Introduction and summary
When Congress enacted the Commodity Futures Modernization Act in December 2000, it exempted a novel financial product—financial derivatives contracts—from “[o]utdated statutes.”1 With the goals of “promoting financial innovation” and bringing derivatives regulations “into the new century,” Congress declared that the law “modernizes the regulatory structure of the U.S. futures markets and provides greater legal certainty.”2 Yet immediately, these contracts were used for speculation, and the derivatives markets septupled in size only to collapse fewer than eight years later, plunging the global economy into the most severe financial crisis in nearly a century.3
Despite the recency of this experience, Congress is again being asked to exempt novel financial products—crypto assets such as cryptocurrencies—from existing statutes.4 Advocates of these assets argue that because the financial laws are “behind the times” and based on “outdated principle[s],” Congress must act to “[f]oster innovation,” “[b]roaden access,” and provide “[r]egulatory clarity” to these products.5 With a collective market capitalization peak of $2.9 trillion in November 2021, there is little reasonable debate over whether crypto assets should be federally regulated.6 Rather, the debate is about how they are or should be regulated.
Crypto assets cannot be easily pigeonholed into one asset class. As with many assets and depending on the context and how they are used, they may be securities, commodities, collectibles, payments, and more. No matter what they are, however, robust federal regulation is necessary to protect investors, consumers, and the financial system. For those crypto assets that are investments or collectibles, investors must be protected from fraud, market manipulation, and theft. For those that are used in payments services—though few, if any, currently are—consumers must be provided avenues to challenge errors. Moreover, if particular classes of crypto assets or activities become sufficiently large, they could be sources of systemic risk that threaten parts of the financial system and the economy. And of course, significant efforts must be undertaken to more effectively combat the use of crypto assets in money laundering, tax evasion, and other criminal activities.
Crypto assets are simply new, digital versions of the traditional financial products and physical assets that have been regulated for generations. The U.S. Securities and Exchange Commission (SEC) can regulate securities, regardless of whether those securities are paper or traded on a blockchain; the Commodity Futures Trading Commission (CFTC) protects against fraud and market manipulation in the commodities and derivatives markets, regardless of whether those commodities are physical or digital; the Office of the Comptroller of the Currency (OCC) and other banking regulators ensure the safety and soundness of banks, whether they provide loans or issue crypto assets; the Financial Crimes Enforcement Network identifies and prosecutes illicit use of the financial system, no matter the assets; and the Internal Revenue Service administers the federal tax system, ensuring that income “from whatever source derived” is reported and taxed appropriately.7
Crypto assets are simply new, digital versions of the traditional financial products and physical assets that have been regulated for generations.
Crypto assets present the very type of situation that spurred Congress to give regulators these authorities in the first place: Unforeseen circumstances arise that require immediate and expert attention from Washington. Time and again, Congress—recognizing that regulatory agencies can frequently act more quickly than it can, as well as with a broader toolkit of both promulgating regulations and bringing enforcement actions—has made the decision to provide regulators broad authority to act within their regulatory ambit to achieve clear, congressionally mandated policy objectives that allow legitimate financial services enterprises to thrive.
With so much at risk, it is no surprise that some members of Congress are intent on enacting legislation to address crypto assets. Nor is it surprising that the crypto industry spent more than $5 million to lobby Congress in 2021 alone.8 Members of the crypto industry have at times called for Congress to enact legislation providing for a single regulator for crypto asset markets,9 recognition of crypto market infrastructure as distinct from traditional financial market infrastructure,10 and simple clarity as to which existing regulator has jurisdiction over which crypto assets.11 Members of Congress, for their part, have introduced legislation to regulate crypto assets, and more bills are expected as interest in crypto assets grows.
Amount the crypto industry spent to lobby Congress in 2021
Despite this push for new legislation, regulators already maintain significant authority from decades-old statutes to begin to address the vast majority of concerns that crypto assets pose, and clarity is available to those willing to scratch the surface of the existing regulatory apparatus for the traditional financial system. Even regulators seem to understand that many pleas for clarity appear to be ploys to avoid existing regulation.12 As such, Congress must be careful not to weaken existing regulations in its pursuit of reform.
Despite this push for new legislation, regulators already maintain significant authority from decades-old statutes to begin to address the vast majority of concerns that crypto assets pose.
Indeed, Congress must act cautiously and deliberately when considering crypto legislation and should not enact regulatory carveouts that provide special treatment to new versions of old products, even if existing regulations are not being consistently enforced. For example, issuers of crypto assets that are securities must still comply with the full range of securities laws with which all other securities issuers must comport, even if many crypto issuers are not currently doing so. If these crypto securities receive a full or partial carveout, traditional issuers could stop issuing stocks and bonds and start issuing crypto assets, sidestepping the very protections that Congress originally put in place following the 1929 stock market crash.
Crypto advocates say existing regulatory authorities should not apply to crypto assets and transactions based on two primary arguments, neither of which stands up to scrutiny.
The critical goal of expanding financial inclusion cannot come at the expense of reasonable efforts to stop money laundering, terrorist financing, and other illicit activities.
First, some advocates claim that crypto assets and transactions promote financial inclusion, since anyone can participate in crypto transactions without disclosing their identity.13 Without question, the need for financial inclusion in the traditional financial system is a problem that must be addressed, but deregulation is not the answer. The critical goal of expanding financial inclusion cannot come at the expense of reasonable efforts to stop money laundering, terrorist financing, and other illicit activities. Congress has painstakingly created the existing regulatory framework in response to past misuse and abuse of the financial system, and it is disingenuous—indeed, manipulative—to say that currently unbanked populations can be included only if they are willing to give up the safeguards that protect everyone else.
Other advocates claim that although some regulation of crypto assets and transactions is needed, the existing financial regulatory framework is outdated and does not allow for necessary innovations.14 Instead, they argue, crypto should be carved out of the existing financial regulatory framework and be placed under alternative—and objectively weaker—regulatory regimes. But as this report shows, crypto assets are new versions of traditional assets and pose the same risks as those traditional assets. The framework of financial regulation that Congress has constructed over the past decades has proved effective and, with the exception of a small number of gaps, can work well with respect to crypto assets too.
Congress must act cautiously and deliberately when considering crypto legislation and should not enact regulatory carveouts that provide special treatment to new versions of old products.
This report provides a classification of crypto assets and market infrastructure and details regulators’ existing statutory authorities to regulate crypto assets and ensure their tax compliance. It also identifies the gaps in regulators’ current authorities and explains the few areas where new legislation could be useful.
Congress should enact legislation only to the extent that it creates new consumer, investor, and financial system protections—and does not weaken existing safeguards. Although regulators have been slow to adapt their rules to crypto assets, current leaders at regulatory agencies are beginning to more fully assert their authority. If Congress were to take the extreme step of exempting crypto products and services from long-standing and developing rules to place them under an alternate and weaker regulatory regime, the entire financial system would be put at risk, and regulators would be rendered essentially powerless to stop the growing risks from crypto assets—much like they were by the Commodity Futures Modernization Act a generation ago.
Finally, while the technologies underlying crypto assets—the blockchain and cryptographic hashing—give rise to several other critical issues that nonfinancial regulators or even Congress should address, such as environmental impacts, this report focuses on the financial services implications of using those technologies.
Classification of crypto assets
There are four basic categories of crypto assets today, although many variations exist and more are likely to arise in the future. The markets for each are currently governed under existing statutes, and some are more tightly regulated than others. Importantly, determining which category a particular crypto asset falls into requires examining the facts and circumstances surrounding that asset.
Securities are fungible (i.e., interchangeable) and tradable financial instruments—including stocks, bonds, notes, and other evidences of indebtedness—that corporations use to raise capital. Crypto assets are “crypto securities” when issued by companies, municipalities, nonprofits, or individuals to raise capital to develop products. Sales of securities—both traditional and digital—are required to comply with the federal securities laws.
Crypto securities are frequently sold to the public—sometimes through initial coin offerings akin to traditional securities’ initial public offerings,15 token sales to accredited or other investors,16 or other mechanisms—to fund their issuers’ operations. Crypto securities may also be issued through other means, such as in instances where a promoter gives away “utility tokens” or other assets that are then traded on the open market.17 However, not all crypto assets are securities, and when there is a question as to whether an instrument is a security, courts look to the Howey Test and the Reves Test to make the determination. Crypto assets that meet these tests are considered securities.
The Howey Test: Something is an “investment contract” and therefore a security if it is purchased “with (1) an expectation of profits arising from (2) a common enterprise that (3) depends upon the efforts of others.”18
The Reves Test: A “note” is presumed to be a security, but that presumption may be rebutted if the note bears a “family resemblance” to other assets that are not securities.19 Courts look at 1) whether the issuer is raising capital for business purposes and the purchaser “is interested primarily in the profit”;20 2) whether the instrument is distributed in a manner similar to other securities; 3) whether the public reasonably expects the securities laws to apply; and 4) whether another regulatory scheme, such as the banking laws, applies.
Commodities are “goods sold in the market with a quality and value uniform throughout the world.”21 Commodities are fungible, do not represent legal claims, and have prices that float based on supply and demand, and crypto assets that meet this categorization are considered “crypto commodities.”22 Although securities meet this definition as well, federal law generally exempts securities from the definition of commodity;23 therefore, crypto securities would not be considered commodities.
Generally, the difference between crypto securities and crypto commodities is that securities are sold by an initial issuer, while commodities are “mined” using algorithmic calculations—though whether a particular crypto asset is a security or a commodity is a fact-specific determination.
The most popular crypto commodity by market capitalization is Bitcoin.24
Nonfungible tokens (NFTs) are unique crypto assets that can be used to represent something else, such as physical or virtual assets. Much like works of art, NFTs can be bought and sold by collectors at prices that fluctuate due to demand for NFTs with certain characteristics—for example, location of the represented real property or identity of the issuer.25 Importantly, ownership of an NFT may, but does not necessarily, grant the holder legal rights over the unique asset represented by the NFT; there have been instances of issuers creating and selling NFTs of assets to which they had no legal rights, as well as creators maintaining intellectual property ownership of images backing NFTs.26
Stablecoins are crypto assets that aim to maintain a stable value. A stablecoin’s value is often tied to a fiat currency such that it may be redeemed from the issuer for a set price; the stablecoin’s issuer, ostensibly, works to ensure that the value of the assets backing the stablecoin are sufficient to support the tie. For example, one stablecoin may be valued at $1. However, a stablecoin may not be able to be bought or sold in the secondary market exactly for par if the market believes the stablecoin cannot be redeemed at par. In this sense, stablecoins are similar to uninsured bank demand deposits or money market fund shares: Just like uninsured bank deposits or shares of money market funds, stablecoins’ ties may not hold and a “run” could occur in which concerned owners of stablecoins rush to redeem them, leading to more widespread concern and redemptions.
As discussed later, depending on how they are structured, stablecoins may be considered a crypto security, a crypto commodity, or a banking product.
In November 2021, the President’s Working Group on Financial Markets issued a report discussing the risks stemming from stablecoins. It found that stablecoins are currently used “to facilitate trading, lending, or borrowing of other digital assets” but could theoretically be used to create a “faster, more efficient, and more inclusive payments” system.27
The report noted, however, that where uses of stablecoins “involve complex relationships or significant amounts of leverage, there may also be risks to the broader financial system.” Stablecoins also may be subject to runs, described as “a self-reinforcing cycle of redemptions and fire sales of reserve assets.” Whereas the traditional financial system has found ways to limit or mitigate run risk—including through deposit insurance for bank accounts and liquidity requirements for money market funds—stablecoins frequently have no such protections.
Market structure concepts
Beyond the four principal types of crypto assets, there are four important related concepts that policymakers should consider.
Blockchains are the virtual ledgers on which crypto assets exist. When a crypto asset is bought, sold, or traded, information about that transfer—including the wallet the asset was transferred from, the wallet it was transferred to, and a time stamp of the transaction—is recorded in a new “block” that is added to the end of the online “chain.” Cryptographic calculations are conducted by computers around the globe, known as “miners” or “validator pools,” to authenticate the blocks of transactions and ensure that assets cannot be counterfeited or double-spent. Every transaction on wholly public blockchains is pseudonymous and viewable online.
There are many different blockchains, each of which is a ledger facilitating transactions of one or many different crypto assets. For instance, there are a Bitcoin blockchain, an Ethereum blockchain, and others.
Because crypto assets are virtual, crypto wallets do not “hold” assets. Rather, ownership of a wallet signifies ownership of a crypto asset on a blockchain, and anyone observing a blockchain online can see which assets are assigned to (owned by) which wallets, though there is no information identifying the real person who owns the wallet. Each wallet consists of a “public key” and a “private key.”28 A wallet’s public key is a string of numbers and letters that is used to receive an asset from its prior holder and to identify a crypto asset’s owner. A wallet’s private key is also a string of numbers and letters and is used to release a crypto asset and send it from one wallet to another. If a wallet’s private key is forgotten or lost, the crypto assets in that wallet can never be transferred out.
Importantly, an individual may maintain control of their own wallet by storing their private key themselves, grant a third party custody of their wallet by giving the wallet’s private key to the custodian, or grant a third party custody of their crypto assets by allowing the custodian to move the individual’s assets into the custodian’s wallet. In the third case, the custodian will maintain a separate, nonblockchain database detailing which assets in the custodian’s wallet belong to which customers.
Crypto exchanges are where buyers and sellers meet to transact business. In order to trade on an exchange, traders must register with that exchange. In the United States, exchanges must register with federal or state authorities. They must also comply with federal Know Your Customer rules and, beginning in the 2023 tax year, certain IRS reporting requirements.
Crypto exchanges tend to maintain custody of traders’ crypto assets, and transactions occur off-blockchain and on exchanges’ own ledgers—which is different from the securities markets where exchanges and custodians are separate legal entities. For example, the exchange Coinbase requires traders to send their crypto assets to Coinbase’s wallet before those assets can be traded on Coinbase’s exchange, and Coinbase maintains a separate ledger detailing which traders own which assets in Coinbase’s wallet.29 Trading on a blockchain can be slow and/or expensive; trading on an exchange’s ledger is often faster and cheaper.
Decentralized finance (DeFi)
DeFi is shorthand for myriad financial services that operate on blockchains. Unlike traditional financial services offered by a bank, broker, or other intermediary, DeFi applications—also known as “Dapps”—are algorithms that operate autonomously when certain specified criteria are met. Some of the most popular Dapps allow crypto holders to lend to or borrow from other users, swap crypto assets with other users, engage in prediction markets or enter into derivatives contracts, and more based on preestablished criteria encoded in the algorithm. These financial applications have grown rapidly: According to the website DeFi Pulse, roughly $20 billion was locked into Dapps as of November 2020, with that amount growing fivefold—to more than $100 billion—by November 2021.30
Value of assets locked into DeFi applications as of the November 2021 peak
Proponents portray Dapps as improvements over traditional finance because of the hardcoded nature of algorithms and the decentralized nature of their governance; however, these arguments do not hold up to scrutiny. First, once Dapps begin running, they run regardless of errors in code or unexpected situations—a concept known as “algorithm incompleteness.”31 In one instance, a Dapp had a coding error that inadvertently gave users $90 million worth of crypto assets they were not owed and allowed one user to transfer away another $69 million worth of other users’ assets.32 Dapps may also pose systemic risk concerns.33 Additionally, they are not actually decentralized. All Dapps are governed by “holders of ‘governance tokens’ (often platform developers) who vote on proposals, not unlike corporate shareholders,”34 and there have been instances in which application managers have paused their operations when code errors were found.35
Congress has previously enacted statutes giving financial regulators broad authority to address many of the risks that crypto assets pose. Like traditional financial products, some crypto assets or crypto market infrastructure may be under the jurisdiction of multiple regulators. Importantly, despite the age of these laws, they are sufficiently flexible to allow regulators to amend existing regulations or simply apply them to new situations in ways that protect investors and consumers while still permitting legitimate financial services companies to operate and grow.
State regulatory authorities may also cover crypto market infrastructure. For example, many crypto market platforms, such as the exchange Coinbase, have registered with state authorities as money transmitter businesses (MTBs).36 However, state MTB requirements largely entail “minimum net worth requirements, surety bond and other security requirements, and restrictions on permissible investments.”37 These measures, designed to protect clients transferring money, fail to provide investor protections as strong as those provided by the federal securities, derivatives, and banking laws, including those that guard against systemic financial risks.
This report focuses on federal authorities over crypto assets.
U.S. Securities and Exchange Commission
The SEC has regulatory jurisdiction over offers and sales of securities and derivatives of securities, and as such, it may regulate crypto securities transactions and those who engage in businesses regarding them—such as brokers, exchanges, and other trading platforms. Thus, applying the securities laws and regulations to crypto securities would not only help protect investors against fraud, market manipulation, and theft, but it would also help them make more efficient decisions about allocating their resources.
Regulation of crypto securities
The Securities Act of 1933, the Securities Exchange Act of 1934, and regulations thereunder require the issuer of a security—including a crypto security—to register the security with the SEC and issue a prospectus before marketing and selling the security to the general public,38 as well as file quarterly, annual, and other disclosure reports.39 These filings provide important information to investors, including the terms governing the security,40 finances and governance of the issuer,41 and how the issuer intends to use the proceeds.42 Such laws and SEC rules also prohibit insider trading and ensure that all market participants have the same information about the crypto securities.
However, many—though certainly not all—crypto securities issuers appear to have essentially ignored these requirements, leading to significant fraud and market abuses. Consistently applying the federal securities laws to crypto securities would address many of the largest abuses, such as rug-pull scams in which “malicious crypto developers dump all the crypto assets and make a run for the door with investor funds.”43 At minimum, registration requirements would provide two significant benefits to the crypto markets. First, if a crypto security is unregistered and no registration exemption is claimed, investors or investment advisers can know that it is likely a scam. Second, unregistered crypto securities would not be able to be traded on registered exchanges, limiting the reach of that scam.
Consistently applying the federal securities laws to crypto securities would address many of the largest abuses.
Importantly, stablecoins may also be structured as crypto securities. The Investment Company Act of 1940 allows the SEC to regulate mutual funds (i.e., companies that invest shareholder money in other securities), including money market funds (MMFs) that have shares’ net asset value pegged to exactly $1.44 MMF issuers are required to register their securities and provide frequent disclosures to the public, as with any security, but SEC rules also require MMFs to invest in highly liquid assets to ensure against run risk.45 Consequently, the SEC may regulate some stablecoins that are backed by investments in other securities—including government debt—and require issuers to provide public disclosure and maintain certain liquidity levels.
Regulation of wallet providers and brokers
The SEC has broad authority over those who assist in the buying and selling, as well as custody, of securities. As explained above, some companies provide custody services for crypto assets, either holding a client’s wallet or holding their crypto assets in their own wallets. In the traditional securities law infrastructure, there are several types of institutions that perform these services, and they are categorized depending on the other roles they play.
Securities brokers are required to register with the SEC and become a member of a national securities association, such as the Financial Industry Regulatory Authority (FINRA).46 Brokers are also limited in how they may use clients’ securities in short sales or other hypothecation activities and have capital requirements to protect investors’ assets.47 Furthermore, brokers are prohibited from engaging in manipulative, deceptive, or otherwise fraudulent activities, again protecting investors against abuses.48 Brokers are also regulated by the Securities Investor Protection Corporation (SIPC), which protects client assets.49 Lastly, the SEC requires brokers to maintain protections against cybersecurity incidents.
The SEC could also regulate wallet providers as clearing agencies, which act as intermediaries in the buying and selling of securities, helping ensure settlement or reduce the number of settlement transactions by holding securities in custody for clients.50 Traditionally, securities clearing agencies take the form of the Depository Trust and Clearing Corporation (DTCC), a private company that holds securities in trust and permits transactions to occur on its proprietary ledger, easing market transactions; it cleared $1.6 quadrillion in transactions in 2014.51 Requiring wallet providers to register as clearing agencies would help safeguard clients’ securities by allowing the SEC to impose regulations on providers and prohibit them from providing services to prior bad actors, among other restrictions.52
Regulation of exchanges
Crypto securities often trade on exchanges and venues that are similar to securities exchanges, alternative trading systems, and broker-dealer internalizers. Any entity that “constitutes, maintains, or provides a marketplace or facilities for bringing together purchasers and sellers of securities”53 is required to register with the SEC or qualify for an exemption.54 SEC oversight of crypto securities trading venues would enable the SEC to ensure that those venues have rules and procedures to “prevent fraudulent and manipulative acts and practices,” “promote just and equitable principles of trade,” and prohibit “unfair discrimination” in trading.55 Applying oversight to crypto securities trading venues also entails the imposition of listing standards, which may include prohibiting venues from listing crypto securities that fail to meet certain income, liquidity, or other thresholds so that investors know that they are investing in reputable securities.56
The SEC could also impose business continuity standards so that crypto exchanges remain accessible to traders in times of market volatility or natural disasters as well as during cybersecurity incidents.
Regulation of DeFi
The extent to which the SEC has regulatory jurisdiction over any particular Dapp depends on the specifics of the application and the crypto assets it uses. First and foremost, many Dapps sell “governance tokens” to fund their operations, and owners of those tokens frequently have voting rights to decide “certain aspects of governance within the project.”57 Because these tokens serve the same function as corporate stock, they must be registered with the SEC, as with any securities offering.58 Importantly, it has been noted that “[t]his element of centralisation can serve as the basis for recognising DeFi platforms as legal entities similar to corporations.”59
When it comes to regulating the mechanics of particular Dapps, the SEC has regulatory authority to the extent those applications involve the trading of crypto securities. Take, for example, one of the most popular Dapps: Uniswap advertises itself as “an automated market maker,” or “a collection of smart contracts that define a standard way to create liquidity pools, provide liquidity, and swap assets.”60 Participants can join liquidity pools—banding together with others to offer to trade one crypto asset for another within a predetermined exchange-rate band—or can trade with liquidity pools. Thus, the Uniswap application appears to operate as both a broker and an exchange.
Another popular Dapp, dYdX, advertises itself as a “decentralized exchange that currently supports perpetual trading”61—that is, futures contracts without termination dates.62 Like Uniswap, dYdX facilitates trades between two parties, collecting and distributing margin. This would also make dYdX a broker, an exchange, and a security-based swap execution facility—to the extent that it facilitates trades of crypto securities and derivatives of them.
Claims that Dapps cannot be registered because they are decentralized with no one entity controlling their operations appear to be largely unfounded, as experience shows these applications may be controlled by a single individual or a small group of individuals. In one instance, BadgerDAO “paused” its operations when it learned “of unauthorized withdrawals of user funds.”63 If a Dapp’s leadership is sufficiently centralized to allow for halting operations, that leadership is likely sufficiently centralized to be able to register the Dapp with the SEC.
Furthermore, even if there is no single entity in control of a particular Dapp to easily enable registration and oversight, the SEC must not permit the entity to engage in a regulated activity without oversight. Put another way, a Dapp’s inability to comply with the federal securities laws should not allow it to expose investors and the markets to the risks against which the laws are designed to protect. The SEC can and should ensure that those who operate in the securities markets, including those who operate in the crypto securities markets, are structured so as to permit their compliance with its rules.
Commodity Futures Trading Commission
Derivatives are financial instruments with a value based on the value of something else; for example, a future is a contract between two parties to sell a commodity at a certain date in the future for a price determined today. The derivatives markets originally were developed to help farmers hedge the risk that flood, drought, or other natural disasters could harm their crops, and the CFTC was created to regulate these markets. The CFTC has regulatory authority over derivatives based on commodities—interchangeable goods that do not represent legal claims and with prices that float based on supply and demand—as well as authority to prevent fraud and market manipulation in commodities spot contracts—agreements to buy or sell commodities for immediate delivery. Courts have held that crypto assets such as Bitcoin are commodities, and consequently, the CFTC has significant oversight of the market for crypto commodities.64
Fraud and manipulation
The Commodity Exchange Act provides that it is illegal to manipulate or provide false or misleading information regarding the markets for commodity and derivative contracts and that the CFTC has authority to write rules clarifying what types of activities are manipulative.65 Applying these prohibitions to the market for crypto commodities would protect traders, as the CFTC could sue for market manipulation such as churning, wash trading, spoofing, and other manipulative acts and practices.
The prohibitions on fraud and manipulation apply to not only traders transacting in commodities but also to the market infrastructure surrounding those transactions, including crypto commodity issuers, wallet providers, and exchanges. The CFTC can enforce the fraud prohibition on wallet providers that fail to provide custody protections offered and on crypto commodity exchanges that promise traders specific protections against manipulation on their platforms but fail to deliver.
Regulation of stablecoins
The CFTC can enforce the antifraud provisions of the Commodity Exchange Act against many stablecoin issuers, ensuring that investors’ assets are backed in the manner the issuer provided.Recently, the CFTC ordered the stablecoin issuer Tether to pay a $41 million penalty for falsely claiming that its stablecoin was fully backed by dollars, when it was in fact backed by a combination of dollars and “non-fiat financial products and other less-liquid assets including commercial paper, and bank repurchase agreements.”66 Tether has neither admitted nor denied wrongdoing as part of its settlement.
The CFTC can enforce the antifraud provisions of the Commodity Exchange Act against many stablecoin issuers, ensuring that investors’ assets are backed in the manner the issuer provided.
Importantly, the combination of the CFTC’s and SEC’s authorities over stablecoins means that nearly all stablecoins will be under some regulator’s jurisdiction. The SEC has regulatory authority over stablecoins in which issuers have pledged to invest in securities, such as Treasury bonds or short-term commercial paper, as they would be money market funds. Importantly, this is the most likely structure for nonbank stablecoins, as investing the collateral backing the stablecoin is necessary for issuers to afford operational costs or turn a profit. The CFTC has antifraud authority over stablecoins in which issuers have not pledged to invest the collateral backing the stablecoin in securities, including crypto securities. If the stablecoin issuer pledges that its assets are backed dollar for dollar, unless those dollars are saved in bank accounts, the CFTC can sue them, as it did with Tether.
The CFTC can even require audits and disclosure of the assets backing stablecoins so the public knows whether the collateral is there. Indeed, the Commodity Exchange Act says that the anti-manipulation rules the CFTC writes cannot require disclosure of “nonpublic information … except as necessary to make any statement … in connection with the transaction not misleading in any material respect.”67 Clearly, if a stablecoin issuer says that its asset is backed dollar for dollar, the CFTC can require documentation of that statement’s validity.
Regulation of derivatives exchanges
The CFTC has full regulatory authority over exchanges that facilitate the trading of commodity derivatives, including derivatives of crypto commodities. Under the Commodity Exchange Act, there are two types of exchanges—designated contract markets (DCMs) and swap execution facilities (SEFs)—that execute or trade commodity derivatives contracts, and they must register with the CFTC.68
Requiring registration of exchanges that facilitate transactions in derivatives of crypto commodities would require the exchanges to “establish and enforce … rules that will deter abuses,” limit trading of only those swaps “not readily susceptible to manipulation,” and address conflicts of interest, among other requirements.69 It would also require exchanges to have a chief compliance officer and allow the CFTC to write extensive regulations ensuring that investors are protected.70
Regulation of DeFi
Just as with the SEC, the CFTC’s regulatory jurisdiction over any particular Dapp depends on the specifics of the application and the crypto assets it uses. The CFTC likely has authority over those applications that involve derivatives of crypto commodities. Looking again at the dYdX application identified above, it is highly likely that it would be required to register with the CFTC, either as an SEF or a DCM, to the extent it facilitates trades of commodity derivatives, or as a futures commission merchant (FCM);71 like brokers, FCMs are entities that are “engaged in soliciting or in accepting orders for” derivatives.72
Importantly, in a June 2021 speech, then-CFTC Commissioner Dan Berkovitz detailed the benefits to investors of subjecting Dapps to CFTC regulations. The United States has “a system in which intermediaries are legally accountable for protecting customer funds,” and many times, “if a counterparty fails to perform, an intermediary will make the customer whole.”73 Berkovitz stated:
In a pure “peer-to-peer” DeFi system, none of these benefits or protections exist. There is no intermediary to monitor markets for fraud and manipulation, prevent money laundering, safeguard deposited funds, ensure counterparty performance, or make customers whole when processes fail. A system without intermediaries is a Hobbesian marketplace with each person looking out for themselves. Caveat emptor—“let the buyer beware.”74
The federal banking agencies—the Federal Reserve Board, Office of the Comptroller of the Currency, and Federal Deposit Insurance Corporation—all have regulatory authority over the activities of banks and bank holding companies. Today, these institutions engage in a number of activities, including taking deposits; making loans; providing trust and custody activities; facilitating payments; hedging risk with derivatives; and trading, brokering, dealing, and making markets in securities. The options available to regulators regarding the application of these activities to crypto assets depend on the activity itself, but fortunately, the activities have a long history of being regulated appropriately.
Regardless of the activity, a bank must demonstrate to regulators “that it has established an appropriate risk management and measurement process for the proposed activities,” including means of addressing “operational risk (e.g., the risks related to new, evolving technologies, the risk of hacking, fraud, and theft, and third party risk management), liquidity risk, strategic risk, and compliance risk (including but not limited to compliance with the Bank Secrecy Act, anti-money laundering, sanctions requirements, and consumer protection laws).”75 The banking agencies may impose capital, liquidity, and other requirements, and banks are subject to a variety of additional restrictions, such as the Volcker Rule.
Bank lending and trading of crypto assets and crypto asset derivatives are regulated by the SEC and CFTC in addition to the banking regulators. As such, those activities will not be discussed in this section.
Custody of crypto assets and wallets
Clients may give banks cash to hold in two ways: 1) in trust with banks acting as fiduciaries; and 2) as deposits in bank accounts. It would be feasible, though perhaps not wise, for regulators to permit banks to hold custody of crypto assets in both ways as well.
In July 2020, the OCC allowed banks to “provide … cryptocurrency custody services on behalf of customers,” including custody of wallet keys, with “the authority to manage them in the same way banks can manage other assets they hold as fiduciaries.”76 Banks that act as fiduciaries for clients’ crypto assets must comply with a number of consumer protection laws, including “12 CFR Part 9 [which requires record-keeping, mandates annual or continuous audits, prohibits lending of assets and self-dealing, and imposes other restrictions], applicable state law, and any other applicable law, such as the instrument that created the fiduciary relationship.” Clearly, investors benefit from the application of these statutes and regulations.
The other means of holding custody of clients’ crypto assets—as deposits in bank accounts—is permitted to the extent that banks accept cash reserves backing stablecoins “as either deposits of the stablecoin issuer or as deposits of the individual stablecoin holder.”77 Federal law provides FDIC deposit insurance of up to $250,000 per depositor per bank with the possibility of pass-through insurance,78 meaning that stablecoin holders may potentially be insured.79
There is also the possibility of banks accepting stablecoin tokens as deposits worthy of insurance themselves. The FDIC has indicated that it is exploring these possibilities, with the former chairman saying that the agency is currently evaluating “what would be the best applicability to apply the deposit insurance scheme to different potential stablecoin arrangements.”80 Although users of stablecoins would be protected by deposit insurance, there is reason to question the prudence of doing so. In particular, it is questionable whether government power—and a taxpayer backstop—should be used to insure private money.
More likely, the banking agencies could permit banks to issue their own stablecoins—so long as they were fully backed by dollar reserves and not comingled with bank liabilities—or use a central bank-issued proprietary stablecoin, colloquially known as a central bank digital currency (CBDC). Since both options would be backed by the Federal Reserve, there would be no possibility of loss.
Using crypto assets to facilitate interbank payments
The Federal Reserve has a long history of facilitating payments between banks in the United States. The Federal Reserve Act stipulates that the Fed may provide for the clearing of payments between the reserve banks, that each reserve bank may serve as a clearinghouse for the banks in its region, and that reserve banks may receive deposits from any depository institution.81 Statutes do not say exactly how this clearing is to occur, and the Federal Reserve could easily issue a CBDC for use only by banks for those activities.
Financial Stability Oversight Council
Following the 2007–2008 financial crisis, Congress created the Financial Stability Oversight Council (FSOC) to provide “comprehensive monitoring of the stability of” and respond “to emerging risks to the stability of the United States’ financial system.”82 Among the actions that the FSOC may take is to designate particular firms, utilities, and activities as systemically important and subject to enhanced oversight by the financial regulators. It is not difficult to imagine particular crypto firms or payments activities being worthy of designation. Take, for example, a stablecoin that becomes so intertwined with the financial system that its failure could ripple through the rest of the financial system. It is used to trade in not only other crypto assets but also goods and services in the real economy.
The FSOC has three means of designating firms, utilities, and activities as systemically important, and such a stablecoin could be covered by all three. First, the FSOC may designate an individual nonbank financial company for Federal Reserve supervision if it determines that “material financial distress” at the firm, or the firm’s “nature, scope, size, scale, concentration, interconnectedness, or mix of the activities … could pose a threat to the financial stability of the United States.”83 Second, the FSOC may designate financial market utilities (defined as “any person that manages or operates a multilateral system for the purpose of transferring, clearing, or settling payments, securities, or other financial transactions,” with exceptions for some traditional issuing and trading activities84) if it determines they “are, or are likely to become, systemically important.”85 Finally, the FSOC may designate particular payment, clearing, and settlement (PCS) activities if it, similarly, determines they “are, or are likely to become, systemically important.”86
Clearly, if a stablecoin is used to invest in and is so interconnected with the rest of the traditional financial system, the FSOC could declare the issuer to be a systemically important financial institution. Or it could declare that certain PCS activities related to the stablecoin—such as holding custody of the reserves backing the stablecoin, operating the blockchain on which the stablecoin trades, or providing wallet services—are systemically important.87
If a stablecoin is used to invest in and is so interconnected with the rest of the traditional financial system, the FSOC could declare the issuer to be a systemically important financial institution.
If a stablecoin issuer is designated, the Federal Reserve88 may impose prudential standards—including capital, risk management, and liquidity requirements—on and engage in prudential supervision of the issuer.89 And if a stablecoin’s PCS activities are designated, the three banking agencies, the SEC, and the CFTC could all “prescribe regulations … containing risk management standards” for firms undertaking those activities.90 As the President’s Working Group report on stablecoins noted, “Designation would permit the appropriate agency to establish risk-management standards … including requirements in relation to the assets backing the stablecoin, requirements related to the operation of the stablecoin arrangement, and other prudential standards.”91
Federal Trade Commission
In 1938, the Federal Trade Commission (FTC) gained authority to enforce the statutory prohibition against “unfair or deceptive acts or practices [UDAP] in or affecting commerce.”92 The law on whether a trade activity is considered “unfair” or “deceptive” is expansive but can briefly be described. An unfair practice is one that “causes or is likely to cause substantial injury to consumers which is not reasonably avoidable by consumers themselves and not outweighed by countervailing benefits to consumers or to competition,” with the FTC fully considering “established public policies” as evidence of unfairness.93 A deceptive practice, meanwhile, is one that is material and is likely to mislead reasonable consumers.94
The FTC may clarify whether particular practices are unfair or deceptive using administrative orders, rulemakings, and litigation in federal court, and this jurisdiction is limited only when another regulator has been given exclusive jurisdiction.95 As described above, crypto assets can be securities, commodities, bank products, and other goods; of those, the FTC only appears to be prohibited from enforcing the UDAP prohibition against banks.96 The authors found only one judicial opinion discussing the extent to which the FTC is precluded from enforcing the UDAP prohibition for sales of commodities and securities, and that opinion found that “[n]either the Commodity Exchange Act nor the Investment Advisers Act evince an unambiguous intent to deprive the FTC of its otherwise applicable authority to investigate possibly deceptive advertising and marketing practices.”97
In fact, the FTC has used its authority to bring several cases involving crypto assets. In one, defendants advertised that they “could turn a payment of the equivalent of just over $100 into $80,000 in monthly income,” yet according to the FTC, “the structure of the schemes ensured that few would benefit” and “most participants failed to recoup their initial investments.”98 In another, the FTC alleged that the defendants sold bitcoin mining machines to customers but first used the machines to mine bitcoins for their own profits, only providing used machines to purchasers once the hardware was “defective, obsolete, or mining far less Bitcoins than it would have had it shipped on the promised shipment dates.”99
Consumer Financial Protection Bureau
The Consumer Financial Protection Bureau (CFPB), created by Congress in 2010 following the 2007–2008 financial crisis, enforces the Dodd-Frank Act’s prohibition against “unfair, deceptive, or abusive acts or practices in connection with any transaction with a consumer for a consumer financial product or service”100 and 18 consumer finance statutes.101 Accordingly, the CFPB has explicit authority to regulate, when “offered or provided for use by consumers primarily for personal, family, or household purposes,”102 the extension of credit; servicing of loans; transmission, exchange, or custody of funds or financial instruments; provision of payment instruments; and processing of payments as well as other financial products or services as it deems necessary.103
When applied to crypto assets, this authority is broad. The CFPB may regulate companies that lend capital to individuals to purchase crypto securities, commodities, and NFTs, as well as companies that lend to individuals using crypto commodities and NFTs as collateral.104 Furthermore, although the payments application of crypto assets is largely theoretical as of now, the CFPB has authority over stablecoin issuers and crypto wallet providers to the extent that stablecoins are used to transmit funds or are used for payments.105 According to CFPB Director Rohit Chopra, to the extent that stablecoins are “used for and in connection with consumer deposits, stored value instruments, retail and other consumer payments mechanisms, and in consumer credit arrangements” and others, they “trigger obligations under federal consumer financial protection laws.”106
Financial Crimes Enforcement Network
Following the events of September 11, 2001, Congress enacted the USA PATRIOT Act, in part to advance anti-money laundering (AML) and combating the financing of terrorism (CFT) goals.107 Specifically, the PATRIOT Act amended the Bank Secrecy Act (BSA) to provide the Treasury secretary the authority to collect information from financial institutions in furtherance of these goals108 and to delegate “duties and powers” under the act to “an appropriate supervising agency.”109 The Treasury selected the Financial Crimes Enforcement Network (FinCEN), a bureau of the Treasury Department, for this purpose.110
Accordingly, FinCEN may designate classes of “domestic financial institutions or nonfinancial trades or businesses” as subject to the BSA, requiring them to maintain “appropriate procedures, including the collection and reporting of certain information” to “guard against money laundering, the financing of terrorism, and other forms of illicit finance.”111 FinCEN may also examine the collected information and require testimony “as may be relevant or material to an investigation” for the purpose of “civil enforcement of violations” of the act.112
In the years since Congress enacted the PATRIOT Act, cryptocurrencies were created and have become a means of financing a range of illicit activities, from money laundering, terrorism financing, and tax evasion to human and drug trafficking.113 One 2020 report found that virtual currency was the second-most commonly accepted payment method on 40 platforms in the commercial online sex market, and the U.S. Department of Justice has found that virtual currencies are increasingly used to buy and sell illegal drugs and to launder drug cartels’ profits.114
The scope of financial institutions that may be required to maintain records and procedures under the BSA is very broad and likely includes many crypto asset platforms. For example, they include securities brokers and dealers whether or not the securities are registered with the SEC; a “currency exchange, or a business engaged in the exchange of currency, funds, or value that substitutes for currency or funds”; and “any person who engages as a business in an informal money transfer system or any network of people who engage as a business in facilitating the transfer of money domestically or internationally outside of the conventional financial institutions system.”115 Clearly, Congress intended for FinCEN to have maximum flexibility in reaching the perpetrators of illicit financial activity, including and in particular those who seek to do so through unconventional means.
Financial institutions covered by the BSA must conduct significant customer due diligence, including identifying and verifying the identity of the customer opening an account; maintaining records of the information, including name, address, and other identifying information; and consulting lists of known or suspected terrorists or terrorist organizations to determine “whether a person seeking to open an account appears on any such list.”116 These statutory requirements and the regulations promulgated thereunder are known as “Know Your Customer” (KYC) requirements.117 In response to these statutory requirements, FinCEN issued joint regulations with a number of other agencies requiring banks and other financial institutions, as well as most securities brokers and dealers, to create customer identification programs (CIPs).118
In 2013, FinCEN made clear in interpretive guidance that the BSA’s provisions apply to institutions that transact business in cryptocurrencies. Specifically, it explained that “an administrator or exchanger that (1) accepts and transmits a convertible virtual currency or (2) buys or sells convertible virtual currency for any reason is a money transmitter under FinCEN’s regulations.”119 As such, these parties are subject to the same provisions of the BSA as other money transmitting businesses, including requirements to register with FinCEN within 180 days of being established (renewed every two years), maintain financial records and conduct customer identification procedures for certain transactions, and record information for transfers of more than $3,000. In addition, money transmitters must file currency transaction reports for transactions of $10,000 or more in a day, as well as suspicious activities reports for dubious transactions that the transmitter suspects may involve funds from illegal activity. In 2019, FinCEN made clear that it applies the KYC rules to “convertible” cryptocurrencies—those that either have an equivalent value in real currency or substitute for real currency, which is broad enough to cover most cryptocurrencies.120
Given the broad authority for FinCEN to designate classes of “domestic financial institutions or nonfinancial trades or businesses” as subject to the BSA, FinCEN is capable of ensuring that every institution that facilitates crypto asset transactions helps advance Congress’ AML and CFT goals, as well as its goal to prevent tax evasion or other uses of the financial system for illicit purposes.
Internal Revenue Service
When it comes to protecting the nation’s financial system from illicit activity involving the tax system, FinCEN partners with the IRS, which is tasked by the secretary of the Treasury with administering the federal tax system and ensuring that all lawfully due taxes are paid.121 All U.S. citizens, residents, and businesses, as well as foreign persons and businesses that transact business or invest in the United States, are subject to the federal tax laws, and there is no exception for transactions involving cryptocurrencies.122
In 2014, with the rise in cryptocurrency transactions, the IRS provided guidance on some of the many ways in which existing tax rules apply to transactions involving cryptocurrencies.123
For federal tax purposes, crypto assets generally are treated as property,124 as opposed to cash or foreign currency. Transactions in property, such as the holding or sale of stock or a debt instrument, including a crypto asset, can give rise to a variety of tax consequences. For example, a business that receives virtual currency as payment for goods or services must include the fair market value of the asset—measured in U.S. dollars on the date of receipt—in computing gross income for tax purposes. If a taxpayer experiences a gain upon the sale or exchange of crypto assets, they may have a capital gain for tax purposes, depending on their basis in the property, with the gain taxed at ordinary or preferential rates depending on the length of time they held the crypto assets. Among other ramifications, this means that if a person pays for something using cryptocurrency that has appreciated in value since they obtained it, they must recognize a capital gain.
When a person receives cryptocurrency in exchange for performing services, the basic tax rules apply: If they are paid by an employer, the value of the cryptocurrency is subject to federal income tax withholding, Federal Insurance Contributions Act (FICA) tax, Federal Unemployment Tax Act (FUTA) tax, and reporting on Form W-2, the Wage and Tax Statement.125 And if they are an independent contractor, it is subject to self-employment taxes (SECA) and possibly reporting on Form 1099. When a successful miner of virtual currency receives cryptocurrencies as a result of that activity, the fair market value of the virtual currency on the date it is received is treated as income and subject to income taxes and, potentially, to self-employment taxes.
Many companies are now accepting crypto assets as payment, but most firms immediately convert the assets to cash. Other companies are investing in crypto assets for profit, perhaps with the hope of improving their balance sheets or persuading their customers or investors that they are close to the frontier of innovation. When crypto assets are received as payment, they are income to the company. And when companies invest in crypto assets, any gains in the value of those assets and transactions involving them should be treated the same for tax purposes as those involving other corporate investments in similar circumstances.
The situations where crypto transactions give rise to tax implications potentially span the tax code; moreover, failure to treat a crypto transaction properly may result in penalties in the same manner that such penalties would apply to transactions using other forms of currency or property.126
The challenge with taxation of crypto assets is typically not whether the tax laws apply to crypto transactions; rather, it is the ability of crypto asset owners to evade those laws and avoid taxes by hiding their identities or assets. The dramatic increase in crypto transactions has raised significant concerns about their potential use to evade taxation due to the anonymity of transactions on the blockchain and through digital wallets, where the underlying owner’s identity is not disclosed.
Failure to report information about cryptocurrency transactions is likely becoming a major contributor to the tax gap, the difference between the amount of tax that is legally owed and what is actually paid. IRS Commissioner Charles Rettig has suggested that the tax gap—which was about $400 billion annually from 2011 to 2013 but tends to lag by several years127 —may be closer to $1 trillion now in part due to the increase in popularity of crypto assets.128 The IRS already has begun stepping up its efforts to enforce existing tax laws with respect to cryptocurrency transactions.129
Annual amount the United States lost in unpaid taxes from 2011 to 2013
History is replete with examples of creative ways in which individuals or businesses have succeeded in avoiding taxes, including through the ability to hide the taxpayer’s identity. Transactions in crypto assets present just such an opportunity for taxpayers not wishing to pay their fair share of taxes—or worse, hoping to launder ill-gotten money or finance illicit activity.130
In general, the U.S. tax system relies on taxpayers to voluntarily report information necessary to determine their tax liability and to pay the taxes they owe at the appropriate time. Indeed, as a reminder to individuals who may be dealing in crypto asset transactions, the IRS includes the following question in a prominent position on Form 1040, the U.S. Individual Income Tax Return: “At any time during 2021, did you receive, sell, exchange, or otherwise dispose of any financial interest in any virtual currency?”131
The system of voluntary tax compliance is bolstered by third-party information reporting. Tax compliance rates depend heavily on whether income is reported by third parties. The forms of income that have the highest compliance rates, such as wages, are those where there is strong third-party reporting. The compliance rate for income subject to third-party reporting is 95 percent, compared with compliance rates below 50 percent for income without third-party reporting.132 Brokers have long been required to report asset sales, interest, and dividends in customers’ accounts on 1099 forms and, more recently, have also been required to report cost basis of certain securities. This third-party reporting gives the IRS some visibility into account holders’ income to help verify what they report on their tax returns.
In the Infrastructure Investment and Jobs Act (IIJA) signed by President Joe Biden in November 2021,133 Congress clarified that brokers of digital assets, such as stockbrokers, are required to report financial information to their customers and the IRS about the cost basis and gain on transactions they service.134 These requirements are completely in line with the reporting and taxation of income from other securities, commodities, and derivatives. In fact, the Treasury and IRS were already working on broker information reporting for crypto transactions and had publicly signaled the initiation of rulemaking before the IIJA passed.135
Given that technology is ever-evolving, Congress took pains to define “digital asset” broadly, providing the Treasury authority to specify details. It also defined the term “broker” broadly as “any person who (for consideration) is responsible for regularly providing any service effectuating transfers of digital assets on behalf of another person.”136 The provision is effective for transactions beginning in the 2023 tax year. If interpreted consistently with many other information reporting rules, it would apply to U.S. and non-U.S. brokers, so long as the latter’s activities concern assets of people living in the United States, whether citizens or noncitizens, and U.S. citizens living outside the country.
Some members of the cryptocurrency industry have expressed concern that the broad statutory definition of “broker” could include miners, hardware and software developers, and protocol developers.137 These actors do not have customers and thus do not have the transaction information needed to comply with the broker reporting requirements. However, the Treasury Department has already assured lawmakers and industry that “ancillary parties who cannot get access to information that is useful to the Internal Revenue Service are not intended to be captured by the reporting requirements for brokers.”138
In another provision of the IIJA, Congress clarified that cryptocurrencies should be treated as cash for purposes of a provision of the tax code requiring businesses to report to the IRS cash transactions of more than $10,000.139 Reporting requires the submission of personal information about the payer, including their tax identification number. Failure to comply is a felony offense.
Across the tax code, Congress has often given the Treasury and the IRS broad authority to implement its provisions in order to address the wide range of fact patterns among taxpayers. The infrastructure bill has signaled that transparency around crypto assets is expected and that Congress and the IRS will pursue measures to ensure tax compliance around crypto asset transactions, including through third-party reporting by crypto exchanges and potentially others. It is clear that companies need to set up internal systems, rules, and procedures to track, collect, and report crypto asset transactions.
Together, Congress, the Treasury, and the IRS have sought to develop a tax system that is fair and efficient. Where administration of the tax system is involved, the Treasury and the IRS should utilize the full extent of their existing authority to see that cryptocurrencies are not used to avoid any part of the system.
While crypto assets typically fall into four categories—securities, commodities, NFTs, and stablecoins—there will likely be a fifth, sixth, or more in the future. Fortunately, long ago, Congress recognized that there will continually be new financial products, and existing statutes are flexible and expansive enough to allow regulators to begin addressing the vast majority of concerns posed by crypto assets. Even if regulators are not currently using all statutory authorities to regulate crypto assets, Congress must not carve crypto assets out of existing laws.
In the past, statutory carveouts have had catastrophic consequences for the broader economy;140 moreover, Congress could inadvertently weaken oversight of crypto assets in an effort to strengthen it. For example, legislation has been introduced in Congress to allow crypto assets to be issued through a securities offering but then be regulated like a commodity,141 with the bill’s sponsor stating that it is intended to “provide fundamental investor protections to U.S. retail investors.”142 However, the result of this bill, if enacted, would be that investors would receive fewer disclosures than are currently required—though not as currently enforced.143
Instead, Congress should undertake an examination of where regulators currently lack regulatory authority and consider legislating specifically in those areas. The most prominent example is in the crypto commodity and NFT spot markets. Although the Commodity Futures Trading Commission and Federal Trade Commission may enforce prohibitions against fraud, market manipulation, and unfair and deceptive acts and practices, Congress has not previously granted agencies regulatory authority in these areas because, before the rise of crypto assets, corporations such as grain elevators and art galleries served as commodity and collectible exchanges, where federal regulation was largely unnecessary.
Today, however, regulations governing crypto commodity and NFT spot market exchanges and brokers would be beneficial. For example, with spot exchange registration requirements, regulators could easily shut down unregistered spot brokers and exchanges that may be harming their clients, as failure to register or false statements on registration documents are easier to prove than fraud, market manipulation, or unfair practices. Spot exchange regulations would also enable regulators to require exchanges to actively prevent fraud and market manipulation, as the Securities and Exchange Commission requires of securities exchanges, and regulatory authority would give the CFTC or FTC easy access to the quote and trade data that allow them to identify market manipulation more easily. If crypto assets can be regulated as securities or commodities, or if they can be regulated more safely if issued by banks, then it is imperative that regulators bring them into their jurisdictions.
Except for a few gaps that Congress should fix, it is essential that regulators make use of the authorities they have been granted to regulate crypto assets.
The authors wish to acknowledge the helpful comments of Michael Kaercher, Ty Gellasch, Seth Hanlon, Hilary Allen, Steven Kelly, and others, as well as the research help of Alex Fredman.