Cryptocurrency Compliance and Regulatory Considerations

Regulators have yet to offer a clear framework for oversight of digital currency investments

Journal of Financial Planning: September 2023


Sean J. Coughlin, principal in Bressler Amery & Ross’s industry-leading Financial Institutions group, focuses his practice on representing financial institutions and their employees in FINRA arbitrations and before regulatory agencies. He has also developed expertise in new technology matters with an emphasis on cryptocurrency, data privacy, and data management related to financial institutions. He litigates multi-million-dollar cases and has appeared on behalf of clients in New York State Court, the CFTC, and over 100 arbitrations. He can be reached HERE.

Angela A. Turiano represents brokerage firms and individual registered representatives in customer and employment arbitrations and litigation, as well as regulatory matters. She is a principal in Bressler Amery & Ross’s industry-leading Financial Institutions group and a member of the firm’s New York office. Known for her composure and commitment to achieving results, Angela’s clients also value that she serves as a FINRA arbitrator, offering unique perspectives and strategies for navigating beyond FINRA-related obstacles. She has extensive experience litigating complex securities and criminal matters and provides strategic advice to individuals and businesses in financial services and other industries. Angela can be reached HERE.

Richard Dow is a law clerk at Bressler Amery & Ross.

JOIN THE DISCUSSION: Discuss this article with fellow FPA Members through FPA's Knowledge Circles​​​​. ​​​


Cryptocurrency and related offerings present unique regulatory obstacles because such offerings defy traditional regulatory categories. In some regards, these entities exist as commodities; in others, they function as securities. As a result of crypto’s hybrid nature, there is no clear framework to govern these products. Moreover, the tendency for cryptocurrency companies to avoid regulatory oversight further complicates attempts to better control the crypto world.

Crypto’s multifaceted nature has created regulatory ambiguity and left the Securities and Exchange Commission (SEC)1 and Commodity Futures Trading Commission (CFTC)2 in a turf war regarding “who’s the boss.” Recent suits by both bodies represent federal scrutiny of crypto companies that are apparently attempting to avoid regulation. These suits provide insight into future regulatory enforcement. Further, both federal and state actions suggest a more coherent enforcement of laws into the future. Additionally, the U.S. Government Accountability Office (GAO) published a report (“GAO report”) in June 2023 outlining key legislative and regulatory guidance of crypto assets for Congress to consider.3 This article summarizes recent SEC and CFTC actions and addresses the GAO recommendations for crypto regulation.

Financial institutions have significant interest in crypto classification. If a crypto product (i.e., a basket of various crypto assets) is determined to be a security, investors in that product will be protected by securities regulations including an investor suitability requirement. However, should the same “basket of crypto assets” be determined to be a commodity, purchasers of that commodity will not be protected by securities regulations, and product suitability will not be a regulatory consideration. Thus, the classification of crypto products as “securities” or “commodities” will be a key lynchpin for financial firms offering and selling these products.

Recently, the federal courts provided some guidance on this issue. On July 13, 2023, U.S. District Judge Analisa Torres ruled in Securities and Exchange Commission v. Ripple Labs, Inc.4 that Ripple’s cryptocurrency, XRP, was a security when sold to institutional investors, but not when offered through programmatic sales. This ruling represents a challenge not just to SEC authority, but also adds a new wrinkle to the securities versus commodity debate.

Recent SEC Enforcement Actions

The SEC generally views crypto offerings as securities, like stocks or ETFs sold on various exchanges. This classification is the gravamen behind the recent enforcement actions against crypto companies.

On June 5, 2023, the SEC charged a cryptocurrency exchange with violations of the Securities Act of 1933 and the Securities Exchange Act of 1934 relating to the combination of securities market functions (including exchange, broker–dealer, and clearing agency); failure to register as an exchange; and alleged fraud. The lawsuit also highlights the active steps that the cryptocurrency exchange allegedly took to avoid SEC regulation. In this case, the SEC seeks a permanent enjoinment of violating the ’33 and ’34 Acts; disgorgement of ill-gotten gains plus interest; permanent enjoinment from using the means of interstate commerce to violate securities laws; civil money penalties; and granting any appropriate equitable relief.

The following day, on June 6, 2023, the SEC filed charges against a second cryptocurrency exchange platform alleging that it operated as an exchange, broker, and clearing agency without proper registry. The complaint further alleges that it offered and sold securities without registry and seeks a permanent enjoinment of violating the ’33 and ’34 Acts; disgorgement of allegedly ill-gotten gains plus interest; civil money penalties; and granting any appropriate equitable relief.

In addition to filing enforcement actions against these two prominent crypto companies, the SEC filed 30 additional cases during 2022 against crypto firms. Fourteen of these matters related to initial coin offerings (ICO). The SEC is attempting to regulate this market and classify these ICOs as securities offerings.

CFTC Regulation

The CFTC has also been active in cryptocurrency regulation by classifying cryptocurrency as a commodity that can trade on public derivatives markets. Since making this assertion, the CFTC has taken actions against unregistered Bitcoin futures exchanges; enforced laws prohibiting wash trading and prearranged trades; and addressed a Ponzi scheme. Notable cases are covered below.

  • On May 24, 2023, the CFTC charged five defendants with a fraudulent digital assets trading scheme. The complaint states that the defendants solicited hundreds of thousands of dollars from more than 170 individuals in the United States and other countries. The CFTC seeks restitution; disgorgement; civil monetary penalties; permanent trading and registration bans; and a permanent injunction against further violations of the Commodity Exchange Act (CEA) and CFTC regulations. This civil action is running concurrently with a criminal action against the five defendants in the Southern District of New York.
  • On June 9, 2023, the CFTC won a default judgment against a decentralized autonomous organization (DAO)5 called Ooki DAO. The CFTC alleged that Ooki DAO operated an illegal trading platform and unlawfully acted as a futures commission merchant. In addition to the monetary penalty, there was an order banning trading and registration and an order that Ooki DAO shut down its website and remove its content from the internet. This case was the CFTC’s first major enforcement action against a DAO, and notable as some thought this decentralized structure could be used to avoid regulation.
  • In addition to initiating regulatory actions, the CFTC has also worked to create platforms and guidance for the crypto industry. On July 27, 2023, the CFTC granted registration to CBOE Clear Digital to allow it to provide clearing services for futures on digital assets to futures commission merchants. This order bridges the traditional futures market with the growing digital asset space. Additionally, on May 30, 2023, the CFTC’s Division of Clearing and Risk issued a staff advisory on the risks associated with the expansion of derivatives clearing organization’s (DCO) clearing of digital assets. The advisory emphasizes the importance of proactive risk management and highlights concerns related to system safeguards, conflicts of interest, and physical deliveries.

GAO Observations and Recommendations

The crypto industry remains relatively unregulated despite its trillion-dollar market capitalization and turf war between the SEC and CFTC. Against this backdrop, the GAO outlined legislative and regulatory goals to promote government oversight of the crypto industry. The GAO Report highlighted gaps in regulatory authority over two blockchain-related products that raise both consumer and investor protection issues as well as financial stability concerns.

Currently, no federal regulator possesses comprehensive authority to regulate the spot market for crypto assets that are not securities. In contrast, platforms that trade crypto asset securities and operate as exchanges (as defined by federal securities laws) are subject to registration and regulation as national securities exchanges (unless an exemption applies).

Additionally, there are regulatory gaps in the oversight of stablecoins (a crypto asset purported to hold a stable value relative to a fiat currency, such as the U.S. dollar). To keep their value, issuers often state their stablecoins are backed by reserve assets, but there are no uniform standards for these disclosures and reserve levels. This increases the risk that a stablecoin may not be able to hold its value and honor user redemption requests.

The GAO recommended that various government agencies coordinate to establish an interagency regulatory mechanism.6  The GAO proposed a mechanism that could collectively identify risks posed by blockchain-related products and services and formulate a timely regulatory response. Essentially, the GAO report highlighted the risks associated with crypto, identified the current regulators, and then recommended those agencies coordinate to regulate this growing industry.

Proposed Federal Legislation

In June 2023, Republican congressmen Patrick McHenry and Glenn Thompson proposed legislation to solve this regulatory confusion. Their legislation seeks to clearly delineate the responsibilities of the SEC and CFTC in crypto regulation. Under their proposal, the CFTC would have explicit spot market authority over crypto commodities, while the SEC would regulate digital-asset securities. Also, the SEC would be prohibited from preventing an alternative trading system from listing crypto securities and be required to modify its rules to allow broker–dealers to custody digital assets. As of July 26, 2023, this bill had passed through the House Financial Services Committee with bipartisan support.


There has been significant development in the cryptocurrency market since Bitcoin’s creation in 2008. While there seems to be bipartisan consensus on the need for regulation of cryptocurrency and cryptocurrency exchanges, a gray area currently exists regarding which specific agency bears responsibility for the regulation. However, it may be possible that the SEC and CFTC can share regulatory authority by operating within clearly delineated areas of responsibility. Ultimately, both the GAO report and the proposed legislation from the Republican lawmakers suggest popular bipartisan support exists to ensure government oversight of cryptocurrency businesses


  1.    1. The SEC derives its authority to regulate the cryptocurrency market primarily from the: 

    • Securities Act of 1933 (’33 Act) 15 U.S.C. § 77
    • Securities Exchange Act of 1934 (’34 Act) 15 U.S.C. § 78

    The ’33 Act requires registration of securities, while the ’34 Act empowers the SEC to regulate securities. The SEC uses the Howey Test to define a security, which comes from the Supreme Court’s interpretation of the ’33 Act. It defines a security as:

    1) A contract, transaction, or scheme;
    2) Whereby a person invests his money in a common enterprise;
    3) Is led to expect profits; and,
    4) Those profits come solely from the efforts of a promoter or a third party.

    SEC v. W. J. Howey Co., 328 U.S. 293, 298-99 (1946)
  2. CFTC authority comes from the Commodity Exchange Act (CEA), which authorizes CFTC oversight of all commodities. Commodities include, among other things, “all services, rights, and interests . . . in which contracts for future delivery are presently or in the future dealt in” 7 USC § 1(a)(9).
  3. See
  4. See
  5. A DAO is an organization managed in whole or in part by decentralized computer program, with voting and finances handled through a blockchain. In general terms, DAOs are member-owned communities without centralized leadership.
  6. These agencies include the Consumer Financial Protection Bureau; the CFTC; the Federal Deposit Insurance Corporation; the Federal Reserve System; the National Credit Union Administration; the Office of the Comptroller of the Currency; and the SEC.
Professional Conduct & Regulation