Skip to main content

Outdated: Remarks before the Digital Assets at Duke Conference

Washington D.C.

Jan. 20, 2023

Thank you, Jimmie [Lenz] and Lee [Reiners] for putting together this conference and for inviting me to be part of it. I must begin with my standard disclaimer: the views I represent are my own and do not necessarily represent the views of the Securities and Exchange Commission (“SEC”) or my fellow Commissioners.

I was particularly drawn to this conference because it embodies what a university discussion should be—people with different perspectives coming together to listen to and challenge one another. Our cohosts set the tone for this viewpoint diversity. Professor Lenz actively experiments with blockchain technology,”[1] while Professor Reiners is a self-proclaimed “long-time crypto skeptic,” albeit one who acknowledges “that the broader digital asset industry is not going away.”[2]

Had this conference happened a couple of years ago, to capture the crypto mood, I could simply have lit my speech on fire, watched it burn while someone videoed the blaze, and then created an NFT.[3] Now, however, much of the crypto world is burning, so you will have to endure hearing the speech. The fires that bad and careless actors lit in the crypto world last year offer lessons for the new year, some of which I will discuss this evening. People within the crypto industry and those of us who regulate it could stand to learn something from the terrible, horrible, no good, very bad year[4] of 2022. Underlying these lessons is the truth that technology takes time to develop and often must combine with innovative developments in other fields to realize its full potential. In the interim, it can appear, particularly to outsiders looking in, awkward, useless, or downright harmful.

Over the holidays, I watched an episode of an old TV series, “That Girl,” in which Marlo Thomas plays an aspiring actress trying to make her way in New York City. The episode, which ran originally in the mid-1960s, was about CompuDate, a computer dating service that was “the coming thing in human relations.”[5] I was surprised to see that computer matching had already begun more than half a century ago, but the show seems to have drawn on reality. Around that time, two sets of students—one at Stanford and another at Harvard—developed operational computer dating projects.[6] Given the limitations of computer technology in the 1960s, it was not, of course, exactly the internet dating that has become so prevalent today. As an experiment, the Marlo Thomas character called up CompuDate, which fed her wish list into its computer on old-timey punch cards. The computer spat out the perfect match, and Marlo Thomas’s character went to the CompuDate office to pick up a photo of the guy who showed up at her door a few hours later. Spoiler alert: In the end, the Marlo Thomas character decided the boyfriend she had picked for herself was better than the guy the computer picked, but not by much.

Computer dating at the time the show was filmed was still very much a work in progress, but, as one character on the show explained, it had “splendid possibilities.”[7] These possibilities would not fully manifest until technology, including personal computers, the internet, artificial intelligence, and smartphones, unleashed it.[8] While this TV episode presciently explored the cutting edge of computer dating at the time, even the best fiction writers could not have predicted how technological developments have helped dating both evolve . . . and admittedly also devolve.[9]

On the show, CompuDate, a centralized intermediary, was still very involved in selecting your date. You still had to go down to the CompuDate office. You had to trust the people running the computer to enter your dating criteria accurately and not to override its results with their own judgments about who might be your perfect date. You could not chat with potential dates online before meeting them; they got your name, address, and photo and showed up at your door. Arguably, the involvement of a computer did not add much to the process. Why not simply hire a human matchmaker?[10] Now, however, online dating is the norm; one in four married couples met that way.[11] Computer matching is more workable on a large scale because the technology has developed to support it.

This silly example should not be mistaken for a prophecy that crypto will sweep society off its feet as online dating has, but prophets of crypto’s demise do not know the future either. Crypto’s value proposition depends primarily on the builders of this technology, not on regulators like me, who lack technical expertise and stand on the periphery looking in. Maybe that means you also ought to take the lessons for the industry that I will offer with a grain of salt, but here goes:

The first and most important lesson of the evening for people who believe in crypto’s future is that they should not wait for regulators to fix the problems that bubbled to the surface in 2022. They can act themselves to root out harmful practices and encourage good behavior. Regulatory solutions, which tend to be inflexible, should be a last resort, not a first resort. People working together voluntarily are much better at fixing things than regulators using their inherently coercive power to impose mandatory solutions. Privately designed and voluntarily implemented solutions can be both more effective and more tailored because the people driving them better understand the technology and what they are trying to achieve with it. Iterating and experimenting with private solutions is easier than it is with regulatory ones. Moreover, private solutions avoid the systemic risk that comes from an industry homogenizing because everyone has to fit into the same regulatory parameters.

Second, remember the point of crypto. It is not driving up crypto prices so that you can dump your tokens on someone else. Digital assets need to trade, so centralized venues or decentralized exchange protocols are necessary, but trading markets are not the ultimate point. Nor is the point of crypto to lend your crypto assets so that other people can trade them, although lending markets, in which everyone is aware of the risks, are not inherently problematic. Rather, at its core, crypto is about solving a trust problem: how can you interact and transact safely with people you do not know. Traditionally, people have looked to centralized intermediaries or government to solve this problem, but technology like cryptography, blockchain, and zero-knowledge proofs offer new solutions. Out of these technologies flows a multitude of potential uses, including smart contracts, payments, provenance, identity, recordkeeping, data storage, prediction markets, tokenization of assets, and borderless human collaboration. The technology is not an end in itself, but useful only if it can “tackle the hard, messy, human problems . . . and serve real people.”[12] If it creates more problems than it solves, then critics are right to dismiss it.

Third, each crypto asset, blockchain, and project needs to be assessed on its own merits. Talking about crypto as if it is a monolith obscures important differences and makes it easier for scammers to hide in the crowd.

Fourth, problems in the design of a protocol or at a centralized infrastructure provider can have sweeping, disastrous consequences. Testing protocols and careful analysis of the incentives you are building into infrastructure can prevent problems from arising after the protocol or infrastructure has been widely adopted.

Fifth, although crypto enables reduced reliance on centralized intermediaries, as long as companies are actively involved in crypto, people should take the same precautions as they would when dealing with any other company. Unthinking trust in centralized intermediaries is antithetical to crypto. As you assess a company’s products and services, consider the associated risks. For example, if a company plans to take your assets and lend them to someone else, who is that person, and what happens if that person cannot return the assets or if the company goes bankrupt? Regulation is not a silver bullet, but understanding whether, by whom, and how the company is regulated can help you calibrate your own due diligence. For their part, crypto companies should take the steps necessary to earn and keep their customers’ and counterparties’ trust. Proofs of reserve, audits of assets and liabilities, internal control audits, and other mechanisms for ensuring that the company is sound and customers’ assets are safe are key.[13]

Sixth, in addition to the importance of recognizing and protecting against counterparty risk, many other lessons from traditional finance are equally applicable in crypto. To highlight several:

  • Risks matter. Higher returns come with higher risks.
  • Counterparties matter. Choose your counterparties and the amount of exposure to each of them wisely.
  • Your counterparties’ counterparties matter. There is no such thing as pure bilateral risk. An entity’s financial problems can quickly become its customers’ and counterparties’ financial problems and their counterparties’ problems, and then the whole industry’s problems.
  • Collateral matters. If you make an unsecured loan, you will be at the back of the line in bankruptcy. A secured loan affords you more protection, but only if the collateral is good.
  • Leverage matters. Leverage magnifies losses in the same way that it can magnify gains.
  • Conflicts of interest matter. Before buying based on someone else’s recommendation, understand, among other things, whether her interests match yours. If she is telling you to buy while she is selling, you might want to ignore her advice.
  • Motives for buying matter. Fear of missing out is an inadequate reason to buy any asset, including a crypto asset.
  • Risk controls matter. Effective risk controls are necessary to prevent traders from doing what traders too often try to do: try to make up for losses with more trading.
  • Concentration matters. If a few large, interconnected companies or corporate groups dominate the crypto industry, it will struggle to be nimble and innovative. A multitude of smaller, independent projects fosters dynamism and, when fraud or failure happens, the repercussions are likely to be more contained. Distributed systems are generally more resilient than centralized systems, in part because they have multiple nodes so failure of one does not cause the failure of all.

Perhaps the most important message to the crypto industry is to listen to your critics inside or outside the industry. Critics’ voices are sometimes shrill, and their messages sometimes melodramatic or nonsensical. However, thoughtful people raise more nuanced critiques of crypto assets and blockchain technology. John Reed Stark, an alumnus of Duke and of the SEC, is in this camp. He champions a “healthy mix of skepticism, distrust, cynicism, and scorn” for “all things crypto, DeFi, NFT, and other Web3 nonsense.”[14] An open letter signed by 1500 “software engineers and technologists with deep expertise in our fields” “dispute[d] the claims made in recent years about the novelty and potential of blockchain technology” and argued, among other things, that “Financial technologies that serve the public must always have mechanisms for fraud mitigation and allow a human-in-the-loop to reverse transactions; blockchain permits neither.”[15] Some crypto fans have been equally harsh.[16] Thoughtful critiques merit serious consideration.[17] For example, critics have raised concerns about how customers would be treated in bankruptcy,[18] warned of conflicts of interest arising from exchanges performing multiple functions,[19] called out scams, and warned of interconnections between the traditional financial system and crypto.[20]

Last year was as much a teachable moment for regulators as it was for the crypto industry. Regulation should foster an environment where good things flourish, and bad things perish, not the other way around. Assessing regulatory successes and failures in light of recent events can help us determine how we can ensure regulation plays a constructive role. What we should not learn from the events of 2022 is that the failures of centralized entities are failures of decentralized protocols. Many of the 2022 failures involved crypto market participants doing the same foolish and fraudulent things that participants in other markets have been doing for centuries.

Pursuing fraudsters, no matter their chosen medium, is important. Hot areas attract scammers: in addition to dating apps,[21] think the 4 Cs: crypto, climate, COVID, and cannabis. The SEC has brought many cases alleging people have engaged in fraud involving actual or fictional crypto.[22] In judging the SEC’s success at stamping out fraud in crypto, remember that our jurisdiction is limited. Congress did not empower the SEC with general anti-fraud authority and instead limited it to investigating and addressing fraud occurring in connection with securities transactions with a nexus to the United States. And although some might suggest otherwise, everything, everywhere is not securities fraud.[23] Additionally, the SEC’s routine examination authority, which is a key way we identify securities violations, extends only to entities that register with the SEC.

Working with entities is also important as it tells the industry that, while we do not compromise on our statutory mandate, we can be flexible in how we achieve it. For example, recently an on chain money market fund that uses “blockchain to process transactions and record share ownership” negotiated its way through the SEC’s registration process.[24] While the process reportedly took longer than normal, the step is encouraging.[25] The SEC also has worked with sponsors of closed-end funds that wanted to hold bitcoin. Putting these efforts in the success column is a bit of a stretch, given that staff’s direction to such funds seems to flirt with merit regulation, even though we lack the legal authority to do so.[26]

As I will discuss later, the SEC should conduct some form of notice and comment process to resolve the thorniest crypto-related policy issues. Our governing statutes allow us, however, to waive or modify legal obligations when we have a good reason for doing so. Using this authority, the SEC has provided bespoke relief through exemptive orders or no-action letters, which pledge that staff will not recommend enforcement if certain conditions are met. You can think of these regulatory tools as the SEC’s version of innovation sandboxing.[27]

The SEC has given some of this type of relief. I discount the value of several no-action letters that were the regulatory equivalent of promising not to recommend speeding tickets for drivers conscientiously adhering to the speed limit.[28] Several others have been more promising. In 2019, the SEC’s Division of Trading and Markets staff issued a no-action letter granting time-limited relief to permit a company to test its ability to settle transactions on a private, permissioned distributed ledger.[29] In 2019, Trading and Markets staff also issued a no-action letter to facilitate a three-step settlement process for broker-dealers that operate a non-custodial ATS that trades digital asset securities.[30]

Perhaps additional sandboxing is coming. Chair Gensler has “asked staff to sort through how we might best allow investors to trade crypto security tokens versus or alongside crypto non-security tokens,”[31] which is an area in which experimentation through no-action letters and exemptions would be possible. Chair Gensler also has acknowledged that “[g]iven the nature of crypto investments . . . it may be appropriate to be flexible in applying existing disclosure requirements.”[32] While the proof of the pudding will be in the eating, I strongly agree with the sentiment.

One effort I had hoped would be successful fell flat. In December 2020, the Commission provided time-limited relief that was intended to facilitate the custodying of digital asset securities by special purpose broker-dealers.[33] No firm has taken advantage of this relief because it was too limited in scope: a key restriction is that securities could not be traded in the same entity as digital asset securities. This restriction is unworkable for multiple reasons, including the difficulty of determining which digital assets are securities.[34] And that brings us to our first area in which the SEC needs to do better.

The SEC needs to conduct better, more precise, and more transparent legal analysis. The SEC’s approach to regulating crypto looks somewhat like a decidedly unromantic version of CompuDate from the old TV show: we tell people to come down to the office to talk to us about their projects, plug the information they give us into our proprietary security-identifying algorithms, and then send the people home with a court date. Hardly a reasonable way forward, and one that results in what one lawyer has dubbed “regulation by anxiety.”[35] Operating in such an opaque environment is very stressful for law-abiding people.

Invoking the Howey Supreme Court case,[36] which fleshed out the investment contract subcategory of securities, we repeat the mantra that all, or virtually all, tokens are securities.[37] As one commenter has argued, functionally the “most important” factor of the Howey test is an SEC-invented “fifth shadow factor”: whether the SEC wants to regulate the asset.[38] The SEC wants to regulate crypto assets.

Even in applying Howey, the SEC’s legal analysis is askew. A recent article by Lewis Cohen and several coauthors conducted an exhaustive study of federal Howey cases.[39] The study found that the SEC’s insistence that “fungible blockchain-based crypto assets are clearly securities under current law” violates “the Supreme Court’s definition of the term ‘investment contract’ as developed by federal appellate courts for nearly a century.”[40] The article explains that under Howey, an investment contract requires “some form of business relationship between the parties”[41] and “a counterparty against which rights can be enforced .”[42] Owning the crypto token itself “without more, does not create any sort of legal relationship between the token owner” and the token creator.[43] Thus, secondary market-based transfers of crypto assets do not create an investment contract unless they sufficiently “convey a bundle of rights and obligations” or the facts and circumstances of the secondary transaction itself are otherwise sufficient to do so.[44] In other words, an initial fundraising transaction involving a crypto token can create an investment contract, but the token itself is not necessarily the security even if it is sold on the secondary market. The SEC, however, often refers to the crypto assets themselves as securities.[45]

Whether or not we buy the article’s framework, we must develop a coherent and consistent legal framework that works across all asset classes. Our imprecise application of the law has created arbitrary and destructive results for crypto projects and purchasers. We have pursued registration violations in a seemingly random fashion, often years after the original offering. We have spent time pursuing and shutting down projects that people were using and have not pursued other projects that raised money in similar ways. We have implied that secondary trading of tokens that were once sold as part of a securities contract is also governed by the securities laws without adequately explaining why that trading constitutes securities transactions. When we insist on applying the securities laws in this manner, secondary purchasers of the token often are left holding a bag of tokens that they cannot trade or use because the SEC requires special handling consistent with the securities laws. Many of these requirements are enforced under a strict liability standard, so clarity is essential.

Why not set forth a coherent legal framework in a rule? After all, if we continued with our regulation-by-enforcement approach at our current pace, we would approach 400 years before we got through the tokens that are allegedly securities.[46] By contrast, an SEC rule would have universal—albeit not retroactive—coverage as soon as it took effect.

Why no rule? If they are all securities, then voila—problem solved! But if we seriously grappled with the legal analysis and our statutory authority, as we would have to do in a rulemaking, we would have to admit that we likely need more, or at least more clearly delineated, statutory authority to regulate certain crypto tokens and to require crypto trading platforms to register with us. And Congress might decide to give that authority to someone else.

Congress can figure out whether and how to fill the regulatory gaps. Given our extensive experience regulating disclosure, if tokens need federal disclosure rules, the SEC could do the job well. Given our extensive experience regulating retail-oriented exchanges, if trading platforms need a federal regulator, the SEC could do the job well.[47] But the SEC must make that case, and our undisciplined approach to crypto regulation thus far is not helping that case.

Whether Congress gives the disclosure task to the SEC or another regulator, several models exist. A few projects have been able to navigate their way through existing registration regimes. Disclosure under current regulations, however, is not well-suited to elicit the most useful and appropriate information for token purchasers because it does “not cover a number of features unique to digital assets that would undoubtedly be considered important when making an investment decision,” as a recent petition to the SEC argued.[48] Instead, traditional disclosures are “designed for traditional corporate entities that typically issue and register equity and debt securities” and “focus on disclosure about companies, their management and their financial results—topics that poorly fit the decentralized and open-source nature of blockchain-based digital asset securities.”[49] Thus, a more tailored crypto disclosure regime would be good for investors and crypto companies.

Several models for bespoke token disclosure already exist. There have been domestic and international legislative proposals, such as European Markets in Crypto-Assets (MiCA) legislation and the recent bills in Congress,[50] my proposed safe harbor, and proposals by academics and lawyers.[51] Potential disclosure elements include source code, token economics matters like an asset’s supply schedule or protocol governance, development team, the network development plan, prior token sales, and listing the trading platforms on which the tokens trade, as laid out in my proposal.[52] Similarly, MiCA’s approach would require crypto companies to produce a white paper with information about the issuer, the crypto asset, and the related project, an explanation of rights and obligations of the asset, various technological information about the asset, and a description of investment risks.[53]

Of course, Congress, which is directly accountable to the American people, should decide whether federal regulation is necessary, and, if it is, which agency should regulate. Congress could conclude that the SEC is not the best choice to regulate some or all crypto. Is the SEC, for example, the best regulator of crypto lending? We have claimed the territory because, among other things, no other federal regulatory scheme exists, but Congress might opt for no federal regulation or decide another regulator is better. Legislative activity to date suggests that the SEC is unlikely to be the regulator of stablecoins.

Some people within crypto would prefer to see regulatory authority over token disclosures and spot markets given to the Commodity Futures Trading Commission (“CFTC”). The CFTC’s retail experience is more limited than the SEC’s. Moreover, if the CFTC were given regulatory authority over crypto spot markets, would there soon be calls for the CFTC to regulate other spot markets, such as wheat, oil, and corn markets? Adding crypto to the CFTC’s remit also would stretch the small agency’s resources. But, again, it is up to Congress to decide whether a federal regulator is necessary and, if so, who it should be.

Attorney Steven Lofchie has argued for a Solomonic solution in which platforms and tokens could pick between the SEC and CFTC.[54] This approach would allow for regulatory competition, which could improve regulatory quality. It would also provide regulatory clarity to market participants who might otherwise incur legal bills to evaluate if their product is a security or a commodity and defend their decision to a skeptical regulator. Then Professor, now CFTC Commissioner, Kristin Johnson argued for something similar in a recent law review article.[55] She pointed out that one benefit of such an approach is that “[t]he process of declaring their preferred regulator is, in part, a disclosure process” that provides greater transparency to regulators about the firms they regulate.[56]

I reiterate that decisions about allocating regulatory authority belong to Congress, but regulators can lay the groundwork for Congress to craft a workable approach. The ideal framework would reduce regulatory anxiety for would-be innovators and increase the difficulty for would-be fraudsters, which would help to separate the wheat from the chaff. A rational framework should facilitate the compliance of good faith crypto actors with our securities laws, which would free the SEC to focus more of its resources on the bad faith actors.

The regulation-by-arbitrary-and-tardy-enforcement-actions approach on which we have relied is the opposite of a rational regulatory framework. Decisions made in the course of prosecuting or settling these cases can have far-reaching effects, and yet there is far too little deliberation before these actions occur. Concerning a recent CFTC case against a Decentralized Autonomous Organization (“DAO”), for example, Commissioner Summer Mersinger took issue with the CFTC’s “approach of determining liability for DAO token holders based on their participation in governance voting,” which “undermines the public interest by disincentivizing good governance in this new crypto environment.”[57] DAOs pose difficult challenges for regulators, but their legal treatment should be the product of deliberation in advance of enforcement actions.

An enforcement-centric approach also precludes broad participation in developing what is or what doubles as a regulatory framework, even though such participation is needed to develop a sensible framework. Enforcement actions are adversarial proceedings with two participants: the defendant and the Commission staff. Both participants are focused on the facts of the particular case, and are concerned with larger legal and policy questions only to the extent they advance or stymie their respective positions in the case. In other words, litigants are focused on winning their case, not on what makes sense as a sensible, long-term regulatory framework. Furthermore, the views of third parties are not welcome, except occasionally in the very limited role of amicus curiae.

In contrast, a notice-and-comment process allows broad public and internal participation in developing a sound regulatory system. These public conversations should include our federal and state regulatory colleagues, people developing and using crypto, consumer protection advocates, and crypto critics to develop a reasonable regulatory approach. That process could include roundtables conducted jointly with the CFTC.[58] The collaborative work done to incorporate digital assets into the Uniform Commercial Code offers an example.[59]

As we develop this framework, we should consider five guiding principles. First, we have to take a nuanced approach that recognizes differences across blockchains, distinctions between Layer 1 blockchains and the chains and applications built on top of them, and differences among crypto assets. The crypto industry encompasses a wide variety of experiments being conducted by many different people, so we must avoid painting them all with the same regulatory brush. A centralized trading venue is a world away from a public, decentralized blockchain, but they all get talked about in one breath in Washington regulatory circles.

Second, and related, the government should be extremely careful when deciding what areas of crypto to regulate on a federal level, along with when and how to do so. As Tyler Cowen recently argued, immediately adopting a comprehensive crypto regulatory model in response to a crisis could stultify crypto because we do not yet know what its principal uses will be:

Crypto regulation is not easy to do well. If crypto institutions are treated like regular depository institutions, requiring heavy layers of capital and lots of legal staffing, crypto innovation is likely to dwindle. Such innovation has been more the province of eccentric geniuses than of mainstream regulated institutions.[60]

Mainstream regulated institutions are experimenting to see whether cryptography and blockchain technology can make existing processes cheaper, faster, safer, and more efficient.[61] But a regulatory model that effectively forces all innovation into regulated entities is not likely to foster the kind of dynamism that will broadly benefit society.

Third, when we do decide to regulate, we should be clear that government regulation is not the same as government endorsement. Professor Reiners points out that “regulation brings the veneer of legitimacy and an invitation for broader adoption on the part of consumers.”[62] However, even if something is regulated, people need to do their own due diligence. A decision to regulate something is not a seal of approval. A regulator who thinks crypto is more innovative than double-entry bookkeeping and another who agrees with crypto’s placement on a top-ten list of “worst technologies of the 21st century”[63] could support the same regulatory framework.

Fourth, scaring traditional entities away from crypto is neither realistic nor protective of investors. If regulated entities perceive the regulatory risk or cost of being in the crypto space is too high, they will not participate. Staff Accounting Bulletin 121, for example, drives traditional custodians away from crypto by making custodied crypto take up precious space on banks’ balance sheets. While self-custody is a great option for many people, why not also allow safe third-party custody? Audit firms are stepping away from crypto too. While on-chain transparency is powerful, crypto companies still need good audits.

Fifth, even though driving regulated entities away from crypto is not wise, preserving the core of crypto—decentralization—is lso important. Decentralization can help support the resilience of the financial system. Decentralized finance (“DeFi”), enables people to interact with one another through the intermediation of code rather than relying on a financial intermediary such as a bank. DeFi deserves special consideration because of its unique properties, some of which take the place of functions that regulation otherwise might perform. DeFi is self-executing, open-source code operating on top of public, permissionless, decentralized blockchains. Anyone can participate, but nobody has to, and everyone participates on the same terms, which everyone knows beforehand. The ease with which DeFi protocols can be forked creates pressure on people to improve them constantly.[64] Attacks on DeFi protocols are common, but early auditing, testing, and investigating the incentives that are built into the DeFi code can identify problems.

DeFi admittedly presents challenges to us regulators who are used to regulating companies, which are easy to cajole, monitor, and sue. Regulating people who write code is more difficult from a practical and legal perspective, including because it would impinge on free speech and would raise fairness issues since open-source coders cannot exercise control over how their code is used.[65] Regulating individual DeFi users would be impractical. Requiring the front ends of DeFi protocols—essentially interfaces allowing users to easily interact with the base code—to register under the securities laws also would be problematic.[66] Attempts to force DeFi into a traditional regulatory framework likely would produce a system in which a few large companies operated registered DeFi front-ends. Sounds a lot like centralized finance.

The decisions we make now could have profound consequences not only for the development of the technology, but for human freedom. Technology has empowered people to exert more control over their own lives, but it also has made it easier for the government to watch and control their actions. Government agencies must therefore proceed carefully in developing policies that govern their own use of technology and how the public can use technology. Legitimate law enforcement objectives require the government sometimes to gather information about private activities, but defaulting to government surveillance of all private activities runs counter to fundamental American principles. As technology facilitates greater privacy and autonomy, sometimes we assume government should be placing limits on what people do, but I posit that the more urgent need is for the people to set limits on what government can do.

People sometimes ask me where crypto will be in ten or twenty years. Frankly, who cares what I think? I have ideas about its possibilities and perils, but what the market has to say matters more. The SEC’s job is not to predict innovation or to manage it, but to set out a framework within which people can use their ingenuity to set the course for their and their children’s future.

Last year was so brutal for crypto that some people want to relegate it to the dustbin of failed experiments. Rather than swiping left on crypto, we should remember that new technologies sometimes take a long time to find their footing. What kind of country would we have if regulators prohibited people from experimenting with technologies that other people think are stupid or meaningless or even ones that could cause harm? Our country is built on a presumption that people are best able to choose for themselves. People know their own preferences, limitations, risk tolerances, and circumstances better than the government does. Sure, sometimes people make very bad decisions on behalf of themselves or their families, but handing over the keys to the government does not ensure that decisions will be good. If you think the government should step in when people make stupid decisions, I guess we will be taking over your favorite dating app too. ReguDate anyone?

[1] See, e.g., Jimmie H. Lenz, Beyond the Memes-How One NFT Is Changing the Post-Student Experience, (describing how Lenz minted NFTs as proof that students had completed his blockchain course).

[2] Lee Reiners, Now I know the cryptocurrency industry is here to stay, CoinDesk (Jan. 10, 2023),; see also Lee Reiners, Cryptocurrency: The Future of Money or All Hype? Seminars at Steamboat 2022 (Jul. 27, 2022),; Lee Reiners, Cryptocurrency and the State: An Unholy Alliance, Southern California Interdisciplinary Law Journal, Vol. 30, 695-715 (2021),

[3] See, e.g., Riah Pryor, Slash and Burn: Does Artistic Sabotage Always Pay off? The Art Newspaper (Sept. 28, 2021), (“. . . NFTs of artists destroying works continue to attract headlines since the livestreaming of Banksy’s Morons (2006) being burnt by the collective BurntBanksy, in March, giving the $95,000 print a $380,000 price tag in the process.”).

[4] See Judith Viorst, Alexander and the terrible, horrible, no good, very bad day, Atheneum Books for Young Readers (1987).

[5] That Girl - Season 2, Episode 4 - to Each Her Own - Full Episode, (Sept. 28, 1967), at 1:30; see also “That Girl” to Each Her Own, IMDB, /p>

[6] Hayley Matthews, The History of Online Dating—(A Timeline from Paper Ads to Websites), (updated (no pun intended) July 19, 2022),

[8] We have not yet seen the fruit that the marriage between artificial intelligence and online dating will bear. See, e.g., Jordan Parker Erb, I Asked Chatgpt to Reply to My Hinge Matches, No One Responded, Business Insider (Jan. 10, 2023),

[9] See, e.g., Derek Thompson, Why Online Dating Can Feel like Such an Existential Nightmare, The Atlantic (Jul. 22, 2019),

[10] I am envisioning a grudge match between Deep Blue and Sima Taparia from Mumbai. See Indian Matchmaking, Netflix (Jul. 16, 2020), i>

[11] Outdoor Marriage Proposals Skyrocket in 2021, According to The Knot 2021 Jewelry & Engagement Study, The Knot Worldwide (Dec. 2, 2021),; see also Michael J. Rosenfeld et. al., Disintermediating your friends: How online dating in the United States displaces other ways of meeting, Proceedings of the National Academy of Sciences Vol. 116, No. 36, 17753-17758 (Aug. 20, 2019), (“For heterosexual couples in the United States, meeting online has become the most popular way couples meet, eclipsing meeting through friends for the first time around 2013. Moreover, among the couples who meet online, the proportion who have met through the mediation of third persons has declined over time. We find that Internet meeting is displacing the roles that family and friends once played in bringing couples together.”).

[12] Taylor Monahan, The Original Sin by Taylor Monahan | Devcon Bogotá (Oct. 12, 2022), at 14:25, 19:29.

[13] See, e.g., On the Brink, Episode 387, Luuk Strijers (Deribit) on a New Model for Proof of Reserves (Jan. 17, 2023), different assurance mechanisms exchanges and other custodial intermediaries in crypto can use); Nic Carter, The Status of Proof of Reserve as of Year End 2022, Medium (Dec. 29, 2022),; Scott Perry, The Benefits of SOC Examinations for Blockchain, Schellman (Nov. 15, 2022),

[14] John Reed Stark, 12 Crypto-Predictions for 2023, LinkedIn Pulse (Dec. 28, 2022), Incidentally, I like the theme song he picked to go along with his prediction that my “ruthless, irresponsible and ad nauseam preaching of the gospel of crypto should ease up” during 2023. See Fossils and Fuels, Destination (cover of Nickel Creek song) (Mar. 3, 2022), See also David Dayen, Regulators Prevented a Crypto-Fueled Economic Downturn, The American Prospect (Jan. 10, 2023),

[15] Letter in Support of Responsible Fintech Policy (Jun. 1, 2022),

[16] See, e.g., DeFi Watch, (“DeFi Watch is not about stopping people from releasing dangerous, reckless code. It is about making sure that users know that it's dangerous, reckless code before they drop their money into it.”).

[17] See, e.g., Bankless Shows, Why Crypto is ‘like the internet’ according to Marc Andreessen (June 1, 2022), (“[T]he critics make this long list of all of the problems. But you’re getting these genius engineers and entrepreneurs flood into this space, what’s happening right now. What happens is they look at this list of problems as a list of opportunities. They’re like ok like that’s the punch list. . . . Because if I fix these problems it’s going to be really important. It’s going to really matter . . . I can build a real business.”).

[18] See, e.g., Adam Levitin, Not Your Keys, Not Your Coins: Unpriced Credit Risk in Cryptocurrency, Texas Law Review, Vol. 101 (Aug. 26, 2022), (“If a customer does not hold the private key to cryptocurrency, its beneficial interest in a custodially held cryptocurrency could well be characterized as a mere contract right rather than a property right. That means that the customer of a failed exchange [] could well to end up in the unhappy position of being a general unsecured creditor of the exchange, looking at eventually recovering only pennies on the dollar, rather than be deemed the owner of the cryptocurrency. Unfortunately, it might well take a high-profile bankruptcy of a U.S. cryptocurrency exchange for cryptocurrency investors to understand this Article’s basic lesson: “not your keys, not your coins.”).

[19] See, e.g., Chair Gary Gensler, Kennedy and Crypto, SEC (Sept. 8, 2022),; Commissioner Christy Goldsmith Romero, Remarks of CFTC Commissioner Christy Goldsmith Romero before the International Swaps and Derivatives Association’s Crypto Forum 2022, New York, CFTC (Oct. 26, 2022),

[20] Molly White, for example, runs a snarkily titled website called “Web3 is Going Just Great . . . and is definitely not an enormous grift that's pouring lighter fluid on our already smoldering planet.” She opposes banning cryptocurrencies altogether or regulating “the software that people can write or execute,” but still cautions against “increasing the exposure of traditional finance to the regular failures of crypto projects.” Molly White, Statement to the Financial Stability Oversight Council: Regulating digital assets (July 22, 2022),

[21] See, e.g., Mike Snider, From Facebook friend to romance scammer: Older Americans increasingly targeted amid COVID pandemic, USA Today (Oct. 23, 2021),

[22] See, e.g., Securities and Exchange Commission v. Mauricio Chavez, et al., No. 4:22-cv-03359 (S.D. Tex. filed September 19, 2022),; Securities and Exchange Commission v. Block Bits Capital, LLC, Block Bits Capital GP I, LLC and Japheth Dillman, Civ. Action, o. 3:22-cv-02563 (N.D. Cal. Filed April 27, 2022),; Securities and Exchange Commission v. David B. Mata, Civ. Action, o. 3:22-cv-02565 (N.D. Cal. Filed April 27, 2022),; In the Matter of GTV Media Group, Inc., Saraca Media Group, Inc., and Voice of Guo Media, Inc., Release No. 10979, Administrative Proceeding File No. 3-20537 (Sept. 13, 2021), /p>

[23] Matt Levine, Everything Everywhere is Securities Fraud, Bloomberg, June 26, 2019, available at Everything Everywhere Is Securities Fraud - Bloomberg (last visited Jan. 18, 2023).

[24] Laura Noonan, Blockchain-powered breakthrough on mutual fund, Financial Times (Dec. 9, 2021),

[25] Id. (noting that, although “the only thing changing was how records were kept and how transactions were done,” the approvals process that took significantly longer than the four to six months that is typical for new products”).

[26]See SEC Div. of Inv. Mgmt. Staff Statement on Funds Registered under the Investment Company Act Investing in the Bitcoin Futures Market, SEC (May 11, 2021), (directing closed-end funds that “seek to invest in the Bitcoin futures market [should] consult with the staff, prior to filing a registration statement, about the fund’s proposed investment, anticipated compliance with the Investment Company Act and its rules, and how the fund would provide for appropriate investor protection”). For further discussion of this issue, see Commissioner Hester Peirce, On the Spot: Remarks at “Regulatory Transparency Project Conference on Regulating the New Crypto Ecosystem: Necessary Regulation or Crippling Future Innovation?” SEC (Jun. 14, 2022),

[27] Of course, as I have previously argued, a regulatory “beach” is even better than a regulatory sandbox. See Commissioner Hester Peirce, Beaches and Bitcoin: Remarks before the Medici Conference, SEC (May 2, 2018), (“The motivating notion behind a regulatory sandbox is that the regulator in a sense sits in the sandbox with the innovator. Not only is she right there to make sure that nobody gets hurt, but she has a front-row seat on the innovative process. She sits at the entrepreneur’s shoulder as he thinks through how to address structural and aesthetic weaknesses in his sandcastle. Talk of sandboxes is welcome, and my fellow regulators’ sandboxes have already yielded great dividends. . . . I would rather talk about beaches. On a beach, the lifeguard watches over what is happening, but she is not sitting with sandcastle builders monitoring their every design decision. From her perch on the lifeguard stand, she can spot dangerous activity and intervene with a blow of the whistle or, if necessary, a direct intervention. She always stands ready to answer questions about the rules of the beach. She puts up the red flag to warn of dangerous riptides or sharks.”).

[28] See Jonathan Ingram, Chief Legal Advisor, FinHub, Division of Corporation Finance, Response of the Division of Corporation Finance Re: TurnKey Jet, Inc.Incoming letter dated April 2, 2019, SEC (Apr. 3, 2019), (relating to tokens to be used for ir charter services); Jonathan A. Ingram, Chief Legal Advisor, FinHub Division of Corporation Finance, Response of the Division of Corporation Finance, July 25, 2019, Re: Pocketful of Quarters, Inc. Incoming letter dated July 25, 2019, SEC (July 25, 2019), (relating to tokens to be used on a gaming platform).

[29] Jeffrey Mooney, Associate Director, SEC, Division of Trading and Markets, Re: Clearing Agency Registration Under Section 17A(b)(1) of the Securities Exchange Act of 1934 (Oct. 28, 2019),

a href="" style="color:blue; text-decoration:underline">

[30] Elizabeth Baird, Deputy Director, Division of Trading and Markets, Re: ATS Role in the Settlement of Digital Asset Security Trades, SEC (Sept. 20, 2020),

[31] Chair Gary Gensler, Kennedy and Crypto, SEC (Sept. 8, 2022),

[32] Id.

[33] Custody of Digital Asset Securities by Special Purpose Broker-Dealers, Exchange Act Release No. 34-90788 (Dec. 23, 2020), To qualify for the relief, brokers must comply with various requirements, including relating to risk management, safeguarding and control of customer assets, maintaining written procedures to assess the security status of a particular digital asset, and providing customer disclosures about the nature and risks of their services.

[34] See e.g., Letter from Charles De Simone, Securities Industry and Financial Markets Association (May 20, 2021), (“The Statement places a burden on SPBDs to find evidence or arguments for why a digital asset is or is not a security where there is unlikely to be a definitive answer, as the SEC has acknowledged by not itself providing unequivocal guidance as to how determine when a digital asset is a security.”); Letter from Ron Quaranta, The Wall Street Blockchain Alliance (Apr. 27, 2021) (“We encourage the SEC to formally propose rulemaking that would clarify for all participants engaged in digital asset securities, the role of marketing activities in determining whether a product is in fact a security, and which would provide further guidance on the treatment and classification of digital assets.”),; Letter from Benjamin Kaplan, Prometheum (Apr. 26, 2021) (“As a result, we believe clarity is needed for Special Purpose Broker-Dealers, issuers, ATS’[s] and other market Participants . . . to understand the regulatory framework they must comply with. Therefore, we respectfully request that the Commission provide further clarification on the definition of digital asset securities.),

[35] Steven Lofchie, By Whom Should Digital Assets Be Regulated? The Solomonic Solution, Fried Frank Regulatory Intelligence at 5 (Dec. 15, 2022),

[36] SEC v. W.J. Howey Co., 328 U.S. 293 (1946).

[37] See, e.g., Chair Gary Gensler, Kennedy and Crypto, SEC (Sept. 8, 2022), (“Of the nearly 10,000 tokens in the crypto market, I believe the vast majority are securities.”) (citing

[38] Bankless Shows, Are NFTs Securities? with Securities Lawyer Brian Frye (Jan. 3, 2023), at 16:56.

[39] Lewis Cohen et. al., The Ineluctable Modality of Securities Law: Why Fungible Crypto Assets Are not Securities (Nov. 10, 2022),

[40] Id. at 1.

[41] Id. at 53.

[42] Id. at 66.

[43] Id. at 72 (emphasis in original).

[44] Id. at 68-69.

[45] See, e.g., id. at 10 (citing In the Matter of Poloniex, LLC, Exchange Act Release No. 92607 (August 9, 2021), at 1 (“Poloniex operated a digital asset trading platform (the ‘Poloniex Trading Platform’) that meets the definition of an ‘exchange’ under the federal securities laws. The Poloniex Trading Platform displayed a limit order book that matched the orders of multiple buyers and sellers in digital assets, including digital assets that were investment contracts under S.E.C. v. W.J. Howey Co. … and therefore securities …” (citation omitted)).

[46] See Simona Mola, SEC Cryptocurrency Enforcement 2022 Update, Cornerstone Research (Jan. 2023), (reporting 20 crypto cases in 2021 and 30 crypto cases during 2022). I reached the number by dividing 10,000 by the average (25), which is 400 years.

[47] Decentralized exchanges (“DEXs”) offer an alternative to centralized exchanges. Because DEXs are autonomous code, requiring registration would raise a host of problems. A recent Cato working paper suggests that DEXs be allowed, but not required, to voluntarily register with the government. See Jack Solowey and Jennifer J. Schulp, Regulatory Clarity for Crypto Marketplaces (Dec. 15, 2022),

[48] Coinbase, Re: Petition for Rulemaking – Digital Asset Securities Regulation at 6 (Jul. 21, 2022),

[49] Id. at 15.

[50] See, e.g., S. 4356 - Lummis-Gillibrand Responsible Financial Innovation Act (117th Congress),; Lummis, Gillibrand Introduce Landmark Legislation To Create Regulatory Framework For Digital Assets, Senator Gillibrand press release (Jun. 7, 2022),,changes%20and%20digital%20asset%20lending (explaining that disclosure requirements are designed to “ensure that consumers understand the products they’re purchasing, their rights, as well the associated risks of engaging in digital assets, including source code version changes and digital asset lending”).

[51] See, e.g., LeXpunK-Army, Reg X Proposal: An Exempt Offering Framework for Token Issuances (Apr. 25, 2022),

[52] Commissioner Hester Peirce, Token Safe Harbor Proposal 2.0, SEC (Apr. 13, 2021),

a href="" style="color:blue; text-decoration:underline">

[53] Azad Ali and Pietro Piazzi, EU’s Proposed Legislation Regulating Cryptoassets, MiCA, Heralds New Era of Regulatory Scrutiny, Skadden, Arps, Slate, Meagher & Flom LLP (Nov. 23, 2022),

[54] By Whom Should Digital Assets Be Regulated? The Solomonic Solution at 21.

[55] Kristin N. Johnson, Decentralized Finance: Regulating Cryptocurrency Exchanges, 6 William and Mary L. Rev. 1911 (2020-21).

[56] Id. at 1994-95.

[57] Commissioner Summer Mersinger, Dissenting Statement of Commissioner Summer K. Mersinger Regarding Enforcement Actions Against: 1) bZeroX, LLC, Tom Bean, and Kyle Kistner; and 2) Ooki DAO, CFTC (Sept. 22, 2022),

[58]Caroline Pham and Hester Peirce, Making progress on decentralized regulation — It’s time to talk about crypto, together, The Hill (May 26, 2022),

[59] Law of Code Podcast, Episode 75, UCC Article 12 Amendments with Drew Hinkes and Andrea Tosato (Dec. 13, 2022) (discussing process by which amendments for digital asset transfers were added to the Uniform Commercial Code).

[61] See, e.g., The Defiant - DeFi Podcast, Onyx's Tyrone Lobban Takes Us Behind the Scenes of JP Morgan's First DeFi Trade (Nov. 18, 2022) (describing JP Morgan’s Singapore FX on blockchain experiment); BNY Mellon Launches New Digital Asset Custody Platform, BNY Mellon (Oct. 11, 2022), (announcing that BNY Mellon will allow “select clients to hold and transfer bitcoin and ether”); DTCC to Launch Platform to Digitalize and Modernize Private Markets, DTCC (Nov. 9, 2021) (announcing the creation of a DTCC platform that will “enable tokenization of securities”); Laurie McAughtry, Goldman Sachs launches new digital assets platform, The Trade (Nov. 30, 2022), (announcing Goldman Sachs platform that will “facilitate the issuance, registration, settlement and custody of digital assets”); Camila Russo, Yorke Rhodes Explains How Microsoft Is Leveraging Blockchain, in The Defiant - DeFi Podcast (Jan. 12, 2023),

[62] Lee Reiners, Cryptocurrency and the State: An Unholy Alliance at 713.

[63] The 10 Worst Technologies of the 21st Century, MIT Technology Review (Feb. 27, 2019), (placing cryptocurrency on the top ten list of worst technologies, but leaving hope for blockchain).

[64] See, e.g., What Does It Mean to “Fork” a DeFi Protocol? DeFi Education Fund, (“Forking creates an incredibly low barrier to entry in DeFi. All someone needs to do to launch their own DeFi protocol is copy existing code. The knowledge that anyone could fork your code at any time creates a strong incentive for DeFi protocols to maximize user experience and reduce user costs. If the users think that the protocol is compensating the token holder[s] too highly or passing costs of running the protocol onto the users, they can simply fork the source code and run their own protocol without the governance policies they disagree with.”).

[65] What’s the Difference Between a Front End and a DeFi Protocol? DeFi Education Fund,

“Anyone is then able to build a front end that can make calls to the protocol and execute transactions using its smart contracts. The operator of the front end does not need to ask anyone’s permission to interact with the network; they just need to know how to build a website that can interact with the protocol.”).

[66] As one commentator noted, requiring front-ends to be licensed is essentially the same as requiring the code to be licensed: “the technical [user] could still legally engage directly with a smart contract via command prompt (or would command prompt software be considered an interface?), but for 99% of people, defi would become tradfi.” Erik Vorhees, A Response to SBF and Principled Crypto Regulation, Money & State (Oct. 20, 2022),

Return to Top