More than 100 cryptocurrency exchanges and over 1,000 initial coin offerings are operating outside US laws meant to protect investors from fraud, says Gary Gensler, who chaired the Commodity Futures Trading Commission from 2009 to 2014. This must end before some of the most promising financial applications of blockchains can be realized, Gensler—now a lecturer at MIT and senior advisor to MIT’s Digital Currency Initiative—told the audience today at MIT Technology Review’s Business of Blockchain conference.

Even popular cryptocurrencies XRP and Ether might be securities and thus subject to relatively strict regulation, he said.

More than $10 billion has been raised via ICOs, a blockchain-based fund-raising method. But a significant fraction of these are fraudulent, and many were launched in a way that is not compliant with US securities laws established in the 1930s. To reach its full potential “blockchain technology will need to come within the public policy framework,” Gensler said. “We’re not in very good shape right now.”

Blockchain technology has a chance to lower costs, lower risks, and remove unnecessary middlemen in the global financial system, said Gensler, but “the question is: how do we move forward?” First, what’s needed is a lot more clarity in the marketplace, he said. Regulators across the globe are scrambling to make sense of ICOs, trying to determine whether they are traditional investments like stocks and bonds—or something else that shouldn’t be subject to securities rules.

In fact, in many cases the answer is that they are both, said Gensler. If investors are buying tokens with the expectation that they will appreciate in value based on the efforts of others, that matches the traditional legal definition of a security, he said.