When Do Virtual Currency Transactions Qualify for the 'Actual Delivery' Exception from the CFTC's Jurisdiction?

by JD Supra Perspectives

[Matt Jones and Dave Aron are attorneys at the CFTC. Mr. Jones previously worked at the SEC, and in private practice. Mr. Aron previously was a partner at an international law firm and worked at a bank and an insurance company. The analyses and conclusions expressed in this paper are those of the authors in their personal capacity, and do not reflect the views of the CFTC staff, the CFTC itself, or the United States government. The authors have not worked on the Proposed Interpretation defined below.]

The Commodity Exchange Act (“CEA”) makes off-exchange leveraged, margined or financed retail commodity transactions illegal, with a few exceptions. One exception covers actually delivering a commodity within 28 days of a retail commodity transaction (the "actual delivery exception"). Two years ago, the Commodity Futures Trading Commission (“CFTC”) settled an administrative proceeding with the unregistered Bitcoin platform Bitfinex ("Bitfinex Settlement") and found that Bitfinex had violated the CEA because it failed to “actually deliver” bitcoins to buyers within 28 days of the transaction (the “actual delivery exception”).1

After the Bitfinex Settlement, the CFTC received requests for guidance regarding the application of the actual delivery exception to cryptocurrencies. On December 15, 2017, the CFTC issued a proposed interpretation (“Proposed Interpretation”) regarding the scope of the actual delivery exception from its authority over retail commodity transactions involving virtual currency, such as bitcoin.2

The Proposed Interpretation states that the following two factors are necessary (but not necessarily sufficient) for actual delivery of a virtual currency:

(1) A customer must have the ability to: (i) take possession and control of the entire quantity of the virtual currency, whether purchased on margin, using leverage, or pursuant to any other financing arrangement, and (ii) use it freely in commerce (both within and away from any particular platform) no later than 28 days from the date of the transaction; and

(2) The offeror and seller (including any of their respective affiliates or other persons acting in concert therewith) must not retain any interest in or control over any of the virtual currency, purchased as described in the previous paragraph, at the expiration of the aforementioned 28 days.

The CFTC added that (1) for cryptocurrencies, it would follow its 2013 “actual delivery” guidance for retail commodity transactions generally, which  the CFTC stated entails “examin[ing] how [an] agreement, contract, or transaction is marketed, managed, and performed, instead of relying solely on language used by the parties[,]” and (2) it “will continue to assess all relevant factors[.]”3

Significantly, the underlying premise of the Proposed Interpretation is that “actual delivery” of virtual currencies, which are intangible, is possible. 

Significantly, the underlying premise of the Proposed Interpretation is that “actual delivery” of virtual currencies, which are intangible, is possible. Notwithstanding that the CFTC indicated in 2012 that intangible commodities could underlie a different exclusion from CFTC jurisdiction, it is arguable that, by using the word “actual,” Congress meant to exclude intangible commodities from the actual delivery exception.4

The Proposed Interpretation emphasized the importance of the above factors in the actual delivery exception. Consequently, market participants should be cognizant of the following two issues for bitcoin and other cryptocurrencies.

1) Whether a transaction must be on the blockchain to satisfy the “taking possession and control” element of actual delivery.

The Proposed Interpretation’s second example of actual delivery does not mention a blockchain, and seemingly could accommodate a transfer away from the blockchain. The blockchain is an integral part of bitcoin. However, it is not the only way to transfer bitcoin. For example, two counterparties could “deliver” bitcoin other than on the blockchain by, e.g., transferring the private key from the seller to the buyer or, to save on transaction costs and/or increase transaction speed, through the Lightning Network.5

Because there are other means of transferring bitcoin between buyers and sellers, it may be useful for the CFTC to expressly state in its final interpretation or in other guidance whether off-chain transactions satisfy the “taking possession and control” element of actual delivery.

2) When can a transfer on the blockchain be “use[d] freely in commerce”?

The Proposed Interpretation requires that a virtual currency can be used freely in commerce for it to be considered “actually delivered.”

If a transfer isn’t accepted by a large majority of participants, the receiver’s ability to “use it freely in commerce” arguably is restricted. While this risk may be small, it is real for bitcoin and other cryptocurrencies. For example, the Bitcoin community relies on the longest valid blockchain to verify a transaction. However, the blockchain naturally forks when two miners each add a different block to the end of the blockchain at nearly the same time.6 These two versions of the blockchain continue growing until eventually one version is recognized as the longest, and the other side of the fork is abandoned (orphaned), by the Bitcoin network.7

Thus, a Bitcoin participant can never be certain the blockchain containing a given transfer will continue to be accepted by the Bitcoin community as the longest valid blockchain. Bitcoin traders commonly require a transaction to be in a block that is six or more blocks deep before confirming the transaction.8 There is always a risk that a longer valid blockchain that does not contain the transfer currently exists or will appear on the Bitcoin network. This risk makes it difficult to determine which valid blockchain is the longest, and if a transfer is and will be accepted by other Bitcoin community members.

If a bitcoin transfer isn’t accepted by a majority of the Bitcoin community, the receiver’s ability to “use it freely in commerce” arguably is restricted.9

Because the Proposed Interpretation did not address these aspects of the bitcoin blockchain, it may be useful for the CFTC to address them in the final interpretation or in other guidance. 


1 The exception is set forth in CEA § 2(c)(2)(D)(ii)(III)(aa). The CEA is the principal source of the CFTC’s authority.

2 Retail Commodity Transactions Involving Virtual Currency, 82 Fed. Reg. 60,335 (Dec. 20, 2017).

3 See Proposed Interpretation at 60,339. See also Retail Commodity Transactions Under Commodity Exchange Act, 78 Fed. Reg. 52,426 (Aug. 23, 2103) (“2013 Guidance”), which wasn’t specific to, and did not mention, virtual currencies.

4 Compare Further Definition of “Swap,” “Security-Based Swap,” and “Security-Based Swap Agreement”; Mixed Swaps; Security-Based Swap Agreement Recordkeeping, 77 Fed. Reg. 48,207, 48,233 (Aug. 13, 2012) (recognizing, based on the language “deferred shipment or delivery” in CEA § 1a(27), that transactions in intangible commodities can, in appropriate circumstances, qualify as forwards (and thus outside the Commission’s authority over futures contracts), while setting forth certain conditions to assure that the forward exclusion from the CEA cannot be abused) with CEA § 2(c)(2)(D)(ii)(III)(aa) (disapplying the Commission’s retail commodity transactions authority where an agreement, contract, or transaction results in “actual delivery” within 28 days).

5 In many circumstances, the Bitcoin buyer would not accept this “transfer” because the buyer would be unable to verify that the seller no longer retained a copy of the private key (along with some control over the “transferred” bitcoin). There is no safeguard to prevent multiple Bitcoin participants from generating and possessing the same private key. Bitcoin participants maintain the security of their bitcoin by not sharing their private key(s), and by relying on the extremely low probability of any other Bitcoin participant randomly generating the same private key.

6 See Bitcoinwiki, Block chain, available at https://en.bitcoin.it/wiki/Block_chain (explaining that forks can be “created from time to time when two blocks are created just a few seconds apart”).

7 See Blockchain.info, Orphaned Blocks, available at https://blockchain.info/orphaned-blocks (defining “orphaned” blocks).

8 See Confirmation, Bitcoinwiki, available at https://en.bitcoin.it/wiki/Confirmation (explaining the the classic bitcoin client will show a transaction as “n/unconfirmed” until the transaction is 6 blocks deep). The probability that a blockchain, which contains a given transfer, remains the longest valid blockchain, and therefore is accepted by the Bitcoin community, increases as additional valid blocks are linked to the block containing the transaction. See Satoshi Nakamoto, Bitcoin: A Peer-to-Peer Electronic Cash System, page 6 (calculating the probability that a Bitcoin participant creates an alternate blockchain that is the longest valid blockchain and does not include a given block).

9 These issues could be further compounded at the margin by reliance on a timestamp for a given bitcoin transfer. The Bitcoin network does not rely on a precise timestamp (and other cryptocurrency networks do not require a timestamp at all). While the timestamp included in the Bitcoin block header is typically accurate within two or three hours, that level of accuracy may not suffice to demonstrate to the CFTC that actual delivery has occurred by a certain hour on the 28th day after a transaction. See Bitcoinwiki, Block timestamp, available at https://en.bitcoin.it/wiki/Block_timestamp (explaining that the timestamp on the blockchain is not accurate and that the timestamp makes it more difficult for an adversary to manipulate the blockchain.)

Written by:

JD Supra Perspectives

JD Supra Perspectives on:

Readers' Choice 2017
Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
Privacy Policy (Updated: October 8, 2015):

JD Supra provides users with access to its legal industry publishing services (the "Service") through its website (the "Website") as well as through other sources. Our policies with regard to data collection and use of personal information of users of the Service, regardless of the manner in which users access the Service, and visitors to the Website are set forth in this statement ("Policy"). By using the Service, you signify your acceptance of this Policy.

Information Collection and Use by JD Supra

JD Supra collects users' names, companies, titles, e-mail address and industry. JD Supra also tracks the pages that users visit, logs IP addresses and aggregates non-personally identifiable user data and browser type. This data is gathered using cookies and other technologies.

The information and data collected is used to authenticate users and to send notifications relating to the Service, including email alerts to which users have subscribed; to manage the Service and Website, to improve the Service and to customize the user's experience. This information is also provided to the authors of the content to give them insight into their readership and help them to improve their content, so that it is most useful for our users.

JD Supra does not sell, rent or otherwise provide your details to third parties, other than to the authors of the content on JD Supra.

If you prefer not to enable cookies, you may change your browser settings to disable cookies; however, please note that rejecting cookies while visiting the Website may result in certain parts of the Website not operating correctly or as efficiently as if cookies were allowed.

Email Choice/Opt-out

Users who opt in to receive emails may choose to no longer receive e-mail updates and newsletters by selecting the "opt-out of future email" option in the email they receive from JD Supra or in their JD Supra account management screen.


JD Supra takes reasonable precautions to insure that user information is kept private. We restrict access to user information to those individuals who reasonably need access to perform their job functions, such as our third party email service, customer service personnel and technical staff. However, please note that no method of transmitting or storing data is completely secure and we cannot guarantee the security of user information. Unauthorized entry or use, hardware or software failure, and other factors may compromise the security of user information at any time.

If you have reason to believe that your interaction with us is no longer secure, you must immediately notify us of the problem by contacting us at info@jdsupra.com. In the unlikely event that we believe that the security of your user information in our possession or control may have been compromised, we may seek to notify you of that development and, if so, will endeavor to do so as promptly as practicable under the circumstances.

Sharing and Disclosure of Information JD Supra Collects

Except as otherwise described in this privacy statement, JD Supra will not disclose personal information to any third party unless we believe that disclosure is necessary to: (1) comply with applicable laws; (2) respond to governmental inquiries or requests; (3) comply with valid legal process; (4) protect the rights, privacy, safety or property of JD Supra, users of the Service, Website visitors or the public; (5) permit us to pursue available remedies or limit the damages that we may sustain; and (6) enforce our Terms & Conditions of Use.

In the event there is a change in the corporate structure of JD Supra such as, but not limited to, merger, consolidation, sale, liquidation or transfer of substantial assets, JD Supra may, in its sole discretion, transfer, sell or assign information collected on and through the Service to one or more affiliated or unaffiliated third parties.

Links to Other Websites

This Website and the Service may contain links to other websites. The operator of such other websites may collect information about you, including through cookies or other technologies. If you are using the Service through the Website and link to another site, you will leave the Website and this Policy will not apply to your use of and activity on those other sites. We encourage you to read the legal notices posted on those sites, including their privacy policies. We shall have no responsibility or liability for your visitation to, and the data collection and use practices of, such other sites. This Policy applies solely to the information collected in connection with your use of this Website and does not apply to any practices conducted offline or in connection with any other websites.

Changes in Our Privacy Policy

We reserve the right to change this Policy at any time. Please refer to the date at the top of this page to determine when this Policy was last revised. Any changes to our privacy policy will become effective upon posting of the revised policy on the Website. By continuing to use the Service or Website following such changes, you will be deemed to have agreed to such changes. If you do not agree with the terms of this Policy, as it may be amended from time to time, in whole or part, please do not continue using the Service or the Website.

Contacting JD Supra

If you have any questions about this privacy statement, the practices of this site, your dealings with this Web site, or if you would like to change any of the information you have provided to us, please contact us at: info@jdsupra.com.

- hide
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.