The three words driving the crypto policy debate

The industry’s criticism of “regulation by enforcement” has a long history — and hides some complicated realities.

Gary Gensler speaking during a House Subcommittee hearing
Photo: Al Drago/Bloomberg via Getty Images

If you're following the debate about how crypto should be governed, you've heard the phrase “regulation by enforcement.”

The latest flashpoint comes in the form of the Securities and Exchange Commission's civil lawsuit alleging insider trading by a Coinbase employee. The SEC’s explosive assertion that nine of the 25 cryptocurrencies involved in the alleged insider scheme are securities could have significant consequences for the industry. Placing that claim within the lawsuit has prompted Coinbase, a high-ranking U.S. senator and even fellow federal regulators to bemoan that the SEC is regulating by enforcement.

The complaints are "basically saying that the SEC is not providing enough clarity on a particular issue," said James Park, a UCLA Law professor and securities regulation expert. "Instead of passing a regulation that would provide sufficient specificity and give the industry notice, the SEC instead is bringing enforcement actions that are interpreting broadly worded statutory phrases to develop the law case-by-case."

Park, who has written about the SEC's regulation of crypto and general securities enforcement, added that the phrase has a long history and is often applied — rightly or wrongly — when regulators challenge corporate behavior (or misbehavior) not specifically spelled out in federal law. It speaks to a balancing act for all regulation: crafting protections broad enough they can’t be easily evaded, but specific enough that businesses can operate with certainty.

Open door?

The SEC has faced similar criticism over its 2020 lawsuit against Ripple, where the agency said that XRP, the cryptocurrency Ripple uses to facilitate payments, is not a currency but a security — setting off an intense and ongoing legal battle.

Within the crypto industry, the argument against regulation by enforcement is that digital assets don’t fit neatly within the SEC’s existing rule book. Critics believe Congress needs to act to pass clear rules for when a crypto asset should be considered a security placed under the SEC’s jurisdiction, or when it should be considered a commodity, overseen by the Commodity Futures Trading Commission. Barring congressional action, critics say, the regulators themselves need to set more formal rules.

"Regulation by enforcement precludes any meaningful discussion of what should and shouldn’t be considered a security — a question that is too important and far-reaching to be decided solely by punitive action," said Kristin Smith, executive director of the Blockchain Association lobbying group.

The counterargument is that the SEC is acting on its mandate to ensure fair markets by applying existing securities law to a field that SEC Chair Gary Gensler has called the "Wild West." The volatile nature of the market — shedding nearly $2 trillion in value over the first seven months of the year — makes that action even more pressing.

Gensler has said he encourages crypto companies to "come in and talk to us," but he has also implied that most cryptocurrencies — outside of bitcoin — are securities. He has expanded the SEC's enforcement division and pledged to pursue "high-impact" cases.

"Some market participants may call this regulation by enforcement," Gensler said in a November speech. "I just call it enforcement."

Long history

The SEC has been accused off and on of leaning too much on investigations to set the rules of the road ever since the launch of its dedicated enforcement division in 1972. That emphasis on investigations can potentially harm innovation and investment. Roberta Karmel, the first woman to serve as an SEC commissioner, wrote as much in her 1982 book, "Regulation by Persecution." In 1990, Harvey Pitt, who would later serve as chair of the SEC under President George W. Bush, co-authored an academic paper called "Securities Regulation By Enforcement: A Look Ahead At the Next Decade."

"The SEC has, at times, resorted to ad hoc enforcement of the federal securities laws in particular contexts, in the absence of meaningful advance guidance (or warning) to those subject to the agency's jurisdiction," Pitt wrote. Pitt's paper did not conclude that regulation by enforcement was inherently bad, however, noting it gave the SEC the ability to respond quickly to specific facts and situations.

UCLA’s Park noted that securities laws are broadly defined and have been clarified over time by the courts. That includes the 1946 Supreme Court decision that established the Howey test, still used today to determine what is or is not a security.

"And frankly that is how a lot of law is made in other areas — case by case, through what's known as common law rule-making," Park said.

There is no specific federal law against insider trading, for instance, but the SEC has prosecuted it under existing securities fraud laws. The SEC also investigated companies accused of making foreign bribes in the years before Congress passed the Foreign Corrupt Practices Act of 1977. The SEC argued that existing SEC regulations required firms to disclose their financials — including overseas payments.

Carol Goforth, a law professor at the University of Arkansas who has been at times critical of the SEC's approach to crypto, noted that regulation by enforcement can be a helpful tool to address incremental change in certain industries.

“It can be an effective way for an agency to proceed, particularly when faced with incremental changes in particular industries,” Goforth told Protocol in an email. “My personal opinion is that more problems exist when there is a dramatic upheaval and it is genuinely unclear how existing rules should apply (as is the case with cryptoassets and blockchain technology).”

Rule-making, re-examined

In recent years, U.S. financial regulators have rejected the claim they’re arbitrarily punishing companies without consultation for conduct that’s legal. Yet experts do say the agencies are — and, in many cases, should be — using the courts to protect consumers and adapt laws that were left ambiguous, whether deliberately or on purpose.

“It is only regulation by enforcement if you accept the industry’s nonsense that it needs its own special rule book written under the influence of its lobbyists,” said Carter Dougherty, communications director for the consumer group Americans for Financial Reform. “Otherwise it’s just the prosecution of fraud.”

While the term “regulation by enforcement” has most often been used to critique the SEC, the Office of the Comptroller of the Currency and Consumer Financial Protection Bureau have also faced the charge at various points.

Of course, rule-making itself is not always popular either. Most corporate lobbyists spend their time heavily opposing all but the lightest regulations and complaining that most new rules would disrupt beneficial businesses in an attempt to stamp out a few bad actors — which should instead, they say, be the subject of one-off enforcement.

The telecom industry, for instance, has been waging war for a full generation to stop the Federal Communications Commission from implementing net neutrality regulation. The Federal Trade Commission, meanwhile, is readying a series of expansive rule-makings on issues including digital privacy. Those moves have prompted so much ire from industry and Congressional Republicans that lawmakers may soon push to curtail the agency’s authorities, as they previously did in the 1980s and the 1920s.

“The fundamental structure of agencies like the FTC is being reexamined,” Republican former FTC Chair Maureen Ohlhausen told Protocol in June. “The FTC is facing a lot of headwinds in that area, and it needs to be careful.”

The SEC itself has faced plenty of criticism about its attempts to create or update regulation. The agency has a lengthy regulatory docket that has prompted pushback, including on proposals to regulate climate risk disclosure.

Agencies have tried over the past decade to rely on rule-making procedures as an attempt to deal with congressional gridlock and dysfunction on tech policy. That tactic is facing new headwinds now from conservative courts, which have also joined in the attack on the very idea of regulation. Earlier this summer, the Supreme Court ruled that federal agencies, which have for decades enjoyed deference from the judicial branch in their interpretations of relevant statutes, need “clear congressional authorization” if they want to regulate on areas of great “economic and political significance.”

The ruling prompted legal commentators of many different stripes to wonder what rules would be deemed “major” enough by courts that they’d be in danger when challenged, and what might constitute sufficiently clear authorization from law-makers to save the regulations. Some experts also suggest the justices could use the ambiguities to strike down rules whenever they like, making the opinion a harbinger of even narrower and less-frequent rule-making.

See you in court

Although hostility to government regulation is common in many industries, companies that represent novel sectors, such as crypto, do often seek to have rules made on their terms in the hopes that the government can help them distance themselves from the worst actors, standardize infrastructure or lend legitimacy to a particular business model.

Congress has inched toward new rules for crypto, often with support from the industry. Sens. Kirsten Gillibrand and Cynthia Lummis have indicated their bipartisan crypto bill is unlikely to pass this year, but could have sections approved through committee. Sens. Debbie Stabenow and John Boozman introduced a separate bipartisan bill on Wednesday that would give the CFTC oversight of bitcoin and ether and require exchanges to register with the agency.

But in the meantime, the battles will continue in court. Before the insider case, the SEC was reportedly probing Coinbase itself for alleged securities laws violations. (Coinbase denies it lists securities.) Crypto companies likewise press their argument for how they should be regulated in court, as seen in both the ongoing Ripple fight and Grayscale’s lawsuit over the SEC’s rejection of its bitcoin ETF.

“There are a lot of reasons companies may prefer not to do this — it is expensive and easier to settle if you want to put the matter behind you,” Park said. “But that is the main check on regulation by enforcement. If you think you are being treated unfairly, make the SEC prove their case in court."

In that sense, the SEC's effort to establish more-clear guidelines around crypto in the courts has supporters.

"If the SEC can do something to bring legal certainty, it should," wrote Todd Phillips, director of financial regulation and corporate governance at the liberal Center for American Progress. "[And] if courts say some tokens are securities, we can stop talking about Howey [and] start talking about how best to apply securities laws to these assets."

Correction: An earlier version of this story misdated the publication of Roberta Karmel's book. This story was updated on Aug. 5, 2022.


How GM plans to make its ambitious EV goals reality

The automaker's chief sustainability officer is optimistic that GM is well-positioned to rapidly scale up the EV side of its business.

"I think everything that’s been put in place to support the transition will be a real positive for the industry and for the country."

Photo: Eva Marie Uzcategui/Bloomberg via Getty Images

Automakers are on the cusp of an entirely new era.

The transition to electric vehicles is quickly becoming more than just theoretical: More models are coming onto the scene every day. This week, the Inflation Reduction Act was signed into law, enshrining a new structure for EV tax credits and offering a boost to domestic critical mineral mining. The transition isn’t coming a moment too soon, given that the transportation sector makes up the largest share of greenhouse gas emissions in the U.S.

Keep Reading Show less
Lisa Martine Jenkins

Lisa Martine Jenkins is a senior reporter at Protocol covering climate. Lisa previously wrote for Morning Consult, Chemical Watch and the Associated Press. Lisa is currently based in Brooklyn, and is originally from the Bay Area. Find her on Twitter ( @l_m_j_) or reach out via email (ljenkins@protocol.com).

As management teams at financial institutions look for best practices to make part of their regular toolkit, they are reaching most for the ones that increase the speed and reduce the risk of large-scale change.

That forward-thinking approach can lead financial institutions to leverage AI technology, which can help give decision-makers trusted tools to solve integral challenges vital to the health of the business. One of the leading providers of AI and machine-learning software, DataRobot continues to attract clients in financial services who want to de-risk their AI investments and rapidly scale AI to almost every part of their operations, resulting in improved productivity and higher customer satisfaction.

Keep Reading Show less
David Silverberg
David Silverberg is a Toronto-based freelance journalist, editor and writing coach. He writes for The Washington Post, BBC News, Business Insider, The Toronto Star, New Scientist, Fodor's, and several alumni magazines. He also writes for brands such as 23andme, Shopify and Bold Commerce. He has served as editor of B2B News Network, Canada's only B2B news magazine, and Digital Journal, a leading pioneer in citizen journalism. Find more about him at www.davidsilverberg.ca

How Embracer Group bought ‘Lord of the Rings’ rights for a bargain

The Swedish holding company, known best for its gaming acquisitions, bought the rights to “The Lord of the Rings.” But the deal is much more complicated than it seems.

Who really owns LOTR's rights?

Photo: New Line/WireImage

A new stakeholder has entered the complex licensing web of “The Lord of the Rings,” and the landmark deal has further complicated the already messy media empire surrounding author J.R.R. Tolkien’s fantasy epic.

The buyer, the acquisition-hungry Swedish gaming conglomerate known as Embracer Group, has purchased Middle-earth Enterprises, and with it the associated film, video game, board game, merchandise, theater production and theme park rights to the core LOTR book trilogy and “The Hobbit'' from its previous owner, The Saul Zaentz Company. Formerly Tolkien Enterprises, Zaentz’s holding group has held onto the rights since purchasing them from United Artists in 1976. (Tolkien initially sold them to UA in 1969, four years before his death.)

Keep Reading Show less
Nick Statt

Nick Statt is Protocol's video game reporter. Prior to joining Protocol, he was news editor at The Verge covering the gaming industry, mobile apps and antitrust out of San Francisco, in addition to managing coverage of Silicon Valley tech giants and startups. He now resides in Rochester, New York, home of the garbage plate and, completely coincidentally, the World Video Game Hall of Fame. He can be reached at nstatt@protocol.com.


Upstart has a new plan to sell Wall Street on its loans

The AI-powered lender will hold some loans on its balance sheet as it seeks partners for long-term capital.

Despite the current struggles, Upstart views the marketplace model as the best way to write to keep its loan business growing.

Photo: Upstart

After a revenue drop its CEO called “unacceptable,” the leadership at fintech lender Upstart is making a bet on the strength of its ability to underwrite loans with AI.

The San Mateo company is planning to leave some loans on its balance sheet that investors do not want to buy, as concerns about the economy shift Wall Street away from backing riskier consumer debt. Rather than pull back on its lending in response, the company said it will hold some loans as it seeks longer-term capital partners.

Keep Reading Show less
Ryan Deffenbaugh
Ryan Deffenbaugh is a reporter at Protocol focused on fintech. Before joining Protocol, he reported on New York's technology industry for Crain's New York Business. He is based in New York and can be reached at rdeffenbaugh@protocol.com.

Does your boss sound a little funny? It might be an audio deepfake

Voice deepfake attacks against enterprises, often aimed at tricking corporate employees into transferring money to the attackers, are on the rise. And at least in some cases, they’re succeeding.

Audio deepfakes are a new spin on the impersonation tactics that have long been used in social engineering and phishing attacks, but most people aren’t trained to disbelieve their ears.

Illustration: Christopher T. Fong/Protocol

As a cyberattack investigator, Nick Giacopuzzi’s work now includes responding to growing attacks against businesses that involve deepfaked voices — and has ultimately left him convinced that in today's world, "we need to question everything."

In particular, Giacopuzzi has investigated multiple incidents where an attacker deployed fabricated audio, created with the help of AI, that purported to be an executive or a manager at a company. You can guess how it went: The fake boss asked an employee to urgently transfer funds. And in some cases, it’s worked, he said.

Keep Reading Show less
Kyle Alspach

Kyle Alspach ( @KyleAlspach) is a senior reporter at Protocol, focused on cybersecurity. He has covered the tech industry since 2010 for outlets including VentureBeat, CRN and the Boston Globe. He lives in Portland, Oregon, and can be reached at kalspach@protocol.com.

Latest Stories