On March 17, 2026, the U.S. Securities and Exchange Commission (SEC) and the Commodity Futures Trading Commission (CFTC) jointly released the final rule and interpretive guidance titled Application of the Federal Securities Laws to Certain Types of Crypto Assets and Certain Transactions Involving Crypto Assets (collectively, the "Guidance"). This 68-page document is the first systematic, framework-level document jointly issued by the two federal regulators on the legal characterization of crypto assets.
For observers who have long followed the trajectory of U.S. crypto regulation, the significance of this development extends far beyond the text itself. Since the SEC issued the DAO Report in 2017, U.S. regulation of crypto assets has remained caught in a cycle of vague rules, case-by-case enforcement, and repeated market probing. Regulators used a series of enforcement actions against market participants such as Ripple, Coinbase, and Binance to draw boundaries in a piecemeal manner, while market participants continued testing uncertain rules in search of regulatory gray areas. This dynamic not only raised compliance costs, but also pushed some innovative projects and capital toward jurisdictions with clearer regulatory frameworks.
The release of the Guidance represents a regulatory reconstruction of the rules in this ongoing contest, drawing clearer boundaries for the market. It signals a shift from reliance on ex post enforcement to the use of ex ante rulemaking to clarify the legal definition of crypto assets. The prior path of regulation by enforcement had long been criticized, and market participants had repeatedly called on regulators to provide clear guidance.
In 2017, the SEC issued the DAO Report, making clear for the first time that crypto assets could be analyzed under the framework of an "investment contract" and concluding that the tokens issued by The DAO constituted securities. The report established the basic paradigm the SEC would use over the following decade to address crypto asset issues: applying the Howey test, developed by the U.S. Supreme Court in SEC v. W.J. Howey Co. (1946), on a case-by-case basis to determine whether a particular crypto asset constitutes a security.
In practice, however, this case-by-case approach created significant problems. The Howey test contains four elements: an investment of money, a common enterprise, a reasonable expectation of profit, and profits derived from the efforts of others. When applied to crypto assets with widely varying forms and functions, the outcome often depends heavily on specific factual details and therefore lacks predictability. As a result, the SEC relied primarily on enforcement actions to draw boundaries incrementally — bringing cases involving Telegram's TON project, Ripple's XRP, Coinbase's trading services, and others in an attempt to clarify the rules through judicial precedent.
Yet this approach of "regulation by enforcement" meant that regulators were effectively enforcing against crypto asset issuers in the absence of a tailored regulatory framework, which in fact did little to help the SEC develop a framework capable of accommodating crypto asset innovation and the growth of the entrepreneurial sector. Former SEC Commissioner Hester Peirce repeatedly criticized this approach in public statements, arguing that regulators should provide clear guidance rather than "legislate" through enforcement actions.
The year 2025 became a turning point in U.S. crypto regulatory policy. In January, Acting Chair Mark T. Uyeda announced the formation of the Crypto Task Force to provide clearer regulatory guidance for the crypto asset market. The task force later held a series of roundtables and collected more than 300 written submissions from market participants.
In July 2025, the President's Working Group on Digital Asset Markets released the report Strengthening American Leadership in Digital Financial Technology, explicitly recommending that the SEC and the CFTC "use existing authorities to provide sufficient regulatory clarity so that blockchain-based innovation remains in the United States." In the same month, Congress passed the GENIUS Act, establishing a dedicated regulatory framework for payment stablecoins issued by permitted payment stablecoin issuers and expressly excluding such instruments from the category of securities.
In the same year, SEC Chair Paul S. Atkins launched the "Project Crypto" initiative, which aims to modernize rules under the federal securities laws in line with the recommendations of the President's Working Group. In a public speech, Atkins made clear that the immediate priority was to clarify the regulatory rules applicable to crypto entrepreneurs so they could determine whether their projects needed to comply with the securities laws. In January 2026, Atkins and CFTC Chair Michael S. Selig announced that the initiative would proceed as a joint action by the two agencies in order to coordinate federal regulation of the crypto asset market.
These policy developments show that the new rule did not emerge in isolation. Rather, it is the product of a broader and systematic shift in crypto regulatory policy at the federal level in the United States. Regulators had already recognized that continued reliance on case-by-case enforcement was no longer adequate for a fast-moving market and that clearer front-end rules were needed to provide market participants with a more definite compliance framework.
For the U.S. crypto market, the Guidance's most important contribution lies in the fact that it establishes a systematic classification framework for crypto assets. The framework divides crypto assets into five categories and defines the legal status of each category separately.
Table 1. Details of the Five-Category Asset Classification System
If the classification framework answers the question of whether a particular category of asset is a security, then the concepts of investment contracts and separation answer the more dynamic question of under what conditions an asset becomes a security. This is the most innovative part of the Guidance.
The Guidance makes clear that a crypto asset that is not itself a security (such as a digital commodity) may nonetheless be the subject of an investment contract and therefore fall within the scope of securities regulation. The key condition is that, when selling the asset to investors, the issuer induces a reasonable expectation that the issuer will undertake essential managerial efforts that will generate profits for investors, whether through explicit or implicit statements or commitments.
The Guidance further refines the standard for determining a reasonable expectation of profit. If an issuer uses white papers, official websites, social media channels, or similar means to promise specific functionality, specific milestones, or the creation of a complete ecosystem, and provides detailed information on business plans, timelines, staffing, and funding sources, then it is reasonable for investors to expect profits. By contrast, if the issuer's statements are vague and lack specific plans, it becomes difficult to establish such a reasonable expectation.
The Guidance states that where a crypto asset that is not itself a security was originally issued as the subject of an investment contract, that asset may, under certain conditions, become separated from the corresponding investment contract. Once that separation occurs, secondary-market trading in the asset is no longer treated as securities trading. In other words, the asset itself does not become a security simply because it was once sold pursuant to an investment contract. What changes is whether the asset remains tied to the legal relationship created by the investment contract and the issuer's underlying commitments.
The conditions for separation fall into two categories:
First, the issuer has completed the essential managerial efforts it promised. For example, once the issuer completes the milestones promised in the white paper—such as software development, mainnet launch, or open-sourcing of the code—the issuer is deemed to have fulfilled its commitments. Thereafter, even if the issuer continues to provide non-essential operational support, that does not affect the fact that the asset has already separated. At that point, the investment contract itself no longer exists, and subsequent trading in the asset is therefore no longer governed by the securities laws.
Second, the issuer expressly abandons and publicly announces that it will no longer perform the promised efforts. If, during development, the issuer cannot complete its commitments for any reason—such as insufficient funding, technical obstacles, or market competition—and makes a widely disseminated, clear, and unambiguous public announcement that it is abandoning the project, the asset may likewise separate from the investment contract. The document simultaneously warns, however, that in such cases the issuer may still face antifraud liability under the securities laws for failing to perform its commitments.
The separation mechanism provides crypto projects with a lawful path from compliant fundraising to decentralized operation. A project team may raise funds at an early stage through a securities offering, complete core development, and then, once the system has matured and become decentralized, allow its native token to circulate freely without remaining subject to the strict securities-law constraints that apply to the secondary market.
The Guidance also provides clear legal characterizations for three common categories of on-chain activity.
The Guidance makes clear that mining activities on public, permissionless blockchain networks (under proof-of-work mechanisms) and staking activities on such networks (under proof-of-stake mechanisms) do not, by themselves, constitute securities offerings.
Protocol mining includes both self-mining and participation in mining pools. Even if a mining pool operator charges a fee, that does not change the legal characterization, because these activities are administrative or ministerial in nature rather than essential managerial efforts.
Protocol staking includes four forms: (1) self-staking; (2) direct self-custodial staking with a third party, in which the user retains control of the assets while entrusting a third-party node operator to perform validation; (3) custodial arrangements, in which the user entrusts assets to a custodian for staking, but the custodian acts only as an agent, does not determine the timing or quantity of staking, and may not use the deposited assets for other commercial purposes; and (4) liquid staking, in which the user receives a staking receipt token and retains liquidity, while the staking service provider acts only as an agent and does not guarantee returns. Because these activities are administrative or ministerial in character, they do not constitute securities offerings.
Wrapping refers to the act of depositing one crypto asset with a custodian or cross-chain bridge and, on a 1:1 basis, generating a wrapped token that can circulate on another chain. The Guidance makes clear that if the underlying asset is a non-security asset and is not in an investment-contract state, and if the wrapping process does not include any yield, profit opportunity, or additional goods or services, then the wrapped token itself does not constitute a security. The wrapped token is treated as a "receipt" for the underlying asset, and its value derives entirely from the underlying asset rather than from any efforts involved in the wrapping process.
The Guidance adopts a strict approach to airdrops: an airdrop does not constitute a securities offering only if the user receives it without providing the issuer with any money, goods, services, or other consideration. In other words, if a user must complete specific tasks—such as social-media promotion, testnet participation, or liquidity provision—in order to receive the airdrop, that portion of the airdrop may be treated as a securities offering for consideration and would therefore fall outside the exemption. The Guidance specifically clarifies that amounts a user has paid in the past—such as payments to purchase other assets or use application services—do not count as consideration for the airdrop, provided those payments were not made specifically to obtain the airdrop.
The release of the Guidance means that the SEC's nearly decade-long model of regulation by enforcement has entered an important period of change. Previously, the SEC relied on enforcement actions to define the rules, but that approach had clear shortcomings: the rules were formed case by case through litigation, lacking systematization and predictability; the selection of enforcement targets was inherently random, leaving many uncharged projects in a continuing state of uncertainty; and the interaction between regulators and the market was adversarial rather than cooperative. The issuance of the Guidance marks a shift from making rules through litigation to providing generally applicable and predictable compliance guidance.
The creation of the separation mechanism is a key institutional design feature of the new rule. It recognizes the legitimacy of early-stage fundraising while also creating a clear exit path for a project to move into non-security status. In this way, the mechanism balances compliant financing with ecosystem flexibility: project teams can raise funds through compliant securities offerings without fearing that their tokens will carry a permanent securities label once they begin circulating; investors can enjoy the protection of the securities laws at an early stage and later benefit from freer secondary-market trading once the project matures. This mechanism encourages project teams to shift their focus away from evading securities characterization and toward fulfilling core commitments and achieving decentralization.
With respect to jurisdictional coordination, the new rule, by being issued jointly, clarifies the aligned positions of the two regulators: digital commodities fall under the CFTC's jurisdiction, digital securities fall under the SEC's jurisdiction, and payment stablecoins are addressed under separate legislation. The CFTC has stated that it will administer the Commodity Exchange Act in a manner consistent with this interpretation and has confirmed that certain crypto assets that are not securities may still qualify as commodities under that statute. This means that crypto assets classified as digital commodities—such as Bitcoin and Ether—will clearly fall within the CFTC's regulatory scope, and trading in their derivatives will be subject to the rules governing commodity futures markets.
The impact of the new rule on the market is multidimensional. It not only removes long-standing uncertainty surrounding mainstream assets, but also reshapes the logic of secondary-market trading. It not only gives rise to new compliant business models, but also creates conditions for the United States to re-emerge as a center of crypto innovation.
The most direct market effect of the new rule is the removal of long-standing uncertainty surrounding mainstream crypto assets such as Bitcoin and Ether. The document expressly classifies these assets as digital commodities and states that they are not themselves securities. This means that secondary-market trading in these assets no longer faces the risk of being characterized as securities trading. Traditional financial institutions, which had previously taken a wait-and-see approach because of regulatory uncertainty, can now incorporate such assets into investment portfolios with greater confidence.
The establishment of the separation mechanism fundamentally changes the logic of secondary-market trading in crypto assets. Before the new rule was issued, after a project conducted early-stage fundraising, secondary-market trading in its token remained clouded by the question of whether it might constitute securities trading. The new rule now makes clear that once the project has fulfilled its core commitments and separation has occurred, subsequent trading is no longer securities trading. A project team can raise funds through compliant early-stage financing, complete its core development, and then achieve free circulation of its token through separation.
The Guidance's clear treatment of infrastructure services such as mining, staking, wrapping, and cross-chain bridges provides legal certainty for business models in these sectors. The document makes clear that these activities do not themselves constitute securities offerings, and participants therefore need not register securities or seek exemptions on that basis. This reduces compliance risk for relevant service providers and supports greater professionalization and scale in the industry.
The release of the new rule may reverse the earlier outflow of talent and capital that was driven by regulatory uncertainty. The document expressly cites the President's Working Group report and emphasizes the policy objective of keeping blockchain-based innovation in the United States. Compared with the European Union's Markets in Crypto-Assets Regulation (MiCA), which has already been implemented, and the regulatory frameworks of multiple Asian jurisdictions, the United States had previously been at a competitive disadvantage because of regulatory ambiguity.
The Guidance provides project teams with a clear framework for designing financing pathways. A project team may choose to raise funds at an early stage through a compliant securities offering while also clearly planning its path to separation—when key development milestones will be completed, when decentralization will be achieved, and when the fulfillment of commitments will be publicly announced. This pathway can ensure that the token ultimately achieves free circulation as a non-security while avoiding a continuing compliance burden for secondary-market trading.
Project teams must remain highly alert to commitments of essential managerial efforts made during marketing. The new rule makes clear that if an issuer promises investors specific development milestones, business plans, or profit expectations through white papers, websites, social media, or similar channels, those commitments may become core elements of an investment contract. Project teams should ensure that, once separation occurs, they clearly announce that the relevant commitments have been fulfilled, or else adjust their marketing language to avoid creating excessive expectations of profit.
Project teams should also consider embedding separability into their technical architecture. Through staged development plans, gradual decentralization roadmaps, and transparent milestone-disclosure mechanisms, they can create clear evidence to support future separation.
The Guidance provides investors with a new analytical framework for investment decisions. For assets already clearly classified as digital commodities, the investment thesis rests primarily on fundamentals such as network effects, supply and demand, and technological development. For project tokens that have not yet separated, investors should focus on the issuer's ability to perform its commitments and the associated legal risks, while recognizing that they remain protected by the securities laws.
Investors should also distinguish between an asset itself being a non-security and that same asset currently being sold or traded in connection with an investment contract. An asset may be treated as a security when it is first issued, but later separate and become a non-security after the project has fulfilled its commitments. Investors should therefore monitor a project's separation status in order to assess accurately the legal character of trading in the asset and the corresponding protection mechanisms.
With respect to airdrops, staking, mining, and similar activities, investors should distinguish whether the activity involves consideration. Airdrops received free of charge fall outside securities regulation; but newly received assets obtained through labor, services, or capital input may constitute a securities offering and therefore fall under SEC oversight.
Exchanges need to establish classification-based listing mechanisms that distinguish among categories such as digital commodities, separated assets, digital securities, and payment stablecoins, and then formulate corresponding compliant trading rules. For assets that have not yet separated, exchanges must confirm whether the issuer has registered the offering or qualifies for an exemption; for assets that have already separated, exchanges need a verification mechanism to confirm that separation has in fact occurred.
Staking and custody service providers should make clear that their business models involve administrative services relating to non-securities, while remaining attentive to compliance risks at the boundaries of those businesses. If a service involves promised returns, profit sharing, or an underlying asset that is itself a digital security, securities regulation may be triggered. Service providers should make the agency nature of their role clear in service agreements so as to avoid being characterized as undertaking essential managerial efforts.
For legal, tax, and accounting service providers, the release of the Guidance will create new demand for professional services. Project teams will need assistance with designing separation pathways, conducting compliance reviews, and preparing disclosures; exchanges will need support in asset classification and trading-rule design; and investors will need assessments of the legal status of target assets.
The release of the Guidance marks an important turning point in U.S. crypto asset regulation—from ambiguity to clarity, and from case-by-case enforcement to ex ante rulemaking. Through a clearer rule framework, regulators have reasserted definitional authority and redirected market innovation toward the development of genuinely functional and decentralized blockchain networks, rather than leaving it trapped in short-term arbitrage built around issuance, fundraising, and narrative.
Yet the codification of rules does not mean the end of strategic interaction between regulators and the market. While drawing boundaries, the new rule may also create new space for regulatory arbitrage:
First, the manipulation of timing for separation. The Guidance allows project teams to shed securities status once essential managerial efforts have been completed. But what counts as "completion" may remain open to interpretation in practice: is it mainnet launch, open-sourcing of code, or the achievement of some decentralization threshold? Project teams may attempt to complete matters only formally while retaining substantive control, thereby seeking both fundraising convenience and rapid access to a secondary market outside the SEC's reach.
Second, the marketing boundary for non-security assets. The Guidance emphasizes that a non-security asset is not itself a security, but if it is offered in a manner that induces investment through promised managerial efforts, the transaction may still constitute an investment contract. Project teams may attempt to package commitments as visions, community roadmaps, or non-binding plans in order to avoid being deemed to have promised essential managerial efforts.
Third, financial innovation around staking and yield products. The Guidance states that protocol staking is not itself a security, but staking receipt tokens may become securities depending on the nature of the underlying asset. The market may design more complex structured products in an attempt to find new gray zones between non-security staking activity and securitized yield products.
Fourth, the boundary between payment and yield in stablecoins. The GENIUS Act makes clear that payment stablecoins are not securities, but it prohibits the payment of interest. The market may therefore design combined products—such as stablecoin-plus-staking, stablecoin-plus-lending, or stablecoin-plus-reward-point structures—that deliver something economically similar to yield under the shell of a compliant payment stablecoin.
Looking ahead, interaction between regulators and the market will continue. The focus of regulation will shift from characterization to implementation—how to supervise whether project teams have genuinely fulfilled the commitments required for separation, how to address jurisdictional issues involving cross-border projects, and how to respond to new structures created by the convergence of artificial intelligence and crypto technology. These questions will unfold over the coming years.
In any event, the release of the Guidance has already pushed U.S. crypto regulation into a new stage. For market participants, clearer rules reduce compliance costs, while the challenge is now to seek innovation within the boundaries of those rules. For regulators, gaining definitional authority also means confronting the new forms of strategic behavior generated by the rules themselves. This new rule is only the first step the Commissions have taken toward building a clearer regulatory framework for crypto assets. That first step has now been taken, and the next phase of evolution will be written through the continuing interaction between regulators and the market.
FinTax offers crypto accounting suite, tax calculator and professional tax consulting services.
