Oct. 30, 2023
Dear Securities and Exchange Commission, I am writing to provide my public comment on the proposed rule "Safeguarding Advisory Client Assets" (File No. S7-XXX-XX). While I appreciate the SEC's efforts to enhance investor protections and address gaps in the custody rule, I would like to express my concerns regarding the proposal's lack of consideration for privacy and security concerns associated with the custody of digital assets. As the proposal rightly acknowledges, digital assets, including cryptocurrencies, have emerged as significant investment vehicles, revolutionizing the financial landscape. However, the rapid growth and complexity of digital assets present unique challenges in terms of safeguarding investor interests. It is essential that regulatory frameworks are comprehensive and adaptive to ensure the protection of client assets in this new digital ecosystem. One critical issue that the proposal fails to adequately address is the privacy and security concerns associated with the custody of digital assets. The immutable nature of blockchain technology, which underpins many digital assets, brings both advantages and risks. While the transparency and immutability of blockchain offer increased accountability and reduced fraudulent activity, they also raise privacy concerns. Investors entrust their assets to investment advisers with the expectation that their personal financial information and holdings will be kept confidential. The proposal should explicitly address how the SEC plans to mitigate privacy risks associated with the custody of digital assets. Without appropriate safeguards, investors' sensitive information could be exposed to malicious actors. Additionally, the proposal should provide guidance on cybersecurity measures that investment advisers should implement to protect digital assets from hacking attempts and other malicious activities. The incidence of cybersecurity breaches, both within the financial industry and across various sectors, highlights the need for robust security measures in the digital asset space. Clear guidelines on preventive measures, incident response plans, and regular security audits are essential to protect investors' assets from unauthorized access. Furthermore, the proposal should consider the challenges associated with demonstrating exclusive control over digital assets. Given the decentralized nature of blockchain networks, traditional custody arrangements may not easily align with the custody of digital assets, where multiple parties may hold different keys or ownership rights. The SEC should provide guidance on the acceptable forms of custodial arrangements for digital assets, keeping in mind the unique characteristics of these assets. To address these concerns, the SEC should collaborate with industry stakeholders, technology experts, and privacy advocates to ensure that the regulatory framework strikes a balance between investor protection and data privacy. Mutually agreed-upon standards for privacy and security protocols, as well as best practices for custody of digital assets, should be developed in consultation with the industry. In conclusion, as the use of digital assets continues to expand, it is imperative that the SEC takes into account the privacy and security challenges associated with their custody. The proposed rule should explicitly address these concerns to protect investors' assets and foster trust in the digital asset ecosystem. I strongly urge the SEC to prioritize privacy and security considerations in the final rule. Thank you for considering my comments. I appreciate the SEC's efforts to enhance investor protections, and I believe that with the inclusion of robust privacy and security measures, the proposed rule will effectively safeguard client assets in the increasingly digital investment landscape. Sincerely, Brian O'Neill