Introduction and summary
The market capitalization of digital assets—for example, cryptocurrencies and non-fungible tokens—was valued at $1.95 trillion in mid-August 2021; just a month later, it was valued at $2.14 trillion, and it is still growing.1 Users, creators, and supporters of these assets have advanced various uses of and rationales for them, including that they will serve as a hedge against inflationary risks, that many are the modern version of art or baseball card collecting, that they will help solve racial wealth and income inequality, or that they will even a playing field that is too tilted in favor of financial institutions such as banks. Yet there is great reason to be concerned about digital assets. Theft is common, with hackers or even trustees absconding with investors’ assets; tax compliance is limited and difficult to enforce; digital assets are used to facilitate money laundering and other illicit activities; and assets may be used to evade governmental sanctions. Furthermore, the energy used to create, buy, and sell digital assets is a significant contributor to climate change, with the bitcoin network alone using more electricity per year than many countries.2
U.S. regulators’ imposition of sensible regulation on digital assets will be essential if the purported benefits of digital assets are to come to fruition.3 Fortunately, legislation is not required to begin addressing these and other concerns surrounding digital assets, and regulators are finally starting to apply their existing regulatory frameworks to the industry. Investors and the public expect regulators to ensure financial markets are safe from fraud and manipulation; and although new legislation may prove necessary in the future, regulators must begin using their existing statutory authorities to address many of the harms that digital assets cause. Regulators can and should use their authorities to limit greenhouse gas emissions from digital assets, protect consumers, and ensure full compliance with the law.
This report provides background information on digital assets, the roles they may serve in financial markets and in commerce, and the harms that come from a lack of regulation. It also discusses the role that the U.S. Securities and Exchange Commission (SEC) can play in regulating digital assets that are securities to address those harms. Specifically, the report discusses the environmental impacts of the technologies underlying digital assets and how the SEC could help ensure the efficient migration of assets to cleaner technologies; the market manipulation, deception, and theft rampant in the digital asset markets and how the SEC could enforce current laws and regulations to help protect investors; and the money laundering, tax evasion, and criminal activities that are facilitated by digital assets’ pseudonymity and how SEC regulation could stem these illicit uses. The report concludes with a brief discussion of how Congress and financial regulators beyond the SEC should respond to digital assets, stressing the need for Congress to appropriate significant funding toward regulation of the market.
A primer on digital assets
Digital assets exist as entries on ledgers known as blockchains, which themselves consist of records. When digital assets are bought, sold, or traded, information about that transfer—including the wallet the asset was transferred from, the wallet it was transferred to, and a timestamp of the transaction—is recorded in a new “block” that is added on to the end of the online “chain”; cryptographic calculations are then conducted by computers around the globe, known as “miners” or “validator pools,” to ensure that assets cannot be counterfeited or double-spent. Every transaction is viewable online by the public but is pseudonymous. Because wallets are a string of numbers and letters, every transaction a wallet makes can be traced, but it may be difficult to link a wallet to an individual.
Individuals generally obtain digital assets in one of two ways, depending on the specifics of the asset. First, they can purchase assets from an original distributor or on the secondary market. If one person wishes to sell an asset that another wishes to buy, it can be sold for cash or a different type of asset. Second, digital assets can be “mined.” In exchange for solving a repetitive mathematical function, known as mining, that is required to record new transactions and connect blocks, miners can be rewarded with new digital assets. These mined assets can then be bought and sold on the secondary market. Some types of digital assets are limited as to the amount that can be created through mining—in theory, for example, there will never be more than 21 million bitcoins4—whereas some digital assets allow for an unlimited number to be mined or otherwise created.
Digital assets play a significant role in today’s financial markets, but questions exist as to their functions. Further complicating the issue is that despite operating on a common underlying technology (the blockchain), not all digital assets have the same fundamental properties and can be used for the same purpose. Some proponents argue that many digital assets are commodities that act as “a store of value,” as gold and other precious metals have historically had worth based on their scarcity and demand.5 Unlike digital assets, however, commodities have other uses besides simply storing value; precious metals, for example, may be smelt into products such as electronics components or jewelry. Other proponents contend that many digital assets are currencies not unlike U.S. dollars—hence the term “cryptocurrency”—that can be used to engage in commerce, given their “fungibility, portability, and divisibility.”6 Yet currencies are only useful if they can be used as a medium of exchange. While some digital assets promise a stable value, the prices of many virtual assets fluctuate so wildly that asset holders are often unwilling to part with or receive them as payment for other goods and services; vendors are rarely willing to accept the risk that payments received could depreciate 10 percent, for example, over the course of a day, and keeping track of rapidly changing values and adjusting prices accordingly is not something many are likely to do voluntarily.7 Still other proponents say that some digital assets, not unlike securities, offer holders rights related to the asset’s issuer, such as voting or redemption rights.8 But many of these asset issuances may be fraudulent.9
In part because digital assets have largely been unregulated, their prices are frequently manipulated, market participants are too often defrauded or simply exploited, assets are stolen outright, and taxes owed are often not reported, let alone paid.
Importantly, products with these functions—and the infrastructure developed around them—have traditionally been regulated in the U.S. financial system to ensure that prices are stable; that investments are driven fairly and in an orderly and efficient manner to their most productive uses; that investors are protected; and that the public interest is served. Yet, in part because digital assets have largely been unregulated, their prices are frequently manipulated, market participants are too often defrauded or simply exploited, assets are stolen outright, and taxes owed are often not reported, let alone paid; digital assets are also used to fund illicit activities, including ransomware attacks and drug trafficking.10 But if a digital asset with a particular function falls within the jurisdiction of a regulator, that regulator may enforce the law to protect investors and the public interest. The SEC, the Commodity Futures Trading Commission (CFTC), the Financial Crimes Enforcement Network (FinCEN), the federal banking regulators, and the Federal Trade Commission all have potential jurisdiction and roles to play in regulating the digital asset markets.
These markets are new and are still evolving. Although legislation may be necessary in the future, regulators must begin using their existing statutory authorities to address many of the problems found in the markets in order to protect future investors and others from being harmed. Imposing sensible regulation on digital assets is essential if their purported benefits are going to come to fruition.11
The SEC’s existing regulatory authorities over some digital assets
Properly functioning capital markets ensure that investments are driven in a fair, orderly, and efficient manner to their most productive uses; that investors are protected; and that the public interest is served. In the lead-up to the Great Depression, the capital markets of the Roaring ‘20s were far from functional, experiencing “excessive and unrestrained speculation,”12 “false, inaccurate, or incomplete information,”13 market manipulation,14 and “negligent and fraudulent practices.”15 When the speculative bubble burst, it significantly harmed the real economy, resulting in an unemployment rate above 25 percent.16
Today, the digital asset markets looks very similar to the capital markets of the 1920s, with rampant speculation,17 market manipulation,18 deception,19 and out-and-out theft.20 There is not only economic waste resulting from the misallocation of capital but also environmental waste from the electrical process of transacting digital assets by computer.21 Many digital assets are bought solely on the presumption that they may be resold for a profit, and when those bubbles burst, unwitting investors are left having lost their life savings.22
In response to the Great Depression, Congress charged the SEC with regulating the nation’s capital markets and securities industry, providing it jurisdiction over both the offering of securities—including stocks, bonds, investment contracts, notes, and derivatives based on securities23—and anyone who issues securities,24 as well as securities brokers and dealers,25 securities exchanges,26 and companies that invest in securities.27 Courts use two primary tests to determine whether some financial assets are securities under the securities laws: the Howey test and the Reves test.
The Howey test provides that an “investment contract” is a security if it is “a contract, transaction, or scheme whereby a person invests his money in a common enterprise and is led to expect profits solely from the efforts of the promoter or a third party.”28 This test was developed in a case involving a citrus grove; a hotel operator asserted that it was selling real estate on which citrus trees stood, but the sale was “coupled with a contract for cultivating, marketing, and remitting the net proceeds [from the citrus groves] to the investor.”29 The Supreme Court found that sale to be an investment contract and, therefore, a security subject to SEC regulation.
The Reves test, meanwhile, provides that a promissory note is “presumed” to be a security, but that presumption may be rebutted if the note bears a “family resemblance” to other assets that are not securities. Courts look at 1) “the motivations” prompting the transaction, such as if the “purpose is to raise money for the general use of a business enterprise … and the buyer is interested primarily in the profit”; 2) “the ‘plan of distribution’ of the instrument,” such as whether “there is ‘common trading for speculation or investment’”; 3) “the reasonable expectations of the investing public,” such as whether the public expects the securities laws to apply; and 4) “whether some factor such as the existence of another regulatory scheme significantly reduces the risk of the instrument,” such as that of the federal banking laws.30
Many, though not all, digital assets appear to facially meet the Howey and Reves tests. As William Hinman, former SEC director of corporation finance, acknowledged: “Promoters, in order to raise money to develop networks on which digital assets will operate, often sell [digital assets] rather than sell shares, issue notes or obtain bank financing.”31 Moreover, according to current SEC Chair Gary Gensler, investors buying digital assets “are anticipating profits.”32 Despite the difference in form, the economics of digital asset transactions is the same as that surrounding traditional securities, allowing them to be regulated without the need for additional congressional action.33 In 2020, for example, the SEC filed a lawsuit alleging that the digital asset XRP, issued by the technology company Ripple, is a security despite transactions of it being recorded on a blockchain, as XRP was sold “in return for cash or other consideration … to fund Ripple’s operations.”34 Once a digital asset is deemed to be a security, the SEC may also regulate all market participants who transact with that asset, including brokers and dealers who buy and sell it on behalf of clients,35 the exchanges on which it is traded in the secondary market,36 and companies or funds that invest in it for the benefit of their shareholders.37 Currently, SEC Chair Gensler appears to be exploring whether more digital assets should be deemed securities, as well as whether more participants in the digital asset industry should be subject to SEC oversight.38
It is important for the SEC to exercise its authority over digital assets and associated market infrastructure to the greatest extent allowed by law.
Digital assets that are pooled investment vehicles that also hold traditional securities also likely fall under the SEC’s authority. This means that it is likely within the agency’s authority to regulate digital assets such as USD Coin—which invests in agency debt, Treasuries, commercial paper, and corporate bonds—just like traditional money market mutual funds do.39 Furthermore, it is likely that investments in many collaborative efforts to engage in digital asset mining, known colloquially as cloud mining; decentralized efforts to use digital assets to attain further yield, known colloquially as decentralized finance; and centralized efforts to lend digital assets for yield40 are securities.41
As Chair Gensler stated at the Aspen Security Forum in August 2021: “It doesn’t matter whether it’s a stock token, a stable value token backed by securities, or any other virtual product that provides synthetic exposure to underlying securities. These products are subject to the securities laws and must work within our securities regime.”42 Of course, not all digital assets are securities. High-level SEC officials have indicated, for example, that bitcoin does not appear to be a security and, therefore, is likely not subject to the SEC’s jurisdiction.43 Still, it is important for the SEC to exercise its authority over digital assets and associated market infrastructure to the greatest extent allowed by law. Not only would regulation, oversight, and enforcement provide investors with transparency sufficient to allocate their capital efficiently, but the SEC would also be able to regulate digital assets in ways that support investors’ environmental, social, and governance (ESG) goals.
How the SEC can ensure digital assets meet ESG goals
The SEC can use its existing authorities to green the blockchain, protect investors, and prevent money laundering, tax evasion, and criminal activity.
Greening the blockchain
As discussed above, when digital assets are bought, sold, or otherwise transferred, information about that transfer is recorded on the asset’s blockchain and miners conduct complex cryptographic calculations, known as “mining” or “validating,” to ensure that the assets are not counterfeited or double-spent. This blockchain technology has created opportunities for new markets and new methods of conducting business that were unimaginable 15 years ago.
However, some blockchain mining uses significant amounts of electricity: Estimates put bitcoin, the first such digital asset, alone at using as much as 132 terawatt-hours to operate per year,44 or roughly 0.5 percent of the world’s electricity usage and more than that of many countries.45 And because much of worldwide electricity still comes from fossil fuels, one outlet estimates that one bitcoin transaction results in between 233 and 364 kilograms of carbon dioxide emissions.46 It would require more than half a million credit card transactions to approach that same level.47 Although the SEC has determined that bitcoins are not securities,48 other digital asset securities currently use similar blockchain technology and have similar electricity footprints.49 For example, Ethereum currently uses roughly half the electricity required of bitcoin.50
Because interest in cryptocurrencies does not appear to be waning, efforts are underway to make the digital asset markets more—or at least appear more—environmentally friendly. The Bitcoin Mining Council, a coalition of bitcoin miners, has released the Crypto Climate Accord to work towards net-zero emissions from digital assets by 2030,51 and some bitcoin miners are moving their operations to locales that are powered by solar power or hydroelectricity.52 Yet moving these energy-intensive activities to renewable sources comes with an opportunity cost: Digital asset miners can crowd out other productive economic activities from the renewable sector and push them to fossil fuel-based energy. Essentially, the same amount of dirty energy is used, just by different industries.
Perhaps the most effective efforts to green the digital asset markets are those that make the underlying technologies more energy efficient, such that the same output can be achieved with less power. Bitcoin operates on a very energy-intensive “proof of work” blockchain; new blockchains, meanwhile, are beginning to use a “proof of stake” model that reduces the energy required to record new transactions.53 Ethereum has indicated that it will transition to a proof-of-stake model in December 2021, reducing its estimated energy requirements exponentially.54 The development and implementation of more energy-efficient technologies is undoubtedly the most important method to green digital asset markets.
Although the imperative is for the private sector to migrate digital assets to more environmentally friendly technologies, the government also has a role to play in ensuring that the migration is efficient. Regulating some digital assets as securities will give the SEC several policy options that would help do just that.
First, for those digital assets that are securities (“digital asset securities”), the SEC could require issuers to disclose their blockchains’ environmental impacts. The SEC requires issuers of securities to disclose information that is necessary “to protect investors; maintain fair, orderly, and efficient markets; and facilitate capital formation,”55 and undoubtedly, investor knowledge of the environmental impacts of assets’ blockchains would help investors understand how much transaction fees, in the form of electricity costs, reduce returns on investments. This would allow investors to move their capital to the most energy-efficient uses. For example, the SEC could require digital asset issuers to disclose which blockchain underlies their assets and the amount of computational power necessary to transact on that blockchain. Beyond simply providing information to investors so they can make decisions about where to invest their capital, the movement of capital from energy-inefficient digital assets to more efficient ones would incentivize issuers to migrate their ledgers away from energy-intensive technologies, reducing greenhouse gas emissions.
Additionally, the exchanges that transact in digital asset securities could impose listing standards, such that only those assets that meet minimum environmental standards could be listed and traded on their platforms.56 Listing standards are minimum requirements that securities must meet to be transacted on a platform and must, among other things, be designed to protect the public interest.57 Exchanges could impose listing standards on digital asset exchanges in ways that promote the energy efficiency of the securities; for example, they could list only digital asset securities that operate on blockchains using the proof-of-stake hashing method. Because listed securities are easier for the public to trade, limiting digital asset securities to the greenest blockchain technologies would incentivize issuers to migrate to those technologies.
Furthermore, regulating digital asset securities would increase opportunities for clearing digital assets through a central depository. This would not necessarily green blockchains, but it would also result in energy efficiencies by bypassing blockchains. Today, very few people physically own their securities; securities are largely held in trust by a regulated third party, the Depository Trust Company (DTC). When securities are bought and sold on an exchange, the transfer of ownership is recorded on DTC’s ledger and the company retains physical ownership of the assets. Although the SEC’s regulations allow for multiple depositories, SEC requirements that depositories “establish full interfaces with continuous netting systems” for financial efficiency purposes have resulted in economies of scale for DTC and have made it the largest securities trust company.58
Third-party trustees holding digital asset securities in trust results in similar energy efficiency gains. The recordation of a transaction on a trustee’s ledger is much more energy efficient than trading on blockchains. As explained above, whenever a digital asset is bought or sold on a blockchain, computers undertake cryptographic computations to update the ledger. The transfer of a security on a trustee’s ledger does not require such energy-intensive calculations, as a database is simply updated. In a system where digital assets are held in trust, for each individual asset, the blockchain is updated only once to grant ownership of an asset to the trust company, and cryptographic calculations are completed only to record that transfer. Every time that asset is bought or sold on that trustee’s platform thereafter, only the company’s ledger is updated. Because the energy required to update the trustee’s ledger is less than that required to update the blockchain, each transaction is more energy efficient than it otherwise would be.
Some digital asset exchanges currently use this model,59 while others still record all updates on the blockchain. This has resulted in disjointed markets in which investors may only transact with others on the same exchange and any transactions between or off exchanges are energy intensive. If digital asset exchanges were to become subject to SEC regulations, requirements that they use trust companies that interface fully with one another could incentivize the creation of a single trustee for all digital asset securities. This single trustee could record all digital asset security transactions on its own ledger, removing the need for energy-intensive blockchain transactions entirely.
Digital asset markets are rife with abuse. Just recently, the Poly Network, which allows digital assets to migrate between blockchains, was hacked, and $600 million worth of customers’ digital assets were stolen.60 In August 2021, the hacking of the exchange Liquid resulted in the theft of $97 million worth of digital assets.61 And in 2019, the founder of the QuadrigaCX exchange allegedly used it to “siphon” $163 million worth of digital assets from users’ accounts.62 Similarly, markets appear to be subject to rampant manipulation, and investors are frequently deceived. One 2019 analysis estimated that “95% of [digital asset trading] volume is fake and/or non-economic in nature,”63 and recent analyses have concluded that market manipulation is widespread.64
These abuses should not occur, especially as the law already exists to put a stop to most of them. Simply bringing digital asset securities under the jurisdiction of the securities laws to the greatest extent possible would allow the SEC to address abuses related to, among other things, asset valuation, through information disclosure requirements, accounting rules, government-regulated data sources, and rules to prevent fraud and manipulation, so that investors can know what their assets are worth; custody, through capital requirements, information technology mandates, and Securities Investor Protection Corporation insurance for up to $500,000, so investors can know their assets are safe; and market access, through requirements to maintain business continuity plans and rules around systems compliance. These latter plans and rules would mean that brokerages and exchanges have minimal errors and outages and that investors have continuous market access. No new regulations would be required; the SEC would only have to enforce the law.
Furthermore, regulating digital asset securities and market participants would add “cops on the beat” to ensure that the laws are enforced. Regardless of whether the SEC acknowledges that a particular digital asset is a security or that a particular actor transacts in securities, private-party investors are permitted to bring suit against these actors under the securities laws. Having the SEC and the broker membership organization the Financial Industry Regulatory Authority (FINRA)—both of which have significant resources—involved in surveillance and enforcement would allow for greater execution of the securities rules and regulations, beyond what may be obtained through investor lawsuits alone.
Beyond the SEC requirements, exchanges could impose listing standards on digital asset securities in ways that protect investors. As explained above, securities listed on exchanges are provided unparalleled exposure to investors, and in order to protect these investors, federal securities laws expect exchanges to have rules in place that “prevent fraudulent and manipulative acts and practices [and] promote just and equitable principles of trade.”65 Exchange listing standards are frequently “minimum numerical standards for capitalization, number of shares and shareholders, [and] disclosure requirements,” such that securities tradable on a particular exchange are sufficiently liquid, under ownership sufficiently diffuse that their markets are difficult to manipulate, and sufficiently transparent to prevent fraud.66 Permitting digital asset securities to be listed only on exchanges with these types of listing standards would significantly help protect investors.
Preventing money laundering, tax evasion, and criminal activities
It has been said that the primary uses for digital assets are to evade financial sanctions and collect ransoms.67 Bitcoin’s notoriety initially came from its ability to be used to buy illicit goods and services anonymously on the dark web,68 with the FBI estimating that the most infamous platform, Silk Road, facilitated $1.2 billion in sales via bitcoin from 2011 to 2013.69 Today, the North Korean regime uses digital assets to avoid U.S. and international sanctions, hacking exchanges and stealing assets that it then uses to buy goods and services.70 Additionally, the ease and anonymity with which digital assets are bought and sold has facilitated a 66 percent annual rise in ransomware attacks, in which hackers will threaten to disable a company’s online services or delete its data unless it pays a significant ransom. As the Colonial Pipeline hack demonstrated, this can have significant real-world consequences.71 According to Chainalysis, the total amount paid by ransomware victims in 2020 reached nearly $350 million in digital assets.72
These blatant violations of the law are possible because individuals can trade digital assets with pseudonymity; although all transactions are registered on a blockchain, it is possible for people to set up and use digital asset wallets without verifying their identities.73 This same flaw also facilitates tax evasion. Although digital asset owners are required to pay capital gains taxes on proceeds from the sales of their assets, the congressional Joint Committee on Taxation estimates that nearly $30 billion will be lost to the U.S. Treasury over the next decade as a result of U.S. taxpayers not reporting these profits.74
While it is against the law to launder money, finance terrorists, or not pay taxes owed, the nation’s laws do not merely expect compliance; the government requires companies that make up the plumbing of financial markets to prevent such violations from occurring in the first place. Securities brokers and asset managers are required to know their customers’ identities,75 so that they can halt transactions to or from individuals on the Treasury Department’s Specially Designated Nationals and Blocked Persons List and report suspicious activities.76 They are also required to record and report customers’ transactions, sending 1099-B forms to both clients and the IRS that contain clients’ capital gains information in order to ensure that the tax authorities have full information about what investors owe.77 If individuals use U.S. companies to attempt illegal activities, the companies are legally required to put a stop to it. Although some digital asset brokers and exchanges state that they “don’t have access to the information required for information reporting,”78 platforms can be designed so that they do.79
By regulating digital asset securities, the SEC and FINRA would be able to require U.S.-based brokers trading in these assets, or those assisting U.S. clients, to comply with the various anti-money laundering and tax reporting laws. If these new brokers refuse, the SEC and FINRA would be able to revoke their licenses, putting them out of business.
The markets for digital assets are a growing area of interest to investors and a growing area of concern for legislators and regulators; without market oversight and the transparency that regulation brings, not only will investors not understand the risks to their investments and be liable to be significantly harmed, but the purported benefits of digital assets will also certainly fail to come to fruition. Fortunately, although new legislation may be necessary in the future, regulators already have at least some legal authority—through enforcing the rules already in place and drafting new regulations—to address any issues that digital assets raise. This report has discussed the authority of the SEC to regulate digital asset securities, as well as the brokers, dealers, and exchanges that facilitate their transactions, and has encouraged it to do so in ways that improve the climate footprint of the assets, protect consumers, and prevent money laundering and tax evasion.
The SEC must act with all deliberate speed. Although the SEC only has jurisdiction over securities and the brokers, dealers, and exchanges that transact in securities, it may still regulate the nonsecurities activities of these securities market participants. Even if an exchange lists just one digital asset security, the SEC may regulate that exchange for all digital assets trading on the platform. Similarly, if a broker trades just one digital asset security, the SEC may regulate that broker’s trading of all digital assets.
Other regulators must also pursue digital asset regulation to the fullest extent of their authorities, as delaying action will increase investor and consumer harm and exacerbate unnecessary risks. The CFTC must regulate digital asset derivatives, digital assets that are commodity or currency derivatives themselves, and spot transactions without actual delivery taken on margin; the FTC must act to prevent fraud and manipulation in the nonsecurities, nonderivatives digital asset markets; and FinCEN and the banking regulators must ensure that money transmitters and digital assets that are currencies follow anti-money laundering laws.
In addition, although new legislation may be necessary in the future to address digital asset markets, regulators need one thing from Congress now: appropriations sufficient to address the magnitude of the digital asset markets. Since 2008, the markets for digital assets have grown to more than $2 trillion, and appropriations from Congress have not kept pace. Regulators need resources to write rules, inspect and examine market actors for compliance, and bring enforcement actions in this developing area while continuing to ensure the proper functioning of traditional markets. Congress must ensure that regulators have the resources necessary to effectuate the laws already in place.