Blockchain & Crypto-Assets 2026 Comparisons

There are a number of regulatory bodies in the USA that are relevant to blockchain and digital assets.

The Securities and Exchange Commission (SEC)

The SEC has broad regulatory authority over securities transactions, securities professionals, and securities intermediaries in the USA. The threshold question that determines whether the SEC has authority with respect to blockchain or digital assets is whether a “security” is involved. The definition of the term “security” in both the Securities Act of 1933, as amended (the “Securities Act”) and the Securities Exchange Act of 1934, as amended (the “Exchange Act”) includes a number of enumerated types of securities, including the term “investment contract”. When a contract, transaction or scheme does not fall plainly within one of the other enumerated types of securities in the definitions of the term “security”, it may still be treated as a security if it is deemed to constitute an investment contract.

The test for whether a particular scheme is an investment contract was established in the Supreme Court’s Howey decision. The test looks to “whether the scheme involves an investment of money in a common enterprise with profits to come solely from the efforts of others”. Whether a particular transaction involves an investment contract is facts and circumstances dependent, grounded in the economic realities of the transaction. 

The SEC has provided recent guidance on disclosure obligations in crypto-asset markets. In a 10 April 2025 statement, the Division of Corporation Finance outlined how existing registration and disclosure requirements under the Securities Act and Exchange Act apply to offerings involving crypto-assets and related businesses. The guidance emphasises that issuers must provide tailored, material disclosures regarding their business, the role of any associated network or application, and the rights and characteristics of any token or crypto-asset. It also highlights the need for clear risk factor disclosure addressing technological, operational and regulatory risks, reflecting the SEC’s continued application of traditional disclosure principles to digital asset markets. 

Most recently, on 17 March 2026, the SEC and CFTC issued a joint interpretation creating a “token taxonomy” that aims to draw clear lines between the SEC’s and CFTC’s jurisdiction over crypto-assets. Though the guidance leaves questions unanswered, it does confirm the position that most crypto-assets are not themselves securities (though they may still be marketed or sold as part of an investment contract).

The Commodity Futures Trading Commission (CFTC)

The CFTC has broad regulatory authority over derivative markets for commodities, and general anti-fraud and anti-manipulation authority over the spot markets for commodities pursuant to the Commodity Exchange Act (CEA). Derivatives transactions subject to CFTC jurisdiction include futures, options, swaps and leveraged retail commodities transactions under the CEA. In recent years, the CFTC has asserted – and courts have affirmed – that certain digital assets qualify as “commodities” under the CEA. The agency has explicitly stated that bitcoin and ether are commodities subject to its jurisdiction, a conclusion that is widely accepted.

In 2025, the CFTC signalled a shift in its regulatory approach to digital asset derivatives towards integrating these products into its existing regulatory framework, rather than treating them as a distinct or heightened risk category. On 27–28 March 2025, the CFTC rescinded Advisories 18-14 and 23-07, which had imposed heightened expectations for virtual currency derivative listings and clearing reviews, citing increased market maturity and a desire to treat digital asset products consistently with others.

On 21 April 2025, CFTC staff issued a request for information (RFI) seeking public comment on the potential uses, benefits and risks associated with perpetual futures contracts – derivatives that track the price of an underlying asset without an expiry date, which are widely used in crypto markets but raise novel questions regarding leverage, liquidity and risk transmission. The CFTC has also sought input on broader market developments, including the implications of near-continuous (24/7) trading. 

Most recently, on 11 March 2026, the CFTC and SEC entered into an MOU, as referenced in 1.1.1 Evolution of Uses of Blockchain, to enhance co-ordination and information sharing in overseeing digital asset markets, reflecting ongoing efforts to address jurisdictional overlap and promote a more unified regulatory approach.

The Treasury Department and the Financial Crimes Enforcement Network (FinCEN)

FinCEN is the arm of the US Treasury Department that is responsible, in the first instance, for enforcing the US federal laws and regulations relating to crimes involving the transmission of money, frequently working in conjunction with other federal agencies and bureaus, including the Federal Bureau of Investigation and the National Security Agency. This includes enforcing the Bank Secrecy Act (BSA), which is a comprehensive anti-money laundering (AML)/combating the financing of terrorism (CTF) statute. The BSA mandates that “financial institutions”, which include “money services businesses” and “money transmitters”, must collect and retain information about their customers and share that information with FinCEN. FinCEN guidance from May 2019 examined a number of hypothetical business models involving digital assets to provide guidance with respect to the application of the BSA. Not surprisingly, many businesses engaging in activity involving “convertible virtual currency”, crypto-assets used as a substitute for fiat currency, have an obligation to comply with the BSA.

The Treasury Department and the Office of Foreign Assets Control (OFAC)

OFAC is a division of the US Treasury Department that administers and enforces economic and trade sanctions to promote US national security and foreign policy objectives. OFAC can take enforcement action against entities in the USA that violate sanctions programmes. OFAC has taken several such actions relating to digital asset transactions – for example, in settled actions against BitGo, BitPay and Poloniex, OFAC emphasised that US sanctions compliance obligations apply to all US persons, and encouraged companies that provide digital asset services to implement controls commensurate with their risk profile, as part of a risk-based approach to US sanctions compliance. Further, OFAC published Sanctions Compliance Guidance for the Virtual Currency Industry in October 2021 to assist participants in the virtual currency industry with navigating and complying with OFAC sanctions.

In August 2022, OFAC designated smart contracts associated with the operation of Tornado Cash, a virtual currency mixer, to the Specially Designated Nationals (SDN) list, effectively prohibiting US persons from engaging in transactions with these contract addresses. This was a significant action and the first time smart contract addresses were added to the SDN list. However, in late 2024, the Fifth Circuit ruled that OFAC exceeded its statutory authority by adding the suite of smart contract addresses comprising Tornado Cash to the SDN list, because such smart contracts are not “property” subject to the sanctions jurisdiction asserted by OFAC within the meaning of the International Emergency Economic Powers Act. Since then, OFAC has removed the Tornado Cash smart contract addresses from the SDN list, reversing its earlier position.

The Consumer Financial Protection Bureau (CFPB)

The CFPB has authority pursuant to the Consumer Financial Protection Act (CFPA) to address unfair, deceptive or abusive acts and practices (UDAAP) with respect to financial products offered primarily for consumer use by certain “covered persons” as defined by the CFPA. To date, the CFPB has not been active in the crypto-asset space.

However, the CFPB issued significant guidance just prior to the change in administration clarifying how Regulation E of the Electronic Fund Transfer Act (EFTA) applies to digital payments, particularly in the context of rising fraud and person-to-person (P2P) payment platforms. While the CFPB had signalled plans to expand oversight – including by examining non-bank financial companies that pose consumer risks and potentially applying that scrutiny to digital asset products – its capacity to act has been substantially undermined by recent court rulings. In particular, decisions questioning the constitutionality of its funding structure have raised doubts about the CFPB’s future enforcement authority and agenda, which may delay or constrain the Agency’s ability to regulate emerging financial technologies, despite prior ambitions to increase its activity in this area. 

The Department of Justice (DOJ)

The DOJ enforces federal criminal laws, including those involving securities fraud, insider trading and market manipulation, often working in parallel with civil regulators such as the SEC. While the SEC pursues civil enforcement, the DOJ has authority to bring criminal securities charges which are often paired with other alleged federal crimes such as wire fraud.

On 7 April 2025, the DOJ issued a memo, “Ending Regulation By Prosecution”, signalling a significant shift in its approach to enforcement related to blockchain technology and crypto-assets. The memo de-prioritises actions against software developers in favour of targeting those who use digital assets to facilitate serious crimes such as terrorism and trafficking, reflecting the Trump administration’s broader policy of reducing regulatory barriers to crypto-asset innovation. This shift aligns directly with Executive Order 14178’s stated goal of “protecting and promoting” access to blockchain networks and banking services for lawful users without persecution.

State Attorneys General

State enforcement actions – led by Attorneys General (AGs), securities regulators, and money transmission authorities – are expected to intensify as federal oversight of digital assets evolves. State AGs have broad authority under consumer protection laws, and some State AGs also enforce state securities laws.

For example, less than two months after the SEC dropped its lawsuit against Coinbase, on 18 April 2025 the Oregon State AG sued Coinbase for alleged violations of the Oregon Securities Law, asserting theories similar to those previously advanced by the SEC, namely that Coinbase unlawfully encouraged the sale of unregistered cryptocurrencies. As federal agencies reassess their regulatory posture, state-level enforcement is likely to become a more prominent mechanism for oversight.

State Money Transmission Regulators

Historically in the USA, states rather than the federal government have been the primary regulators of “money transmitters”. Each state, other than the state of Montana, has independently passed a statute that defines the activities that constitute money transmission in that state. State laws generally define a money transmitter very broadly and typically include any entity that engages in “receiving money for transmission” or “transmitting money” or issuing or selling stored value.

The scope of each state’s law, and its application to virtual currency, is dependent on how broadly the definitions of “money” and “money transmission” are interpreted by the applicable state regulator. As a result, exchanging virtual currency or facilitating payments in virtual currency may be subject to state-by-state regulation as money transmission.

While federal law requires only registration of money transmitters, state law requires licensing. It is significant to note that money transmission regulations are extraterritorial; to engage in money transmission a person must have a licence in the state in which it is operating and every state in which it has customers. States have taken different positions with respect to whether crypto-asset activities fall within the definition of money transmission. However, many states have adopted the model Money Transmission Modernization Act, which has promoted some uniformity across those states.

State Securities Regulators

State securities regulators enforce and administer state-specific securities laws. These laws are often referred to as “blue sky” laws and are generally similar from one state to the next, but certain aspects can vary significantly. Many state securities statutes are derived from either the 1956 or 2002 version of the Uniform Securities Act.

State securities regulators have been very active in regulating cryptocurrency-related investment products and the sale of digital asset securities. In the cryptocurrency space, state securities regulators were first to file enforcement actions with respect to centralised lending businesses offering consumers interest payments in respect of cryptocurrency deposits. State securities regulators filed cases against BlockFi, Celsius and Voyager prior to their collapses, alleging that their products constituted investment contracts under the Howey test that were required to be registered under the Securities Act or offered pursuant to an exemption from registration.

International Standards

The USA has implemented international standards in several areas impacting blockchain. Most notably, the USA has been a proponent of applying a corollary to the “Travel Rule” – a rule under the BSA that mandates that financial institutions transmit certain identifying information (such as the sender’s and recipient’s name, account number and location) with transfers of funds exceeding USD3,000 – to entities known as virtual asset service providers (VASPs) that process transactions involving crypto-assets. In 2018, the Financial Action Task Force (FATF), a multi-governmental organisation that sets global standards related to anti-money laundering, clarified how the FATF standard – a set of 40 Recommendations that form the international framework for preventing money laundering and terrorist financing – apply to activities or operations involving virtual assets, and imposed a corollary to the Funds Travel Rule on VASPs that process virtual asset transfers.

In October 2021, the FATF updated its recommended guidance regarding virtual assets and VASPs. Notably, the FATF guidance broadly interprets the definition of a VASP to include “a central party with some measure of involvement” with a decentralised application. If adopted in a specific jurisdiction, this broad interpretation would potentially bring a variety of parties within the definition of a VASP and subject them to compliance with AML/CFT laws in that jurisdiction.

It is not surprising that the US delegation to the FATF pushed for a global Funds Travel Rule corollary and the expansive interpretation of the entities that might be deemed VASPs. In doing so, the USA is attempting to promote AML/CFT compliance through global standard-setting, which would make it easier for the USA to enforce its domestic AML/CFT obligations as they apply to digital asset transactions and intermediaries.

Finally, under the Basel Committee’s prudential framework for crypto-asset exposures, member jurisdictions had previously agreed to implement standards by 1 January 2026 that would subject unbacked crypto-assets not meeting certain hedging recognition criteria to a 1250% risk weight – effectively requiring banks to hold capital equal to the full value of such exposures. However, US banking regulators have indicated that they do not intend to implement the Basel crypto-asset standards in their current form, opting instead to preserve regulatory flexibility and to promote innovation and competition. 

As discussed in 2.1 Regulators and International Alignment, in the United States, there is still no single, comprehensive statutory framework governing the classification of digital assets. Broadly, securities are regulated by the SEC, while commodity derivatives are regulated by the CFTC. To the extent that fungible digital assets, or transactions in fungible digital assets, are not regulated as securities, they would be treated as commodities and subject to CFTC’s anti-fraud and anti-manipulation jurisdiction in spot markets, as well as its broader jurisdiction over commodity derivatives. 

Under existing US law, digital assets that are intended to be securities or “tokenised” securities are treated as securities. Fungible digital assets that are not themselves securities may nevertheless be transacted under circumstances that constitute “securities transactions”. Determining whether such circumstances exist requires application of the Howey test (discussed in 2.1 Regulators and International Alignment), which is a facts-and-circumstances analysis and can be difficult for market participants to apply in practice.

Over the past 12–18 months, the SEC staff have issued a series of category-specific statements and interpretative materials addressing specific segments of the market, including meme coins, proof-of-work mining activities, and certain “covered stablecoins”. These statements generally reflect the view that not all crypto-assets, or activities involving them, fall within the scope of the federal securities laws, particularly where the asset does not convey rights to enterprise value or is not marketed based on the managerial efforts of others. 

The Joint Interpretation (discussed in 2.1 Regulators and International Alignment) and its accompanying taxonomy framework provide further clarity on when crypto-assets or related activities may fall within the SEC’s jurisdiction.

In the USA, there are spot exchange-traded funds (ETFs) (eg, the SEC-approved Bitcoin and Ethereum products) that are typically organised as commodity or grantor trusts that own the underlying digital assets. Both spot ETFs and futures-based crypto funds are securities products subject to US securities laws. Both structures also face FINRA advertising standards, Exchange Act custody and anti-fraud rules, and must maintain market-surveillance agreements with their listing exchanges.

Specifically, starting in 2024, the SEC has been taking steps to facilitate institutional access to digital assets through exchange-traded products (ETPs). Through the first quarter of 2024, the SEC approved the listing and trading of multiple spot Bitcoin ETPs, marking a significant shift in its approach to crypto-linked investment products. The SEC subsequently approved rule changes permitting the listing and trading of spot Ether ETFs in May 2024, and on 17 September 2025 approved generic listing standards for certain crypto-based ETPs, marking a shift from product-specific approvals to a more standardised, rules-based framework for market access. While these developments have contributed to increased institutional participation and inflows into crypto ETPs, the current landscape remains largely limited to bitcoin and ether, with a more limited but growing set of ETPs referencing other digital assets (such as SOL, XRP and DOT), which continue to face an evolving regulatory landscape.

Tokenised securities are treated as securities in the USA. However, questions remain about the viability of tokenised securities, as they are not provided for in the UCC that gives states one set of rules for commercial transactions such as sales of goods, negotiable instruments, funds transfers, letters of credit, securities and secured lending. The UCC only recognises two categories of securities – certificated and uncertificated. Traditionally, certificated securities are represented by a physical certificate while uncertificated securities are represented as ledger entries in the books and records maintained by the issuer or its agent.

There is debate about whether a tokenised security can be certificated because the rights and obligations associated with the security are not reduced to writing on paper and electronic certificates are not provided for under the UCC. It may be possible to classify tokenised securities as uncertificated; however, there are specific rules regarding how uncertificated securities may be transacted under the UCC and recorded on the books and records of the issuer that may not be consistent with the manner in which blockchain-based assets are transferred in practice. Without clear recognition under the UCC, holders of tokenised securities may face legal risks in proving or defending their ownership rights, especially in cases of insolvency or competing claims. This issue has been recognised by practitioners who are working on solutions under the UCC.

Guidance released on 28 January 2026 by the staff of the SEC’s Divisions of Corporation Finance, Investment Management, and Trading and Markets underscores that tokenised securities may take multiple structural forms, including issuer-sponsored models in which ownership records are maintained on-chain, and third-party models that rely on custodial arrangements or synthetic exposure. In issuer-sponsored structures, the use of distributed ledger technology to maintain the “master securityholder file” does not alter the application of federal securities laws, even where ownership records are maintained partially or entirely on-chain. However, where third parties tokenise existing securities – particularly through custodial or synthetic arrangements – additional risks arise, including intermediary insolvency risk and potential divergence between the rights conveyed by the token and those associated with the underlying security. 

Non-Fungible Tokens (NFTs)

There are no regulations in the USA that are specific to NFTs as such, but existing laws apply to these digital assets and activities involving them. Given their non-fungible nature, NFTs are unlikely to be considered “commodities”. To the extent that an offer or sale of NFTs constitutes an investment contract under the Howey test, they could be classified as securities and subject to compliance with securities laws. 

Additionally, offer and sale of NFTs as consumer products such as collectibles would be subject to consumer protection laws and regulations. Both federal and state consumer protection laws generally prohibit unfair or deceptive acts and practices with respect to consumer goods and services. Similar to other types of digital assets, those selling NFTs must also keep sanctions compliance in mind and take steps to avoid engaging in transactions with sanctioned individuals or individuals residing in sanctioned jurisdictions.

Meme Coins

On 27 February 2025, the SEC’s Division of Corporation Finance issued a Staff Statement on Meme Coins, clarifying for the first time that typical meme coins are presumptively not securities under federal securities laws. The SEC explained that meme coins – crypto-assets inspired by internet memes or trends and primarily purchased for entertainment, social interaction or speculation – generally do not meet the definition of a security. The Joint Interpretation (see 2.1 Regulators and International Alignment) subsequently incorporated meme coins into a broader crypto-asset taxonomy, generally confirming this characterisation while noting that meme coins marketed with profit expectations tied to promoter efforts may still be assessed under Howey. At the same time, the release emphasised that meme coins marketed with profit expectations tied to promoter efforts, or otherwise embedded in a broader scheme, may still be treated as securities under a facts-and-circumstances analysis.

Enforcement actions and judicial decisions arising from those actions have played an important role in shaping the application of existing laws to blockchain technology and digital assets.

Notable SEC Actions

In the securities law context, these decisions fall into two categories of cases – those involving initial allocations of digital assets and those that involve secondary transactions in tokens. Following the resignation of former SEC Chairman Gary Gensler, and the subsequent launch of the Crypto Task Force as well as the appointment of SEC Chairman Paul Atkins, in early 2025, the SEC dismissed several high-profile enforcement actions against major cryptocurrency firms, signalling a notable shift in its regulatory approach under new leadership. These dismissals, many filed “with prejudice”, indicate a significant change in the SEC’s stance towards cryptocurrency regulation, moving away from aggressive enforcement actions and towards a more collaborative and transparent approach. This includes the SEC’s enforcement actions against Coinbase, Payward (dba Kraken), Cumberland, Consensys and Dragonchain. The SEC has also closed investigations without enforcement actions against multiple firms, including reported investigation closures against Robinhood Crypto, Uniswap Labs and Crypto.com.

Separately, on 5 March 2026, the SEC filed a proposed final judgment in its action against Justin Sun, pursuant to which the SEC agreed to settle its wash trading claim against Rainberry, Inc, while dismissing, with prejudice, all remaining claims against Justin Sun, Tron Foundation Limited, BitTorrent Foundation Ltd, and Rainberry, Inc – effectively resolving one of the last remaining enforcement actions initiated under prior SEC Chairman Gary Gensler.

Notable CFTC Actions

In September 2023, the CFTC brought enforcement actions against three DeFi platforms – Opyn, Deridex and ZeroEx (0x) – alleging that each facilitated trading of derivatives or leveraged products without proper registration, regardless of decentralisation claims, in violation of the CEA. The charges included operating unregistered trading platforms, failing to register as futures commission merchants, and lacking required customer identification programmes. Each platform settled with the CFTC: Opyn paid a USD250,000 penalty, Deridex USD100,000 and ZeroEx USD200,000.

Notable Criminal Matters

On 20 November 2023, Sam Bankman-Fried was found guilty of two counts of wire fraud, two counts of conspiracy to commit wire fraud, conspiracy to commit securities fraud, conspiracy to commit commodities fraud and conspiracy to commit money laundering stemming from his activities at FTX and Alameda Research. He was later sentenced to 25 years in prison.

In August 2023, the DOJ filed a criminal indictment against two developers of Tornado Cash, an open-source privacy protocol that facilitates anonymous transactions by obscuring the origins of cryptocurrencies such as Bitcoin and Ether. The criminal case against the developers of the Tornado Cash software alleges that the developers engaged in a conspiracy to commit money laundering, conspiracy to commit sanctions violations, and conspiracy to operate an unlicensed money transmission business. The indictment alleged that the defendants created, operated and promoted Tornado Cash, a cryptocurrency mixer that facilitated more than USD1 billion in money laundering transactions, and laundered hundreds of millions of dollars for the Lazarus Group, the sanctioned North Korean cybercrime organisation. In August 2025, a jury returned a mixed verdict, convicting one defendant of conspiracy to operate an unlicensed money transmitting business, while deadlocking on the money laundering and sanctions counts, resulting in a partial mistrial on those charges. Roman Storm now faces a potential retrial on the unresolved counts, with prosecutors seeking to proceed in October 2026.

In May 2024, the DOJ charged Anton and James Peraire-Bueno, brothers and MIT graduates, for allegedly orchestrating an illegal scheme that exploited Ethereum’s transaction validation process to obtain approximately USD25 million in cryptocurrency within a span of 12 seconds. The DOJ’s indictment accuses the brothers of manipulating MEV-Boost, a software used by Ethereum validators, to gain unauthorised access to pending private transactions – a practice known as Maximal Extractable Value (MEV) exploitation. This case is one of the first to target the integrity of blockchain validation mechanisms. The defendants challenged the charges, arguing that the actions were within the bounds of Ethereum’s open and permissionless protocol, and that the DOJ’s application of wire fraud statutes to this case represents an overreach. The case went to trial and a mistrial was declared as the jury could not reach a unanimous verdict. Prosecutors intend to retry the case.

See 2.5 Market Abuse.

There are no licensing regimes at the federal level in the USA that are specific to digital assets or activities in digital assets. However, there are several licensing or registration regimes that may apply, depending on the activities being undertaken. In the securities context, to the extent that digital assets or transactions in digital assets are deemed to be securities transactions, there are registration obligations with respect to intermediaries involved in those transactions, such as brokers, dealers, exchanges, investment advisers, investment companies, security-based swap dealers and clearing agencies.

With respect to activities involving derivatives on digital assets that are treated as commodities, there may be obligations to register as a futures commission merchant, designated contract market, commodity trading adviser, commodity pool operator, or swap dealer.  Entities that engage in money transmission activities involving digital assets – generally defined as the acceptance of funds or value that substitutes for currency from one person and the transmission of those funds or value to another location or person by any means – may be required to obtain money transmission licences in the states in which they engage in those activities, as well as register as a money services business with FinCEN. Lastly, state licensing regimes, such as New York’s BitLicense, may apply.

See 3.1 Licensing Requirements.

Digital asset firms that are licensed money transmitters and undergo a change of control will be required to engage with state money transmission regulators to provide notice of a change of control and obtain approval of the change of control. 

Digital asset firms operating as broker-dealers, investment advisers, or OCC-chartered institutions are subject to analogous requirements under FINRA rules, the Investment Advisers Act of 1940, and the Change in Bank Control Act, respectively, each of which may require prior notice to or approval from the applicable regulator.

There is no “passporting” regime in the USA. Authorisation in one state generally does not permit operation in others, and separate state-level licences are typically required. At the federal level, certain OCC charters (eg, national trust bank charters) may pre-empt some state licensing requirements, but do not extend extraterritorially.

There are no specific marketing requirements in the USA that apply to digital assets or activities in digital assets. The SEC prohibits touting of digital assets that it deems securities by paid promoters unless the compensation arrangements are publicly disclosed. Similarly, state securities regulators impose similar requirements. In addition, the Federal Trade Commission has put out guidance regarding the use of endorsements and testimonials in advertising and the disclosures required regarding material connections between endorsers and advertisers.

There is no formal “white-labelling” regime in the United States that permits an unlicensed firm to offer regulated services solely by relying on the licence of another entity.

In practice, white-label solutions are commonly used in areas such as payments, custody and trading infrastructure, where a licensed entity (eg, a bank, broker-dealer, or money transmitter) provides the regulated service, and a third-party firm offers the front-end interface or customer-facing experience. However, US regulators focus on the substance of the arrangement rather than its form. If the third party is effectively performing regulated functions – such as custody, execution or money transmission – it may be required to obtain its own licences or registrations. Licensed entities entering into white-label arrangements also remain responsible for compliance with applicable regulatory requirements, including AML, customer identification (KYC), consumer protection, and operational risk management.

DeFi activity is not prohibited as such in the United States. However, there is no bespoke regulatory framework for decentralised protocols. Activities conducted through DeFi infrastructure – such as trading, lending or custody – may trigger regulation under US securities laws, commodities laws, money transmission regimes, or AML and sanctions frameworks, depending on the facts and circumstances. The use of decentralised technology does not, in itself, remove an activity from the scope of applicable laws.

In practice, this means that activities conducted through DeFi infrastructure – such as trading, lending or custody – may trigger regulation under US securities laws, commodities laws, money transmission regimes, or AML and sanctions frameworks, depending on the facts and circumstances. The use of decentralised technology does not, in itself, remove an activity from the scope of applicable laws. Similarly, traditional firms may utilise DeFi infrastructure, provided they maintain compliance with applicable custody, AML/KYC, sanctions, and conduct requirements. In fact, on 13 April 2026, SEC staff issued guidance stating that certain non-custodial DeFi front-end interfaces may operate without broker-dealer registration where specified conditions are met, reflecting an effort to provide clearer parameters around permissible DeFi activity.

Regulators have also increasingly focused on the role of identifiable participants in DeFi ecosystems, including developers, governance participants, and service providers, particularly where those parties exercise control or derive economic benefit from the protocol. In practice, this results in a “function-over-form” approach, where DeFi activity is assessed based on the underlying economic activity rather than the technological structure through which it is conducted.

Consistent with the function-over-form approach described in 5.1 Ability to Use DeFi, DeFi structures are assessed under existing regimes based on their functional characteristics.

In practice, setting up a DeFi structure in the United States typically involves forming one or more legal entities (eg, a Delaware corporation or LLC, or a Wyoming DAO LLC) and assessing the regulatory implications of the protocol’s activities. Depending on the facts, this may include analysis under US securities laws (eg, whether governance tokens constitute “investment contracts”), commodities and derivatives regulation under the CEA, state-level money transmission laws, and AML obligations under the Bank Secrecy Act.

Regulators have generally taken the position that the use of a DAO or other decentralised structure does not, in itself, remove an activity from the scope of applicable laws, particularly where there are identifiable persons exercising control or deriving economic benefit. Enforcement actions involving DeFi protocols have also reflected a substance-over-form approach. See 5.3 Liability for more information.

As mentioned in 5.2 DeFi Structures, regulators in the USA have taken the position that the use of smart contracts or DAO-based governance does not eliminate liability where there are identifiable persons or groups responsible for operating, controlling or benefiting from the protocol.

This approach is reflected in enforcement actions brought by the CFTC. In CFTC v Ooki DAO, the CFTC brought an action against a DAO alleged to be operating an unregistered derivatives trading platform. The court permitted the DAO to be treated as an unincorporated association and allowed service of process through the DAO’s online governance forum. The court later entered default judgment against Ooki DAO.

The case also reflects the CFTC’s view that participation in DAO governance may, depending on the facts, give rise to liability where individuals are sufficiently involved in the operation of the protocol.

In the civil litigation context, numerous class actions have been filed alleging that DAOs operate as general partnerships and seeking to hold significant DAO participants responsible for the activities of the DAO as general partners. For example, in Samuels v Lido DAO, et al in the Northern District of California, motion to dismiss was denied and the court found that the allegations in the complaint adequately alleged that the Lido DAO was a general partnership.

Digital assets may be used for payments in the USA. There are no digital asset-specific laws or rules in this area, and use and acceptance of digital assets for payment by merchants is subject to traditional laws and rules related to payments. Many digital asset payment systems involve transmission of digital assets by an intermediary or conversion of digital assets to fiat or digital assets to other digital assets, all of which implicates US money transmission laws and rules.

As noted in 2.4 Token Issuance, the SEC released guidance regarding tokenisation in early 2026. The CFTC has also released guidance on tokenised assets as well.

On 8 December 2025, the CFTC issued CFTC Letter No 25-39 (the “Guidance”), providing staff guidance on the use of tokenised assets as collateral in derivatives markets. In the Guidance, the CFTC adopts a technology-neutral approach, clarifying that the use of blockchain or distributed ledger technology to tokenise an asset “need not change the fundamental characteristics of that asset”, and that existing regulatory requirements applicable to non-cash collateral can generally accommodate tokenised assets without new rulemaking.

Consistent with this approach, tokenised assets are regulated in substantially the same manner as their non-blockchain equivalents. Assets that are eligible to serve as margin collateral – such as US Treasuries, corporate bonds or money market fund interests – remain eligible when tokenised, provided they satisfy applicable requirements relating to credit quality, liquidity and maturity.

The Guidance further emphasises that existing regulatory frameworks governing legal enforceability, custody, segregation and risk management apply equally to tokenised forms of assets. Market participants must ensure that tokenised collateral is subject to enforceable legal arrangements, held with eligible custodians, and compliant with applicable segregation and control requirements.

Similarly, risk-based methodologies – such as haircuts and valuation – apply to tokenised assets in a manner consistent with their traditional counterparts, subject to adjustments where the tokenised form introduces additional risks (eg, settlement, liquidity or operational considerations).

At the same time, the CFTC notes that tokenisation may introduce novel operational and legal risks, including cybersecurity and technological dependencies, and emphasises that tokenised assets should be assessed on a case-by-case basis depending on their structure. Taken together, the Guidance reflects the CFTC’s view that tokenisation does not alter the regulatory classification of an asset; rather, tokenised RWAs are generally subject to the same regulatory treatment as their non-blockchain equivalents, with additional analysis required only to address risks arising from the use of distributed ledger technology.