Keyword: Regulations

At least one regulator is attempting to provide clarity regarding the potential liability of actors who violate regulations through the use of smart contracts. On October 16, 2018, Commissioner Brian Quintenz of the Commodity Futures Trading Commission explained his belief that smart contract developers can be held liable for aiding and abetting CFTC rule violations if it was reasonably foreseeable that U.S. persons could use the smart contract they created to violate CFTC rules. As is typical, the Commissioner spoke for himself, but it seems likely that his views reflect the CFTC’s philosophy.

Generally speaking, smart contracts are code-based, self-executing contractual provisions. Smart contracts that run on top of blockchain protocols, like ethereum, are increasingly being used by companies in a wide variety of businesses to create autonomous, decentralized applications. Some of these applications might run afoul of CFTC regulations if they have the features of swaps, futures, options, or other CFTC-regulated products, but do not comply with the requisite regulatory requirements. The fact that smart contracts support disintermediated markets – a departure from the market intermediaries traditionally regulated by the CFTC – does not change the CFTC’s ability to extend its jurisdiction to them.

To identify where culpability might lie, Commissioner Quintenz identified the parties he believes to be essential to the functioning of the smart contract blockchain ecosystem:

1. the core developers of the blockchain software;
2. the miners that validate transactions;
3. the developers of the smart contract applications; and
4. users of the smart contracts.

Commissioner Quintenz dismissed the core developers and the miners as potential culpable parties by reasoning that while they both play a vital role in creating or administering the underlying blockchain code, they have no involvement in creating the smart contracts. He also limited the possibility of the CFTC pursuing enforcement against individual users because, as he explained, although individual users are culpable for their actions, “going after users may be an unsatisfactory, ineffective course of action.”

That leaves the developers of the smart contract code. Commissioner Quintenz stated that to ascertain the culpability of the smart contract code developers, the “appropriate question is whether these code developers could reasonably foresee, at the time they created the code, that it would likely be used by U.S. persons in a manner violative of CFTC regulations.” If such a use is foreseeable, Commissioner Quintenz believes that a “strong case could be made that the code developers aided and abetted violations of CFTC regulations.”

Commissioner Quintenz expressed that he would much rather pursue engagement than enforcement, “but in the absence of engagement, enforcement is the only option.” The Commissioner recommended that smart contract developers engage and collaborate with the CFTC prior to releasing their code to ensure that the code will be compliant with the law. The Commissioner even suggested that the CFTC is willing to rethink its existing regulations or provide regulatory relief, depending on the technology in question.

As blockchain and smart contract technology matures, we expect decentralized and disintermediated applications to come to market in increasing volumes. In his speech, Commissioner Quintenz provided valuable insight into how one regulator is thinking about applying existing laws to this new market. His remarks will be especially valuable if they influence other regulators, such as the Securities and Exchange Commission or the Financial Crimes Enforcement Network, to take a similar approach.

The SEC recently brought its first enforcement action against the creator of a “decentralized” digital token trading platform for operating as an unregistered national securities exchange, and in doing so joined the CFTC in putting a scare into smart contract developers.

On November 8, 2018, the SEC issued a cease-and-desist order settling charges against Zachary Coburn, the creator of EtherDelta, an online “decentralized” digital token trading platform running on the Ethereum blockchain. The SEC charged only Coburn, the individual who founded EtherDelta, but no longer owns or operates it. Note that the SEC press release states that the investigation is continuing.

The SEC announced its action against Coburn a month after a CFTC Commissioner stated in a speech that smart contract developers could be found liable for aiding and abetting violations of commodity futures laws. Both agencies appear to be putting smart contract developers on notice that by releasing code into the ether, they are inviting potential liability for any rule violations, even if they sever their connections with the code.

The SEC found that EtherDelta provides a marketplace to bring together buyers and sellers of digital tokens. The platform facilitates these transactions through the use of a smart contract, which carries out the responsibilities generally assumed by an intermediary: the smart contract validates the order messages, confirms the terms and conditions of orders, executes paired orders, and directs the distributed ledger to be updated to reflect a trade. The SEC employed a “functional test” to determine whether EtherDelta constitutes an exchange and to hold Coburn, who “wrote and deployed the EtherDelta smart contract . . . and exercised complete and sole control over EtherDelta’s operations,” responsible. As the Chief of the SEC’s cyber unit stated in the press release, “[w]hether it’s decentralized or not, whether it’s on smart contract or not, what matters is it’s an exchange.”

EtherDelta is one example of the innovation that smart contracts can facilitate. Innovation, however, is not a substitute for compliance. Indeed, in the SEC’s press release announcing the settlement, Co-Director of Enforcement Steven Peiken acknowledged that blockchain technology is ushering in significant innovation to the securities markets, but cautioned that “to protect investors, this innovation necessitates the SEC’s thoughtful oversight of digital markets and enforcement of existing laws.”

Significantly, the SEC found that certain transactions on the platform involved digital tokens that constitute securities, but declined to identify those tokens. Senior SEC officials have previously stated that ether is not a security, but this case shows that the SEC has not reached the same determination for all tokens issued on the Ethereum blockchain.