Blockchain and Cryptocurrency in Murky Regulatory Waters

Blockchain, cryptocurrency, NFTs—what is it all? It all starts with distributed ledger.1 The distributed ledger is a virtual ledger (in common parlance, a record) that is shared across a network of computers. A copy of the ledger is on every computer across the network. Each block in a distributed ledger contains data that must be validated and approved by every computer on the network (a node) that holds access to the ledger. This consensus mechanism ensures that any changes or additions to the ledger are valid according to the particular blockchain that the ledger belongs to.2

The blockchain is the data structure that stores and utilizes this consensus mechanism to maintain the ledger and add new information to the ledger in a consensus-bound manner.3 These blocks do not have to carry financial information; apropos, non-fungible tokens (NFTs) containing art and other novelties have surged in popularity recently.4 Most NFTs are blocks on the Ethereum blockchain, which is a blockchain system primarily used for financial transactions that nevertheless happens to allow blocks to record information other than transaction data.5 In any case, each block has a crucial feature: it contains a hash value of the previous block, ensuring that every block on a blockchain is accounted for by at least one other block.6

A hash value is a short string of alphanumeric characters that is produced when data is fed into a hash algorithm.7 Since the algorithm will be the same while different sets of data will be different, each block with its unique origin and history will have a unique hash value produced by the blockchain system to be stored across the whole network.

Should information on a block be modified, the hash algorithm would produce a different hash value upon an attempt by the blockchain system to validate the contents of the block.8 This way, if a node accesses the blockchain network with certain blocks modified (e.g. to claim that more bitcoin was transferred into a particular wallet than actually was), the blockchain will facilitate consensus checks through the distributed ledger system by checking the modified block’s hash values against the hash values of that particular block recorded in the ledgers held by all the other nodes in the network.9 Depending on the particular blockchain, the system may then accept or reject the block from being accepted into the network or modify the block’s contents such as to produce the correct hash value and return to a state of consensus with the rest of the network. The ultimate result is that blockchain and distributed ledgers combine to produce systems of decentralized information generation and storage.

Cryptocurrency utilizes the blockchain and distributed ledger technology to enable, track, and validate financial transactions. The blockchain and distributed ledger of a cryptocurrency bears witness to and validates transfers of currency.10 However, the name is somewhat of a misnomer. Although holding digital currency utilizing blockchain and distributed ledger technology can be done anonymously, there is not much cryptic about it. Bank accounts can be held without revealing a beneficial owner’s name—like through a business entity. It is the same with cryptocurrency. The “crypto” in cryptocurrency comes from the fact that the currency is secured by cryptographic methods (e.g., the hash algorithm). If anything, the happenings on a cryptocurrency network could not be less public or clear. In most blockchain systems, every participating node has access to the entire blockchain; that is how consensus is maintained and transactions verified.


Direct regulation of cryptocurrency seems currently to be handled mostly by the Securities and Exchange Commission (SEC) and the Commodity Futures Trading Commission (CFTC).11 Staff guidance documents and sporadic enforcement actions and no-action letters have thus far produced a patchwork of rules.

The Securities and Exchange Commission’s Approach

Federal securities law comes chiefly in three flavors: the Securities Act of 1933 (Securities Act), the Securities Exchange Act of 1934 (Exchange Act),12 and caselaw such as SEC v. W.J. Howey Co.13 The Securities Act imposes certain registration, disclosure, and procedural requirements on the offers and sales of securities; the Exchange Act imposes certain registration, disclosure, and procedural requirements on entities that engage in the offering and selling of securities.14

The problem faced by the SEC is one of categorization.15 Is cryptocurrency a security? If so, activities involving cryptocurrency and those who engage in those activities would be subject to the same registration, disclosure, and procedural requirements imposed on IPOs, private placement offerings, etc. and those who engage in such activities like private equity funds, hedge funds, and mutual funds.

Crucial is the Framework for “Investment Contract” Analysis of Digital Assets, an SEC FinHub analysis of securities law as it may apply to various cryptocurrencies. To cut to the chase, the SEC document answers the question “Is cryptocurrency a security?” with a resolute “Maybe.”16

The Howey test is the benchmark for whether something is an “investment contract” and hence a security.17 If the Howey test is passed, the contract in question is an investment contract, and hence a security. The SEC document puts forth three important Howey conditions that must be satisfied for something to be deemed an investment contract: (1) the purchaser of the asset must be relying on the efforts of others for the success of the enterprise in question; (2)there must be a reasonable expectation of profits; (3) the instrument must not be offered and sold for the use or consumption by purchasers.18

Profits resulting from “external market forces” such as “general inflationary trends” or “the economy” are not considered “profit” for Howey analysis, and “use or consumption” are basically those activities that utilize the asset in ways that do not aim at gaining profit.19 So what is profit? The SEC gives the following as examples: “capital appreciation resulting from the development of the initial investment or business enterprise” and “participation in earnings resulting from the use of purchasers’ funds.” In short, it seems that a cryptocurrency is not to be swept up into the regulatory sinkhole of securities law if purchasers are (1) truly using the cryptocurrency like a currency and (2) not expecting to profit by effort of a particular set of people (in this case, the coders who maintain the blockchain and distributed ledger systems).20

There are a host of other “relevant considerations” that the SEC also notes are not “necessarily determinative” but merit consideration.21 Among them are the following: (1) the cryptocurrency and its transaction infrastructure are fully developed and operational (i.e. buying a cryptocurrency cannot be a bet contingent on further development of the cryptocurrency infrastructure, since that would be too similar to investing in a company with a prototype product line); (2) the cryptocurrency and its infrastructure are “designed and implemented” to meet the needs of its users (i.e. to use it as a currency), as opposed to feeding into speculation as to the future value of the cryptocurrency and its infrastructure; (3) the cryptocurrency can “immediately” be used to make payments in lots of settings as a substitute for normal currency; and (4) the cryptocurrency is marketed in a way that emphasizes its currency function instead of possible future speculative gains from holding it.22

SEC v. Kik Interactive and In the Matter of Unikrn, Inc. are two notable and recent cases.23 In both cases, cryptocurrency was found to have been securities and thus the defendants were found to have sold securities without proper compliance with SEC registration requirements in Initial Coin Offerings (ICOs).24 However, in the latter case, SEC Commissioner Hester Peirce dissented; she recommended that companies like Unikrn be allowed a regulatory safe harbor of three years to develop and refine its platform even after an ICO such as to avoid being classified as a security under the Howey test.25 In the same dissent, she expressed frustration about the fact that a cryptocurrency was effectively destroyed because of its classification as a security when no wrongdoing like fraud had been alleged or found.

The Commodity Futures Trading Commission’s Approach

The CFTC has taken a watchful yet encouraging stance with regard to cryptocurrency. In 2016, the then-CFTC Commissioner Christopher Giancarlo encouraged other regulators to take a “do no harm” approach to ventures involving innovations like cryptocurrency.26 The current CFTC Chairman Heath Tarbert has taken a similar position, noting that the U.S. must take a leading position in the development of digital assets with market participants being the primary movers, not regulators.27

However, this pro-market innovation approach has not meant that the CFTC has been shy about bringing enforcement actions. The CFTC publicly announced in 2014 that cryptocurrency is a “commodity” under the Commodity Exchange Act and that cryptocurrency was hence subject to CFTC regulation.28 The CFTC has mostly taken enforcement actions in the crypto-space against entities alleged to have engaged in the following: fraud, sale of crypto-assets while failing to register with the CFTC, illegal off-exchange transactions, price manipulation, or gatekeepers’ violations.29


In March 2020, a bill was introduced in the House of Representatives named the Crypto-Currency Act of 2020.30 In it, crypto-assets are categorized into three separate categories: crypto-commodity, crypto-currency, and crypto-security.31 The bill goes on to assign regulatory enforcement authority for each category to the CFTC, Treasury (through the Financial Crimes Enforcement Network), and the SEC, respectively. However, the bill has not passed as of April 2021; some commentators even noted in 2020 that the bill was dead on arrival.32

The challenge with law concerning cryptocurrency is that new innovations in the space are appearing at a rate with which regulatory agencies (and, least of all, Congress) find difficult to keep pace. This may explain why both the SEC and CFTC has opted to keep watch and take enforcement action only when there has been fraud or some other clear violation of law. The SEC and CFTC could at this moment choose to categorize cryptocurrencies and other blockchain-derivative products in ways that would subject ventures in the crypto-space to stringent, costly, and time-consuming regulatory requirements that would effectively destroy the nascent, fetal industry. They are trying to avoid that outcome while not allowing cryptocurrency to become a convenient tool for bad actors. We shall see.

  1. See Sloane Brakeville & Bhargav Perepa, Blockchain basis: Introduction to distributed ledgers, IBM Developer (June 1, 2019),; The Deloitte Luxembourg Innovation Lab, Distributed Ledger Technologies Services (2017), 

  2. Brakeville & Perepa, supra note 1; The Deloitte Luxembourg Innovation Lab, supra note 1. 

  3. Brakeville & Perepa, supra note 1; The Deloitte Luxembourg Innovation Lab, supra note 1. 

  4. See Mitchell Clark, NFTs, Explained, The Verge (Mar. 11, 2021, 1:42 PM), 

  5. See Rakesh Sharma, Non-Fungible Token (NFT) Definition, Investopedia (Mar. 8, 2021), 

  6. See What is a Hash Function in a Blockchain Transaction?, bitpanda Acad., (last visited April 9, 2021) [hereinafter What is a Hash Function]. 

  7. See David Pine et al., Ensuring Data Integrity with Hash Codes, Microsoft (July 14, 2020),,than%20signing%20the%20larger%20value. 

  8. See What is a Hash Function, supra note 6. 

  9. Id. 

  10. See The Deloitte Luxembourg Innovation Lab, supra note 1. 

  11. See How the Laws & Regulations Affecting Blockchain Technology and Cryptocurrencies, Like Bitcoin, Can Impact Its Adoption,Bus. Insider (Jan. 27, 2021, 3:36 PM), 

  12. See Federal Securities Laws, U.S. Sec. & Exch. Comm’n (May 4, 2017), 

  13. 328 U.S. 293 (1946); see also U.S. Sec. & Exch. Comm’n, Framework for “Investment Contract” Analysis of Digital Assets (2019), 

  14. See Federal Securities Law, supra note 12. 

  15. See U.S. Sec. & Exch. Comm’n, supra note 13. 

  16. Id. 

  17. Id. 

  18. Id. 

  19. Id. 

  20. Id. 

  21. Id. 

  22. Id. 

  23. See Michael R. MacPhail & Megan M. Farooqui, Two Recent SEC Cases Involving Cryptocurrency Offerings, Nat’l L. Rev. (Nov. 3, 2020), 

  24. Id. 

  25. Id. 

  26. See Nicole Moran, The CFTC’s Approach to Virtual Currencies, Nat’l L. Rev. (Dec. 21, 2020), 

  27. Id. 

  28. Id. 

  29. Id. 

  30. See U.S. Sec. & Exch. Comm’n, supra note 13. 

  31. Id. 

  32. Daniel Kuhn, The Cryptocurrency Act of 2020 is ‘Dead on Arrival,’ Washington Tells Sponsors, coindesk (Mar. 11, 2020, 9:19 AM),