Skip to main content

Navigation Call to Actions

09 Nov 2022

The Legalities of Crypto

The Legalities of Crypto

We have witnessed a great deal of activity this past year with regard to blockchain technologies; in particular, cryptoassets and their associated scams and cyberattacks. Indeed, we experienced the biggest crypto heist to date in March 2022 when the Ronin Network (a gaming-based crypto network) revealed it had US$620 million stolen in ETH and cash. According to Chainalysis, a total of US$1.9 billion worth of cryptocurrency had been lost in hacks in the first 7 months of 2022. That’s a 60% increase from the same period the year before. In addition to the criminal aspect of crypto, we’ve also had quite a bit of movement on the legislation front.

In June, two US Senators - Cynthia Lummis and Kirsten Gillibrand - introduced the Responsible Financial Innovation Act (RFIA). When enacted, the Act will be the first to introduce a legal framework to cryptocurrency, blockchain and digital assets. It will no doubt transform the crypto world as we know it today - not only in the United States, but around the world too. Not long after, in July, the EU followed with its Markets in Crypto-Assets proposal.

Then came the US Security and Exchange Commission’s (SEC) probe into Coinbase, investigating whether it had “improperly let Americans trade digital assets that should have been registered as securities”.

International Cyber Expo’s Advisory Council member, Flavia Kenyon - Barrister at The 36 Group - offers her analysis below on why this probe matters and what it would mean for the future of crypto if labelled as securities:

“The SEC’s probe into Coinbase matters because it has the potential to define certain cryptoassets as securities, thus setting a precedent with consequences for the entire, fragile crypto economy. And this, at a time when there is regulatory uncertainty, consumers’ scepticism, and a lack of legal oversight of cryptoassets.  The Lummis- Gillibrand Responsible Financial Innovation Bill published in June, is meant to fill this void, but it is yet to be enacted into law.

From a legal standpoint, the question of whether a crypto asset is a security is important in determining the following:  (a) which investors can buy and hold the cryptoasset, (b) who can deal in and keep custody of the cryptoasset, and (c) what disclosure and registration requirements cryptoasset issuers must meet in order to be compliant with US securities laws as regulated by the Securities and Exchange Commission (‘SEC’). Offering securities involves onerous registration and disclosure requirements and greater regulatory and compliance costs.

The 1946 Supreme Court ruling in SEC v. Howey defines what a ‘security’ is: a contract involving (1) an investment of money (2) in a common enterprise (3) with the expectation of profits (4) from the efforts of others.

However, applying this 1946 test to an ever evolving, complex technology underlying cryptoassets is fraught with difficulty and uncertainty.

By way of example, buying bitcoin or ether may be an investment of money. It may even involve an expectation of profits if the intention of the buyer is to hold the cryptocurrency rather than to use it to buy goods and services. But one would be hard pressed to argue that a cryptocurrency network is a ‘common enterprise’ when the roles and intentions of its users are so varied. Furthermore, the profits from holding and using cryptocurrencies do not accrue from ‘the efforts of others’ but rather from the cryptocurrencies’ usefulness, or functionality on the network.  So, arguably, those who most obviously profit, namely the miners, do so from their own efforts at validating transactions.

Subjecting all cryptoassets to extensive disclosures and registration, as required by securities laws, would, in my opinion, be disproportionate and unnecessary, and would hamper the development of blockchain technology. Designating ether as a security, as Gary Gensler, SEC’s chairman, has suggested, would also create substantial uncertainty on its own because many blockchain projects rely on the Ethereum network, as does the burgeoning decentralised finance (‘DeFi’) ecosystem.


A more thoughtful, balanced approach is necessary in balancing regulation, consumer protection, and innovation. A balanced approach would avoid inhibiting innovation and would bring cryptoassets within the reach of retail buyers and start-ups.


The recent Lummis- Gillibrand Responsible Financial Innovation Bill has seemingly achieved the impossible by proposing a balanced approach between traditional financial regulation and digital asset innovation across key topics such as decentralisation, securities, commodities, and consumer protection.

The Bill sets out to resolve one of the most pressing problems regarding cryptoassets: when is activity involving them governed by the federal securities laws, the SEC, and when by the federal commodities laws, the Commodities Futures Trading Commission (the “CFTC”).

The Bill allows for a division of responsibilities between the two. It curtails the SEC’s expansive remit, and creates a balancing legal mechanism through a rebuttable presumption that most existing cryptoassets are unlikely to meet the Howey test, and are therefore commodities, which the Bill calls “ancillary assets” and under the regulatory arm of the CFTC. This reflects the case law as the Howey test applies only to “contracts, transactions or schemes,” and not to the assets sold in those transactions – “the ancillary assets”.

The new cryptoasset class – the “ancillary asset” – will likely cover the large majority of digital assets currently in the market, since very few of these assets provide the holder with equity or debt- like rights in a separate “business entity”.”

To hear more from experts like Flavia Kenyon, be sure to attend International Cyber Expo 2023! 

Dates for next year’s International Cyber Expo have been announced as 26 & 27 September 2023 at London Olympia. To avoid missing out on next year’s event, register your interest here:

If you’re interested in speaking during 2023’s Global Cyber Summit and Tech Hub Stage, please email:

View all Blog