drawer logo

Why Blockchain Regulation is More Like an SEC vs. CFTC Cage Match

While the SEC and CFTC attempt to map the subtle legal distinctions between securities and commodities to the nuanced properties of the many different cryptocurrencies, enterprises must seek safe passage from a compliance point of view until the regulatory dust settles. But the jockeying for jurisdiction is far from over.




By william.van.winkle

Published:January 4, 2023

clock icon

19 min read

In this Story
thirdweb Web3 Platformthirdweb Web3 Platform

In Part 1 of this series, we began by defining regulation and examining why it could be beneficial for enterprises exploring or expanding their Distributed Ledger Technology (DLT) plans. Business incentives are abundant in the DLT and “crypto” spaces, but 2022 amply proved that the industry has a long way to go before calm seas are reached. We delved into the various types of crypto-based coins and tokens and how they are not classified as securities in the eyes of the Securities and Exchange Commission (SEC). In particular, we focused on the Howey Test’s role in this determination. Now, it’s time to explore the other side of the coin, if you will: commodities and currencies. 

Commodities and the CFTC

Simply, a commodity is a basic, fungible good used in commerce. Fungibility denotes that one unit of the commodity is equally exchangeable for another unit of the same commodity, such as one barrel of West Texas crude oil being equivalent to any other (see Blockchain Journal’s definition of fungible token in the BlockchainJournal.com Blockchain Glossary). Often, commodities are inputs for other goods or services, as when lumber becomes an input for homes.

“Soft” commodities tend to be relevant in agriculture, where commodities are grown (soybeans, livestock, coffee, and corn). “Hard” commodities are generally mined or extracted (gold, oil, and rubber). Commodities are frequently bought, sold, and traded on markets and exchanges, with transactions often conducted with derivatives. Think of contracts on Lean Hog futures, where each contract represents 40,000 pounds of live pigs. Not many people want to take physical possession of the underlying asset.

Regulation of commodities began in the United States with the Grain Futures Act of 1922, which fed into the Commodity Exchange Act of 1936 and set the stage for the formation of the Grain Futures Administration. Five decades later, with commodities spanning well beyond agriculture, these initiatives expanded into an independent US agency called the Commodity Futures Trading Commission (CFTC). Interestingly, the original Grain Futures Act sought to regulate the “prevention and removal of obstructions and burdens upon interstate commerce in grain.” After one hundred years, the CFTC still cites its mission as being “to promote the integrity, resilience, and vibrancy of the US derivatives markets through sound regulation.”

Notably, the CFTC’s role expanded under the Commodity Futures Modernization Act (CFMA) of 2000, which sought (and still seeks) to regulate the rapid growth of financial derivatives instruments. To illustrate the need for this regulation, consider the sheer size of the over-the-counter (OTC) derivatives market. As a point of reference, the current market cap of gold is roughly $12 trillion. The US national debt stands at $31 trillion. The notional value of outstanding derivatives contracts worldwide at the end of 2021 was $600 trillion. (The difference between notional value and gross market value of the underlying asset boils down to leverage.) One can also have derivatives tied to securities. This was certainly true 20 years ago when derivatives that were linked to mortgage securities grew into a highly speculative and explosive bubble that culminated in the downfall of Lehman Brothers and the cascade of deleveraging that ushered in the Great Recession.

The CFMA arrived eight years before Lehman’s demise. It remains a standing matter for debate just how much CFTC regulation has done to promote transparency in derivatives and commodity trade.

Crypto and the CFTC

As noted previously, the SEC has jurisdiction over securities. Currently, crypto-assets that pass the Howey Test are being classified as securities and therefore fall under SEC regulation. In contrast, the CFTC has exclusive jurisdiction over derivatives (including swaps, futures, and options) and, to a lesser, non-exclusive extent, fraud and other illegal activities within commodities markets, which also includes a limited purview over spot trading. Specifically, within the digital asset domain, the CFTC focuses on transactions and exchanges that involve margin and financing. However, spot trading of a crypto-asset does not currently fall under the CFTC’s limited spot trading purview while margin-based trading of those same assets does. 

Businesses engaging in leveraged or financed trading of commodities must register with the CFTC. More specifically, as the CFTC notes, “Any domestic or foreign person engaged in activities like those of a futures commission merchant (FCM), introducing broker (IB), commodity pool operator (CPO), or commodity trading advisor (CTA) must register in the appropriate capacity or seek an exemption from registration.” The CFTC considers registration and vetting as being critical to weeding out bad actors from the market, which helps ensure the safe financial standing of market entities and establishes a foundation of trust for market participants.

Beyond addressing registration, the CFTC also tackles enforcement, especially in regard to illegal commodity derivatives activity (which harkens back to that original agency mission). The agency’s Division of Enforcement states that it pursues enforcement actions against entities including:

  • Individuals and firms registered with the Commission.
  • Those who violate these laws in connection with their trading commodity futures and options on designated domestic exchanges.
  • Those who improperly market futures and options contracts to retail investors or perpetrate Ponzi schemes.
  • Those who use manipulative or deceptive schemes in connection with commodities, futures or swaps.
  • Those who engage in disruptive trading practices.

Speaking to the elephant-in-the-room debate of whether cryptocurrencies are securities under the SEC’s jurisdiction or commodities under the CFTC’s jurisdiction, one of the earliest and most visible illustrations of the CFTC’s stance with crypto-assets came in 2016 with its action against the Bitfinex cryptocurrency exchange. As the case summary noted, “Bitfinex's platform permitted users, including individuals and entities that did not meet the definition of an eligible contract participant or eligible commercial entity, to borrow funds from other users on the platform in order to trade bitcoins on a leveraged, margined, or financed basis. Bitfinex was not registered with the Commission.” The implication of this action is significant because it reflects the CFTC’s opinion that Bitcoin – the asset being traded – is a commodity (otherwise, the CFTC would not be paying attention), and to support that finding, the CFTC noticed margin trading activities that are typically specific to commodities. Ultimately, the CFTC fined Bitfinex $1.5 million. This punishment paled beside the CFTC’s $41 million penalty against Tether for misrepresenting the backing of its USDT stablecoin.

By 2019, the delineation between SEC and CFTC roles in cryptocurrency assets had largely solidified. CFTC chairman Heath Tarbert noted at a New York summit, “We’ve been very clear on Bitcoin: Bitcoin is a commodity under the Commodity Exchange Act. We haven’t said anything about [Ethereum’s native cryptocurrency] Ether – until now. It is my view as Chairman of the CFTC that Ether is a commodity, and therefore it will be regulated under the CEA. And my guess is that you will see, in the near future, Ether-related futures contracts and other derivatives potentially traded … It’s my conclusion as Chairman of the CFTC that Ether is a commodity and therefore would fall under our jurisdiction.”

For enterprises that are peering into their crystal balls with hopes that their current blockchain strategies will align to final laws and regulations, both in the US and internationally, Tarbert’s words are worth noting because they indicate that if the CFTC has its way, both Bitcoins and Ether will be treated as commodities. However, by virtue of omission, it isn’t exactly clear where the CFTC will fall in the long run when it comes to other cryptocurrencies. The CFTC could limit its jurisdiction to Bitcoin and Ether, leaving other cryptocurrencies to be treated as securities under the SEC’s purview. Or maybe it's just a matter of time before the CFTC adds another cryptocurrency to the list after noticing that it’s also being traded on margin. The shifting sands of these classifications are relevant to enterprises that are trying to decide which DLT to use for their business strategy and what the CFO thinks of working with assets that are considered commodities versus securities.  

Meanwhile, few of these opinions – and they are opinions – necessarily take into consideration the sentiments of other influential stakeholders, the SEC, or the many lawmakers being heavily lobbied by representatives from opposing corners of the blockchain industry. In other words, just because a lawmaker or regulator expresses an opinion doesn’t mean that statement will become the law of the land. Short of any new lawmaking, though, agencies like the SEC and CFTC are bringing action now. Enterprises should avoid their dragnets. 

Interestingly, in 2019 when Tarbert first indicated Ether was on his list of cryptocurrencies that qualify as commodities, Ether (ETH) was mined with a proof-of-work consensus mechanism in a similar way as Bitcoin. In 2022, the Ethereum network “merged” to a proof-of-stake consensus mechanism in which “mining” - the key differentiating feature of proof-of-work blockchains – is no longer used. As of this writing, it remains to be seen whether this change will shift ETH to being a security rather than a commodity. Clarity on this point alone could have regulatory implications for enterprises building applications on the Ethereum network or its layer 2 scaling solutions under the original premise that it was a commodity.

An alternative view of the CFTC’s enforcement domain revolves around digital assets that function as a cash-like cryptocurrency. In the CFTC’s words, “Virtual currency is a digital representation of value that functions as a medium of exchange, a unit of account, and/or a store of value.” On this basis, the CFTC considers Bitcoin to be a commodity. A cryptocurrency functioning as cash alone is not enough to attract CFTC enforcement, but the agency does have the ability to make sure digital commodities are not used for nefarious purposes. As CFTC acting director Vince McGonagle testified before the House Agriculture Community, “While the CFTC does not have direct statutory authority to regulate cash markets, the CFTC maintains anti-fraud, false reporting, and anti-manipulation enforcement authority over commodity cash markets in interstate commerce (including digital asset cash markets).”

While the CFTC is obviously a US government agency, its reach can extend beyond US borders up to a certain point. For example, in October 2020, the CFTC charged the owners of the BitMEX exchange, which is registered in Seychelles, with illegally operating a cryptocurrency derivatives trading platform and anti-money laundering (AML) violations resulting from providing US citizens with those derivatives. The following year, a US District Court required BitMEX to pay a $100 million civil monetary penalty. The case underlines the importance of enterprises taking a global rather than a national approach to regulation compliance when providing public-facing services.

Currencies and Stablecoins

Although it is one voice in the conversation, the CFTC has noted that a currency, whether physical or digital, is not a security. Rather, currency circulates throughout a population as a medium of exchange, a communal abstraction of value that eliminates the need for direct barter of goods and services. As of this writing, only two countries recognize a cryptocurrency (Bitcoin in both cases) as legal tender: El Salvador and the Central African Republic. Other nations and locales have varying degrees of cryptocurrency acceptance or rejection. Among the most recent proponents is the Portuguese archipelago of Madeira. Madeira’s president has been outspoken in his support for Bitcoin, and in October 2022 his island chain “embraced” the cryptocurrency. However, Portugal falls under European Union (EU) regulations, and the EU does not recognize any cryptocurrency as legal tender. As in many nations, including the US, the EU does not allow cryptocurrency to be used as currency, but it’s not disallowed. This situation may evolve in the near future, especially if and when the EU votes on its Markets in Crypto Assets (MiCA) regulation in February 2023.

Given that the US dollar remains the world’s dominant reserve currency, it seems highly unlikely that the US would adopt any cryptocurrency (other than one issued by its own central bank) as legal tender. Nevertheless, an increasing number of politicians recognize that there may be significant economic potential in DLT and crypto assets. Current DLT conditions resemble the fledgling internet of the 1990s, and some lawmakers believe that failure to regulate and “embrace” DLT now (and yes, “embrace” will mean different things to different people) will push that economic growth away from the US and into more accommodating nations.

In July 2022, US Senate Banking Committee Ranking Member Pat Toomey (R-Pa.) and US Senator Kyrsten Sinema (D-Ariz.) introduced the Virtual Currency Tax Fairness Act, which intends to make cryptocurrency more common and widely used without running afoul of the US dollar’s position and dominance. The Act would “simplify the use of digital assets for everyday transactions by creating a sensible de minimis exemption for gains of less than $50 on personal transactions and for personal transactions under $50.” This measure seeks to rectify a major barrier to personal and corporate crypto-asset adoption: capital gains taxes. 

Currencies, including foreign currencies, are exempt from some capital gains (when not held as an investment). If you buy an ounce of gold (a commodity) and it goes up in value, then you sell it for a profit, you would be taxed on that profit as a capital gain. However, if you exchange US$1,000 for Japanese yen, that yen goes up in value, and then you exchange it back to US dollars, you will not be taxed on the earnings within certain thresholds. The Virtual Currency Tax Fairness Act would treat cryptocurrencies more like foreign currencies, allowing owners to hold and spend their cryptocurrencies on retail-like purchases without incurring a potentially taxable event on every transaction. This would also help address the issue that enterprises face when having to maintain a given reserve of a cryptocurrency in order to cover the “gas” and transaction fees associated with using a DLT network (e.g., ETH when conducting transactions on Ethereum). Taxing every transaction could make any practical use untenably intensive from an accounting and resource perspective. 


Central banks, like the US Federal Reserve, are the means by which nation-states control the minting, issuance, and circulation of a sovereign country’s fiat currency. Therefore, a central bank digital currency (CBDC) would be a digital version of a central bank’s fiat currency. As a digital token, a CBDC can move between entities with fewer intermediaries and less friction than conventional currency. In theory, CBDC tokens could be issued directly to citizens from a national central bank with no other financial parties (notably commercial or retail banks) involved. In April 2022, the World Economic Forum noted that “there are 87 countries, constituting over 90% of global GDP, actively exploring the [CBDC] concept. These projects range from the research stage all the way to implementation. Their breadth evinces strong global interest in goals including strengthening financial systems and enforcing sovereign currency control.”

There are many ways in which a CBDC could be implemented. CBDCs do not inherently require blockchain technology or cryptography and so may not be classified as a cryptocurrency. Similarly, the amount of decentralization used in their ledger technologies may vary, so a CBDC may not even be a DLT. Indeed, the objectives of a central bank and a decentralized ledger would seem at least partially antithetical.

As of this writing, there are nine countries and territories that have launched CBDCs, including the Bahamas and Nigeria. China’s digital yuan (e-CNY) is in wide-scale public testing across ten cities. India launched the first public phase of its digital rupee across four cities in December 2022. Research for a CBDC in the US continues, with officials showing interest (and some early experiments) but no sense of urgency.

Enterprises should be aware that CBDCs may resemble cryptocurrencies, but they are very different things in underlying technology and ethos. CBDC critics have raised a spectrum of concerns about potential ramifications for people’s privacy. On one side, the Official Monetary and Financial Institutions Forum points to the vast amounts of personal data people willingly surrender to financial and commercial services providers and observes that “next to such massive and pervasive intrusions into our private and public spaces for which we have largely volunteered in pursuit of economic utility or public security, the putative threat posed by a CBDC is marginal.” On the other side, the libertarian-minded Cato Institute states, “The real danger in CBDCs is that there is no limit to the level of control that the government could exert over people if money is purely electronic and provided directly by the government. A CBDC would give federal officials full control over the money going into–and coming out of–every person’s account. This level of government control is not compatible with economic or political freedom.”

One illustration of this privacy debate can be found in the US Department of the Treasury’s Office of Foreign Assets Control (OFAC) and its 2022 sanctioning of virtual currency mixer Tornado Cash. Tornado Cash is a protocol-based smart contract service that effectively accepts user-provided cryptocurrency in a “pool” of that asset, dissociates the user from the asset, then allows the user to withdraw funds from that pool, thereby breaking the on-chain transaction links that show where users’ funds came from. OFAC noted, “While the purported purpose is to increase privacy, mixers like Tornado are commonly used by illicit actors to launder funds, especially those stolen during significant heists. … [Tornado supported] a cyber-enabled activity … outside the United States that is reasonably likely to result in, or has materially contributed to, a significant threat to the national security, foreign policy, or economic health or financial stability of the United States.” Specifically, OFAC linked Tornado Cash to supporting North Korea’s weapons of mass destruction program.

The Lawfare blog painted this sanctioning as “pretty disastrous for civil liberties” and commented, “This first-ever OFAC sanctioning of autonomous code controlled by no legal person ran headlong into the established precedent that code is speech and protected by the First Amendment.” One Tornado Cash developer, Alexey Pertsev, was arrested in August 2022 in the Netherlands. As of this writing, Pertsev remains imprisoned, and the charges against him remain poorly defined. The case may have particular significance for enterprises, as decentralized protocols are key in many Web 3.0 efforts. If those protocols can be used by anyone, and their smart contracts dissociate users from their liquidity, then similar sanctions could conceivably apply in the future. In fact, as a general rule, organizations should pay close attention to the nature, function, and audience associated with any decentralized protocols they might adopt. The benefits of utility may not be worth the regulatory risks in some cases.

Governments likely have a range of motivations around CBDC adoption, from energy efficiency to monetary velocity to “protecting” consumers and businesses from illicit activity. When the US White House released its framework for digital asset development in September 2022, the fact sheet noted how “almost a quarter of digital coin offerings had disclosure or transparency problems.” (At the risk of editorializing, that’s a bit hypocritical coming from any White House administration.) The fact sheet specifically called out “the crash of the so-called stablecoin TerraUSD” and the damage that event wrought while offering no nuance around the technical nature of TerraUSD and how it differs from other stablecoins and cryptocurrencies.

It can be easy and convenient to hold up poorly implemented failures and cast them as representative of the entire “crypto” sector, with CBDCs getting pitched as the more reliable, superior solution. Most likely, the reality is more conditional and complex. Technically speaking, it is possible to create or subsequently modify a CBDC to be centralized, opaque, and censorable. It is also possible to make a CBDC be decentralized and transparent, with users given sovereign, uncensorable control over their own tokens. Time will tell if and how the US and other nations choose to construct their CBDCs.


As hinted at by that White House release, stablecoins can function as an alternative to conventional fiat currencies and CBDCs. In general, stablecoins are cryptocurrencies that are either backed by “hard” assets (U.S. dollars, bonds, gold, etc.) or algorithmic balancing. The latter has had some infamous blowups, including the aforementioned TerraUSD, while asset-backed stablecoins, notably Tether and USDC, have remained dependable and tightly pegged to the US dollar.

Stablecoins may be attractive in many use cases because they can serve as a proxy for hard asset value while operating on “crypto rails.” Crypto networks tend to offer significantly faster settlement, lower (and sometimes virtually no) transaction fees, and none of the financial infrastructure required for legacy transactions. For example, the World Bank estimated in 2021 that 1.4 billion people worldwide remain unbanked, meaning they have no access to “formal financial services” or even the conveniences of a bank (e.g., the ability to cash a check). In the US, 6% of the population is unbanked, but, according to the Federal Reserve, another 16% are underbanked. Members of this group have at least one bank account but also rely on secondary financial services. For instance, in the absence of conventional credit and loans, they may turn to payday loans, check cashing services, or tax refund advances. With stablecoins, anyone with a smartphone can set up a free crypto wallet and accept stablecoin payments from anyone in the world without onerous transaction fees and store that value on the blockchain. No bank account is needed.

Assuming that a stablecoin’s nature cannot undermine its ability to stay pegged, a stablecoin should theoretically deliver the benefits of crypto without the volatility of many crypto assets. Multi-national organizations can use stablecoins for cross-border payroll and to help simplify life for at-sea workers. (Japanese shipper Nippon Yusen was among the first to explore this with its own USD-backed stablecoin in 2018.) As consulting firm Deloitte noted, “Opportunities exist for banks to issue and engage in stablecoins if policy clarity is achieved. Failure to solidify the legal treatment of stablecoins and other digital assets in the US could risk driving economic activity elsewhere.”

Overgeneralizations aside, the White House and regulators have a critical point about stablecoins: Transparency is essential. As noted earlier, Tether has run afoul of the CFTC in the past due to its close-lipped approach to detailing its reserves. In 2022, Tether has been more forthcoming and described its actions in swapping commercial paper assets for cash collateral. The firm has indicated that it will have eliminated its commercial paper holdings by the year’s end, thus strengthening the reliability of its reserves.

Sufficient transparency and hard asset backing may give stablecoins a fair chance at emerging as viable, worldwide currencies. However, to put it bluntly, this does not address what governments will do about it Will the US tolerate widespread use of a USD-backed USDC or USDT stablecoin in place of its own future CBDC token?

There are arguments in both directions, but it’s all speculation at this point. Public trust and demand, regulatory decisions, international pressures, and countless other factors will likely play a role in the outcome.

Will the US tolerate widespread use of a USD-backed USDC or USDT stablecoin in place of its own future CBDC token?

Questions Continue

Every issue raised in this article will likely spawn a host of additional questions. For example, the Tornado Cash case paves the way for additional questions about distributed autonomous organizations (DAOs). As defined by Ethereum.org, a DAO “is a collectively-owned, blockchain-governed organization working towards a shared mission. … There is no CEO who can spend funds on a whim or CFO who can manipulate the books. Instead, blockchain-based rules baked into the code define how the organization works and how funds are spent.” The role of DAOs within the enterprise and non-profit world are only beginning to emerge, but DAOs often use tokens for governance and financial operation. Such coins may be viewed by enforcement agencies as a regulated currency. They may require registration with national authorities and be found illegal under certain circumstances.

Uniswap offers an interesting DAO example. Uniswap is a cryptocurrency exchange based on a decentralized network protocol that uses smart contracts to facilitate exchanges. Instead of having centralized management, the exchange is governed by UNI token holders. Given Blockchain Journal’s article on securities, you can see why the SEC began investigating Uniswap in September 2021. The exchange doesn’t conduct Know Your Customer (KYC) checking or AML practices. Uniswap is globally distributed and completely permissionless. So, how would the SEC conduct enforcement against such an organization? Who would it seek fines from? How does one shut down a protocol running on a headless, globally distributed blockchain?

Today, there are few answers; but eventually, those answers will fuel how enterprises engage with DLT, crypto-assets, and Web 3.0 technologies. Ambiguity remains over which regulatory agencies can shape registration policy and what they can enforce—and how that enforcement can play out on a world stage. Nobody is “in charge” of crypto, per se, and no one has even defined whether ETH is a commodity or a security post-merge. It’s a mess, and no one would blame enterprises for throwing up their hands and walking away from the entire DLT space.

Except…DLT stands poised to revamp the future of business, finance, and even individual sovereignty. If an enterprise doesn’t consider that DLTs offer opportunities for digital transformation, business innovation, and industry disruption, a competitor will. Regulation may be the Gordian Knot binding up the crypto space from progressing. But, one way or another, that knot will eventually loosen, and enterprises will have a straight path to adoption and expansion. Businesses that stay abreast of regulatory developments and embrace DLT with experimentation and innovation now will likely have an advantage in the coming year.

footer logo

© 2024 Blockchain Journal