SEC’s Crypto Guidance Ends Years of Regulatory Ambiguity But Key Questions Remain

The SEC and CFTC’s landmark crypto taxonomy has been widely hailed as a decisive break from years of regulatory limbo but legal experts say one of its most consequential provisions raises more questions than it answers, with no formal process for issuers to find out if they’ve gotten it right.

At issue is the guidance’s framework for when a token initially sold as part of an investment contract can “separate” from that contract and trade freely.

Under the release, a non-security token becomes subject to an investment contract when an issuer sells it with promises to undertake “essential managerial efforts.” That investment contract ends when the issuer either fulfills those promises or publicly abandons the project.

But the document provides no mechanism for an issuer to obtain a definitive determination, leaving founders to make the call themselves, with enforcement as the backstop.

“This is the biggest open question in the entire 68 pages,” said Mike Katz, partner at law firm Manatt, Phelps & Phillip. “You are left to make that judgment yourself, and if the SEC disagrees, you find out in an enforcement action.”

Consider a team that launches a token promising a decentralized exchange, a governance module, and a cross-chain bridge. Two years later, the DEX and the governance module are live, but the bridge is still in development. Are the promises fulfilled? Partially? Does partial delivery count?

“The guidance does not say,” Katz said, “and there is no application process, no safe harbor letter, no bright-line test.”

Promising Less

Steve Yelderman, General Counsel of Etherealize, argues the provision inverts the incentive structure of the prior regime, where detailed roadmaps could be weaponized against founders in enforcement actions, and tokens could be stuck in regulatory limbo with no path out.

“Promising less can be a good thing,” he said. “A big point of the securities laws is to discourage managers from making false promises to investors,” Yelderman said. “If the law is making people think twice before making difficult promises, that’s not perverse, that’s the law working as intended.”

Yelderman also flagged a widely misread nuance in the provision.

“It’s not that the token sheds its security status,” he clarified. “We’re talking about when and how non-security tokens might be sold subject to an investment contract. The token itself was always a non-security — what changes is whether the surrounding transaction is a securities transaction.”

DeFi’s Hard Question

The guidance’s most notable silence is on fully permissionless DeFi protocols, platforms with no identifiable issuer, no pre-sale, and governance controlled entirely by on-chain token holders.

The SEC’s entire investment contract framework is built around an identifiable issuer making identifiable promises through official channels. That framework does not map when there is no one to hold responsible for “essential managerial efforts.”

Katz was direct.

“The SEC built a framework for the cases it knows how to analyze, centralized launches with identifiable actors. and deferred the cases it does not.” he said. “Silence from a regulator is not the same as approval.”

He expects a forthcoming rulemaking to include an “innovation exemption” that Chair Paul Atkins has referenced publicly, but said DeFi’s hard questions may not be resolved until that rulemaking arrives.

Yelderman said the document provides extensive characteristics for what constitutes a digital commodity, the category most mature DeFi governance tokens aspire to, and the 16 named examples give projects a concrete benchmark.

“Early on, a new DeFi protocol might need to navigate the investment contract guidance, depending on how it was initially funded and launched,” he said. “But the end game would be for the governance tokens to be recognized as a digital commodity. And there is a lot of guidance on the characteristics of digital commodities, which a project could use to get there with reasonable precision.”

Fractionalized NFTs

The guidance formally classifies NFTs and digital collectibles as non-securities, while flagging fractionalization as a potential securities offering.

Dividing a single NFT into fungible fractional shares, the document said, can constitute a securities offering because it introduces elements of shared investment and reliance on managerial efforts.

Yelderman said he thinks the market has overread the section. “Owning a digital collectible isn’t a security, any more than owning a physical Pokémon card would be,” he said. “But if you start doing things like fractionalizing the ownership, outsourcing management, and creating a fund to invest in collectibles, you need to do the full analysis. That’s all they’re saying, in my opinion.”

Katz was less sanguine.

“For protocols that have been offering fractionalization as a core product, this guidance is not ambiguous,” he said. “The SEC is saying: we see what you are doing, we get it, and it is a securities offering.”

Both Reg D and Reg A+ registration pathways exist, he noted, but represent a substantial compliance lift that most of these platforms have not taken on.

A Watershed Moment

Against that backdrop of open questions, experts were emphatic that the guidance represents a watershed moment for the industry. The core shift, according to Katz, is that the SEC has effectively reversed the presumption that defined the Gensler era.

“The Gensler-era position was that virtually every token was a security until proven otherwise,” Katz said. “This guidance inverts that presumption. Three of the five categories in the taxonomy are explicitly non-securities. The Commission is telling the market: we are regulating securities, not regulating crypto.”

For Yelderman, having any guidance at all is already significant.

“For years some in the government very openly used ambiguity and uncertainty to their strategic advantage,” he said. “It’s very good to see that era fully brought to a close.”

Arguably more important than any single classification, Katz said, is the fact that both agencies co-signed the taxonomy. It’s the first time the SEC and CFTC have publicly agreed on which assets belong to whom. “

David Carlisle, VP of Policy and Regulatory Affairs at Elliptic, said the guidance carries particular weight for traditional financial institutions that have been sitting on the sidelines.

“A more consistent taxonomy and aligned oversight give firms a clearer foundation to engage with digital assets in the US,” he said, “especially traditional financial institutions that have been reluctant to undertake certain activities owing to regulatory ambiguity.”

What Comes Next

The guidance is an interpretive release, not a formal rulemaking, which means it carries persuasive authority but does not bind future administrations. Chairman Atkins has signaled that formal rulemaking is forthcoming. Until that happens, Katz said, “this is a strong signal, not a guarantee.”

The SEC has invited public comment on the taxonomy and indicated it may refine the framework based on feedback, leaving open the possibility that some of the gray zones identified by legal experts could be addressed before the ink dries on a final rule.

For Carlisle, the shift in dynamic is already meaningful regardless of what comes next.

“The challenge now shifts to applying the SEC/CFTC interpretation in practice,” he said. “But there is now a more meaningful conceptual framework they can use to do so.”