The Securities and Exchange Commission (SEC) and the Commodity Futures Trading Commission (CFTC) recently announced enforcement actions that reflected sweeping, and previously unarticulated, views of their respective jurisdiction and the scope of potential liability for participants in digital asset markets globally. Each matter advanced a theory of liability that would significantly expand the reach of the US securities and commodities law. First, the allegations in the SEC’s September 19 complaint filed against Ian Balina¹ suggest that the SEC views conduct that previously was considered extraterritorial to be potentially subject to the US securities laws. Second, the CFTC’s actions against bZeroX LLC (bZeroX) and two of its founders on September 22 suggest that virtually anyone who participates in governance decisions for a decentralized digital asset protocol may be considered liable for any unlawful features of the protocol.² We discuss each of these matters in more detail below.

A. SEC v. Balina

On September 19, the SEC filed a complaint against Ian Balina, a US resident and prominent initial coin offering (ICO) promoter, for allegedly violating Sections 5 and 17(b) of the Securities Act of 1933 (the Securities Act). The SEC alleged that Balina participated in an ICO for “SPRK” digital asset tokens without disclosing that he had received compensation from Sparkster, Ltd. (Sparkster), the issuer of the tokens. According to the SEC’s complaint, Balina agreed to promote Sparkster’s ICO in return for the opportunity to purchase a large number of tokens, which significantly exceeded the maximum allotment offered to other offering participants, and to receive additional “bonus” tokens for no additional consideration.

Balina in turn allegedly promoted the ICO through his website and social media platform. He also allegedly formed an “investing pool” to sell interests in his allotment of SPRK tokens to third parties, including several US persons. Investors in both the ICO and Balina’s investment pool purchased their interests with Ether through smart contracts on the Ethereum blockchain. The SEC alleged that neither Balina nor Sparkster adequately disclosed the consideration that Balina received for promoting SPRK tokens to participants in the ICO or participants in Balina’s investment pool.

The complaint alleges that the SPRK tokens were securities and that both the SPRK ICO and Balina’s investment pool constituted unregistered offerings of securities in violation of Section 5 of the Securities Act. Consistent with other recent SEC actions involving digital assets, the complaint alleges that the SPRK tokens satisfied the Howey investment contract test.³ In particular, each involved an investment of money in a common enterprise where investors expected the tokens to appreciate in value through Sparkster’s managerial efforts to develop and market its products. The SEC also alleged that Balina violated Section 17(b) of the Securities Act because he promoted the Sparkster ICO “for a consideration received or to be received, directly or indirectly, from an issuer, underwriter, or dealer, without fully disclosing the receipt, whether past or prospective, of such consideration and the amount thereof.”

Although Balina was a US resident who allegedly solicited and received investments in his investment pool from other US residents, the SEC nonetheless made further jurisdictional allegations based on the location in which those sales transactions allegedly occurred. Specifically, the SEC alleged that the US investors became “irrevocably committed to the transaction when, from within the United States, they sent their Ether contributions to Balina’s pool” and that those contributions were then “validated by a network of nodes on the Ethereum blockchain, which are clustered more densely in the United States than in any other country.” As a result, the SEC alleged that “those transactions took place in the United States.”

These jurisdictional allegations reference the conduct of the US investors in Balina’s pool. However, the SEC’s claims are not expressly limited to transactions with US persons. Further, the focus on the location of the Ethereum network’s validation nodes suggests a broader theory of jurisdiction that could apply to any transaction on the network, and which would be potentially consistent with existing authority interpreting the extraterritorial application of the US securities and commodities laws under the Supreme Court’s decision in Morrison. Under Morrison and subsequent decisions, the US securities and commodities laws apply to, among other things, “the purchase or sale of any other security [or commodity] in the United States.”⁴ This has been interpreted to mean if “irrevocable liability” was incurred in the United States or “title was transferred within the United States.”⁵ The Second Circuit has found that “irrevocable liability” plausibly occurs in the location where a transaction is matched or executed, regardless of where the participants to the transaction are located.⁶

Though not explicit, it appears as if the SEC could be advancing a theory of jurisdiction that would apply to any transaction on a digital asset network where a substantial portion of the validation activity occurs in the United States, whether or not any of the actual participants were located within the United States or understood themselves to be engaged in activity subject to US law.

B. In the Matter of bZeroX, LLC

On September 22, the CFTC announced a settled action against bZeroX and two of its founders for developing a digital asset protocol that offered leveraged retail commodity transactions without registering as a designated contract market (DCM) or futures commission merchant (FCM). The protocol used smart contracts to allow participants to establish disintermediated leveraged positions across digital asset pairs. This decentralized protocol included automated collateral requirements and mechanisms to liquidate positions in the event losses exceeded the value of the posted collateral. In or around August 2021, one of the founders announced plans to “future proof” the bZeroX protocol by transferring control from bZeroX to a distributed autonomous organization (DAO), which would continue to offer leveraged commodity transactions to retail customers. As the founder indicated, this plan was intended to evade regulatory requirements by transferring ownership of the protocol from a distinct legal entity to a distributed “community.”

The CFTC found that bZeroX and the individual founders offered illegal leveraged retail commodity transactions without registering as a DCM in violation of Section 4(a) of the Commodity Exchange Act (CEA) and failed to register bZeroX as an FCM in violation of CEA Section 4d(a)(1). The CFTC also found that bZeroX and the founders violated CFTC regulation 42.2 by failing to adopt a Customer Identification Program to implement Know Your Customer requirements for bZeroX’s FCM activities. This component of the action was straightforward and consistent with the CFTC’s prior actions in this space.⁷

However, the CFTC also found that the DAO, a for-profit, unincorporated association, continued to violate the CEA after it assumed control of the protocol and that the two founders were individually liable for the DAO’s violations under principles of state partnership law.

In a parallel action, the CFTC filed suit against the DAO in the Northern District of California. However, given the unincorporated nature of the organization, it does not appear that the DAO has any formal features of most business organizations, including office space, a mailing address or even defined officers. As a result, the CFTC has moved to authorize alternative service against the DAO via postings in “an online forum for holders of Ooki Tokens to discuss and vote on Ooki DAO governance issues.”⁸ The court accepted this method of process on October 3, 2022. It is unclear whether anyone will participate in the matter on behalf of the DAO or whether the CFTC will seek any additional action against DAO participants.

C. Potential Implications

Together, these matters could suggest a sweeping expansion of US regulators’ role in digital asset markets around the world. If the US claims jurisdiction over digital asset networks where validation nodes are “clustered more densely in the United States than in any other country,” it would essentially bring every Ether transaction within the purview of US regulators. This is particularly noteworthy, given Ethereum’s recent migration to a “proof-of-stake” consensus mechanism. SEC Chair Gary Gensler suggested that he believes these “proof-of-stake” mechanisms may be considered securities, as they allegedly generate returns through the work of others.⁹

This position could have significant implications for digital asset networks around the world. For example, if the SEC deems a digital asset to be a security, and that asset has significant validation activity in the United States, would foreign trading platforms be required to register as national securities exchanges or Alternative Trading Systems with the SEC? Similarly, the SEC has recently proposed amendments to the definition of “dealer” that would require many unregistered liquidity providers to register as broker-dealers.¹⁰ Would these requirements apply to foreign traders providing liquidity on foreign markets, if irrevocable liability for the underlying transaction was incurred within the United States?

Further, the CFTC’s action against the bZeroX founders for participating in DAO governance decisions raises concerns about whether individual participants in digital asset networks can be held liable for the networks’ alleged violations of the US commodities laws. It is also possible the SEC could pursue similar theories under the securities laws. While the bZeroX founders were obviously instrumental in establishing the DAO and allegedly participated in the DAO’s governance decisions, the CFTC’s order does not articulate any limiting principles that would protect any other members of the DAO from liability, even if they had significantly less control over its operations. Indeed, in her dissenting opinion, CFTC Commissioner Summer K. Mersinger noted that the necessary implication of the CFTC’s order is that “the CFTC considers anybody voting a DAO’s governance token to be a member of that DAO and thus subject to personal liability and sanctions for violations by the DAO.”¹¹

It is unclear how broadly the SEC and CFTC will seek to apply the principles expressed in these recent matters. However, until further guidance is provided, these matters introduce additional uncertainty regarding the application of US regulations to digital asset transactions. Market participants should monitor these developments closely as regulators continue to aggressively police digital asset markets.

Footnotes -

1. See Complaint, SEC v. Balina, No. 1:22-cv-950 (W.D. Tex. Sept. 19, 2022).
2. In re bZeroX, LLC, CFTC Docket No. 22-31 (Sept. 22, 2022); Complaint, CFTC v. Ooki DAO, No. 3:22-cv-5416 (Sept. 22, 2022).
3. SEC v. W.J. Howey Co., 328 U.S. 293 (1946).
4. Morrison v. Nat’l Australia Bank Ltd., 561 U.S. 247, 273 (2010).
5. Absolute Activist Value Master Fund Ltd. v. Ficeto, 677 F.3d 60, 68 (2d Cir. 2012); see also Loginovskaya v. Batratchenko 764 F.3d 266, 272 (2d Cir. 2014) (applying Morrison holding to the Commodity Exchange Act); SEC v. Ripple Labs, Inc., et al., 1:20-cv-10832-AT-SN (March 11, 2022) (applying Morrison to determine if a “sale” of unregistered securities occurred in the United States under Securities Act Section 5); SEC v. Tourre, 2013 WL 2407172, at *4 (S.D.N.Y. June 4, 2013) (applying Morrison to Securities Act Section 17(a)).
6. Choi v. Tower Research Capital LLC, 890 F.3d 60 (2018) (finding that irrevocable liability was plausibly incurred in the United States for orders for futures contracts submitted in a foreign country and subject to the laws of a foreign exchange, but that were nonetheless executed using a matching engine operated in the United States).
7. E.g., CFTC v. Laino Group Ltd., No. 20-3317 (S.D. Tex. Sept. 24, 2020); see also CFTC v. Monex Credit Corp., 931 F. 3d 966 (9th Cir. 2019).
8. Declaration in Support of Plaintiff’s Motion for Alternative Service Against Defendant Ooki DAO Pursuant to 28 U.S.C. § 1746, CFTC v. Ooki DAO, No. 3:22-cv-5416 (Sept. 27, 2022).
9. See Paul Kiernan and Vicky Ge Huang, Ether’s New ‘Staking’ Model Could Draw SEC Attention, WALL ST. J., Sept. 15, 2022, https://www.wsj.com/articles/ethers-new-staking-model-could-draw-sec-attention-11663266224?mg=prod/com-wsj.
10. Further Definition of “As a part of a Regular Business” in the Definition of Dealer and Government Securities Dealer, 87 Fed. Reg. 23,054 (April 8, 2022).
11. Dissenting Statement of Commissioner Summer K. Mersinger Regarding Enforcement Actions Against: 1) bZeroX, LLC, Tom Bean, and Kyle Kistner; and 2) Ooki DAO (Sept. 22, 2022).