An official website of the United States government
Here’s how you know
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock
()
or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Please find written input submissions to the Crypto Task Force below. The written input is posted without modification. We hope sharing the submissions will help encourage productive dialogue and continued engagement. Please note that the “Key Points” and “Topics” are AI generated. AI can make mistakes, and the Key Points and Topics are not a replacement for you reading the submissions. The Crypto Task Force has not reviewed these AI-generated summaries for accuracy or completeness. If you believe a Key Point or Topic is inaccurate, please email the Crypto Task Force at crypto@sec.gov. The written input provided to the SEC and posted on this page does not necessarily reflect the views of the Crypto Task Force or others in the U.S. Securities and Exchange Commission.
The kit establishes technical controls and standardized evidence artifacts to demonstrate continuous compliance with SEC Customer Protection Rule 15c3-3 and the Custody Rule, enabling verifiable segregation and control of digital assets without reliance on trust.
It provides examiner query packs and failure scenario playbooks, allowing independent regulatory verification of asset segregation, key management, and recovery procedures, including protocols for insolvency, key compromise, and asset return.
The kit translates existing custody requirements into auditable operational procedures but does not create new regulatory obligations, assert legal conclusions, or seek SEC endorsement of specific custody models or technology implementations.
The Pack provides legally substantive templates for technical standard changes, conformance updates, and pilot expansion requests, ensuring that filings address all required regulatory elements, evidence, and governance approvals before submission to the SEC.
It operationalizes a detailed crosswalk mapping pilot evidence artifacts to regulatory recordkeeping and surveillance objectives (e.g., SEC Rule 17a-4, CAT), demonstrating how tokenized securities pilots can meet or exceed existing audit trail, retention, and integrity requirements.
The Pack establishes a legally relevant, tiered model for regulatory access to participant data (aggregate, routine, emergency), with purpose limitation, dual-control approval for sensitive access, and mandatory post-event review, supporting privacy, due process, and proportionality in regulatory oversight.
Securities Industry and Financial Markets Association (SIFMA)
Wallet providers performing broker-dealer functions for tokenized securities must register under the Exchange Act; exemptions or no-action relief are inappropriate as they undermine investor protection and market integrity.
Clear regulatory distinctions are required between true non-custodial wallet services and models involving custody or safekeeping, as the latter may trigger broker-dealer or other regulatory obligations.
Regulatory clarity should be achieved through durable, notice-and-comment rulemaking that defines when wallet providers are or are not brokers, rather than through ad hoc exemptions or safe harbors.
Implements SEC recordkeeping principles (Rules 17a-3, 17a-4) with mandatory retention periods (7 years for transaction/authentication logs; indefinite for key ceremonies, holds, and incidents) and legal hold overrides to ensure compliance during litigation or investigation.
Aligns with SEC Customer Protection Rule (Rule 15c3-3) and Custody Rule (Rule 206(4)-2) by requiring qualified custodians, segregation of participant assets, and documented beneficial ownership to prevent commingling and ensure fiduciary safeguards.
Establishes tiered supervisory access with dual-control approvals, purpose limitation, immutable logging, and mandatory post-event review to meet due process and oversight requirements under securities laws and privacy frameworks.
The framework enforces the “Contract > Code” principle, ensuring smart contracts only implement agreed legal terms and never override governing legal documentation. Judicial remedies remain fully preserved under U.S. securities law.
POLARIS aligns with existing U.S. securities laws (Securities Act of 1933, Exchange Act of 1934, Investment Company Act, Advisers Act) and incorporates AML/KYC obligations under the Bank Secrecy Act and FATF Travel Rule, embedding compliance checks into automated pre-settlement verification.
Implementation occurs under SEC oversight via conditional exemptive relief and a proposed Self-Regulatory Organization (SRO). All SRO rules require SEC approval, and the SEC retains ultimate jurisdiction, including authority to modify or terminate pilot operations.
Charles W. Mooney, Jr., New Hampshire Commission on Uniform State Laws
Custody, Public Offerings, Safe Harbor, Security Status, Tokenization, Trading
The SEC should mandate DTCC cooperation to enable near real-time movement of registered ownership between direct and intermediated holding, creating a level playing field for tokenized securities.
Infrastructure reform is necessary to remove regulatory and market barriers to direct holding and self-custody, ensuring benefits equivalent to intermediated accounts for direct holders.
The SEC should request proposals for a reformed infrastructure and clarify broker-dealer authority to execute transfers of directly held securities for trading in traditional markets.
Stuart Alderoty, Sameer Dhond, and Deborah McCrimmon, Ripple
Public Offerings, Security Status, Tokenization, Trading
SEC authority should hinge on enforceable promises and legal claims, not mere expectations of profit or passive economic interest. Without privity or contractual rights, speculation does not create securities status.
Securities regulation should apply to primary distributions where privity exists (e.g., ICOs), not to perpetual secondary-market trades. Treating every issuer sale as a capital raise creates legal fictions and operational paralysis.
Regulatory focus should target cases where an issuer or affiliated group retains unilateral control over network rules or token functionality, as this may constitute an ongoing obligation. Control must be objectively defined; mere influence or inventory holdings do not qualify.
Miller Whitehouse-Levine and Patrick Wilson, Solana Policy Institute
The SEC should adopt a technology-neutral framework that distinguishes true intermediaries (those holding funds or controlling execution) from developers of non-custodial, non-discretionary software tools.
Interpretive guidance should confirm that publishing or maintaining non-custodial software (wallets, smart contracts, passive interfaces) does not constitute operating an exchange, clearing agency, or effecting transactions for others.
The definition of “exchange” should exclude non-custodial, non-discretionary software that does not perform marketplace functions, ensuring communication layers and read-only tools remain outside regulatory scope.
SEC duties under the Exchange Act should encompass real-time transaction simulation and validation to prevent fraud before execution, given the immutability of onchain transactions.
Controls consistent with SCI objectives in digital-asset markets include pre-execution exploit detection and continuous monitoring to preserve system integrity and resiliency.
Technology-neutral application should recognize pre-signature safeguards (e.g., malicious destination detection and real-time alerts) as reasonable measures to protect customer assets where reversals are impossible.
SEC should confirm that SEC-registered transfer agents may serve as qualified custodians for tokenized securities, ensuring regulatory oversight and compliance.
Establish guidance allowing tokenization of securities in markets abandoned by traditional infrastructure under existing exemptions when using SEC-registered transfer agent custody with verifiable 1:1 backing.
Clarify that public, permissionless blockchains (e.g., Solana) may be used for tokenized securities when paired with appropriate custody arrangements, without requiring permissioned alternatives.
