Public Statements & Remarks

Statement of Commissioner Kristin N. Johnson: Taking Action to Prevent Fraud By Digital Asset Services Firms

July 13, 2023

Today, the Commodity Futures Trading Commission (CFTC or Commission) announced that it filed a civil injunctive action in the United States District Court for the Southern District of New York against Celsius Network, LLC (Celsius), and its co-founder and former CEO Alex Mashinsky (Mashinsky, and together with Celsius, Defendants) charging them with fraud in violation of the Commodity Exchange Act (CEA) and Commission Regulations.[1]

Today’s filing, once again, demonstrates the great necessity of having an engaged cop on the beat or authority to police the darker corners of our markets.  To effectively protect customers and preserve the integrity of our markets, it is imperative that firms operating in the financial services community, including cryptocurrency or digital asset services firms, recognize a number of lessons.

Same Risks, Same Rules, Same Regulation

First, firms become subject to regulation when they engage in financial services activities or certain types of financial transactions.  Despite CEOs’ marketing of innovative firms and touting the adoption of cutting-edge technology—Celsius CEO Mashinsky promised customers that they could “make money in their sleep,” acquiring rewards by lending CEL native crypto tokens—the underlying activities of these businesses demonstrate similar risk management exposures to those we find in the traditional financial services sector and consequently, these activities should be subject to appropriate regulation.

Financial Market Fragilities

Second, financial markets demonstrate endemic fragilities and are tremendously interconnected.  A diversity of firms operating in the financial services sector are important (and some are systemically important) and we must carefully focus on the risks that their activities may engender, particularly if these risks may lead to systemic risks.[2]  For almost a year, following Celsius’s decision to halt customer withdrawals and later file for bankruptcy, I have encouraged a deep dive investigation into the events that triggered the onset of the crypto-winter.

(Hidden) Correlations

Third, there are many (sometimes hidden) correlations among diverse assets, asset classes, and actors across the financial markets ecosystem.[3]  Conversations with regulators at the Bank of England, European Securities and Markets Authority, and the Financial Stability Board reveal that this phenomenon is global in nature and will require a coordinated effort and harmonized regulation.

There are a number of internal risk management failures that led to the bankruptcy at Celsius and a number of other firms that collapsed in the crypto winter that began last summer.  As I have noted repeatedly, many of these firms lacked effective risk management and governance safeguards that have been the foundation of regulatory oversight for almost a century.[4]

Risk Management and Good Governance Matter

Finally, the events that led to the Celsius bankruptcy (and the bankruptcies of several other cryptofirms last year) were quite simply the same “runs” or “dashes for cash” that we see in highly-regulated segments of the financial services sector.  Similar to the liquidity crises that led to the collapse of Silicon Valley Bank and Signature Bank, Celsius and other cryptofirms saw a demand by depositors to withdraw deposits—accelerated by 24/7/365 access to accounts online and a deluge of rumors flying across social media platforms like Twitter.  The main difference between cryptoasset firms and the heavily regulated firms is often—much to the surprise of customers and the chagrin of creditors—the guardrails built into our traditional regulatory architecture are absent.

At its core, however, this is quite simply a case of garden variety fraud with material misrepresentations to customers who entrusted their funds to Celsius and Mashinsky.  The asymmetries of information regarding the internal operations of the firm exacerbated each of the pre-existing economic, governance and risk management concerns described above.  When we consider the lack of regulatory visibility into these firms—the absence of independent, external auditors, and all too often the dominance of an imperial CEO who controls all decision-making without the checks and balances that a majority independent, highly-qualified board of directors and independent chief compliance officer and chief risk officer—we cannot be surprised that we find firms facing a perfect storm that results in billions of dollars of customer losses, creditors racing to the bankruptcy courts, and spill-over effects that trigger a domino-effect cascade across cryptomarkets.

I am encouraged that Congress is making progress in this direction. A clear indication of direction of travel for each of the capable regulators who oversee our markets is important, necessary, and of the utmost urgency.  I am also asking my fellow Commissioners to take affirmative steps to help to close the gap with respect to existing regulation and enhance customer protection under our existing authority.[5]  The Directors of the Division of Market Oversight, Market Participants Division, and Division of Clearing and Risk are already demonstrating important leadership on these issues.[6]

More specifically, regarding today’s filing, as alleged in the Complaint, Defendants engaged in a scheme to defraud hundreds of thousands of customers by luring them with promises of high-yield, consistent returns on their digital assets with bank-like investment safety, while engaging in increasingly risky investment strategies to achieve the promised returns—leading to hundreds of millions of dollars in losses and, ultimately, a bankruptcy where liabilities exceed assets by more than $1 billion.

Defendants marketed their platform as a way for customers to earn high interest rates on their digital assets with minimal risk, consistently positioning Celsius as a safe—but higher return—alternative to traditional banking products.  However, Celsius was not a bank, as noted above, and was not subject to extensive prudential regulation and oversight.  Due to this regulatory gap, Defendants marketed their products as “safe”—receiving deposits totaling approximately $20 billion—while investing customer funds into increasingly risky investments including uncollateralized or undercollateralized lending arrangements and decentralized finance (DeFi) agreements.

Over time, however, Celsius was unable to generate sufficient revenue from its investments to satisfy the payment obligations it had incurred to customers.  In an attempt to meet the high interest rates they had promised customers, Defendants engaged in increasingly risky bets, yet never disclosed the risks they were taking on—contrary to their marketing promises of safety.  At the same time, Mashinsky refused to lower the promised rates because he feared it would harm Celsius’s competitive position, leading customers to withdraw their funds, exacerbating the financial difficulties Defendants were encountering.  In 2021 reward obligations exceeded net revenue by $1 billion, and in the first half of 2022, by another $380 million; Celsius by May 2022 was not only not making money on its investments (to fund the reward payments), but had instead incurred over $1.7 billion in total losses.

By June 2022, as a broader downturn in digital assets markets characterized by the crash of the TerraLUNA network was underway,[7]  Celsius began to use new deposits made by customers to make payments to existing customers, and also was receiving an increasing number of withdrawal requests.  Between June 10 and 12, 2022, Celsius received hundreds of millions in withdrawal requests that it could not meet, and on June 12 announced that it was pausing all customer withdrawals.  This pause led triggered intense media coverage and a significant slide in prices across a number of digital assets.[8]  Celsius filed for bankruptcy on July 13, 2022, at which time it had over $4.7 billion in customer liabilities but only $1.75 billion in digital assets.[9]

Defendants violated the CEA and Regulations by pooling customers’ digital assets and then investing them in loans and DeFi agreements, Celsius operated a commodity pool, and should have registered as a commodity pool operator (CPO) with the Commission.  Mashinsky similarly should have been registered as an associated person of a CPO.  Notwithstanding their failure to register as required, Defendants claimed that they were subject to and in compliance with regulatory oversight, by both state and federal regulators.  The lack of a clear regulatory framework for digital assets allowed this fraud to flourish—I have repeatedly called for a clear and robust regulatory regime for digital assets, and I reiterate this call now in light of yet another example of its necessity.  While I am glad that the Commission has the ability to go after fraud after the fact, customers and the public would be better served by a comprehensive regulatory regime that could prevent frauds like this one from developing in the first place.

I applaud the work of the CFTC’s Division of Enforcement staff bringing this case, including Dmitriy Vilenskiy, Chrystal Gonnella, Jason Gizzarelli, Traci Rodriguez, and Paul G. Hayeck.  I also want to recognize the exceptional collaboration across federal regulators and the Department of Justice, including parallel actions by the SDNY, Federal Trade Commission and the SEC.

[1] Notably, Celsius, which is currently in Chapter 11 bankruptcy, is no longer managed by Mashinsky, but instead by executives retained post-bankruptcy.  Celsius will be reorganized as a result of its bankruptcy, and will cease to exist as an entity.  In light of these circumstances, the Commission has negotiated a consent order of settlement with Celsius that will resolve its claims against the entity without impacting the ability of customers and other creditors to bring claims against Mashinsky or other third parties.

[2] Financial Stability Oversight Council, Report on Digital Asset Financial Stability Risks and Regulation, Oct. 2022; see also Vice Chair for Supervision Michael S. Barr, Board of Governors of the Federal Reserve System before the Committee on Banking, Housing, and Urban Affairs U.S. Senate (Mar. 28, 2023),

[3] Commissioner Kristin N. Johnson Remarks, Non-Bank Financial Institutions:  Threat to Financial Stability?, ISDA AMG, Chicago, May 2023.

[4] Keynote Address of Commissioner Kristin Johnson at Digital Assets @ Duke Conference, Duke’s Pratt School of Engineering and Duke Financial Economics Center:  Mitigating Crypto-Crises:  Applying Lessons Learned in Governance, Risk Management, and Compliance, Jan. 26, 2023,; Keynote Address of Commissioner Kristin Johnson at UC Berkeley Law Crypto Regulation Virtual Conference, Post Crypto-Crises: Pathways for Protecting Customers and Preserving Market Integrity, Feb. 8, 2023,

[5] Commodity Future Trading Commissioner Kristin N. Johnson, Future-Proofing Financial Markets Regulation, Salzburg Global Finance Forum (June 29, 2023)

[6] CFTC Staff Releases Request for Comment on the Impact of Affiliations of Certain CFTC-Regulated Entities (June 28, 2023)

[7] See, e.g., Paul Kiernan, Yellen Renews Call for Stablecoin Regulation After TerraUSD Stumble, Wall St. J., May 10, 2022,; see generally Keynote Address of Commissioner Kristin Johnson at Digital Assets @ Duke Conference, Duke’s Pratt School of Engineering and Duke Financial Economics Center, Mitigating Crypto-Crises: Applying Lessons Learned in Governance, Risk Management, and Compliance, Jan. 26, 2023, (discussing the downturn in digital asset markets).

[8] See, e.g., Tom Wilson, Hannah Lang, and Elizabeth Howcroft, Crypto contagion fears spread after Celsius Network freezes withdrawals, Reuters, June 14, 2022,

[9] Chapter 11 Petition, In re Celsius Network LLC., No. 1:22-BK-10964 (Bankr. S.D.N.Y. July 13, 2022).