nature, this newsletter is not apolitical, but it is decidedly wonkish in its focus on politics, even as Brian Armstrong may have stigmatized the concept of a “mission focused” entity.*

*Although Law Decoded dogmatically opposes the crypto community’s overriding ignorance of proper hyphen usage. 

Lost in the mix of the whole election cycle is the end of the U.S. federal government's fiscal year this week. Paying attention to fiscal years is not the most glamorous of pursuits, but the consequences have been huge. Government agencies fall under pressure to wrap up work that landed in a previous year’s budget. Crypto has seen an overload of news from U.S. agencies, but this week none upstaged the Commodity Futures Trading Commission.

The CFTC regulates derivatives markets in the U.S. Its authority derives from the Commodity Exchange Act of 1936, but the commission itself dates to 1974, making it 40 years younger than the related regulator, the Securities and Exchange Commission.

The nature of what is defined as commodities is that their value derives from a wider market. Securities depend on a third party to do their job right. Consequently, the CFTC is generally a less aggressive regulator, primarily interested in monitoring exchange markets themselves. Recent trends have put increasing authority over crypto markets in the CFTC’s hands. This week’s leading stories are chronologically reversed, backtracking the commission’s recent moves to bring crypto markets to heel, beginning with the driving story of yesterday.

Kollen Post, Policy Editor, @the_postman_

Bitmex gets rekt

Massive crypto exchange and derivatives platform Bitmex sees landmark charges in the U.S.

The CFTC and the Department of Justice filed joint complaints against Bitmex and its founders and an early employee. The CFTC charges that Bitmex knowingly offered derivatives trading to U.S. investors without registering as a commodities exchange. The commission demands a return of customer funds, as well as an as-of-yet undetermined penalty.

The DoJ, on the other hand, accuses the exchange of deliberately facilitating money laundering as part of its business model. The alleged violations of the Bank Secrecy Act carry with them hard time in federal prison.

Authorities arrested one of the four Bitmex executives named, but the other three remain on the lam. You’d imagine that tech-savvy billionaire money launderers would be well-equipped to lead the FBI on a Hollywood-worthy cat-and-mouse chase. As always, we will see.

One theme that the Bitmex case will certainly explore extensively is defining an exchange’s duty to establish itself as outside the U.S. Bitmex, with its 100x leveraged trading and its founder, Arthur Hayes, joking about bribing Seychelles authorities with coconuts, may well have drawn the ire of authorities out of hubris. To Bitmex’s point, it seems the exchange did indeed block U.S. IP addresses, but crypto investors are quite VPN-forward. faced a similar issue before the SEC with its initial coin offering for EOS. But it’s clearly a challenged to keep crypto from crossing borders. The question is, will every company that handles crypto ultimately have to register with the most stringent regulatory regimes?

PaxForex: An appetizer for Bitmex

On Monday, the CFTC publicized a complaint against PaxForex that, in retrospect, looks like a warm-up for the subsequent Bitmex bombshell.

The case against PaxForex parent firm Laino Group did not include criminal charges. As with the Bitmex case, the CFTC is alleging that PaxForex deliberately solicited U.S. retail investors in its futures and swaps trading on Bitcoin, Litecoin, Ether, gold and foreign currencies without registering with the CFTC.

PanForex is registered in St. Vincent and the Grenadines — like the Seychelles where Bitmex resides, a famously opaque jurisdiction for company registration. The CFTC may have been especially interested in PanForex because its derivatives offerings included both crypto and more traditional commodities already established as within the CFTC’s purview, providing a clear bridge.

The overall message is fairly clear. The CFTC is actively corralling crypto platforms offering U.S. persons investments that the CFTC handles, regardless of where in the world they claim to be.

More info on commodity classification

Alongside the CFTC’s push in the courts, earlier new bills before the House Financial Services Committee and the Agriculture Committee look to establish national registration for crypto exchanges with the CFTC.

Law Decoded has previously written about the new legislation and, as a matter of principle, hates retreading old ground, especially given the ready availability of new and exciting stories. But given recent news as well as new commentary from the Ranking Member of the Agriculture Committee who introduced the bill, a new big picture is coming into focus. That is, we may be witnessing a pretty broad move to corral a wider range of crypto business in the CFTC’s stable.

Many people in crypto are sympathetic to, say, Bitmex, especially in light of perceived ineffectual AML controls on government-approved institutions that came out in last week’s FinCEN leak. And, as always, many are just suspicious of government control over finance. But given that this time last year, as Facebook’s Libra faced a drubbing before the House Financial Services Committee and the SEC seemed free to lay claim to basically everything tokenized, Law Decoded would like to affirm that — as a bleak year trudges to its end — this is actually progress.

Further reads

Lawyers from Polsinelli lay out the new steps for the simplified settlement of digital securities laid out in the SEC’s newest crypto-linked no-action letter.

Writing for Reason, Andrea O’Sullivan objects to the media’s seeming emphasis on FinCEN not spying on transactions enough.

The Wall Street Journal’s David Uberti and Jack Hagel break down the Treasury’s warning against ransomware payouts, which OFAC says may well violate sanctions.

Read More

Continue Reading

Spread & Containment

What does good cybersecurity look like in 2022?

The pharma industry is becoming an increasingly hot commodity for cybercriminals. In recent years, digital adoption has accelerated
The post What does…



The pharma industry is becoming an increasingly hot commodity for cybercriminals. In recent years, digital adoption has accelerated at a rapid pace, with companies racing to integrate cloud-based platforms and telehealth services to expand the delivery of modern healthcare. Combined with the sudden arrival of COVID-19, this perfect storm of events handed cybercriminals an opportunity to exploit weaknesses in fledging systems and processes.

Pharma companies hold masses of vital data sets, from classified intellectual property to proprietary information about drugs and clinical trial developments. The value of such data is not lost on cybercriminals. This was illustrated in 2021, amid growing awareness of the pharma industries’ efforts to develop and distribute COVID-19 vaccines. According to cybersecurity firm Critical Insights, the number of cybersecurity breaches in healthcare reached an all-time high in 2021, exposing an unprecedented amount of protected health information.

Cyber attacks can be highly damaging, both financially and to a company’s reputation. Therefore, it is essential that necessary steps are taken, both at a company and individual level, to understand and prevent the risk of cyber threats. But what does good cybersecurity actually look like? To help navigate the complex world of digital crime, Adarma’s threat consultant Mike Varley, KnowBe4 lead security awareness advocate Javvad Malik, CEO and founder of CyberSmart Jamie Akhtar, and senior engineer at Trend Micro Simon Walsh offer their insights into key trends and best practises for pharma companies.

Why is the healthcare industry a particular target for cyberattacks?

Javvad Malik (JM): Historically cybercriminals were after money, so they often ignored healthcare providers. However, with increasing sophistication within the criminal economies and the ability to monetise data through ransomware, other means of extortion, or resale, healthcare providers have become an almost ideal target for criminals.

Simon Walsh (SW): Despite statements from would-be attackers to the contrary, the healthcare and pharma industries became prime targets during the COVID pandemic, particularly for ransomware operators, as we saw during the breach of the Irish Healthcare Service Executive in May 2021.

There are several reasons for this: they’re seen as easy targets because of their relative lack of security maturity; the COVID pandemic-induced strain they’re already under makes them more likely to pay the ransom; and the fact that the data they hold – patient records – is extremely valuable and opens additional paths to extortion.

Jamie Akhtar (JA): Many healthcare providers have weak or limited defences. These range from poor staff awareness of threats to creaking, outdated operating systems and tech, but whatever the reason, cybercriminals are aware that many healthcare providers make for easy pickings.

Mike Varley (MV): We can expect to see a rising number of ransomware attacks on the healthcare sector. Healthcare is recognised as national critical infrastructure, which makes it an attractive target to malicious foreign entities looking to create chaos and harm. Similarly, when human life is put at risk by an attack, organisations are more likely to pay up, so attackers often view these structures as a quick pay-day.

Where do you see the most mistakes being made in healthcare when it comes to addressing cyber threats?

JM: Perhaps the biggest mistakes or challenges healthcare faces when addressing cyber threats are having outdated or unpatched software running, being too quick to purchase or adopt internet-connected devices without demanding rigorous security testing, and, finally, the lack of security awareness and training amongst IT staff.

SW: Security maturity and the ability to successfully detect and withstand attacks comes from understanding cyber risk and building and developing a cyber security strategy around that understanding. This of course needs to be adopted and driven by the board and C-level executives and too often this is not the case, with a lack of understanding and investment resulting in a weakened security posture.

Over-reliance on security technology without adequate human oversight further weakens this posture. The Irish hospitals who successfully prevented the attack in May 2021 were those who not just detected stages of the attack but also understood what those detections meant and acted as a result.

Developing a human oversight function – for example a Security Operations Centre – in house is costly, difficult, and takes time. So, for many in the healthcare/pharma industry, the quickest route to success on this front is working with the correct partner who will provide that function.

JA: There are two areas in which most organisations, not just healthcare providers, could be doing better. Many aren’t doing the simple things that can thwart most cyber-attacks. For example, regularly updating software and operating systems, using strong passwords and MFA, developing clear policies for staff to follow, and ensuring security tools are configured properly.

On top of this, employee awareness of cyber threats just isn’t widespread enough. An organisation can have the best cybersecurity software around but, if an employee doesn’t know what a phishing email looks like and clicks a malicious link, it’ll be hacked just the same. The way to counter this is basic cybersecurity training. It doesn’t have to be comprehensive, just enough to help your people make informed choices.

“Perhaps the biggest mistakes or challenges healthcare faces when addressing cyber threats are having outdated or unpatched software running, being too quick to purchase or adopt internet-connected devices without demanding rigorous security testing, and, finally, the lack of security awareness and training amongst IT staff.”


What trends are you seeing in cybersecurity at the moment?

JA: The most worrying trend is the rise in supply chain attacks. Cybercriminals have worked out that the best way to target large enterprises with solid defences, is to attack a smaller, less well-defended supplier who can give them a backdoor in. As a result, we’re seeing more major attacks originate in this way.

Alongside this, phishing continues to be the single most common form of attack. Due to the general lack of awareness in the working population, many organisations are still struggling to contain the threat.

MV: Increasingly I think we will see healthcare sector organisations turning to managed security service providers who have the expertise, capability, and technology to deal with an increasingly complex and harmful cyber landscape.

The healthcare sector is expected to provide an elevated level of cyber protection and with a shortage of cyber talent and the prohibitive cost of establishing a Security Operations Centre internally, organisations will need a trusted security partner that can provide that level of proactive protection.

What advice would you give to companies looking to improve their cybersecurity policies, both on a company-wide scale and individual basis?

JA: Above all, make them clear and easy to follow. Avoid technical jargon, where possible, as this will only disengage people. And, explain why the company has adopted the policies it has; your staff will find it much easier to follow them if they know why. Also, store them somewhere that’s easy to access from anywhere. There’s little use in a policy if it’s buried deep in a shared drive where nobody reads it.

MV: Cybersecurity policies should be informed by a threat-led approach. Regular threat modelling will highlight what threats you are facing and how adversaries are likely to target your organisation. With this information on areas of commonality, your security teams can focus on implementing layered security and monitoring.

Your policy should consider asset awareness. As basic as it sounds, it can be easy for a small handful of assets to fall under the radar within vast enterprises, which leads to out-of-date operating systems and software.

JM: Organisations should look to take a data-driven approach. That means, that in addition to following what is occurring externally in terms of attacks, they should look through a year or two worth of internal security logs to see what was the root cause of the incidents during this time period.

Once the root causes have been identified, they should be prioritised, and then controls be put in place to address those specific root causes. Those should inform the cybersecurity policies and tailor them to the specific risks the organisation is facing.

SW: For companies, start at the top and ensure that the board and C-level executives are capable of understanding and assessing risk. This will drive investment in cyber strategy and improve your chances of mitigating that risk. Human oversight of security-related activity in the organisation is also fundamental.

For individuals, heightened awareness and ongoing education are key. We all have a role to play in cyber-security as 100% reliance on technology is unfortunately never enough.

The post What does good cybersecurity look like in 2022? appeared first on .

Read More

Continue Reading


WEF 2022, May 24: Latest updates from the Cointelegraph Davos team

The third day of WEF 2022 will see the OECD secretary-general share his thoughts on a reimagined global tax system and industry experts discussing DeFi…



The third day of WEF 2022 will see the OECD secretary-general share his thoughts on a reimagined global tax system and industry experts discussing DeFi as the future of decentralized governance.

Disclaimer: This article is being updated all day long. All timestamps are in the UTC time zone, with updates in reverse order (the latest update is placed at the top).

WEF 2022, the first in-person World Economic Forum event since the pandemic started, continues to bridge traditional finance with the future of money on its third day.

The Cointelegraph ground team, including editor-in-chief Kristina L. Corner, head of video Jackson DuMont and news reporter Joseph Hall, is deployed in Davos, where the event is held, to get the most recent developments from WEF 2022.

Check out all the important details from May 23 in one easy-to-read page!

The third day of WEF 2022 will see the OECD secretary-general Mathias Cormann share his thoughts on a reimagined global tax system and industry experts discussing decentralized finance (DeFi) as the future of decentralized governance.

Crypto’s Carbon Footprint, one of the most anticipated sessions of the event, will see chief executives from FTX, Stellar Development Foundation, SkyBridge Capital, DataKing and Cambridge Centre for Alternative Finance talk about the environmental sustainability goals of crypto mining operations.

Don’t forget to check this article regularly to get notified about the most recent announcements from the event.

  • 08.30 am UTC

The ‘Strategic Outlook on the Digital Economy’ panel discussed building socially inclusive and environmentally sustainable economic growth. The panel included the likes of Nicholas Thompson, publisher and CEO of The Atlantic, Arvind Krishna, chairman and CEO of IBM Corporation, and Julie Sweet, CEO of Accenture.

The primary discussion revolved around the evolution of metaverse and its potential at the industrial level. Accenture CEO talked about numerous use cases of the virtual reality world and their future plans of integrating employees into the Accenture metaverse.

“Metaverse has a ton of potential and it could prove to be beneficial in many domains. 100,000 Accenture employees would be integrated into the Accenture metaverse over time.”

She went on to cite the example of the pandemic and how metaverse helped them connect and complete meetings in three dimensions.

IBM CEO Arvind Krishna talked about the role of artificial intelligence and augmented reality (metaverse) in handling tasks that are dangerous for the humans, citing the example of nuclear powerplants, which could be inaccessible in case of a tragedy, and this is where metaverse and AI could be of great help.

Read More

Continue Reading


Bitcoin Back Below $30,000 After A Record 8 Weeks In The Red

Bitcoin decoupled from equity markets to the downside on Monday after ending last week as the eighth consecutive weekly loss.




Bitcoin decoupled from equity markets to the downside on Monday after ending last week as the eighth consecutive weekly loss.

Bitcoin has failed to hold the $30,000 level on Monday after scoring its eighth consecutive week in the red for the first time ever.

During these eight weeks, which began in late March and ended on Sunday, bitcoin has lost over 35% of its U.S. dollar value according to TradingView data. Before the beginning of the losing streak, BTC was trading at around $46,800.

Bitcoin has scored losses for eight consecutive weeks for the first time in its history and it is starting the ninth with yet another red candle. Image source: TradingView.

Bitcoin is changing hands slightly below $30,000 at the time of writing. The peer-to-peer currency climbed as high as $30,600 earlier on Monday to trade at around $29,400 as the trading in equity markets nears its end in New York.

While bitcoin turns south, major U.S. stock indices have been in the green. The Nasdaq, which is said to be highly correlated with bitcoin, decoupled from the digital money along with the S&P 500 to denote modest gains near market close on Monday, per TradingView data.

While bitcoin, Nasdaq and S&P 500 were trading in tandem for some time on Monday, the P2P currency saw a sharp sell-off decouple it from the two indices and take it to a more than 3% loss for the day. Image source: TradingView.

A Tough Year For Bitcoin

Despite making two new all-time highs in 2021, bitcoin already erased nearly all of those gains in 2022.

Bitcoin’s choppy trading year so far can be partly attributed to a broader sentiment of economic uncertainty as the Federal Reserve tightens the U.S. economy, withdrawing liquidity from the market after almost two years of quantitative easing.

The central bank has already raised its basic interest rates two times this year, the last of which was double the magnitude of the previous one and represented the largest hike in two decades: While the Fed increased interest rates by 0.25% in March, it raised them by 0.50% earlier this month.

Image source: Federal Reserve Economic Data (FRED).

When the Fed raises or lowers interest rates through its Federal Open Markets Committee (FOMC), what it is actually doing is setting a target range. The graph above depicts the lower and upper bounds of that target range in red and blue, respectively.

While the U.S. central bank system sets the target, it cannot mandate that commercial banks use it — rather, it serves as a recommendation. Therefore, what banks end up using for lending and borrowing excess cash between them overnight is called the effective rate. This is shown by the green line in the graph above.

The Fed previously hiked interest rates consistently from 2016 to 2019, until plunging it near zero in the aftermath of the COVID-19 pandemic outbreak, as noted in the graph.

Bitcoin’s higher sensitivity to liquidity and therefore interest rates can be explained by a greater participation of institutional investors in the market, whose allocations are based on the availability of capital and broader economic conditions, Morgan Stanley reportedly said.

Therefore, while Bitcoin was able to sustain a bull market in the midst of the Fed increasing interest rates in 2017, raising nearly 2,000% from January to December that year, the odds aren’t on the side of the bulls this year.

For two weeks, bitcoin has now closed below a level of weekly support it formed over a year ago and had respected since, indicating it might be turning into a zone of resistance. Image source: TradingView.

Read More

Continue Reading