On September 7, 2023, the Commodity Futures Trading Commission (CFTC) simultaneously filed and settled charges against three decentralized finance (DeFi) platforms, signaling a significant step toward CFTC regulatory oversight in the DeFi space. The three DeFi platforms offered, or made available for trading, contracts based on various cryptocurrencies and digital assets, including swaps and other derivatives under the Commodity Exchange Act (CEA) and CFTC regulations.
The CFTC’s enforcement actions targeted Opyn, Inc., ZeroEx, Inc. and Deridex, Inc., accusing each company of illegally offering financial products, including derivatives, to US persons without proper CFTC registration. Many legal analysts contend that recent enforcement actions herald the end of DeFi activities in the United States. While these assertions may be overblown, they are not without merit. The US Department of the Treasury’s recent book “Illicit Finance Risk Assessment of Decentralized Finance” put decentralized operators on notice that the more centralized and concentrated control a defined group exerts over a protocol (even a protocol claiming to be decentralized), the greater the risk of being recognized as an “unincorporated association” and therefore a target for regulatory enforcement.
Some market participants perceive these regulatory moves as a targeted response to escalating apprehensions surrounding the risks of unregulated leveraged and margined retail commodity transactions in the swiftly advancing DeFi sector. However, a considerable faction of the industry and regulators argue that rather than stifling the growth of DeFi, these enforcement actions may serve as a necessary impetus to cultivate more robust and transparent operational frameworks, thus fostering sustainable development in the sector.
OPYN, INC.: oSQTH AND REGULATORY COMPLIANCE
Opyn, Inc. offered a digital asset derivatives token known as oSQTH through its Opyn Protocol. The token’s value was tied to Opyn’s proprietary index, Squeeth, which “tracked the price of ether squared relative to USDC.” Opyn allowed users to enter long and short oSQTH positions. The CFTC determined that oSQTH tokens represented swaps and leveraged retail commodity transactions, bringing their offering within the CFTC’s regulatory purview, and charged Opyn with failing to register as a Swap Execution Facility (SEF) and neglecting to limit retail access to eligible contract participants as is required for SEFs under the CEA. Despite certain efforts to comply with the CEA’s requirements, “such as blocking users with U.S. internet protocol addresses” from accessing the Opyn Protocol, these efforts were not fully “sufficient to actually block U.S. users from accessing the Opyn Protocol,” pursuant to the CFTC’s position. Opyn was also charged with engaging in activities that should have been exclusive to registered futures commission merchants (FCMs), including deploying the Opyn Protocol for leveraged transactions and failing to establish a customer identification program pursuant to Bank Secrecy Act (BSA) obligations. Further, Opyn lacked the necessary preconditions “to implement KYC and anti-money laundering procedures” by not requiring users to provide identifying information when enrolling in the platform. Opyn was ordered to pay a $250,000 civil monetary penalty.
DERIDEX, INC.: PERPETUAL CONTRACTS AND REGULATORY LAPSES
Deridex, Inc. faced similar allegations concerning its Deridex Protocol. The Deridex Protocol used smart contracts to offer leveraged derivatives positions, which the CFTC alleged qualified as swaps as defined in the CEA (i.e., “perpetual contracts” without the delivery of a commodity), further underscoring the CFTC’s firmly held view that so-called perpetual contracts are swaps. Deridex was also charged with operating as an unregistered SEF by facilitating swaps between multiple participants and engaging in activities exclusive to registered FCMs, such as soliciting users to deposit assets for leveraged retail commodity transactions. Like Opyn, Deridex failed to implement a customer identification program and took no effective steps to exclude US users. Deridex was ordered to pay a $100,000 civil monetary penalty.
ZEROEX, INC.: OX PROTOCOL AND REGULATORY IMPLICATIONS
ZeroEx, Inc. was charged for its Ox Protocol and front-end application, Matcha, which allowed users to trade various digital assets, including leveraged tokens from third-party issuers. The CFTC alleged that these leveraged tokens were retail commodity transactions “with customers who were not eligible contract participants or eligible commercial entities,” necessitating registration and compliance with CFTC regulations and the CEA. ZeroEx, Inc. was ordered to pay a civil monetary penalty of $200,000.
DISSENTING OPINION AND REGULATORY CONCERNS
Notably, a dissenting opinion from CFTC Commissioner Summer Mersinger accompanied these enforcement actions. She raised concerns regarding the basis for imposing sanctions on DeFi protocols, emphasizing that the CFTC didn’t provide any “indication that customer funds [had] been misappropriated or that any market participants [had] been victimized by the DeFi protocols on which the Commission [had] unleashed its enforcement powers.” Commissioner Mersinger also questioned whether enforcement actions were suitable for addressing the complex regulatory questions posed by DeFi protocols, suggesting that rulemaking and stakeholder engagement might provide a more comprehensive approach. She emphasized the need to balance regulatory oversight with fostering responsible innovation and stakeholder engagement.
The CFTC’s recent enforcement actions demonstrate its commitment to addressing regulatory challenges within the digital asset space, particularly in response to the growing demand for regulatory intervention in the DeFi sector. The CFTC has remained steadfast in its position that when offering core derivative products based on digital assets to the public, whether in a centralized or decentralized manner, the laws and regulations must be followed.
With the absence of comprehensive regulations specific to digital asset commodities, retail customers have been left vulnerable and without established safeguards that are present in traditional asset classes. The prevalence of information asymmetries within DeFi protocols, even in regulated markets, presents risks that must be mitigated to protect customers. These enforcement actions demonstrate a subtle yet significant challenge for DeFi platforms: striving to integrate the pioneering, decentralized nature of their technologies while also meeting the intricate and notably demanding compliance framework of US law. DeFi platforms’ promise of transparency and efficiency through blockchain technology may be compromised by operational designs that centralize certain functions “off-chain,” leading to a lack of transparency and regulatory clarity. The CFTC’s actions aim to strike a balance between innovation and protecting market participants while addressing the challenges posed by DeFi protocols.
The recent stringent approach by the CFTC in enforcing regulations has sparked a discussion regarding the threat of the current trend for regulation through enforcement against the viability of DeFi in the US. To preserve the US crypto industry’s vibrancy (barring or perhaps in conjunction with more definitive legislation), fostering collaborative and practical regulations for DeFi businesses will be essential.
We regularly advise clients on all types of NFTs, and how they should be treated under US law based on their characteristics, sales and distributions. Our FinTech & Blockchain team can help you navigate the ever-evolving legal landscape affecting your business, ensuring you remain up-to-date and compliant.
See In the Matter of Deridex, Inc., CFTC Docket No. 23-42, Sept. 7, 2023 *4 (Deridex, “operated a multiple-to-multiple trading platform designed to facilitate the trading of perpetual contracts, which are ‘swaps’ under Section 1a(47) of the Act.”); See also CFTC v. HDR Global Trading Ltd., No. 1:20-cv-08132, 2021 WL 3722183, at ¶ 29, 37 (S.D.N.Y. Aug. 10, 2021 (consent order).
See In the Matter of ZeroEx, Inc., CFTC Docket No. 23-41, Sept. 7, 2023, *2 (“0x additionally created and operated a front-end user interface called “Matcha,” which utilized the 0x Protocol to enable users to exchange digital assets. Matcha was marketed to retail investors as a decentralized exchange (“DEX”) as well as a DEX aggregator that compiled price data from multiple other DEXs and market makers. By accessing Matcha’s website, users could submit bids and offers, and execute trades on a peer-to-peer basis in various digital assets from multiple sources of liquidity, including market makers and unaffiliated third party DEXs supplying liquidity directly through the Matcha interface.”)
Id. (“Enforcement is inherently ill-suited to balancing our competing mandates of protecting customers and promoting responsible innovation. By contrast, that is the essence of agency rulemaking. Customers, market participants, stakeholders, and the Commission itself benefit from clear, transparent, and comprehensible rules adopted with public engagement through a notice-and-comment rulemaking process.”)
Id.; see also CFTC, 2022-2026 Strategic Plan (2022) * 10 (All our actions are aimed at developing and implementing regulations that are efficient, effective, and appropriately tailored . . . Financial markets quickly adopt emerging technologies, and our derivatives markets have experienced a revolutionary transformation that presents both opportunities and risks. This transformation includes several emerging trends in derivatives markets [such as] decentralized finance (DeFi) . . . Addressing both the risks and opportunities of these nascent markets requires striking a balance between protecting market participants and supporting innovation.”)