The Commission[1] has been presented with a package of three proposed, and unusual, enforcement actions.  Although each case presents different facts, they have been lumped together for Commission consideration and vote (presumably for messaging purposes) as “DeFi” cases.  That is, each case involves a decentralized finance (“DeFi”) protocol – a collection of smart contracts residing on a blockchain that replicates certain functions of the traditional financial system in a decentralized manner.

The Commission has brought enforcement actions against several centralized exchanges in the digital asset space during the past few years.  And last year, we dipped our toes into the waters of DeFi in the “Ooki DAO” enforcement matter to establish that a centralized exchange that is acting in violation of the Commodity Exchange Act (“CEA”) and CFTC rules cannot absolve itself of liability by becoming decentralized.[2]

But that is not the case in the three matters before us now.[3]  Instead, we are asked to find liability and impose sanctions based on a novel technology that was decentralized in conception and operation—an area that has not previously been the subject of a CFTC enforcement action.

I am not averse to the application of the CEA and CFTC rules to novel circumstances and ensuring that the Commission is vigilant in bringing enforcement cases in new areas where they are warranted—especially to fulfill our mandate from Congress to protect market participants from fraud and abuse.[4]  That said, the Commission’s Orders in these cases give no indication that customer funds have been misappropriated or that any market participants have been victimized by the DeFi protocols on which the Commission has unleashed its enforcement powers.

I am concerned that the Commission in these cases is taking another step down the path of bringing enforcement actions when we should be engaging with the public.  It is important to emphasize that “Enforcement First” has not always been the CFTC’s default position.  These cases are especially concerning in that they represent a significant shift in position on the merits of engagement with DeFi market participants.

In fact, as recently as last year, the Commission promulgated very different language on engagement with DeFi technology in its 2022-2026 Strategic Plan.  The Strategic Plan specifically called out DeFi as an area where the Commission pledged to “[i]ncrease stakeholder engagement and leverage principles-based regulation,” and also acknowledged that “innovations such as DeFi require extensive stakeholder engagement.”[5]

Further, the Strategic Plan explained that:

All our actions are aimed at developing and implementing regulations that are efficient, effective, and appropriately tailored . . . Financial markets quickly adopt emerging technologies, and our derivatives markets have experienced a revolutionary transformation that presents both opportunities and risks.  This transformation includes several emerging trends in derivatives markets [such as] decentralized finance (DeFi) . . . Addressing both the risks and opportunities of these nascent markets requires striking a balance between protecting market participants and supporting innovation.[6]

This statement paints a picture of a forward-looking Commission ready to grapple with the difficult questions of how to properly regulate new and innovative market structures.  Yet, today’s actions take us a step away from that promise.  The Strategic Plan recognized our co-equal mandate from Congress to “promote responsible innovation.”[7]  Yet, today’s actions do not promote responsible innovation—they shut it down, banishing innovation from U.S. shores.

Enforcement is inherently ill-suited to balancing our competing mandates of protecting customers and promoting responsible innovation.  By contrast, that is the essence of agency rulemaking.  Customers, market participants, stakeholders, and the Commission itself benefit from clear, transparent, and comprehensible rules adopted with public engagement through a notice-and-comment rulemaking process.

Not surprisingly, given the novelty of DeFi protocols and the rapid development of this technology, cases such as those before us raise a host of thorny questions that the Commission has yet to address.  To cite just a few:

• The Statute:  If the Commission is going to require these DeFi protocols to register as designated contract markets (“DCMs”) or swap execution facilities (“SEFs”), how can they satisfy the Core Principles that Congress has set out for such registrants in the CEA?  CFTC commissioners often tout the CEA’s Core Principles for providing the flexibility the agency needs to adapt to the fast pace of innovation that historically has enabled the U.S. derivatives markets to flourish.  But that flexibility is meaningless if the Commission does not exercise it.
• Our Rules:  If the Commission is going to require these DeFi protocols to register as futures commission merchants (“FCMs”), how would they be able to do so under our rules?  Our rules were written for centralized entities—are they fit for purpose if FCM activity can be performed in a decentralized manner?
• Inconsistency with Other CFTC Initiatives:  The Commission’s Staff recently issued a “Request for Comment on the Impact of Affiliations on Certain CFTC-Regulated Entities,” which noted that an affiliation between an FCM and a DCM or SEF “raises questions as to how [the DCM’s or SEF’s] supervisory responsibilities will be carried out with respect to” the FCM, and that an affiliation between an FCM and a DCM or SEF “may raise other potential concerns including possible anti-competitive effects, treatment of nonpublic information, and the adequacy of the applicable financial resources.”[8]  In light of the questions that our Staff has raised about a DCM or SEF being affiliated with an FCM, should a DeFi protocol – as indicated by two of these enforcement actions – be required to register as both a DCM/SEF and an FCM?
• Facts Matter:  The handling of these matters through enforcement obscures that one of the cases before us is not like the others.  In that case, the Respondent’s technology enabled users to execute spot trades in thousands of different digital asset trading pairs; the CFTC does not have regulatory jurisdiction over such spot trading, which is lawful activity under the CEA.  The Commission nonetheless holds this Respondent liable because its protocol also was used to trade some leveraged digital assets issued by unaffiliated third parties, which could be created by utilizing a set of smart contracts designed and deployed by third parties that automatically executes a series of actions on other third-party DeFi lending platforms and decentralized exchanges to generate leverage.  This raises questions:  If a DeFi protocol is developed for lawful purposes but is used for purposes that violate the CEA, should the developer be held liable?  Must the deployment and the illegal use be close in time, or is the developer of a DeFi protocol forever liable if its technology is used for illegal purposes by others?  Should there be a de minimis threshold of illegal activity before imposing such liability on the developer in these circumstances?

These types of questions, and more, cry out for Commission consideration.  Sadly, though, the agency’s Spring 2023 regulatory agenda published as part of the government-wide Unified Agenda of Federal Regulatory and Deregulatory Actions does not include any CFTC rulemaking activity regarding DeFi.[9]

Clearly, rulemaking does not preclude enforcement.  In fact, strong and clear rules, adopted after the type of stakeholder engagement envisioned by our Strategic Plan, establish the Commission’s expectations and thus make it easier (and fairer) to bring enforcement cases against those who violate those expectations, thus providing an enhanced deterrent effect on the market.  However, absent a transparent notice-and-comment process to set the rules, the Commission creates an impossible environment for those who want to comply with the law, forcing them to either shut down or shut out U.S. participants.

If for some reason there is a reluctance to engage in formal rulemaking, nevertheless, the Commission has many other means at its disposal to address the important policy questions presented by DeFi.  A simple request-for-comment, which we have done recently as discussed above, would be a helpful start.  Beyond that, the Commission and its Staff have a variety of options available.  Staff could issue advisories or frequently-asked-questions (“FAQs”), or interpretive letters,[10] to set out its views in this area.  We have held roundtables and convenings to spark discussion on new developments affecting the derivatives markets.[11]  And the Commission itself can promulgate interpretive guidance.[12]

Psychologist Abraham Maslow is known for his observation of the hierarchy of human needs, but he is also the author of a proposition known as “Maslow’s Hammer” which was made famous by his quote, “I suppose it is tempting, if the only tool you have is a hammer, to treat everything as if it were a nail.”[13]

We at the CFTC are fortunate to have more than one “tool” to use in our oversight of the markets.  I am concerned, however, that as it relates to DeFi innovation, if we continue swinging our enforcement “hammer” as if every DeFi project were a nail, we are neglecting the other tools in our toolbox that can enable us to achieve the diverse objectives that Congress tasked to us in the CEA.

I hope that in the future, we will consider using our other “tools” to live up to the promises made in our Strategic Plan about developing and implementing policies that are “efficient, effective, and appropriately tailored” to the promise and the risk of DeFi technology.[14]

However, as these cases represent another example of the CFTC swinging its enforcement hammer when other, more precise tools would be a better fit for the job, I respectfully dissent.