Zachary Fallon and James Blakemore are securities law attorneys who lead Ketsal Consulting, a strategic advisory firm focused on blockchain compliance.

The following is an exclusive contribution to CoinDesk’s 2018 Year in Review.

If the top cryptocurrency story of 2018 was the arrival of winter, a close and inextricably intertwined second was regulatory oversight.

The regulators are in ascendance, and anyone who started the year doubting the reason for, or extent of, the SEC’s or the CFTC’s oversight of digital asset markets should, by now, have been disabused. In the midst of all of 2018’s enforcement actions, however, a key message shouldn’t be lost: the regulators continue to invite companies and innovators to engage with them as their appreciation for, and regulation of, digital asset markets continues to evolve.

Forgiveness, Not Permission

In general, state and federal regulatory authorities prefer to be asked for permission, rather than forgiveness. That’s not really a secret. To date, and with limited exceptions, crypto market participants have largely taken the opposite approach. In 2018, we witnessed the consequences of that practice.

By our rough count, 2016 saw only one digital asset-related SEC enforcement action, while, in 2017, there were five (though two — the DAO report and the Munchee order—were of particular significance).

In early 2018, SEC Commissioner Jackson astutely observed that “If you want to know what our [traditional capital] markets would look like with no securities regulation, what it would look like if the SEC didn’t do its job? The answer is the ICO market.” True to form, as winter set in, the SEC brought 18 actions in 2018.

While the SEC has been the most active digital asset regulator in 2018, it’s not as if other regulators have ceded the field. The CFTC, for its part, prosecuted a number of notable enforcement actions this year. For many companies and individuals, asking for forgiveness rather than permission has proven to be a disastrous gamble.

Not engaging with regulators generally doesn’t work, and if you’re looking for examples, 2018 just finished coughing up a slew of them. Non-engagement is also bad for the industry, particularly if, in the absence of engagement, the most salient regulatory guidance the industry receives comes from enforcement actions against bad actors. Bad facts make bad law, as the old saw has it. So do bad defendants, and those who insist on proceeding without the assistance of counsel are particularly at risk of creating bad law.

When the regulator comes knocking, be sure they’ll have identified some bad facts, and bad facts can be harder to contextualize and mitigate when you’re on the defensive — particularly if you do not understand why the facts are bad in the first place. You’re more likely to trip when you’re on your heels. Regulation by enforcement too often means trying to talk a litigator out of an idea already formed based on actions you’ve already taken. Remember, violations of the law are necessarily post hoc determinations.

By contrast, when regulatory outreach, which can be done in any number of ways, is done thoughtfully and appropriately, it can give companies the opportunity to help form the outcome and/or prevent the violation in the first place. We saw some of the potential for such outreach to change the regulatory conversation earlier this year. What’s more, by reaching out to its regulator, a company is more likely to get the ear of an expert in a relevant field and to build their business in a compliant fashion.

Take the SEC for example. The SEC Division of Enforcement’s expertise is just that — enforcement of the securities laws. To be sure, enforcement litigators have extensive securities laws expertise and benefit from the close counsel of colleagues in other Divisions, but they bring different experience, goals, and incentives to bear. If you run a decentralized exchange, it’s in your interest to ask the Division of Trading and Markets about your conduct, rather than to have the Division of Enforcement do it for you.

Similarly, if you have questions about how to raise money through an STO that only the SEC can answer, you should ask the Division of Corporation Finance for assistance. Generally, it’s better to approach the regulator before the regulator approaches you.

For now, though, the most public player at the SEC has been the Division of Enforcement, and it has systematically worked its way through the areas overseen by other Divisions, ticking off market participants one by one. We now have orders regarding unregistered digital asset broker-dealers, exchange platforms, issuers, promoters, and hedge funds, while gatekeepers remain on perpetual notice.

These orders and statements act as both guidance and warnings. And, as the SEC has signaled its developing views regarding the various players in the space, it has also made sure to emphasize that it makes good on its warnings. “[T]he Commission warned [you] in its July 25, 2017, DAO Report . . . that virtual tokens or coins sold in ICOs may be securities,” and yet most of your illicit activity happened “during the period following the DAO Report,” the SEC, in essence, has stated.

The regulators mean what they say. We’d do well to listen to what they’re saying now.

Accept the Invite

So, what are they saying?

In 2018, the SEC pointed out a lot of things crypto market participants should not do, but it also suggested affirmative steps for compliance-oriented players. First and foremost, in October the SEC announced the launch of its Strategic Hub for Innovation and Financial Technology, or “FinHub.”

FinHub’s stated purpose is to facilitate public engagement with the SEC on, among other issues, digital assets and related matters—precisely what we’ve advocated for above.

More obliquely, the SEC has signaled its desire to understand and get the tech right. In the EtherDelta order, the SEC noted that it opted not to “impose a greater penalty” on Zachary Coburn in light of his “efforts [to] facilitate[] the [SEC’s] investigation involving an emerging technology.” The SEC’s technical competence was on full display in the order. Many of settled SEC orders expressly note the cooperation of the parties involved as a mitigating factor for the reduced civil penalties imposed. The SEC is signaling that the Seaboard Report is still alive and well, and applicable to the digital asset space.

The CFTC has similarly created LabCFTC, “designed to make the CFTC more accessible to FinTech innovators,” including in the digital asset industry. CFTC Commissioner Brian Quintenz has encouraged engagement through LabCFTC and suggested that digital asset innovations in some cases may even “require the Commission to rethink its existing regulations or provide regulatory relief.”

Innovators and market participants can also engage in the regulatory process itself. Under the Administrative Procedure Act, independent federal agencies like the SEC and CFTC are required to provide notice of proposed rule-makings (that is, of additions or changes to existing rules and regulations) and to consider any relevant matter presented to them as a result before adopting a new or amended rule.

Some forward-looking digital asset companies have already availed themselves of the opportunity provided by the notice and comment procedure. Yet, the vast majority have not. The regulatory notice and comment procedure is generally in perpetual motion, and opportunities to comment and drive the conversation will continue to arise in the future.

At the moment, among other things, the SEC is not only requesting comment on potential changes to Securities Act Rule 701, which provides an exemption from registration for securities issued by private companies pursuant to compensatory arrangements — an area of obvious relevance to digital asset companies that seek to compensate employees, service providers, and ecosystem participants with native digital asset securities — but also on how it can reduce burdens on reporting companies associated with quarterly reporting. Companies, like AirFox and Paragon, may soon have views on the latter.

Similarly, the CFTC is seeking public comment on digital asset “mechanics and markets.” And, this summer, the North American Securities Administrators Association (or “NASAA”), which represents the collective interests of state securities regulators in Washington, D.C. and beyond, opened for public comment potential changes to the treatment of securities in secondary market transactions that, when adopted, will impact the trading of non-exchange listed digital asset securities.

The digital asset community should not let these opportunities to be heard, and to help shape the scope of the regulatory framework going forward, pass them by.

Help a Hammer See More than a Nail

We’re aware that you may be saying to yourself: “Wow. Lawyers who like law. What a surprise.” And, that’s true. We are and we do. But we also like crypto. Being a lawyer and liking crypto is not a zero-sum game—just ask ฿ully esq. We want to see the industry succeed.

Regulators are going to regulate the digital asset space with or without the participation of the people and businesses in it. We should make sure we’re all there to help them get it right.

In 2018, we learned about regulatory oversight. 2019 should be about driving it.

Have an opinionated take on 2018? CoinDesk is seeking submissions for our 2018 in Review. Email news [at] to learn how to get involved.

Image via CoinDesk archives