The SEC and DeFi

Continuing our series outlining the regulatory environment for crypto in the United States, we look at another key US regulator relevant to the crypto industry: The Securities and Exchange Commission (SEC). We recommend reading our previous articles outlining the US regulatory environment and the CFTC’s role before this one. The SEC is primarily responsible for regulating and overseeing US securities markets and enforcing federal securities laws and plays a pivotal role in overseeing various aspects of DeFi. It was set up in the 1930s following a range of financial market abuses and the 1929 market crash which led to the Great Depression.

The SEC’s Mandate

The SEC is tasked with overseeing US securities markets (i.e., stock markets among others), promoting capital formation, and enabling businesses to raise capital and issue securities, while simultaneously protecting the investing public (and especially retail investors) from the market abuses that occurred in the 1920s as well as many new ones.

In essence, this means that the SEC regulates issuers of “securities” (typically companies issuing shares etc) to the US public, and requires them to meet various quality standards, disclose information to the public, register with the SEC, and so on. Although the SEC’s authority over US financial and securities markets is extremely broad (and affects crypto and DeFi as discussed below), the above is at the heart of it.

In other words, as discussed in our previous articles, SEC registration by companies issuing securities to US investors enables the SEC to regulate them as intermediaries in financial markets and use that ability to protect the retail investing public. However, it may be difficult or almost impossible for crypto and DeFi projects to meet the SEC’s requirements and successfully register, for a range of reasons.

In brief — the SEC’s role is to oversee securities markets and protect investors in the United States. Although the relevant laws were not written with crypto in mind, many crypto and DeFi activities are likely to fall within the SEC’s regulatory purview and therefore DeFi projects must pay attention to SEC regulations and comply with them in order to do business in the United States.

The SEC and Crypto/DeFi

To the extent that crypto-assets are considered “securities” under US law, and are accessed by US investors, the SEC has jurisdiction over them and crypto/DeFi projects responsible for those tokens will need to comply with US laws and regulations. This statement is not controversial in itself — no one really believes that crypto-assets should be exempt from laws and regulations.

However, the SEC has an extremely negative reputation in the crypto space. This is because the US financial markets are the largest in the world and the SEC is among the most powerful regulators in the world, and US regulatory actions can have worldwide implications, especially in the development of a nascent industry like Web3 (and a consequent impact on token prices!).

In the first few years of crypto’s existence, the SEC took a (relatively) hands-off approach to crypto-assets with low activity (the exception is the major SEC lawsuit against Ripple which will be discussed in a future article). The details are beyond the scope of this article, but crypto-assets were essentially a novelty until around 2017 and only began to be taken more seriously in the 2021 bull market, and after the end of that bull market, the SEC has been taking a much more aggressive approach to enforcing securities laws in the space.

In essence, the SEC’s view — frequently reiterated in public by Chairman Gary Gensler — is that the vast majority of crypto-assets are securities (except Bitcoin, and with a deliberate ambiguity in his public statements about Ethereum) and therefore fall under SEC jurisdiction. It then follows from the SEC’s opinion, that the vast majority of crypto projects/tokens are in breach of US laws and regulations because they have not registered with the SEC or fulfilled various other legal obligations under US law before issuing tokens, which means they may be liable for various penalties and punishments under US regulations (depending on what they have done).

However, the SEC has not given detailed guidance on exactly what Crypto/DeFi projects need to do in order to register or how decentralized projects like DAOs that don’t act as intermediaries can comply with regulations designed for intermediaries.

In essence, the crypto industry’s response to the SEC approach is that they believe a) many/most tokens are not securities under US law, and the SEC’s broad assumption of jurisdiction is wrong and b) to the extent that some tokens are securities and do need to register, the SEC has not provided any realistic pathway or guidance to compliance and registration and has deliberately made it difficult for projects to comply, instead preferring to selectively enforce laws by “enforcement” — pursuing litigation against various projects.

The entire subject is very controversial — the SEC believes that most tokens are securities and most crypto projects are trying to evade laws and regulation by claiming they are not able to comply with it. The industry believes the SEC is exceeding its legal authority (by trying to regulate tokens that are not securities) and not providing a pathway to be regulated for securities tokens and simply trying to discourage the crypto/DeFi industry in the United States (as part of broader anti-crypto feeling in the current US administration especially due to the embarrassment caused by the collapse of FTX) by following a policy of intimidation and “regulation by enforcement”, particularly against smaller projects that may not have the legal budget or the will to litigate against the SEC.

Whatever the truth of the matter, it is clear that the SEC is aggressively pursuing crypto and DeFi projects based on a broad understanding of its jurisdiction and this means a large proportion of DeFi projects have risk connected to the SEC. The most obvious potential risk is connected to having a token (accessible to US citizens/US market) that the SEC may consider a security and subject to securities laws, but there could be others as well.

One legal test under US law to determine whether a token is a security or not is the famous “Howey Test” — and there will be a separate article to discuss that. There is also some history of the SEC’s litigation in crypto matters (especially the long-running Ripple litigation) and that will also be discussed in a separate article.

Conclusion

The SEC is zealous about exercising its regulatory authority broadly to enforce what it sees as blatant breaches of US law by many DeFi projects. This may result in projects having to pay significant penalties and/or go out of business (depending on circumstances) as a result of failing to comply with cumbersome US securities regulations. As a result, many projects have chosen to geo-block US users (and take other measures to deny access to their platform to US users) in order to significantly reduce the risk of the SEC and other US regulators pursuing them for breach of US regulations — for example, DyDx operates a large and active derivatives trading platform but blocks US users not just from trading but also from its airdrop in 2022 (these measures are likely to reduce its risk from US regulators, both the SEC and the CFTC).

October 2023

— The Compliant Defi Team
www.compliantDefi.org