An official website of the United States government
Here’s how you know
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock
()
or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Please find written input submissions to the Crypto Task Force below. The written input is posted without modification. We hope sharing the submissions will help encourage productive dialogue and continued engagement. Please note that the “Key Points” and “Topics” are AI generated. AI can make mistakes, and the Key Points and Topics are not a replacement for you reading the submissions. The Crypto Task Force has not reviewed these AI-generated summaries for accuracy or completeness. If you believe a Key Point or Topic is inaccurate, please email the Crypto Task Force at crypto@sec.gov. The written input provided to the SEC and posted on this page does not necessarily reflect the views of the Crypto Task Force or others in the U.S. Securities and Exchange Commission.
The framework proposes a multi-tiered, zero-knowledge proof (ZKP)-backed privacy model that enables regulatory examiners (e.g., SEC) to verify compliance (eligibility, sanctions screening, concentration limits) without accessing raw personally identifiable information (PII) or sensitive commercial data, thus resolving the tension between regulatory oversight and data confidentiality in tokenized markets.
It establishes a legally significant, tiered disclosure ladder (Tier 0/1/2) for supervisory access, ensuring regulators receive only the minimum necessary data for each gate, with escalation and post-access review requirements for exceptional identity reveals, and mandates that every compliance proof artifact be mapped to a recognized evidence pack (DEP/SEP/VOP) before reliance.
The framework includes technical artifacts and workflows for cross-border evidence portability, applying minimization/redaction templates and conflict-of-laws playbooks to ensure compliance with foreign data protection, secrecy statutes, and data localization rules, and gating cross-border production on active Memorandum of Understanding (MoU) scope confirmation.
SIFMA (Securities Industry and Financial Markets Association)
Wallet providers performing order‑routing, price‑curation, execution‑related functions, or earning transaction‑based compensation may be deemed brokers under the Exchange Act, even without custody of customer assets.
Broker analysis is fact‑specific, requiring a holistic evaluation of wallet‑provider activities; the SEC v. Coinbase ruling does not create a categorical exemption for non‑custodial wallet providers.
Regulatory clarity should ensure “like activities are regulated alike,” preventing regulatory arbitrage and ensuring wallet providers performing securities‑intermediation functions meet broker‑dealer obligations.
The document operationalizes the integration of tokenized U.S. sovereign bills and private credit into programmable infrastructure, establishing mandatory agent accountability envelopes, immutable decision logs, and standardized evidence artifacts to ensure regulatory alignment, eligibility enforcement, and market integrity without introducing new legal obligations or policy positions.
It mandates that all algorithmic agents operate under explicit, examiner-ready mandates with defined risk limits, kill authority, and change control, ensuring that all agentic actions are attributable to a responsible legal entity and are fully auditable for compliance with existing securities laws and supervisory expectations.
The framework requires dual-layer custody controls (on-ledger and off-ledger), continuous reconciliation, and robust asset return protocols, with multi-party approvals and evidence packaging, to prevent commingling, ensure 1:1 asset backing, and enable controlled unwind or asset return in stress or wind-down scenarios.
Both EU and U.S. frameworks converge on the need to define the legal nature of a token before issuance, not after circulation. This includes identifying whether it is a financial instrument under MiFID II, a crypto asset under MiCAR, or subject to U.S. securities law.
The token’s legal identity cannot be inferred from the asset it references. Tokenization may create a new legal object, requiring autonomous analysis of rights, transferability, and executable behavior.
Declared rights and restrictions in issuance documents must align with the smart contract’s executable logic. Divergence between narrative and technical behavior triggers regulatory reclassification and systemic risk.
The framework mandates that all transfer restrictions (e.g., lockups, eligibility gating, jurisdictional limits) must be enforced at the moment of transaction execution, not merely through legal legends or post-settlement audits. This includes dynamic credential verification, sanctions screening, and concentration limit checks, with all failed attempts logged and subject to regulatory review.
All private market tokenized instruments must maintain a standardized disclosure schema (SDS) with ten required modules (structure, rights/restrictions, eligibility, fees, conflicts, valuation, liquidity/exit, governance, risk, communications). Each disclosure claim must be mapped to verifiable evidence artifacts, enabling examiners to validate compliance and investor protection obligations efficiently.
The framework establishes a privacy-graduated, tiered access model for regulators (aggregate, scoped, identity-revealing), with strict purpose limitation and time-to-live (TTL) controls. Automated examiner workflows and query packs are provided to facilitate rapid, evidence-based investigations, including escalation protocols for suspected manipulation, restriction bypass, or governance breaches.
Replace Rule 603’s prescriptive SIP-based consolidated display requirement with a principles-based “Fair Quote Presentation Rule” that focuses on anti-misleading standards, disclosure of data sources, and transparency rather than mandating a single data model.
Explicitly allow alternative, verifiable data sources—including cryptographically verifiable distributed ledger states, venue-native order books, and modern feeds like Pyth—for DeFi platforms, tokenized ATSs, and crypto-native venues under the Commission’s Innovation Exception framework.
Maintain investor protection through disclosure, timestamp integrity, and supervisory controls instead of enforcing reliance on centralized SIP infrastructure, which imposes cost and governance inefficiencies incompatible with modern markets.
The SEC should replace the current one-dimensional “best execution” rule with a principles-based, multi-factor framework that accounts for factors like certainty of execution, privacy, atomicity, finality, and all-in cost, especially in tokenized markets.
The SEC should confirm that the Order Protection Rule under Reg NMS does not apply to transactions offering non-regular-way settlement (e.g., atomic settlement), aligning with existing law rather than requiring new exemptions.
Regulators should prioritize transparency, competition, and innovation by moving from prescriptive routing mandates to principles- and disclosures-based compliance, and consider sandboxes for testing new execution modalities.
The framework establishes a rigorous operational logic for distinguishing payment-only stable-value instruments from yield-bearing or reward programs, triggering additional disclosure and operational requirements when features cross category boundaries. This enables clear regulatory classification and enforcement under existing securities laws.
Operators must maintain strict legal, operational, and disclosure separation between payment instruments and any yield or reward programs. Commingling reserves or income across categories is prohibited, and material changes (e.g., adding yield features or modifying redemption terms) require governance approval and regulatory notification.
The submission mandates documented stress response playbooks (e.g., liquidity gates, redemption throttles, queues) with objective triggers, immutable logging, and standardized evidence packs. These controls ensure orderly market conduct, participant protection, and facilitate rapid, transparent regulatory examination during run-like dynamics or incidents.
Implements cryptographic content-addressing (SHA-256) and hash-chaining to provide tamper-evident proof of authenticity, supporting Federal Rules of Evidence 901 and 1002 for admissibility.
Establishes structured workflows for court-ordered or regulatory preservation, including dual authorization, enhanced replication (5 nodes across 3 jurisdictions), and air-gapped vault storage to ensure compliance with litigation and enforcement obligations.
Maintains immutable custody event logs for every evidence lifecycle action (creation, replication, access, transfer, disposal), enabling complete audit trails and supporting business records exception under FRE 803(6).
Custody, Public Offerings, Security Status, Tokenization, Trading
Congress must establish common-sense rules for crypto firms engaging in traditional financial activities (capital raising, custody, trading) to ensure investor protection and market integrity.
Registration requirements, anti-fraud provisions, and oversight mechanisms are essential to mitigate risks such as market volatility, financial crimes, and scams, preserving trust in digital asset markets.
Legislation should define when cryptocurrencies qualify as securities, commodities, or other asset classes to enable proper compliance and handling of unclaimed digital assets.
