This story was originally published on Banking Dive . To receive daily news and insights, subscribe to our free daily Banking Dive newsletter .
The Securities and Exchange Commission abandoned its enforcement actions against cryptocurrency exchanges Coinbase and Robinhood on Friday, in alignment with the agency’s about-face on digital assets.
It marks an end to the SEC’s yearlong pursuit of Robinhood, and its multi-year pursuit of Coinbase, which the crypto firms maintain “never should have been opened” and were a “major wrong,” respectively.
According to former SEC attorney Arthur Jakoby, partner at Herrick Feinstein LLP, it also marks an end of what the crypto world has long called “regulation by enforcement” – a time of few crypto-specific regulations but lots of regulatory hammer drops.
“The era of regulation by enforcement is dead,” Jakoby said. “It’s over.”
In the SEC’s war against crypto, the agency “acted as if it was above the law, usurping the power of Congress as set forth in the Constitution,” Coinbase legal chief Paul Grewal wrote in a Friday blog post.
Coinbase spent more than $50 million in external legal fees alone, a spokesperson said, adding that doesn’t take into account innumerable man hours fighting the agency. A Robinhood spokesperson didn’t divulge its own costs but shared a statement from legal chief Dan Gallagher that the firm is “happy to see a return to the rule of law and commitment to fairness at the SEC.”
Closing the book on cases against crypto firms “makes perfect sense” when current SEC leadership differs so greatly from the leadership during the prior administration, Jakoby said.
“Now, we don't even have proposed rules and regulations yet. Not only do we not have proposed rules and regulations, Congress hasn't debated them – but if the SEC is convinced that there are going to be new rules or regulations, it really doesn't make any sense to continue prosecutions against rules that are going to become extinct,” he said.
Last week, the SEC’s six-year-old Crypto Assets and Cyber Unit was supplanted with the new Cyber and Emerging Technologies Unit , tasked with “combatting cyber-related misconduct and to protect retail investors from bad actors.” That includes fraud tied to crypto, according to an announcement.
But with crypto enforcements expected to fall off a cliff –the SEC imposed monetary penalties of approximately $5 billion in crypto-related enforcements last year alone – Jakoby said he expects significant reductions in enforcement staff, with remaining staff directed to address specific crimes.
“A smaller SEC will likely focus on fraud cases where there are identifiable victims who have suffered monetary losses, rather than cases where it's difficult to identify the victims,” Jakoby said.
Meanwhile, the Department of Justice Monday handed down $504 million in penalties to Seychelles-based OKX , one of the world’s largest crypto exchanges, which pleaded guilty to operating an unlicensed money transmitting business.
OKX facilitated more than $5 billion in suspicious transactions and criminal proceeds over seven years, according to Acting U.S. Attorney Matthew Podolsky.
An OKX spokesperson told the Wall Street Journal that there were no allegations of customer harm, and OKX attorney David Meister told the Journal that Monday's settlement “contained absolutely no charges of money laundering.”
Outside of the United States, Dubai-based crypto exchange Bybit was hit with a record hack on Friday in which North Korean hacker group Lazarus stole nearly $1.5 billion in Ethereum out of a wallet it gained control of.
“The preliminary forensic review finds that our system was not compromised,” said Ben Zhou, co-founder and CEO of Bybit, in a prepared statement. “While this incident underscores the evolving threats in the crypto space, we are taking proactive steps to reinforce security and ensure the highest level of protection for our users.”
According to blockchain data platform Chainalysis , this hack alone has led to to more stolen funds that all crypto hacks carried out by North Korea-affiliated hackers throughout 2024. Roughly $40 million in funds stolen from the hack have been found and frozen.
A large portion of the stolen funds, however, has remained deliberately idle.
“By delaying laundering efforts, they aim to outlast the heightened scrutiny that typically immediately follows such high-profile breaches,” Chainalysis wrote.