An official website of the United States government
Here’s how you know
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock
()
or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Please find written input submissions to the Crypto Task Force below. The written input is posted without modification. We hope sharing the submissions will help encourage productive dialogue and continued engagement. Please note that the “Key Points” and “Topics” are AI generated. AI can make mistakes, and the Key Points and Topics are not a replacement for you reading the submissions. The Crypto Task Force has not reviewed these AI-generated summaries for accuracy or completeness. If you believe a Key Point or Topic is inaccurate, please email the Crypto Task Force at crypto@sec.gov. The written input provided to the SEC and posted on this page does not necessarily reflect the views of the Crypto Task Force or others in the U.S. Securities and Exchange Commission.
The framework proposes replacing delayed, periodic financial declarations with a system of continuous, mathematically verifiable, cryptographic evidence of institutional solvency, liquidity, and exposure. This enables real-time supervisory oversight and reduces systemic risk by ensuring that financial state claims are always backed by immutable operational data rather than after-the-fact assertions.
It establishes a tiered access model (Tier 0–2) for regulators, providing the SEC with real-time, purpose-limited visibility into financial states without requiring broad, unrestricted access to sensitive or proprietary data. This model enforces structural purpose limitation, granular logging, and mandatory post-access review, supporting both regulatory objectives and commercial confidentiality.
The framework defines strict governance, reconciliation, and evidence preservation protocols, including automated detection and containment of reconciliation breaks, immutable chain-of-custody records, and examiner-ready preservation bundles. It explicitly does not create new legal obligations, reporting regimes, or safe harbors, but provides an operational evidence layer to support existing legal, regulatory, and audit processes.
Standardized compliance interfaces such as ERC‑7943 can reduce operational risk and fragmentation by enabling consistent eligibility checks, transfer controls, freezing, and enforcement mechanisms across tokenized instruments.
The existence or absence of onchain compliance controls should not be treated as a legal classification test; tokenization does not alter whether the underlying asset is a security under U.S. law.
Tokenized instruments incorporating administrative powers like freezing or forced transfers require transparent disclosure of authority, governance processes, emitted events, and remediation pathways to safeguard investor protection.
The framework explicitly states that it does not create, modify, or supplement any legal obligations, nor does it make legal conclusions regarding ownership, solvency, reserve adequacy, disclosure, or regulatory compliance. All such determinations remain with the relevant legal, accounting, and regulatory authorities.
The kit provides an operational evidence layer for economically material states, enabling independent reconstruction and verification of states such as ownership, reserves, and settlements, but does not adjudicate legal ownership or regulatory status. It is implementation-agnostic and does not prescribe technology, legal standards, or regulatory interpretations.
The framework establishes a tiered supervisory access model (aggregate, scoped, and exceptional/identity-linked), ensuring that evidence can be produced for regulatory review without requiring full public disclosure or unnecessary exposure of institutional or counterparty data. Access is bounded by documented purpose, time-to-live (TTL), and post-access review requirements.
The operating model defines “operational finality conditions met” as an evidence-backed, operational state for settlement, but explicitly states this is not a legal conclusion. Legal finality determinations remain with competent legal authorities and applicable law; the model does not claim to determine legal or regulatory status of instruments or arrangements.
Any yield or reward feature associated with a cash-leg instrument (e.g., tokenized deposits, stable-value rails) must be structurally and operationally separated from the settlement rail, with mandatory disclosure and boundary testing. Introduction or modification of such features triggers recertification and regulatory notification, ensuring compliance with supervisory requirements and preventing undisclosed yield commingling.
The model prohibits any single party from unilaterally controlling settlement, finality, or privileged actions (e.g., escrow release, gate activation). All such actions require quorum/dual authorization, immutable audit logging, and post-event review, ensuring robust separation of duties and regulatory accountability across all operational modes.
The operating model defines “operational finality conditions met” as an evidence-backed, operational state for settlement, but explicitly states this is not a legal conclusion. Legal finality determinations remain with competent legal authorities and applicable law; the model does not claim to determine legal or regulatory status of instruments or arrangements.
Any yield or reward feature associated with a cash-leg instrument (e.g., tokenized deposits, stable-value rails) must be structurally and operationally separated from the settlement rail, with mandatory disclosure and boundary testing. Introduction or modification of such features triggers recertification and regulatory notification, ensuring compliance with supervisory requirements and preventing undisclosed yield commingling.
The model prohibits any single party from unilaterally controlling settlement, finality, or privileged actions (e.g., escrow release, gate activation). All such actions require quorum/dual authorization, immutable audit logging, and post-event review, ensuring robust separation of duties and regulatory accountability across all operational modes.
The letter urges the SEC to favor prospective rulemaking over individualized no‑action or exemptive relief, arguing that selective relief fragments the market, creates uneven treatment, and implicitly advantages entities able to petition for relief.
It recommends establishing a formal safe harbor via notice‑and‑comment to accommodate decentralized networks that cannot seek exemptive relief, enabling tokenization on both permissionless and permissioned systems with appropriate investor protections.
The letter argues that tokenized‑security recordkeeping and compliance functions can be embedded directly in blockchain systems, potentially reducing or eliminating mandated transfer agents and other intermediaries, provided issuers retain responsibility and optional delegation rights.
The Pack is strictly non-normative and implementation-agnostic. It does not create new legal obligations, assert legal conclusions, or prescribe regulatory interpretations. All operational guidance is framed as best practice aligned with existing recordkeeping standards and pilot participation requirements.
The framework operationalizes examiner-ready evidence, continuous reconciliation, and offboarding controls for tokenized securities pilots. It provides standardized Ownership Evidence Sets (OES), continuous reconciliation workflows, custody/registry alignment checks, and reversible offboarding proof bundles, all designed to support regulatory examination and reduce supervisory friction.
Upon detection of reconciliation breaks or integrity failures, the Pack mandates immediate “hold-only” containment (freezing affected records), distributed approval for all corrections (no master key or single-actor override), and preservation of all evidence via content-addressed storage and legal hold mechanisms. All actions are logged, versioned, and independently verifiable.
The framework proposes a multi-tiered, zero-knowledge proof (ZKP)-backed privacy model that enables regulatory examiners (e.g., SEC) to verify compliance (eligibility, sanctions screening, concentration limits) without accessing raw personally identifiable information (PII) or sensitive commercial data, thus resolving the tension between regulatory oversight and data confidentiality in tokenized markets.
It establishes a legally significant, tiered disclosure ladder (Tier 0/1/2) for supervisory access, ensuring regulators receive only the minimum necessary data for each gate, with escalation and post-access review requirements for exceptional identity reveals, and mandates that every compliance proof artifact be mapped to a recognized evidence pack (DEP/SEP/VOP) before reliance.
The framework includes technical artifacts and workflows for cross-border evidence portability, applying minimization/redaction templates and conflict-of-laws playbooks to ensure compliance with foreign data protection, secrecy statutes, and data localization rules, and gating cross-border production on active Memorandum of Understanding (MoU) scope confirmation.
SIFMA (Securities Industry and Financial Markets Association)
Wallet providers performing order‑routing, price‑curation, execution‑related functions, or earning transaction‑based compensation may be deemed brokers under the Exchange Act, even without custody of customer assets.
Broker analysis is fact‑specific, requiring a holistic evaluation of wallet‑provider activities; the SEC v. Coinbase ruling does not create a categorical exemption for non‑custodial wallet providers.
Regulatory clarity should ensure “like activities are regulated alike,” preventing regulatory arbitrage and ensuring wallet providers performing securities‑intermediation functions meet broker‑dealer obligations.
The document operationalizes the integration of tokenized U.S. sovereign bills and private credit into programmable infrastructure, establishing mandatory agent accountability envelopes, immutable decision logs, and standardized evidence artifacts to ensure regulatory alignment, eligibility enforcement, and market integrity without introducing new legal obligations or policy positions.
It mandates that all algorithmic agents operate under explicit, examiner-ready mandates with defined risk limits, kill authority, and change control, ensuring that all agentic actions are attributable to a responsible legal entity and are fully auditable for compliance with existing securities laws and supervisory expectations.
The framework requires dual-layer custody controls (on-ledger and off-ledger), continuous reconciliation, and robust asset return protocols, with multi-party approvals and evidence packaging, to prevent commingling, ensure 1:1 asset backing, and enable controlled unwind or asset return in stress or wind-down scenarios.
