Regulating Cryptocurrency Secondary Market Trading Platforms by Kristin N. Johnson


A new class of assets has revolutionized capital raising, redefining antiquated notions of the terms “coins” and “tokens,” and capturing an increasingly significant role in financial markets. Celebrated by cryptoenthusiasts, blockchain-based coin offerings expand opportunities for entrepreneurs to raise capital and individual, retail, and institutional investors to invest. Issuers have distributed more than 2,900 cryptocurrencies. Last year alone, issuers launched more than two-thousand initial coin offerings (“ICOs”), raising more than $11.4 billion. According to analysts’ predictions, more than two-hundred million individuals and institutions around the world will hold coins or tokens in their digital wallets by 2024.

Investor exuberance in ICO markets has incentivized exponential growth in the burgeoning universe of secondary market trading. Nearly two hundred virtual currency exchange platforms now create liquidity and facilitate price discovery in cryptocurrency markets. In fact, secondary market pricing for one of the most popular and frequently traded cryptocurrencies—Bitcoin—has captivated investors, regulators, academic commentators, speculators, and spectators around the world.

On January 3, 2009, Satoshi Nakamoto mined the first genesis block of Bitcoin and earned a reward of fifty Bitcoins. Within a few years, many marveled as Bitcoin’s trading price sharply ascended from less than $13 in 2013 to a staggering $19,205 in December of 2017. Within weeks of that December 2017 high watermark, however, some Bitcoin investors held their breath as Bitcoin’s price plummeted, precipitously declining to less than $10,000. Notwithstanding Bitcoin’s remarkable volatility, Bitcoin investors continue to execute thousands of transactions hourly, eclipsing secondary market trading for well-known, publicly-traded equity securities and staple commodities.

As secondary market trading of Bitcoin and other cryptocurrencies expands, the Securities and Exchange Commission (the “Commission” or “SEC”) has trained a spotlight on the new Wild West—ICO and cryptocurrency secondary trading markets. Early SEC investigations reveal that a significant number of cryptocurrency offerings appear to be novel iterations of old-fashioned scams, such as pyramid or Ponzi schemes, as well as high-tech heists designed to prey on the popularity of digital assets and the allure of the cult of cryptography. Consistent with its mission to protect investors and the integrity of markets, the SEC published an investigative report offering guidance on the application of Section 5 of the Securities Act of 1933 (the “Securities Act”) to ICOs issued by decentralized, autonomous organizations (the “DAO Report”).

Section 5 of the Securities Act requires market participants to register “securities” with the SEC prior to offering them for sale unless an exemption applies. Section 2(a)(1) defines the term “security” by enumerating a list of financial arrangements that Congress expressly intended to capture within the purview of the statute. A digital asset may be deemed a “security” and be subject to federal securities laws if the asset is one of the enumerated examples of “securities.” Unsurprisingly, blockchain-based coin and token offerings are not expressly listed among the enumerated examples of “securities” in Section 2(a)(1). However, alongside the enumerated examples of asset classes commonly referred to as securities, Congress curiously included but did not define a catch-all term—“investment contract.”

In SEC v Howey, the Supreme Court articulated the legal standard for determining when a financial arrangement may be deemed an “investment contract” and, therefore, a “security.” As Howey and its progeny explain, a financial arrangement is an “investment contract” if the arrangement involves (1) an investment of money; (2) in a common enterprise; (3) with a reasonable expectation of profits to be (4) derived from the entrepreneurial or managerial efforts of others.

The DAO Report confirms the SEC’s intentions to apply this well-established legal standard to coin offerings and signals that coin or token offerings with transactional attributes that satisfy the elements articulated in Howey will be deemed investment contracts and therefore securities. However, the DAO Report fails to address concerns regarding the application of the standard. The Report does not articulate a test for determining the specific coin and token attributes that satisfy the final two elements of the Howey test.

Assuming that the first two prongs of the Howey test—an investment of money in a common enterprise—are satisfied by evidence of investors exchanging money (government-issued fiat or other forms of value) for coins or tokens and evidence of issuers pooling investors’ money to create horizontal or vertical commonality, liability for ICO issuers rests on whether there is evidence of investors’ reasonable expectation of profits derived predominantly from the managerial efforts of others.

As market participants and regulators observe, the operational mechanics of different coins and tokens create noteworthy variations among cryptocurrencies. Consequently, notwithstanding the DAO Report, market participants and issuers continue to lack clarity regarding which operational attributes establish that digital assets are investment contracts and therefore securities subject to the registration requirements imposed by Section 5 of the Securities Act.

As the ecosystem of virtual currencies and trading markets expands, the challenges created by regulatory uncertainty multiply. Developers, investors, and institutional market participants lament the continued regulatory uncertainty and argue that, without clarity, coin offering issuers and secondary market participants may face costly liability ex post. Market participants caution that regulatory uncertainty may chill innovation: programmers may fear liability for coding platforms that facilitate the transfer, exchange, or simply custody of cryptocurrency. To address growing concerns, the SEC has supplemented the DAO Report with several announcements and, perhaps more interestingly, the Commission has significantly increased its enforcement efforts.

A little over a year after the release of the DAO Report, the SEC initiated an action against EtherDelta, charging the platform with operating an unregistered securities exchange in violation of Section 5 of the Securities Exchange Act of 1934 (the “Exchange Act”) and alleging that thirty-one-year-old Zachary Coburn, an options trader and blockchain developer caused EtherDelta to violate Section 5 of the Exchange Act. According to the Commission, Coburn knew or should have known that his actions would contribute to EtherDelta’s violations. Coburn developed the EtherDelta platform on July 8, 2016 as a smart contract, a digital currency exchange that verifies, executes and enforces transactions based on predetermined conditions.

An example illustrating a transaction executed on a protocol relying on a smart contract may be instructive. Imagine that a developer creates a smart contract to enable sales and resales of tickets for sports events and theatre productions. Two parties may agree that upon Party A distributing $200 to a specified account, Party B will deliver two tickets to a popular Broadway show to Party A. The smart contract verifies the identities of Party A and B, distributes of the funds from Party A to Party B and transfers the show tickets from Party B to Party A. The smart contract enforces the agreement through a distributed, decentralized network of computers.

EtherDelta served as a marketplace, enabling buyers and sellers to enter transaction orders and trade tokens using an order book and a website that displayed the top five-hundred buy and sell orders. Coburn built the EtherDelta platform on the Ethereum protocol and designed the platform to match buy and sell orders of any Ether/ERC20 token pair. The EtherDelta smart contract program permitted eligible users to submit deposit, withdrawal, and trading interests. During the eighteen-month period immediately prior to Coburn and the SEC entering into a settlement agreement, the platform executed more than 3.6 million orders for ERC20 tokens.

The SEC’s cease-and-desist order against EtherDelta illustrates the consequences of regulatory uncertainty regarding the application of the Securities Act to ICOs and market participants’ and issuers’ justifiable concerns that platforms facilitating secondary market coin or token transactions may violate the Exchange Act by either acting as unregistered broker-dealers and aiding in the resale of unregistered securities or operating an unregistered exchange that permits trading of unregistered securities.

Similar to the principles-based approach adopted in Howey for assessing whether financial arrangements are “investment contracts” and therefore “securities,” Rule 3b‑16(a) of the Exchange Act provides a functional test for determining whether a trading system meets the definition of a securities “exchange” and, therefore, must register with the Commission. However, secondary market trading platforms, similar to the tokens and coins that trade on their protocols, are novel and diverse and create challenges for those seeking to fit these platforms neatly within the existing regulatory framework.

As the ICO market transforms the financial services ecosystem, regulators must clearly articulate which attributes of offerings and platforms trigger liability. Simply stated, the Commission’s general announcements regarding the application of long-adopted, principles-based standards, enforcement actions, consent decrees, and settlement agreements fail to address the need for regulatory certainty in rapidly evolving primary and secondary cryptocurrency markets. Moreover, these efforts are no substitute for formal or informal rulemakings.

A wealth of scholarly, industry, and media commentaries offer proposals that address the application of federal securities laws to ICOs. This burgeoning literature presumes that developing legal standards applicable to primary offerings may offer a path for resolving questions regarding the legal standards applicable in secondary market trading. While understandable, the sentiment may be misguided.

Over the last few years, debates regarding the application of federal securities laws to primary cryptocurrency offerings and secondary market trading have taken a sharp turn. At the heart of this discussion, regulators, developers, and market participants began to recognize the diversity of protocols supporting the distribution of digital assets and resales on secondary market trading platforms.

As markets mature, regulators and market participants’ discussions began to focus on the core attributes of coin offering and secondary market trading protocols. Senior regulators have signaled that evaluating whether offering protocols and exchange platforms are “sufficiently decentralized” may serve as the basis for determining whether federal securities laws apply. However, the Commission has yet to propose a clear rules-based test for distinguishing between centralized and decentralized protocols. As the Commission endeavors to identify a rules-based test to resolve questions regarding the salience of the organizational infrastructure (centralized or decentralized) of coins and exchanges, market participants remain exposed to liability and uncertain about the application of registration requirements.

This Essay proposes modifying an exemption from registration for exchanges under the regulations governing alternative trading systems (“ATS”). Promulgated in 1998, Regulation ATS offers a set of rules governing emerging alternative trading platforms. The exemption enables the Commission to monitor and supervise newly developing trading venues. In recent years, for example, the Commission has amended Regulation ATS to permit private exchange operators to service secondary trading markets; this approach enables private exchange operators to avoid the onerous registration requirements under Section 5 of the Exchange Act yet facilitates the Commission’s oversight of a critical and increasingly sizeable volume of secondary market trading activity. Anticipating the need to register with the Commission, a number of cryptocurrency trading platforms have already submitted or announced their intention to submit applications to register as alternative trading venues under Regulation ATS.

In Part I, this Essay briefly explores the existing legal framework applied to exchanges and examines the settlement agreement between the SEC and Coburn in the Commission’s first prosecution of a platform accused of violating Section 5 of the Exchange Act. Part II offers a brief analysis of the unique attributes of decentralized exchanges and concludes with questions regarding the existing regulatory framework for secondary market trading. Part III of this Essay proposes that the Commission adopt an exemption from registration under Section 5 of the Exchange Act for secondary market trading platforms facilitating cryptocurrency transactions under Regulation ATS. By taking affirmative action and engaging in formal rule-making procedures, the SEC will enhance liquidity, price accuracy, and price discovery and reduce regulatory uncertainty in secondary cryptocurrency trading markets.

I. Secondary Market Trading

For many years, a handful of nationally licensed exchanges have dominated the financial markets ecosystem. In capital markets, for example, the New York Stock Exchange (“NYSE”) has long served as one of the largest, most well-known and celebrated equities securities exchanges in the world. With a history dating back to the late 1700s, the NYSE continues to boast 2,800 listed companies. Similarly, over 3,000 companies list their shares for trading on the NASDAQ. For each of these exchanges, the notional dollar volume of trading activity reaches more than $100 billion each day.

In less than a decade, a handful of cryptocurrency exchanges are quickly capturing significant market share in global trading markets. Despite evidence that self-reporting by unregulated exchanges exaggerates cryptocurrency trading volume and reported trading volume may be compromised by
fake or automated trades, a recent study submitted to the SEC indicates that the average daily trading volume for the ten largest cryptocurrency exchanges has continued to grow. As these new intermediaries become increasingly prominent, regulators must recognize the similarities and, perhaps more importantly, the distinctions between the nascent crypto-trading platforms and traditional exchanges and clearinghouses.

A. The Economics of Trading

Exchanges and clearinghouses perform a critical role in capital markets and enhance efficiency in modern economies. Securities exchanges enable issuers to list securities sold in connection with public and, increasingly, private offerings. Centralized trading enhances liquidity for investors by providing a readily accessible marketplace for investors to purchase and sell shares, matching buyers and sellers and clearing and settling trading transactions. Exchanges and clearinghouses also communicate the amount of time that lapses (latency) between an offer to buy or sell a security. Furthermore, exchanges facilitate price discovery, improve price accuracy, and promote transparency, reducing the costs and increasing the efficiency of trading and the execution of the transaction.

Because of their role matching buyers and sellers, exchanges are an organic repository of real-time information regarding market transactions. Exchanges aggregate information regarding bids (the maximum price that a buyer will pay to purchase a security) and asks (the minimum price that a seller will accept) and reflect the economic impact of new information on securities pricing. Based on the supply and demand dynamic, price discovery establishes the current market-share price for a given security. According to economists, the greater the number of trades or indications of interest (“IOI”) regarding a security for a given period, the more accurate the security’s market price. Consequently, exchanges improve investors’ ability to predict an issuer’s likely performance or the anticipated future cash flows, distributions of dividends, or appreciation in the value of shares.

Liquidity is often the most commonly cited benefit of centralized trading. Liquidity generally describes the amount of time and effort that is required to identify a ready and willing counterparty to a securities trade at a relatively stable price without sensitivity to the volume of the purchase or sale order. Consequently, one might describe so-called blue-chip stocks with large market capitalizations listed on national securities exchanges as “highly liquid.” A retail investor can readily identify a counterparty and execute a transaction to purchase or sell these frequently traded securities.

Serving as auction houses, exchanges and clearinghouses match parties interested in buying a particular security or commodity or standardized derivative contract with a party interested in selling the same fungible financial product. In some instances, exchanges and clearinghouses act as guarantors for transactions executed by their members. In almost all instances, exchanges and clearinghouses develop regulations, policies, and practices that address significant governance, risk management, and dispute resolution concerns.

B. Regulating Exchanges

The statutory framework created by the Securities Act and the Exchange Act operates to mitigate asymmetries of information and enforce a disclosure-centered theory of regulation in securities markets. Pursuant to this framework, securities issuers, broker-dealers, and other market participants are prohibited from engaging in primary offerings of securities unless the securities have been registered under Section 5 of the Securities Act or otherwise qualify for an exemption.

In a parallel operating provision, Section 5 of the Exchange Act prohibits brokers, dealers, or exchanges from assisting with the execution of secondary market transactions involving “securities” unless the exchange effectuating the trades is registered as a national securities exchange under Section 6 of the Exchange Act or exempt from registration. In other words, in the absence of an exemption, market participants must clear and settle securities trades on registered securities exchanges.

Similar to the broad construction of the term “security” in Section 2(a)(1) of the Securities Act, Section 3(a)(1) of the Exchange Act defines an “exchange” as:

[A]ny organization, association, or group of persons, whether incorporated or unincorporated, which constitutes, maintains, or provides a marketplace or facilities for bringing together purchasers and sellers of securities or for otherwise performing with respect to securities the functions commonly performed by a stock exchange as that term is generally understood, and includes the marketplace and the market facilities maintained by such exchange.

Exchange Act Rule 3b-16(a) states that an organization, association, or group of persons that is an exchange as defined by Section 3(a)(1) of the Exchange Act must, as per Section 5 of the Exchange Act, register under Section 6 of the Exchange Act. Exchange Act Rule 3b-16(a) provides that an organization, association, or group of persons shall be considered to constitute, maintain, or provide “a marketplace or facilities for bringing together purchasers and sellers of securities or for otherwise performing with respect to securities the functions commonly performed by an exchange,” as those terms are used in Section 3(a)(1) of the Exchange Act, if such an organization, association, or group of persons:

(1) Brings together the orders for securities of multiple buyers and sellers; and

(2) Uses established, non-discretionary methods (whether by providing a trading facility or by setting rules) under which such orders interact with each other, and the buyers and sellers entering such orders agree to the terms of the trade.

In other words, if a platform or system passes the functional test set out Exchange Act Rule 3b-16(a), the platform or system must register as a national securities exchange under Section 6 of the Exchange Act.

Similar to other safe-harbors adopted by the Commission, Exchange Act Rule 3a1-1(a)(2) exempts a small subset of trading exchanges and clearinghouses from the definition of “exchange” under Section 3(a)(1) to enable the Commission the flexibility to remove any organization, association, or group of persons facilitating secondary market trading from the demands of the registration process.

In order to qualify for an exemption from the registration process, an exchange or alternative trading system (“ATS”) must agree to comply with the rules adopted by the Commission for unregistered trading entities or Regulation ATS. Regulation ATS requires, among other things, that an exchange seeking to operate as an ATS (i) register as a broker-dealer, (ii) become a member of and comply with the licensing guidelines of a self-regulatory organization (“SRO”) such as the Financial Industry Regulatory Authority (“FINRA”), (iii) file Form ATS with the Commission, and (iv) establish an ongoing compliance program that includes written safeguards and procedures to protect trading counterparties, provide appropriate disclosures to trading counterparties, and implement measures to ensure trading counterparties satisfy ongoing state and federal legal obligations. An ATS that complies with Regulation ATS and operates pursuant to the Rule 3a1‑1(a)(2) exemption would not be required by Section 5 of the Exchange Act to register as a national securities exchange. The Commission exercises regulatory authority over national securities exchanges and ATSs through the licensing authority granted to the Commission under Section 21(a) of the Exchange Act.

Consistent with Congress’s intent, the operating provisions of the Securities Act and the Exchange Act function in a draconian manner. Unless a statutory exemption or regulatory safe harbor exists, financial arrangements that may be deemed “securities” must be registered with the Commission prior to sale. Secondary market trading of “securities” must occur on a registered securities “exchange” or exchange exempt from registration or the market participants engaging the forum may violate the Exchange Act. The broad construction of each of the terms “securities” and “exchange” in the Securities Act and the Exchange Act, respectively, operate in tandem to effectuate the statutes’ mission to protect investors and market integrity.

C. EtherDelta’s Settlement

With the statutory framework of the Securities Act and the Exchange Act in view, the Commission’s decision to charge EtherDelta with violating Section 5 of the Exchange Act seems unsurprising. As the settlement order indicates, the DAO Report published a year prior to the SEC’s investigation of EtherDelta signaled that the ERC20 tokens might be subject to the registration requirements under Section 5 of the Securities Act. According to the SEC, during the eighteen-month period immediately prior to the agency putting EtherDelta on notice of prohibited behavior, “EtherDelta’s users executed more than 3.6 million orders for ERC20 tokens.” Almost all of the orders placed through EtherDelta were filled after the SEC issued the DAO Report.

In support of the conclusion that Coburn should have been aware that the ERC20 tokens were securities, the SEC highlighted Coburn’s personal background as a finance professional. Prior to creating EtherDelta, Coburn was a registered representative with a Chicago-based options-trading firm, as well as the creator of EtherOpt, an online options trading platform. Surely, the SEC reasoned, Coburn was familiar with the DAO Report and the application of federal securities laws to ERC20 tokens. Yet, he failed to apply to register EtherDelta under Section 6 of the Exchange Act or to ensure that the platform otherwise qualified for an exemption.

While settling with the Commission was likely the most reasonable response to the charges, Coburn’s counsel may have been able to advance a number of persuasive arguments challenging several of the conclusions presented in the Legal Analysis discussion of the Order settling the claims against Coburn. EtherDelta only permitted trading of pairings of ERC20 tokens and Ether. The Order explained that ERC20 tokens are digital assets distributed on the Ethereum Blockchain that serve as the standard coding protocol for a majority of ICOs. The ERC20 token standard is a standard application program interface (“API”) for tokens within smart contracts on the Ethereum blockchain “to be re-used by other applications: from wallets to decentralized exchanges” to provide “basic functionality to transfer tokens, as well as allow tokens to be approved so they can be spent by another on-chain third party.”

Without a clear explanation regarding the attributes of the tokens that establish that they are securities, it is not clear specifically which tokens Coburn should have assumed were securities that triggered liability under Section 5 of the Securities Act. While the discussion of the application of Section 5 of the Securities Act is weak and muddled, the discussion regarding the application of Section 5 of the Exchange Act is almost entirely absent.

Curiously, Coburn was the sole defendant in the action against EtherDelta. The SEC did not initiate proceedings against the current owners of EtherDelta. While Coburn was the original creator or developer of the platform, he sold EtherDelta to foreign buyers in November 2017 and ceased collecting fees related to the platform as of December 16, 2017. There is no indication regarding timing of the onset of the SEC’s investigation or subsequent notices. Presumably, the SEC may have launched the investigation after Coburn sold the platform. The current owners who are not U.S. citizens were not party to the Settlement Order, and there is no discussion regarding their liability. It is also most interesting that the EtherDelta platform continues to operate (although with exceptionally limited trading activity) and the Commission has not taken any further action. In many ways, the EtherDelta Settlement Order created more questions for investors and platform developers than it resolved.

Raising concerns that federal agency prosecution might have a chilling effect on innovation, several commentators have asked whether Coburn was culpable for simply creating the code that enabled secondary market trading on the EtherDelta platform. Others ask whether his prior status as a registered representative influenced the Commission’s decision to bring charges. And, if so, why didn’t the Commission elect to regulate Coburn as a broker-dealer, minimizing the need to make the argument that EtherDelta was a securities “exchange” as defined by the statute?

Finally, recent comments by senior officials at the SEC suggest that if the tokens traded on EtherDelta and the platform had been “sufficiently decentralized,” Coburn may have avoided liability. William Hinman, Director of the Division of Corporation Finance at the SEC, has publicly announced that “based on [his] understanding of the present state of Ether, the Ethereum network and its decentralized structure, current offers and sales of Ether are not securities transactions.” According to Hinman, determining whether the network for a cryptocurrency is “sufficiently decentralized” is the touchstone for assessing the applicability of federal securities laws. More specifically, a network on which a token or coin functions is sufficiently decentralized if the network functions in a manner that evidences that

purchasers would no longer reasonably expect a person or group to carry out essential managerial or entrepreneurial efforts. . . . Moreover, when the efforts of the third party are no longer a key factor for determining the enterprise’s success, material information asymmetries recede. As a network becomes truly decentralized, the ability to identify an issuer or promoter to make the requisite disclosures becomes difficult, and less meaningful.

Hinman’s commentary spurred a number of inquiries and speculation regarding the meaning of the language “sufficiently decentralized.” The language introduces the notion that there are two categories of cryptocurrencies—centralized and decentralized. Presumably, however, there are similarly two categories of exchanges as well.

As set out above, if a token or coin is a “security” and a cryptocurrency exchange creates a marketplace for bringing together purchasers and sellers interested in trading the security, the cryptocurrency exchange may be subject to the registration requirements under Section 6 of the Exchange Act. Pursuant to the proposed “sufficiently decentralized” standard, if a coin or token is decentralized and, therefore, not a security, creating a trading venue for counterparties to exchange the security may introduce obligations to comply with a regulatory regime instituted by, for example, state or federal banking or money transmission statutes but not federal securities laws.

Due to the costs of compliance and the threat of liability that attaches with the application of the Securities Act and Securities Exchange Act, establishing that sufficiently decentralized assets or exchanges are exempt from the purview of the regulatory framework may answer many of the questions left unresolved by the DAO Report. However, such a determination inevitably begs the question—what might regulators mean by the term sufficiently decentralized? While exploring this question in the context of securities is beyond the scope of this Essay, applying this inquiry to exchanges reveals an accessible approach for clarifying the registration obligations of sufficiently decentralized exchanges.

II. The Expanding Ecosystem of Exchanges

As cryptocurrencies become increasingly diverse, the platforms that facilitate trading these assets also evolve. This Part examines two classifications for coin or token exchanges that have received a great deal of attention in the literature. In the absence of universally adopted definitions for each of the two classes, this Part examines the generally accepted attributes and considers whether the classifications may offer a pathway to overcome regulatory uncertainty.

This Part concludes that the classes of cryptocurrency exchanges may be best understood as falling along a continuum with centralized, custodial platforms most resembling conventional securities exchanges subject to registration under federal securities laws at one end of the continuum and decentralized, noncustodial platforms that execute transactions on-chain and least resembling traditional securities exchanges at the other end of the continuum.

A. Centralized Exchanges

A centralized cryptocurrency exchange is a for-profit business that facilitates cryptocurrency trading. Users deposit their funds directly into a pooled wallet that is controlled by the exchange; the exchange takes custody of traders’ deposited assets and the exchange directly engages in matching buy and sell orders. Coinbase, Gemini, Bittrex, and Binance are all examples of centralized exchanges.

Centralized exchanges create accounts that maintain custody of customer funds. The cryptocurrency exchange maintains “hot” wallets connected to the platform’s network to facilitate trading. Centralized exchanges generally enable traders to execute, clear, and settle buy and sell orders, transferring fiat for cryptocurrency or enabling cryptocurrency for cryptocurrency transactions. As custodians of financial assets, centralized exchanges must comply with state and federal laws relevant to the custody, exchange, and transfer of assets including federal anti-money-laundering and know-your-customer user-verification obligations. Consequently, the Financial Crimes Enforcement Network (“FinCEN”), a bureau of the United States Department of the Treasury, may also regulate these cryptocurrency platforms as “money services business.”

Most of the large, centralized exchanges have raised capital from angel investors and venture capital firms to grow their operations. An increasing number of legacy exchanges have signaled their interest in launching cryptocurrency trading operations. The Intercontinental Exchange (“ICE”), the operator of the New York Stock Exchange and the London Stock Exchange have indicated interest in operating a cryptocurrency exchange. ICE has subsequently received regulatory approvals to launch a cryptocurrency futures exchange- Bakkat. Centralized exchanges operate as formally organized or incorporated entities; they are independent from community members who may maintain the protocol.

Centralized exchanges create single points of failure and face a number of risk management concerns. Centralized exchanges are susceptible to hacks, shutdowns, and latencies. International media coverage has chronicled the cybersecurity breaches at Mt. Gox, Shapeshift, Bitfinex, Poloniex, QuadrigaCX, and Bithumb. Hackers stole more than $4 billion in cryptocurrencies from centralized exchanges between 2011 and 2017.

Similar to conventional trading platforms, centralized exchanges typically charge market participants transaction fees that may include deposit, trading, and withdrawal fees. Trading on centralized exchanges may be less transparent because the exchange may permit the execution and settlement of trades “off-chain,” meaning information regarding transactions may not be broadcast to the entire blockchain network and may not be authenticated on the blockchain network. Settling trades “off-chain” creates a number of challenges including concerns regarding interoperability and security risks.

B. Decentralized Exchanges

Decentralized exchanges (“DEX”) are peer-to-peer blockchain-based platforms; all transactions are authenticated by the network’s community. Decentralized exchanges eliminate intermediaries and users execute transactions and store funds and assets in their own wallets, transacting in a genuinely trustless manner. DEXs do not maintain custody of traders’ assets or wallets. Traders connect hardware wallets or software wallets to the blockchain to execute trading transactions. Depending on the DEX’s framework, the trader either maintains custody of their tokens at all times or gives up custody to the DEX’s smart contract until a particular trade is executed and settled.

Because makers and takers act independently of the DEX protocol, the DEX protocol cannot support market orders; however, an application can approximate market orders. DEX traders pay many of the same fees as centralized exchange traders. However, DEX traders pay substantially higher network fees known as “gas” because the operational infrastructure of the exchanges requires additional steps for verification and posting transactions to the blockchain.

A DEX generally adopts one of the following approaches for matching buyers and sellers: on-chain order books or off-chain order relay with on-chain settlement. With on-chain order books, the DEX hosts the order book on a blockchain. Orders are distributed across the blockchain and the user gives up custody of her tokens to the DEX smart contract. Maintaining an on-chain order book creates notable inefficiencies, imposing high friction costs on market makers and leading to latency that enables market participants to engage in predatory trading behavior. Modifying and canceling trades present significant challenges. Higher trading volumes consume a large amount of network bandwidth.

A second approach involves DEXs using off-chain order relay with on-chain settlement. Under this approach, the maker allows the DEX contract to access their token balance. The maker then creates an order specifying a desired exchange rate, expiration time, and cryptographically signs their exchange order with their private key. The order is not broadcast across the blockchain network, rather it is distributed across a communication medium.

Relayers, like Relay Radar, find, match, and fill orders as they move across a communication medium. Relayers do not execute trades. Rather, relayers recommend a best available price to a taker who then decides whether to take the order. A taker that intercepts the message and decides to fill the order submits the maker’s signed order to the DEX smart contract. The DEX smart contract authenticates the maker’s signature, makes sure the order has not expired, verifies that the order has not already been filled, and then transfers the tokens between the maker and the taker settling the exchange on-chain.

DEXs provide increased security. Unlike a centralized exchange, a DEX is not a single point of failure and is, therefore, far less susceptible to the various security and risk management concerns that plague centralized exchanges.

The developing definitions for each of the two classes of exchanges described in this Part may offer a path for governing cryptocurrency secondary market trading. Yet, the market for these nascent platforms is rapidly evolving. To protect customer funds and minimize cybersecurity threats such as hacking, some “decentralized” exchanges have adopted attributes of centralized exchanges such as “off-chain” order books or settlement. Relying on the generic but not universally defined descriptions to distinguish between the two classes of exchanges, however, may be insufficient to create a set of formal rules governing cryptocurrency secondary market trading platforms. Moreover, platforms may seek to evade regulation by describing themselves as “decentralized exchanges” notwithstanding operational approaches that centralize trade matching, execution and settlement. Consequently, we may need to create new rules that recognize the distinctions between centralized and decentralized exchanges and distinguish these types of exchanges from traditional securities and commodities exchanges.

III. Redefining Exchanges

The creation of cryptocurrency exchanges has challenged conventional notions of the role of exchanges in markets and invites discussion regarding the most effective method of regulating these nascent platforms. For some exchanges, conforming to legacy economic and governance practices will simply not be feasible. The process of registering a securities exchange is expensive and time consuming; ongoing compliance creates additional costs. Innovative, entrepreneurial start-up platforms may not have the funding to register. Other cryptocurrency platforms that have acquired significant market share have explicitly announced their intentions to operate as regulated market participants.

While the contours of crypto-trading platforms continue to take shape, it may be useful for the Commission to enact a series of regulations that enable cryptocurrency exchanges to register as a subset of alternative trading systems (“ATS”). The Commission may have to develop a new set of guidelines for the operational, governance, and compliance standards applied of these entities.

Federal securities laws emphasize the importance of fair, orderly, and transparent trading in securities markets. Because of their role in regulation, we describe exchanges and clearinghouse platforms as self-regulatory organizations (“SRO”). Section 6(b) of the Exchange Act requires SROs to register with the SEC and endows the SEC with the authority to oversee SRO rulemaking and enforcement actions. SRO rules and enforcement actions “prevent fraudulent and manipulative acts and practices” and “promote just and equitable principles of trade.”

SROs may discipline members for violating SRO rules or federal securities laws. In fact, the exchanges regulate the securities market by imposing rules on the issuers or companies that list their securities on the exchange platform for secondary market trading as well. The members of exchanges and clearinghouses may act as brokers who merely execute transactions based on customer solicitations or dealers who transact with clients facilitating sales through their proprietary portfolios. Many brokerage houses offer both services, and consequently, markets describe these firms as broker-dealers.

Section 6 of the Exchange Act permits the registration of entities whose rules are designed to “prevent fraudulent and manipulative acts and practices, to promote just and equitable principles of trade” and to discipline members for violating the exchange’s rules or federal securities laws. Section 15A of the Exchange Act empowers national securities associations with similar rulemaking authority over their members.

Under Sections 6 and 15A of the Exchange Act, national securities exchanges and national securities associations have the authority to expel, suspend, or discipline members for conduct “inconsistent with just and equitable principles of trade.” Section 19 of the Securities Exchange Act empowers the SEC to suspend or withdraw the registration of an exchange, to suspend or expel any member of an exchange, to suspend trading in listed securities, and to impose rule changes on exchanges.

As described above two classes of platforms for secondary market trading have emerged: centralized and decentralized platforms. Assuming that Director Hinman’s proposal for exempting “sufficiently decentralized” cryptocurrencies applies in parallel to exchanges, decentralized exchanges might be beyond the ambit of regulatory oversight. The question of regulatory oversight would presumably turn on the operational infrastructure of each class of exchanges. While in theory such a regulatory approach may be adopted, it would be far from ideal. Effectively defining different platforms based on operational infrastructure may require the SEC to navigate a quagmire of platform attributes. Creating a safe-harbor for cryptocurrency trading platforms under Regulation ATS may offer a better approach.

Regulation ATS establishes a regulatory framework for ATSs. While the SEC developed Regulation ATS to address a different class of secondary trading platforms, the language of the regulation is sufficiently broad to enable the Commission to promulgate rules specifically designed to address blockchain-based trading platforms. An ATS meets the definition of exchange under federal securities laws but is not required to register as a national securities exchange if the ATS operates under the exemption provided under Exchange Act Rule 3a1-1(a). To operate under this exemption, an ATS must comply with the requirements in Rules 300–303 of Regulation ATS.

To comply with Regulation ATS, an ATS must register as a broker-dealer and file an initial operation report with the Commission on Form ATS before beginning operations. An ATS must file amendments to Form ATS to provide notice of any changes to its operations, and must file a cessation of operation report on Form ATS if it closes. The requirements for filing reports using Form ATS are in Rule 301(b)(2) of Regulation ATS. These requirements include mandated reporting of books and records. Within each class of cryptocurrency trading platforms, the Commission might implement a set of guidelines for satisfying Regulation ATS.

There are, however, noteworthy limitations to this approach. Due to their organizational structure, centralized exchanges will be able to create effective governance, regulatory, and economic rules with few challenges. Decentralized exchanges that seek to register may require a more flexible standard or case-by-case review by the Commission. Carla Reyes offers an insightful analysis of the governance challenges that decentralized protocols face and useful suggestions regarding how to address these concerns.

Second, compliance with conventional SRO regulatory practices may prove exceptionally difficult for decentralized platforms. Assigning liability may prove complicated where smart contracts automate critical decisions. Simply stated, the markets for ICOs and cryptocurrency secondary trading markets are distinct from conventional securities markets and characterized by distinct conflicts of interest, operational risks, and governance concerns.

Third, the Commission may have to offer guidance regarding the effect of a number of technical features including on-chain order books, automated order filling, transaction settlement, liquidity, security, latency, and clearing and settlement. In the absence of an industry-governing authority for the platforms engaged in cryptocurrency secondary market trading, and without widely-adopted best practices, establishing a uniformly adopted set of governing rules and risk-management and trading policies may prove challenging.

Finally, recent enforcement efforts against ATS platforms suggest that the lack of transparency among this subset of exchanges poses a challenge. Insufficient disclosures regarding internal operational policies have left subscribers vulnerable to conflicts of interest. In a number of instances, predatory trading behaviors such as high-frequency trading have been permitted notwithstanding promises of subscriber safeguards. Prosecutors have initiated legal action against ATS platforms for failing to disclose trading price information and information leakage.

For centralized and decentralized blockchain-based trading platforms, these concerns may be more or less problematic depending on the platforms’ attributes. The “operational transparency” concern may be less significant with centralized trading platforms and completely mitigated for decentralized trading platforms. One of the chief motivating goals for decentralized trading platform developers is to eliminate opacity and vulnerabilities created by an intermediary facilitating trading activity.

Moreover, in July 2018 the Commission adopted (and earlier this year implemented) several amendments to Regulation ATS that enhance public disclosure requirements, operational transparency, and expand the Commission’s oversight of conflicts of interest. While these measures are generally limited to ATS platforms that facilitate the trading of stocks listed on national securities exchanges, similar disclosure and risk management focused rules may be useful in cryptocurrency markets. The Commission may draw upon its experience with ATS platforms to develop regulations governing cryptocurrency secondary market trading platforms. Expanding registration opportunities and possibly developing a specific safe harbor to permit centralized and decentralized cryptocurrency exchanges to operate under a formal regulatory framework may offer a first step on the path to regulatory certainty for secondary market digital-asset trading.


Following the SEC’s publication of the DAO Report, the Commission intensified enforcement actions in the digital-asset-trading market. While the DAO Report and increased enforcement signal the Commission’s intentions to continue to rely on long-standing, principles-based legal standards for determining when financial arrangements qualify as “securities” and when organizations facilitating secondary market trading may qualify as “exchanges,” these announcements may not provide sufficient guidance in the expanding ecosystem of assets, market participants, and trading platforms. The absence of clear guidance regarding ICOs and the specter of potential liability, many argue, will stymie the development of innovative formal institutions designed to clear and settle secondary market coin and token transactions.

Notwithstanding the promise of rules delineating among digital assets based on the extent that the security or trading platform may be sufficiently “decentralized,” the Commission may need to act in the short term to offer the market the necessary guidance. This Essay suggests modifying Regulation ATS to enable secondary market trading platforms to register as ATSs. Permitting cryptocurrency exchanges to register under Regulation ATS will enhance liquidity, price accuracy, and price discovery and reduce regulatory uncertainty.


Kristin N. Johnson is the McGlinchey Stafford Professor of Law, Associate Dean of Faculty Research, Tulane University Law School. J.D., University of Michigan Law School; B.S. Georgetown University Walsh School of Foreign Service.


Leave a Reply