Crypto Assets Face Clearer US Rules Under New SEC-CFTC Guidance

On March 17, 2026, the U.S. Securities and Exchange Commission (SEC), joined by the Commodity Futures Trading Commission (CFTC), issued a long‑awaited interpretive release clarifying how federal securities laws apply to crypto assets and related transactions. The release establishes a new “token taxonomy,” confirms that most crypto assets are not themselves securities and outlines when non‑security crypto assets can be sold as part of an “investment contract” subject to securities regulation.

For market participants from public companies and financial institutions to crypto-native projects, this is the clearest regulatory framework to date for evaluating U.S. treatment of digital assets.

Overview of the SEC and CFTC Joint Crypto Interpretation

The SEC issued an interpretive release with the CFTC formally joining and committing to administer the Commodity Exchange Act (CEA) consistently with the SEC’s interpretation. The interpretation takes effect immediately, though the SEC has opened a public comment process and signaled that further revisions or additions are possible.

According to the press release, the interpretation is intended to provide “greater clarity regarding the Commission’s treatment of crypto assets” and to complement ongoing congressional efforts to codify a comprehensive digital asset market-structure framework. The CFTC described the action as a “major step” toward harmonized oversight of crypto assets across the two agencies.

The SEC-CFTC New Token Taxonomy for Crypto Assets

The interpretation introduces a five‑part token taxonomy that describes how the SEC and CFTC intend to treat different categories of crypto assets: digital commodities, digital collectibles, digital tools, stablecoins used as payment instruments and digital securities (tokenized securities).

While terminology varies slightly across law firm summaries, the key concepts are consistent: four categories — digital commodities, digital collectibles, digital tools and qualifying payment stablecoins — are generally not securities, whereas digital securities remain fully within the federal securities regime regardless of their on‑chain format.

How the SEC and CFTC Classify Different Types of Crypto Assets

• Digital commodities: Native crypto assets whose value is tied primarily to network operation and market supply-demand dynamics rather than the managerial efforts of a promoter; media coverage and commentary note that assets such as Bitcoin, Ether, Solana and XRP are now widely treated as digital commodities or otherwise outside the securities definition under this framework.
• Digital collectibles: Non‑fungible tokens (NFTs) and similar assets linked to art, media, fan engagement or in‑game items that are designed to be collected or used rather than primarily held as investments, absent added features such as profit‑sharing, fractionalization or explicit investment marketing.
• Digital tools: Utility‑style tokens that provide functional access, membership, tickets, credentials or similar rights within applications or ecosystems, where the economic substance is use, not investment.
• Payment stablecoins: Stablecoins that meet defined criteria as “permitted payment stablecoins” or similar categories under other federal statutes and are used primarily as payment instruments rather than investments.
• Digital securities (tokenized securities): On‑chain representations of traditional securities or other tokens with the economic characteristics of equity, debt or similar instruments; these remain subject to full securities regulation, regardless of labels or technological form.

Crucially, the SEC reiterates that “non‑security” crypto assets can still be sold as part of an investment contract, depending on how they are offered, marketed and structured. The interpretation explains how such assets can become subject to and later cease to be subject to an investment contract and clarifies the application of securities laws to airdrops, protocol mining, protocol staking and wrapping of non‑security crypto assets.

Key Regulatory Themes Highlighted by SEC Chair Paul Atkins

Announcing the interpretation, SEC Chair Paul S. Atkins emphasized that “after more than a decade of uncertainty, this interpretation will provide market participants with a clear understanding of how the Commission treats crypto assets under federal securities laws,” adding that regulators are supposed to “draw clear lines in clear terms.”

Atkins underscored several themes that will resonate with market participants:

• The interpretation “acknowledges … that most crypto assets are not themselves securities.”
• It “reflects the reality that investment contracts can come to an end,” meaning that tokens initially sold in securities transactions do not remain indefinitely bound to those investment contracts once promised efforts are completed or no longer reasonably expected.
• The effort is intended as an “important bridge for entrepreneurs and investors as Congress works to advance bipartisan market structure legislation,” signaling more formal rulemaking and potential tailored exemptions ahead.

In separate remarks on the SEC’s broader regulatory philosophy, Atkins criticized prior regulation by enforcement in crypto markets and stated that the SEC is no longer the “securities and everything commission,” highlighting an intention to refocus on instruments that truly meet statutory securities definitions.

Practical Implications for Crypto Issuers and Token-Based Projects

For crypto-native projects and token sponsors, the guidance offers a more predictable path to designing non‑security tokens, but it does not eliminate securities‑law risk.

Key implications include:

• Token design and documentation: Projects should deliberately design tokens to align with one of the non‑security categories (digital commodity, collectible, tool or qualifying payment stablecoin) and ensure that white papers, technical documentation and governance structures reflect that economic substance.
• Offering practices and marketing: Even where a token fits a non‑security category, capital‑raising structures, lock‑ups, revenue‑sharing or marketing that emphasizes profits from others’ efforts may still create an investment contract. Projects should revisit prior Howey analyses in light of the SEC’s more concrete examples and explanations.
• Lifecycle planning: The interpretation describes how a token originally sold within an investment contract can later be sold in non‑securities transactions once promised managerial efforts are completed or no longer reasonably expected, suggesting a need for clear milestones, disclosures and public communication when those efforts end.

Implications for Trading Platforms, Financial Institutions and Public Companies

The joint SEC-CFTC guidance also has significant consequences for exchanges, custodians, banks and SEC registrants that touch digital assets.

• Trading platforms and intermediaries: Exchanges, broker‑dealers, ATSs, custodians and other intermediaries now have a more defined framework for determining when a listed token is a “digital security” that triggers securities‑market registration and compliance obligations versus a non‑security digital asset subject primarily to commodities, payments or other regimes.
• Product development and risk management: Banks, fintechs and asset managers offering crypto products (including tokenized assets, yield products, staking and rewards programs) will need to consider how the new taxonomy and investment‑contract analysis affect product design, disclosures and risk controls.
• Public company reporting: SEC registrants with material direct or indirect exposure to crypto assets should expect audit committees, regulators and investors to focus not only on how management is classifying each token under the new framework but also on the controls and processes used to make, document and support those classifications. Because those judgements directly inform risk factors, MD&A, segment reporting and other disclosures, the classification process itself should function as a disclosure control, not merely a technical conclusion.

For accounting and tax purposes, these regulatory classifications may also inform but do not replace separate analyses around recognition, measurement, tax characterization and related disclosure requirements.

Implications for Internal Controls and SOX Compliance

Beyond legal classification, the SEC-CFTC interpretation has important implications for internal control over financial reporting (ICFR), particularly for SEC registrants with material crypto exposure.

Token classification under the new taxonomy is an internal control design question, not solely a legal determination. Public companies will need documented, repeatable controls over how crypto assets are inventoried, classified and periodically reassessed as facts and circumstances change. Assessment of controls by management (or internal audit) and external auditors will likely expect evidence of formalized processes supporting those classifications.

The interpretation’s discussion of the investment‑contract lifecycle introduces a new control risk. A crypto asset’s transition from securities treatment to non‑security treatment (or vice versa) can represent a material accounting and disclosure event. Companies should consider who is responsible for making that determination, how it is documented and whether it is subject to appropriate management and audit committee oversight. For many registrants, this may represent a control gap.

For accelerated filers, ICFR expectations may extend into new territory. Section 404(b) auditors may be required to opine on controls over crypto‑related classifications and judgments that are not yet explicitly addressed in many existing SOX frameworks. Companies with significant digital asset activity should expect increased scrutiny in this area.

Steps Market Participants Should Consider Following the Guidance

In the near term, organizations engaged with crypto assets should consider:

• Inventorying and classifying tokens: Develop or refresh a comprehensive inventory of tokens that the organization issues, holds or supports, and map each instrument to one of the five categories, documenting key assumptions and open questions.
• Reassessing legal and compliance positions: Revisit existing Howey and jurisdictional analyses for offerings, staking, airdrops, wrapping, yield products and tokenization initiatives in light of the interpretation’s guidance.
• Aligning governance, risk and reporting: Update policies, procedures, board and committee charters, and disclosure controls so that they reflect the clarified regulatory perimeter and the organization’s token classifications.
• Preparing for further change: Monitor future SEC and CFTC rulemakings, as well as pending Congressional action on digital asset market‑structure legislation, which could build on this interpretive foundation.

Advisory Considerations for Applying the SEC-CFTC Crypto Framework

Weaver’s professionals are closely tracking these developments and can help you:

• Assess your crypto asset footprint: Inventory and classify tokens and related arrangements (staking, rewards, airdrops, tokenized assets) under the new SEC-CFTC framework.
• Evaluate regulatory, financial‑reporting and ICFR impacts: Analyze how the interpretation may affect securities‑law exposure, financial reporting, internal controls over financial reporting (ICFR) and governance structures.
• Coordinate tax, accounting and advisory perspectives: Connect regulatory classification with tax and accounting treatment to support consistent, well‑governed decision‑
• Design next‑step roadmaps: Develop practical action plans for remediating gaps, updating disclosures and aligning future product design or tokenization strategies with the clarified rules.

If you have questions about how the SEC-CFTC crypto guidance may affect your organization, please contact us.

©2026

This article is for informational purposes only and provides no legal advice. Organizations should evaluate the relevant matters in light of their specific facts and circumstances, including existing legal, regulatory and compliance considerations and should discuss relevant matters with their legal and regulatory counsel.

Weaver’s Accounting & SEC Update webinar series, presented by Weaver’s public company practice, dives into relevant regulatory, accounting and reporting issues that public companies are facing. Our national professional practices team offers suggestions and technical updates to prepare for the upcoming reporting cycle and beyond. Register today!