Department of Justice and Commodity Futures Trading Commission Expand Crypto and Cybersecurity Teams
Department of Justice and Commodity Futures Trading Commission Expand Crypto and Cybersecurity Teams
Overall cryptocurrency crime levels are down, according to a report from Chainalysis reviewing crypto crime trends, but this past year has still seen certain categories of crypto crime, such as ransomware, continue to grow—with over $400 million in digital assets extorted through June. High-profile attacks on crypto platforms, such as the approximately $200 million attack against Euler (from which MoFo helped the company recover), persist as well. As the tides of crypto crime change, the U.S. Department of Justice and (DOJ) other agencies are adjusting their approach to investigating and prosecuting crypto criminals.
National Cryptocurrency Enforcement Team (NCET) Evolution. This month, the DOJ announced that it was “super charging” its efforts to combat malicious threat actors in crypto. It is doing so by merging the NCET into the DOJ’s Computer Crime and Intellectual Property Section (CCIPS). We previously covered the announcement of the DOJ’s NCET as a groundbreaking cross-disciplinary approach focused on innovating how law enforcement investigates and prosecutes global crypto crime. The initial NCET utilized resources and assistance from other sections of DOJ, as well as from Assistant United States Attorneys (AUSA) around the country.
Since its formation, the NCET has focused on “complex investigations and prosecutions of criminal misuses of cryptocurrency, particularly crimes committed by virtual currency exchanges, mixing and tumbling services, and money laundering infrastructure actors.”[1] According to Deputy Assistant Attorney General Nicole Argentieri, who announced the NCET merger with CCIPS, NCET already has been working closely with the DOJ’s computer crime and IP section even before the merger. Deputy Assistant AG Argentieri highlighted several high-profile NCET prosecutions and initiatives in her announcement:
The merger between NCET and CCIPS, per DOJ, will mean that there are more than double the attorneys available to work on crypto crime matters. It also “elevates cryptocurrency work” within the DOJ’s Criminal Division by “giving it equal status to computer crime and intellectual property work.” As part of the merger, the NCET’s first Director, Eun Young Choi, is moving to a new role as Deputy Assistant Attorney General in the DOJ’s National Security Division. The new Acting Director of NCET, Claudia Quiroz, has been a deputy director of NCET since its inception and is an experienced AUSA from the Northern District of California who has worked on significant cases, including BTCe, Mt. Gox, Hydra Markets, and others.
Commodity Futures Trading Commission (CFTC) Cybersecurity and Emerging Technologies Task Force. In addition to DOJ, civil agencies have been increasing focus on crypto- and cyber-related misconduct as well. The CFTC in recent weeks announced the creation of its own Cybersecurity and Emerging Technologies Task Force (CETTF).[2] Its mandate is to address market manipulation and commodities fraud involving cybersecurity and emerging technologies, such as digital assets or artificial intelligence.
According to the CFTC, it created the CETTF to ensure registrants under the Commodity Exchange Act and CFTC regulations have adequate cybersecurity measures and controls for the protection of consumer information. To date, the CFTC’s Digital Asset Task Force has focused on crypto enforcement, including the recent complaint CFTC filed against Alexander Mashinsky and Celsius Network, LLC, in connection with alleged fraud with respect to operation of its digital asset-based finance platform.[3] The announcement suggests that, going forward, CETTF will run point on enforcement actions against alleged commodities market manipulation involving cybercrime and emerging technologies.
New Task Forces Will Require Trust and Cooperation Among Industry, Law Enforcement, and Regulators. As CFTC and other agencies increase focus on cybercrime and emerging technology, industry participants will need to navigate nuanced issues in their investigation and response to security incidents. Some victims of attacks may view a CFTC investigation into an attack on their platforms as helpful, but not without risks. In the crypto context, for instance, CFTC (and the U.S. Securities and Exchange Commission) could focus enforcement simultaneously against perpetrators of attacks as well as their victims.
DOJ and the Federal Bureau of Investigation have been attuned to the need to build trust with industry in such situations. As we’ve covered, Deputy Attorney General Lisa Monaco stated in 2022 that “one of the most important steps in disrupting malicious cyber activity is to increase the reporting of cybercrimes by private sector victims.” DOJ has stated that it intends to “stand with [companies] in the aftermath of the incident” and, as the FBI has stated, to “treat victim companies as victims.”
According to DOJ, these types of commitments help promote greater cooperation with law enforcement and regulators. For the CFTC to effectively combat cybercrime against emerging technology platforms, its new CETTF team will need to make—and follow through on—similar commitments.
The additional resources DOJ is levying against crypto crime can help victims react quickly and have a fighting chance at asset recovery. While still in its nascent stages, the CFTC’s new task force will hopefully follow in NCET’s steps in building industry trust and making a dent in crypto crime.
[1] Principal Deputy Assistant Attorney General Nicole M. Argentieri Delivers Remarks at the Center for Strategic and International Studies.
[2] CFTC Division of Enforcement Creates Two New Task Forces.
[3] CFTC Charges Alexander Mashinsky and Celsius Network, LLC with Fraud and Material Misrepresentations in Massive Commodity Pool Scheme Involving Digital Asset Commodities.