The investigation was disclosed Wednesday in an FTC order denying a bid by BitMart operators Bachi.Tech Corporation and Spread Technologies LLC to block the agency’s efforts to compel them to turn over information. The companies had argued that the FTC’s document request was overly broad and that some of the information was located overseas.
The FTC had sent civil subpoenas in May to the BitMart operators, seeking details on what the companies told consumers about the security of their crypto assets and how they have handled customer complaints. The consumer-protection agency -- which has penalized dozens of companies from Wyndham Hotels & Resorts Inc. to Uber Technologies Inc. over lax cyber practices -- expects these details to help it determine whether the firms engaged in unfair or deceptive business practices.
The FTC also said it was investigating whether the BitMart operators were complying with another federal law that requires financial institutions to safeguard sensitive customer data.
If the agency finds that the companies misled users about its cybersecurity protections or didn’t comply with financial-services laws, it can impose fines and put them under a consent decree ordering them to change their practices.
An FTC spokesperson declined to comment on the probe Wednesday. Lawyers representing BitMart’s two operating companies didn’t respond to requests for comment.
President Joe Biden’s March 9 executive order directed the FTC and its sister agency the Consumer Financial Protection Bureau to study how to police crypto transactions for fraud and abuse. The FTC -- which focuses a large portion of its consumer-protection work on scams and identity theft -- reported a tenfold increase in crypto scams from 2020 to 2021. These included a number of get-rich quick schemes and fake celebrity endorsements involving lesser-known currencies.
In December, BitMart confirmed a cybersecurity breach where it said hackers withdrew about $150 million of cryptocurrencies from BitMart wallets. The company’s chief executive officer later pledged to compensate users who were impacted by the breach. Blockchain security firm PeckShield Inc., which first identified the hack, estimated the losses at $200 million.
BitMart’s crypto exchange was valued at more than $300 million during a funding round last year. It says it has offices in New York, Hong Kong, Singapore and Seoul.