Last week’s reports that the Securities and Exchange Commission (SEC) is probing whether one of the world’s largest cryptocurrency exchanges is listing unregistered securities once again highlights the unsettled state of crypto regulation in the U.S. It’s high time that policymakers provide clear, practical answers to the perennial questions of whether cryptocurrencies are securities and, if so, what to do about it. In the briefing paper, “Practical Legislation to Support Cryptocurrency Innovation,” released today, Jennifer Schulp and I propose legislative amendments for doing just that. Our framework provides (1) a clear test for whether crypto tokens are securities and (2) a common‐​sense registration option for those that are but whose projects are on the path to decentralization.

Crypto rules should be tailored to the specific risks of cryptocurrencies: fraud, deception, and manipulation by developers, sellers, or promoters who remain active managers of a crypto project. Our test for whether a crypto token is a security therefore is based on whether the token’s developers, sellers, or promoters will be exercising managerial control over the project. This test is consistent with longstanding precedents (including the oft‐​cited Howey test) and the goals of securities laws, which seek to protect against risks that managers have information that investors do not and act against investors’ best interests.

We propose that Congress clarify that securities laws do not apply to decentralized crypto tokens. This means that securities laws would not apply to tokens where the developer, seller, or promoter does not promise to undertake efforts necessary to deliver the token and its benefits, i.e., act like a manager. For example, such efforts could include building software or promoting its adoption by users or merchants. Where developers promise to do these things, the crypto project is centralized, and it’s appropriate to apply securities safeguards. However, if the project can work as intended without managers’ efforts, it’s decentralized, and securities laws would not apply to sales of its tokens.

Cryptocurrencies aspire to move beyond the need for centralized bodies that securities laws were designed to regulate, in effect mitigating managerial risks with technology. However, as SEC Commissioner Hester Peirce has put it, the current regime has “created a regulatory Catch 22”: startup crypto projects may be insufficiently decentralized to avoid securities laws, but compliance with those laws makes it difficult for such projects to sell their tokens to raise the money and build the user networks they need in order to decentralize over time. Our framework seeks to avoid this dilemma by proposing a tailored registration option for decentralizing projects to provide relevant information to crypto token purchasers.

Importantly, projects must be on the path to decentralization to be eligible for the tailored disclosure option. This means they must be developing a system with technical attributes that support decentralized operations: an open‐​source, permissionless, publicly readable, and cryptographically secure distributed ledger capable of validating stores or transfers of tokens without intermediaries. Eligible projects can register by posting to a public website information that would be useful to token purchasers, including:

  • who the developers, sellers, and promoters are;
  • how many tokens the developers, sellers, and promoters hold;
  • relevant technical documents (such as white papers and yellow papers) and marketing materials;
  • a link to the project’s public code repository, as well as a block explorer (a tool for searching the project’s transaction history);
  • information on how the project will achieve decentralization;
  • the protocols for recording and validating transactions and the applicable consensus mechanism;
  • the governance mechanism for updating the project’s code;
  • any promised benefits of the token; and
  • the known or reasonably foreseeable risks of holding the token, including a concise risk statement to be provided during public token sales.

Eligible projects would remain subject to securities law protections against fraud, untrue statements, and material omissions, which would cover misleading disclosures and undisclosed managerial efforts. Moreover, under our proposal, where developers make additional promises beyond those contemplated in their registration, they would lose eligibility for this streamlined framework, as those subsequent promises create additional risks and fail the framework’s securities test anew.

Cryptocurrencies’ fundamental innovation is the capacity to mitigate risks through decentralized technology. When they do, they should not be subject to superfluous compliance steps. To incentivize projects that realize this potential, Congress should provide a practical test for whether projects are decentralized, along with a tailored disclosure pathway for projects on the way there.