LawFlash

Crypto Clarity: SEC and CFTC Issue Comprehensive Crypto Asset Guidance – Part 1

March 25, 2026

The US Securities and Exchange Commission (SEC) on March 17, 2026 issued long-awaited interpretative guidance on how the federal securities laws apply to crypto assets and related transactions (the Guidance). The Guidance establishes which crypto assets may be classified as “securities” under the “Howey test,” with the aim of providing a standardized framework for market participants navigating an evolving regulatory landscape. Of note, the Commodity Futures Trading Commission (CFTC) jointly issued the Guidance and indicated that it will administer the Commodity Exchange Act consistent with the Guidance.

This LawFlash is the first in a series to provide our insights into the far-reaching implications of the Guidance and other recent regulatory updates for market participants. For a quick reference, please refer to Table 1 and Table 2 below, which summarize the SEC’s analysis of various crypto assets.

BACKGROUND: DEFINING CRYPTO ASSETS THROUGH THE LENS OF HOWEY

Since 1946, the SEC has applied the Howey[1] test to determine whether a contract, transaction, or scheme is an “investment contract” and therefore a “security” for purposes of the federal securities laws. Originating from a 1946 US Supreme Court case involving land sale contracts in a Florida orange grove, the Howey test has been used by the SEC to determine if a transaction constitutes the offer and sale of an “investment contract,” such that the offer and sale thereof must be registered with the SEC or subject to an applicable exemption from registration.

Howey defines an investment contract as a contract, transaction, or scheme involving (1) an investment of money, (2) in a common enterprise, (3) with an expectation of profits derived from the efforts of others. [2] If an arrangement meets the test, the offeror has (either intentionally or not) issued a “security.”

Since its 2017 issuance of the DAO Report,[3] the SEC has typically used the Howey test “to determine whether crypto assets were offered and sold as investment contracts and therefore as securities[,]”[4] primarily making that determination only in an after-the-fact SEC enforcement action.[5]

THE AGENCIES’ OBJECTIVE: A CLEAR REGULATORY FRAMEWORK

Noting the challenge of applying the Howey test to the unique and ever-evolving attributes of crypto assets and systems, and acknowledging market participants’ requests for a standard taxonomy, the SEC presents its Guidance as “the Commission’s first step toward developing a clearer regulatory framework for the treatment of crypto assets under the Federal securities laws.”[6]

Describing the Guidance as a “complement” to congressional legislative efforts and an “important bridge for entrepreneurs and investors,” SEC Chairman Paul Atkins joined CFTC Chairman Michael Selig in announcing the Guidance as a “joint agency action” between the SEC and the CFTC.[7] In addition, the Guidance indicates that the CFTC has agreed to administer the Commodity Exchange Act consistent with the framework established in the Guidance. In carving out a standard taxonomy for five types of crypto assets, as described below, the CFTC further indicated that certain crypto assets that do not qualify as “securities” under this rubric could meet the definition of “commodity” under the Commodity Exchange Act.

The Guidance itself is divided into six substantive sections:

  1. Definition of “security”
  2. Classification of crypto assets
  3. Crypto assets that are subject to an investment contract
  4. Federal securities laws status of “protocol mining” and “protocol staking”
  5. Federal securities laws status of “wrapping”
  6. Application of the Howey test to “airdrops”

This LawFlash discusses the “definition of security” and the “classification of crypto assets.”

A New Taxonomy

The Guidance establishes a standard taxonomy, including definitions of the following key terms[8]:

  • Crypto asset: Any digital representation of value that is recorded on a cryptographically secured distributed ledger, which the SEC explains is identical to the definition of “Digital Asset” used in Section 2(6) of the GENIUS Act[9]
  • Crypto network: A blockchain or similar distributed ledger technology network
  • Crypto application: A software application running on a crypto network
  • Crypto systems: Crypto networks and crypto applications
  • Non-security crypto asset: A crypto asset that itself is not a security
  • Onchain: Refers to transactions or data that are processed and recorded directly on a crypto network
  • Offchain: Refers to transactions or data that are processed and recorded outside of a crypto network

Definition of ‘Security’

At the outset, the Guidance acknowledges that “[t]here is no universal test to determine whether an instrument is a security.”[10] Rather, an instrument must be analyzed against the list of financial instruments provided in the definition of “security” under section 2(a)(1) of the Securities Act of 1933, as amended (the Securities Act), or section 3(a)(10) of the Exchange Act of 1934, as amended (the Exchange Act).[11]

That list of financial instruments includes traditional and commonly understood types of securities, such as stock, bonds, and debentures, as well as certificates of deposits for securities, profit-sharing agreements in oil or gas royalties, voting-trust certificates, and most relevant here, investment contracts. The SEC reiterated that “items that are purchased for use or consumption, whether they are physical or digital”[12] are typically not deemed to be a “security” under the federal securities laws.

The SEC noted that “in cases involving a ‘novel, uncommon, or irregular device,’ courts often evaluate whether the instrument is an ‘investment contract,’ a term that is not defined in statute or Commission rules.”[13] Further, the SEC acknowledged that the Commission itself, as well as the federal courts, have traditionally assessed crypto assets and crypto transactions through the lens of the investment contract analysis, as established by the Howey test.

Recognizing Howey’s longstanding use and flexibility in application to a broad swath of “contracts, transactions, and schemes,” the Guidance reaffirms the Howey test as the appropriate rubric for analysis of whether a crypto asset or transaction is an “investment contract” and therefore a “security” under the federal securities laws.

Classification of Crypto Assets

The Guidance identifies the following five categories of crypto assets based on their characteristics, uses, and functions:[14]

  1. Digital Commodity
  2. Digital Collectible
  3. Digital Tool
  4. Stablecoin
  5. Digital Security

Applying Howey, the SEC analyzes each type of crypto asset to determine if it entails a contract, transaction, or scheme involving (1) an investment of money, (2) in a common enterprise, (3) with an expectation of profits derived from the efforts of others. Of these five categories, the SEC opines that only one—Digital Security—is definitively an “investment contract” and therefore a “security” under the federal securities laws. Crypto assets falling in the remaining categories, although not on their face securities under the federal securities laws, can become securities if offered and sold pursuant to an investment contract.

Additionally, the broad nature of stablecoins could result in their being deemed a security, depending on their particular characteristics. Finally, the SEC recognizes that certain crypto assets may not neatly fit within any of these five categories or may fall within multiple categories.

Table 1 and Table 2 below summarize the SEC’s analysis of each category, including illustrative examples.

KEY TAKEAWAYS

The Guidance appears to be the culmination of a number of recent SEC actions aimed at providing greater clarity regarding the application of the federal securities laws to crypto assets and related transactions. In January 2025, the then-acting chair of the SEC established the SEC’s Crypto Taskforce, which held a series of public roundtables on various crypto-related topics and encouraged active engagement from stakeholders and the public.

In addition, the SEC staff has issued a number of interpretive statements and no-action decisions in the space, such as guidance regarding disclosure requirements for offerings of securities in crypto asset markets, the status of stablecoins, meme coins, proof-of-work activities, protocol staking and liquid staking activities, and tokenized securities. Early in 2025, the SEC rescinded Staff Accounting Bulletin No. 121 regarding the accounting for obligations to safeguard digital assets that an entity holds for its customers, which had been largely viewed as a barrier to financial institutions holding crypto on behalf of customers. The SEC staff also provided greater clarity to registered broker-deals and transfer agents regarding certain activities involving crypto assets, and dismissed or terminated enforcement actions against many crypto-related companies.

Similar to the SEC’s Project Crypto initiatives, the CFTC has also been engaged in its own “crypto sprint” to provide guidance and clarity to market participants. For example, the CFTC staff issued letters providing guidance for the use of digital assets in derivatives markets, including accepting digital assets as margin collateral and on tokenized collateral.

The additional clarity and interpretive analysis provided by the Guidance is particularly important given the delays associated with the CLARITY Act that has been stalled in the Senate since last summer. It also displays the willingness of the two key federal financial regulators, the SEC and the CFTC, to work collaboratively to establish a consistent framework and guardrails for crypto market participants.

Other aspects of the Guidance, like the following, will be addressed in future analyses:

  • The CFTC’s FAQs concerning registrant and registered entity activities relating to crypto assets and blockchain technology
  • An analysis of how a “non-security crypto asset” may become subject to, and how it may cease to be subject to, an investment contract
  • Application of the Federal securities laws to crypto asset activities including “protocol mining,” “protocol staking,” and “wrapping”
  • Application of the Howey test to the treatment of “airdrops”

TABLE 1: SEC Classification of Crypto Assets[15]

Crypto Asset Type

Definition

Cited Examples

Digital Commodity

A crypto asset that is intrinsically linked to and derives its value from the programmatic operation of a crypto system that is “functional,” as well as supply and demand dynamics, rather than from the expectation of profits from the essential managerial efforts of others.

A crypto system is “functional” if the system’s native crypto asset can be used on the system in accordance with the programmatic utility of the system. The term “native” in the context of a crypto asset refers to a crypto asset generated for use on a particular crypto system.

A digital commodity may be native to a crypto system that is decentralized. A crypto system is “decentralized” if the crypto system functions and operates autonomously with no person, entity, or group of persons or entities having operational, economic, or voting control of the crypto system.

Examples cited by the SEC[16]:

  • Aptos (APT)
  • Avalanche (AVAX)
  • Bitcoin (BTC)
  • Bitcoin Cash (BCH)
  • Cardano (ADA)
  • Chainlink (LINK)
  • Dogecoin (DOGE)
  • Ether (ETH)
  • Hedera (HBAR)
  • Litecoin (LTC)
  • Polkadot (DOT)
  • Shiba Inu (SHIB)
  • Solana (SOL)
  • Stellar (XLM)
  • Tezos (XTZ)
  • XRP (XRP)
  • Algorand (ALGO)
  • LBRY Credits (LBC)

More generally, governance tokens are digital commodities.

Digital Collectible

A crypto asset that is designed to be collected and/or used and may represent or convey rights to artwork, music, videos, trading cards, in-game items, or digital representations or references to internet memes, characters, current events, or trends, among other things.

A digital collectible does not have intrinsic economic properties or rights, such as generating a passive yield or conveying rights to future income, profits, or assets of a business enterprise or other entity, promisor, or obligor.

Examples cited by the SEC[17]:

  • CryptoPunks
  • Chromie Squiggles
  • Fan Tokens*
  • WIF
  • VCOIN

*Fan Tokens have hybrid characteristics and could be classified as digital tools.

More generally, meme coins are digital collectibles, as are badges, video game “skins,” and rewards points.

Digital Tool

A crypto asset that performs a practical function, such as a membership, ticket, credential, title instrument, or identity badge. Digital tools may be issued by a central party or autonomously in accordance with the programmatic functioning of a crypto system.

Examples cited by the SEC:

  • Ethereum Name Service domain names
  • CoinDesk’s ‘Microcosms’ NFT Consensus Ticket

Stablecoin

A crypto asset that is designed to maintain a stable value relative to a reference asset like the US dollar.

As of the date of the Guidance, this includes (1) any “payment stablecoin issued by a permitted payment stablecoin issuer” (as such terms are defined in the GENIUS Act)[18] and (2) “covered stablecoins,” as defined in the April 2025 SEC Staff Statement on Stablecoins.[19]

By operation of law, upon the effectiveness of the GENIUS Act, any “payment stablecoin issued by a permitted payment stablecoin issuer” will not be a “security.”

No specific examples were cited by the SEC.

Digital Security (or “Tokenized” Security)

A financial instrument enumerated in the definition of “security” (e.g., bonds, stocks, etc.) that is formatted as or represented by a crypto asset, where the record of ownership is maintained in whole or in part on or through one or more crypto networks.

Tokenized securities generally fall into two categories: (1) securities tokenized by or on behalf of the issuers of such securities and (2) securities tokenized by third parties unaffiliated with the issuer of such securities, which may involve the third party issuing a separate security that derives its value from or is otherwise linked to the subject security. Please see our SEC Clarifies Federal Securities Law Treatment of Tokenized Securities LawFlash for a detailed discussion.

No specific examples were cited by the SEC.

 

TABLE 2: SEC Application of the Howey Test to Determine Status as a “Security”[20]

Crypto

Asset Type

Is the Crypto Asset a Security?

(Short Answer)

SEC Determination (Howey Test Analysis)

Key SEC Analysis of Crypto Asset Characteristics, Uses, and Functionality

Digital Commodities

No

A digital commodity itself, as described in the Guidance, is not a security because it does not have the economic characteristics of a security.

A digital commodity does not constitute any of the financial instruments enumerated in the definition of “security” because, among other things, it does not represent a digitized form of any such instruments, including an investment contract.

Like commodities generally, a digital commodity has intrinsic value derived from the value of the goods and services that may be produced or accessed using that commodity, as well as from supply and demand dynamics.

Users of a functional crypto system use the system’s native digital commodity to interact with the system’s features and functionalities. A functional crypto system incorporates economic mechanisms that reward voluntary cooperation and coordination among the system’s users.

Users are encouraged to participate in a functional crypto system based on its economic mechanism design, and developers are incentivized to build crypto applications for functional crypto systems that successfully attract users. A functional crypto system does not have a central party that oversees participation or distributes rewards to users.

As a result, the value of a digital commodity is intrinsically linked to the programmatic functioning of the associated functional crypto system. Therefore, given that a digital commodity is associated with a functional crypto system, a purchaser would not reasonably expect to profit based on the essential managerial efforts of others.

Digital Collectibles

No, provided that the ownership is not fractionalized (see last column of this table)

A digital collectible does not constitute any of the financial instruments enumerated in the definition of a “security” because, among other things, it does not represent a digitized form of any such instruments, including an investment contract.

Digital collectibles generally have artistic, entertainment, social, or cultural value or utility.

The purchase of a digital collectible is not an investment in any business enterprise or other entity, promisor, or obligor associated with the creator of the digital collectible.

Digital collectibles are onchain analogues to physical collectibles, which generally have not been regulated as securities.

Like a physical collectible, a digital collectible’s value is not based on the expectation of profits from any essential managerial efforts of its creator following creation but rather on supply and demand, which in many cases depends on the subject matter, popularity, or scarcity of the digital collectible (or its creator), as is the case with physical collectibles.

A fractionalized ownership interest could constitute the offer or sale of a security because it may involve essential managerial efforts from which a purchaser would reasonably expect to derive profits and, therefore, may be offered and sold as an investment contract.

Digital Tools

No

A digital tool itself, as described in the Guidance, is not a security because it does not have the economic characteristics of a security.

A digital tool does not constitute any of the financial instruments enumerated in the definition of “security” because, among other things, it does not represent a digitized form of such instruments, including an investment contract.

Persons acquire digital tools for their functional utility.

The price at which the digital tool may be resold, if it may be resold at all, is based upon its functional utility rather than any expectation of profits from any essential managerial efforts of its developer.

The activities of the creator or developer of a digital tool may impact its value, but that creator or developer does not typically make representations or promises to undertake any essential managerial efforts from which a purchaser would reasonably expect to derive profits.

Digital tools often are “soul-bound,” meaning that they are designed for permanent association with a specific digital identity and are intended to represent aspects of an individual’s or entity’s identity that typically are not transferable, such as academic degrees, professional certifications, memberships, or verifiable work history.

If the creator of a digital tool facilitates network effects, including through the use of a digital tool, such activities do not constitute essential managerial efforts.

Stablecoins

No, if criteria in the Guidance are met (i.e., a permitted payment stablecoin or Covered Stablecoin)

When it becomes effective, by operation of law the GENIUS Act excludes “permitted payment stablecoins issued by a permitted payment stablecoin issuer” from the definition of a security.

Until the GENIUS Act becomes effective, “Covered Stablecoins” are evaluated under the rubric defined in the April 2025 SEC Staff Statement on Stablecoins. The Statement provides that they are not “securities” under the Howey test because buyers do not purchase Covered Stablecoins with a reasonable expectation of profit derived from the entrepreneurial or managerial efforts of others as these instruments are not marketed as investments or with any emphasis on the potential for profit. Buyers are motivated to use or consume Covered Stablecoins as so-called “digital dollars” in the same way one would use USD. Accordingly, it is the Division’s view that Covered Stablecoins are not offered or sold as investment contracts.

Buyers are motivated to use or consume Covered Stablecoins as so-called “digital dollars” in the same way one would use USD. Accordingly, they are not offered or sold as investment contracts.

Stablecoins other than (1) payment stablecoins issued by a permitted payment stablecoin issuer or (2) Covered Stablecoins as described in the Staff Stablecoin Statement may meet the definition of “security” depending on the facts and circumstances.

Payment stablecoins issued by a “foreign permitted stablecoin issuer” (as the term is defined in the GENIUS Act) will generally be considered Covered Stablecoins, per the Guidance.

Digital Securities

Yes

A security is a security regardless of whether it is issued, or otherwise represented,

offchain or onchain.

All devices and instruments that have the economic characteristics of a security are securities regardless of format or label.

Many digital securities convey the same legal rights with respect to a business enterprise or other entity, promisor, or obligor as offchain securities.

Some digital securities do not convey the same legal rights as offchain securities but instead entitle the holder to receive economic distributions from a central party that manages a business enterprise or other entity, promisor, or obligor on behalf of digital security holders.

Purchasers of this latter type of digital security invest in a business enterprise or other entity, promisor, or obligor operated by a central party and look to the central party to earn such distributions. Further, digital securities may provide non-financial benefits to holders, similar to a digital commodity, digital collectible, or digital tool.

A digital security does not fall outside of the definition of “security” merely because it provides such non-financial benefits.

Contacts

If you have any questions or would like more information on the issues discussed in this LawFlash, please contact any of the following:

Authors
Erin E. Martin
Stacie Hartman
Todd P. Zerega
Maria L. Sasinoski
Andrew P. Cross

[1] See SEC v. W.J. Howey Co., 328 US 293 (1946).

[2] Id.

[3] See Report of Investigation Pursuant to Section 21(a) of the Securities Exchange Act of 1934: The DAO,

Release No. 34-81207 (July 25, 2017) (The DAO Report).

[4] See Application of the Federal Securities Laws to Certain Types of Crypto Assets and Certain

Transactions Involving Crypto Assets, Release Nos. 33-11412; 34-105020 (the SEC Crypto Asset Interpretation or the Guidance) at 4-5.  

[5] In addition to Howey, the SEC has also applied the test outlined in Reves v. Ernst & Young 494 US 56 (1990) to certain crypto assets that may appear to have characteristics of debt to determine whether a crypto asset is a “note” under the federal securities laws.

[6] See the Guidance at 9. The Guidance “does not supersede or replace the Howey test, which is binding legal precedent,” but is intended to convey the SEC viewpoint on how the Howey test applies to crypto assets and transactions. The SEC has clarified that the Guidance does supersede the SEC’s Framework for “Investment Contract” Analysis of Digital Assets (April 3, 2019). Id. at 8.

[7] See Press Release, SEC Clarifies the Application of Federal Securities Laws to Crypto Assets (March 17, 2026).

[8] SEC Crypto Asset Interpretation at 4.

[9] Guiding and Establishing National Innovation for US Stablecoins Act, Pub. L. No. 119-27, 139

Stat. 419 (2025) (GENIUS Act). It is anticipated the GENIUS Act will become effective the earlier of January 18, 2027 or the date that is 120 days after the date on which the primary Federal payment stablecoin regulators issue any final regulations implementing the Act.

[10] SEC Crypto Asset Interpretation at 11.

[11] The GENIUS Act amends the definition of “security” in Section 2(a)(1) of the Securities Act and in Section 3(a)(10) of the Exchange Act to provide that “[t]he term ‘security’ does not include a payment stablecoin issued by a permitted payment stablecoin issuer, as such terms are defined in section 2 of the GENIUS Act.”

[12] SEC Crypto Asset Interpretation at 11.

[13] SEC Crypto Asset Interpretation at 11-12.

[14] SEC Crypto Asset Interpretation at 13.

[15] All definitions and cited examples included herein are as provided in Part III of the Guidance, and all SEC analysis is limited to the crypto asset as it existed on the date of the release of the Guidance.

[16] The SEC explains that “each of these crypto assets is a digital commodity because they are intrinsically linked to and derive their value from the programmatic operation of a crypto system that is functional, as well as supply and demand dynamics, rather than from the expectation of profits from the essential managerial efforts of others. As of the date of this release, each of these digital commodities underlies a futures contract that has been made available to trade on a designated contract market operating under the regulatory oversight of the CFTC. To be clear, it is not necessary that a crypto asset underlie such a futures contract to be a digital commodity; rather, the fact that these digital commodities underlie such a futures contract explains their selection as examples for this release. For example, based on their characteristics, terms, and functions as of the date of this release, Algorand (ALGO) and LBRY Credits (LBC), neither of which underlies such a futures contract, are digital commodities because they are intrinsically linked to and derive their value from the programmatic operation of a crypto system that is functional, as well as supply and demand dynamics, rather than from the expectation of profits from the essential managerial efforts of others.” Guidance, Footnote 51 at pages 14 and 15.

[17] The SEC Guidance notes that “digital collectibles are onchain analogues to physical collectibles, which generally have not been regulated as

securities.” However, the offer and sale of a fractional interest in a digital collectible could create an investment contract, which would be a security.

[18] The Guidance notes that, despite not being explicitly excluded from the definition of “security” in the GENIUS Act, “payment stablecoins issued by a ‘foreign permitted stablecoin issuer’ (as the term is defined in the GENIUS Act) registered with the Comptroller of the Currency will generally not meet the definition of ‘security,’ as such payment stablecoins will generally be considered ‘Covered Stablecoins.’”

[19] See US Securities and Exchange Commission, Division of Corporation Finance, Staff Statement on Stablecoins (Apr. 4, 2025). Generally, this earlier definition included “stablecoins that are designed to maintain a stable value relative to the United States Dollar, or ‘USD,’ on a one-for-one basis, can be redeemed for USD on a one-for-one basis (i.e., one stablecoin to one USD), and are backed by assets held in a reserve that are considered low-risk and readily liquid with a USD value that meets or exceeds the redemption value of the stablecoins in circulation.” So, for example, a stablecoin backed by US Department of the Treasury securities that otherwise meets these criteria would be a Covered Stablecoin.

[20] All text included herein is as provided in Part III of the Guidance, and all SEC analysis is limited to the crypto asset as it existed on the date of the release of the Guidance.