Featured Sponsor

News this week

• Crypto-Asset ETP disclosure guidance (July 1, 2025) – The SEC’s Division of Corporation Finance issued a 12-page staff statement detailing how crypto-asset exchange-traded products must address valuation, custody, authorized-participant mechanics, financial-statement footnotes and risk factors. The move paves a clearer, uniform path for scores of pending spot-crypto ETF filings while strengthening investor transparency.

• Final judgments in SEC v. LJM Funds Management (June 30 / Lit. Rel. 26338) – Consent judgments against LJM Funds, founder Anthony Caine and PM Anish Parvataneni impose permanent antifraud injunctions, industry bars and roughly $5 million in disgorgement, interest and penalties for misrepresenting tail-risk exposure that ultimately cost investors over $1 billion during the 2018 “Volmageddon” volatility spike.

• Fraud charges against Cheetah X Inc. (d/b/a Go X) (July 3, 2025 / Lit. Rel. 26341) – The SEC sued the scooter-rental start-up, CEO Alexander Debelov and operations chief Khodr Salam, alleging a $4 million Regulation D offering fraud that touted 100 % annual returns and “guaranteed” refunds to about 300 investors, while materially misstating revenue, performance and repayment capacity. 

• Navy Federal Credit Union consent-order termination (July 1, 2025) – After confirming full remediation of surprise overdraft-fee practices, the Bureau ended its $95 million 2024 order against the nation’s largest credit union. The move lifts monitorship obligations and reflects the agency’s current push to wind down legacy enforcement matters.

• BDC (Business Development Company) exemption from Rules 5130/5131 (accelerated approval, July 1 2025)
  The SEC fast-tracked FINRA proposal SR-FINRA-2025-001, carving most business development companies out of IPO “restricted person” and “spinning” limits. The relief eases underwriting compliance, broadens retail access to BDC IPO allocations and supports capital raising for the expanding non-traded BDC market.

• Semiannual Risk Perspective (Spring 2025) – The OCC’s flagship report warns of mounting commercial and consumer credit stress, stubborn interest-rate risk, and intensifying cyber/operational and BSA/AML (Bank Secrecy Act & Anti-Money Laundering) threats. Examiners will zero in on CRE concentrations, liquidity stress tests, and third-party-risk controls, giving banks a roadmap for upcoming supervisory priorities.

• Statement of Administration Policy (SAP) on the Senate amendment to H.R. 1, “One Big Beautiful Bill Act”
  The June 30 SAP throws full White House support behind the amended budget-and-tax package, highlighting record middle-class tax relief, a $1 trillion defense buildup, and historic mandatory-spending cuts. It stakes out the Administration’s negotiating red-lines for July appropriations and reconciliation talks.

A thought from our Author Norm Osumi 

Our Congress is considering relief for emerging issuers. Very recently, a draft House measure would lift the “smaller reporting company” public-float ceiling from $250 million to $500 million, which would automatically exempt hundreds of filers from costly Sarbanes-Oxley §404(b) auditor attestations.  Under SOX §404(b), external auditors must independently test and opine on management’s internal control effectiveness over financial reporting, included annually in public companies’ 10-K.
Additionally, the SEC’s FY 2024 report confirms overall enforcement actions and internal-control cases in particular fell by double digits year-over-year, which could mean they are taking a softer posture.  Still, however, June 2025’s $2.1 million R.R. Donnelley settlement over late ransomware disclosures shows regulators now frame weak cyber-incident governance as a SOX control failure.  Finance teams should update cost models and related audit scoping reviews but tighten cybersecurity oversight.  This particular topic is covered in my most recent Podcast, The Reporting Norms.

Featured Sponsor

Ask the PCAOB Whisperer

Q: Regulators lobbed a volley of guidance last week, from the SEC’s crypto-ETF disclosure drill-down to FINRA’s new execution-quality portal and the OCC’s warning on rising credit stress. What should audit teams do first to stay out of the PCAOB’s crosshairs?

A: Translate each headline into a control check-point.

• Digital assets: Map the SEC’s crypto-ETP guidance against your own holdings, valuation models and custodial controls.

• Trade data lineage: FINRA’s Rule 6152 means execution-quality reports will be public and comparable; be certain the data feeding yours is complete and tamper-proof.

• Credit risk & compliance: The OCC’s Spring Risk Perspective flags commercial-credit, rate and cyber threats—update stress tests and vendor-risk matrices now.

• Restitution focus: CFPB’s Civil Penalty Fund revamp underscores victim restitution—verify consumer-refund workflows.

Document the gap analysis, assign owners, and brief the Audit Committee within two weeks. Proactive mapping keeps potential “significant deficiencies” from maturing into material weaknesses—and keeps your next PCAOB inspection refreshingly dull.

Weekly Podcasts

We want to keep you engaged with meaningful topics, so we create weekly podcasts and host periodic webinars.

Here’s the bottom line from our latest episode: If ransomware hits your ERP and delays revenue recognition, that’s a material risk you can’t ignore. Without strong controls around AI, especially segregation of duties, you’re exposing your financial systems to serious threats. Directors need to get as savvy about prompt injection attacks as they are about phishing. And don’t forget to monitor AI risks like model drift, because in today’s world, speed is the new control. With just four days to file after an incident, you need to know your AI attack surface before a breach happens, not after. Stay sharp, stay secure!

Tune in to hear more.

Here’s the audio version of the same:

To watch more podcasts, visit and follow us on ReportingNorms.ai.

Featured Sponsor