SEC Update Clarifies When a Cryptocurrency Qualifies as a Security

The US Securities and Exchange Commission (SEC) and the Commodity Futures Trading Commission (CFTC) have issued new guidance about how existing federal securities laws apply to cryptocurrency assets and common on-chain activities.

A Shumaker client alert explains how the March 17, 2026 guidance supersedes the SEC’s 2019 digital-asset framework and provides practical, cryptocurrency-specific application of the longstanding Howey test without displacing it.

The regulators’ new interpretive release is a first step toward harmonized federal oversight of digital assets.

The SEC classifies cryptocurrency assets by economic function. Digital commodities, collectibles, and utility tokens are generally not securities; tokenized traditional instruments remain securities. Named examples of digital commodities include Bitcoin, Ether, Solana, XRP, Cardano, and Litecoin.

Payment stablecoins issued by permitted issuers under the Genius Act are excluded as the framework phases in. The release confirms that protocol mining, staking, certain wrapping, and some airdrops do not constitute securities transactions when conducted as described.

A non-security token may be offered “subject to” an investment contract if the issuer makes representations through channels such as websites, or regulatory filings, creating a reasonable expectation of profits from managerial efforts.

Unauthorized third-party marketing does not count. Separation from investment contract status occurs when purchasers can no longer reasonably tether the issuer’s efforts to the token, either immediately upon delivery or later upon unambiguous project abandonment.

Counsel advising token issuers should immediately audit offering communications, including whitepapers, social media, and marketing materials against the SEC’s new guardrails for investment contract analysis. Disclosure obligations and securities registration determinations for digital asset products must now be aligned to the interpretive release rather than the 2019 framework.

For M&A and investment transactions involving crypto assets, due diligence should incorporate revised security classification analysis. Firms operating across jurisdictions should monitor the comment process and anticipated CFTC coordination for cross-border regulatory implications.