The EU’s ESMA calls for mandatory crypto cybersecurity audits as threats grow, while the U.S. expands AI in defense with a focus on responsible use. Both moves underscore the need for stricter tech policies to safeguard assets and uphold ethical standards in evolving digital realms.
This week’s edition of CNC Policy & Power delves into two critical stories shaping the intersection of policy, technology, and security. First, the European Securities and Markets Authority (ESMA) is advocating for mandatory cybersecurity audits in the crypto industry as cyber threats escalate, threatening billions in assets. With the EU's crypto regulation set to take full effect in December, ESMA’s call aims to bolster consumer protection, but faces pushback from the European Commission over regulatory scope concerns.
Meanwhile, in the U.S., the Biden administration is ramping up AI adoption within the Pentagon and intelligence agencies. A newly released national security memorandum seeks to accelerate AI integration to maintain U.S. technological dominance while ensuring the responsible use of AI, sparking debates on privacy and civil rights safeguards. Both stories highlight the growing importance of stringent regulations and strategic policies in securing rapidly advancing technologies.
The European Securities and Markets Authority (ESMA) is urging lawmakers in Brussels to tighten regulations on cryptocurrency companies by mandating external audits of their cyber defences. This recommendation aims to enhance consumer protection as the EU's comprehensive crypto regulation, the Markets in Crypto-Assets Regulation (MiCA), is set to fully take effect in December. However, the European Commission has pushed back, arguing that ESMA is overstepping its mandate by extending beyond the legislation's scope.
Cyber attacks have increasingly plagued the crypto industry, with hackers stealing over $1.5 billion from crypto companies in the first half of this year—a staggering 84% increase compared to the same period in 2023, according to blockchain analytics firm Chainalysis.
"Crypto thieves seem to be returning to their roots and targeting centralized exchanges again,"
Chainalysis noted, highlighting nearly 150 hacking incidents in the first half of 2024. High-profile breaches include the theft of $45 million from Singapore-based exchange BingX and over $230 million from India's WazirX, which led to its collapse. Industry experts emphasize the necessity of stronger cybersecurity measures.
"Security's not something you can take lightly. You've got to spend money on security,"
said Charles Kerrigan, partner at law firm CMS. Echoing this sentiment, Arvin Abraham, partner at law firm Goodwin, stated,
"Different exchanges may run security in different ways, and having a baseline standard is super helpful."
ESMA believes that without mandatory external cybersecurity audits, the new regulations may fall short in adequately protecting consumers from escalating cyber threats.
The Biden administration is ramping up efforts to accelerate the adoption of artificial intelligence (AI) within the Pentagon and intelligence agencies, aiming to stay ahead of technological competition from China and other adversaries. A national security memorandum released by the White House directs these agencies to expand their AI experiments and deployments, while ensuring that the technology is used in ways that align with democratic values.
“This is our nation’s first-ever strategy for harnessing the power and managing the risks of AI to advance our national security,” said National Security Adviser Jake Sullivan.
The memorandum emphasises the need for clear guidelines on AI usage within the government, aiming to foster innovation while preventing misuse. Senior administration officials stressed the importance of this clarity, stating,
“We must outcompete our adversaries,”
and warning that without defined policies, there may be less experimentation with AI. Additionally, the memo prohibits the use of AI to monitor free speech or bypass nuclear weapons controls, reinforcing the commitment to responsible AI deployment.
U.S. leadership in AI remains strong, but maintaining this advantage is crucial to avoid a strategic surprise from rivals, particularly China. The memo highlights the government's priority to protect AI technologies from foreign espionage and calls for diversifying the supply chain for high-end computer chips, which are essential for cutting-edge AI projects. These steps are part of a broader strategy to ensure the U.S. remains at the forefront of AI innovation while addressing national security risks.
However, the expanding use of AI has raised concerns among privacy and civil rights advocates, who fear that the same technology used for national security could be turned against American citizens. The memo clearly states that AI must align with democratic values, and it requires agencies to monitor risks related to privacy, discrimination, and human rights. As former Pentagon AI policy adviser Michael Horowitz noted, successful implementation of these policies will be critical to achieving the administration's vision for responsible AI use.
Chinese hackers allegedly breached U.S. telecoms tied to Harris and Trump campaigns, highlighting election security gaps. AI-driven deepfakes and disinformation also surge on social media, raising risks to democracy as voters near Election Day.
Australia faces an escalating cybercrime crisis, leading experts to call for standardised training across all law enforcement agencies. During a Parliamentary Joint Committee hearing, specialists highlighted the urgent need for unified protocols to effectively combat sophisticated cyber threats.
Governor Gavin Newsom vetoed Senate Bill 1047, which would have enforced strict safety measures for AI models with over $100M in funding. He argued the bill’s focus was too broad and advocated for more targeted AI regulations that address risks from smaller, less costly systems.
Europe faces a critical choice: embrace AI innovation or enforce restrictive regulations? Fragmented rules risk leaving Europe behind in AI advancements and economic growth. Clear, unified policies are key to keeping Europe competitive in the global AI race.
