Smart contracts, also referred to as chaincode in the Hyperledger world, are one of the most powerful aspects of blockchain and Distributed Ledger Technology (DLT). This “self-executing” code can receive various inputs and, based on “if-then” logic encoded therein, can take various actions and update the ledger state.
Based on recent actions by U.S. regulators, smart contract developers need to be aware of potential liabilities that they may face (beyond the usual issues with software development).
The first issue is potential liability under the U.S. Commodity Futures Trading Commission (CFTC) regulations. In a speech on October 16, 2018, the CFTC Commissioner stated that smart contract developers may be held liable for aiding and abetting CFTC rule violations if they could reasonably foresee, at the time they created the code, that it would likely be used by U.S. persons in a manner violative of CFTC regulations. If it proves to be reasonably foreseeable, he indicated that his personal belief is a “strong case could be made that the code developers aided and abetted violations of CFTC regulations.”
Determining when the use of a smart contract violates CFTC regulations is a complex question. However, the CFTC has been among the more proactive agencies in issuing guidance on how their rules apply to cryptocurrency and blockchain technology. Some of their general guidance on Bitcoin and other digital currencies can be found here. Just today, the CFTC released “A CFTC Primer on Smart Contracts” which is focused on explaining smart contracts, exploring how they may impact our markets and highlighting potentially novel risks and challenges. A copy of this primer can be found here.
In another recent development, the U.S. Securities and Exchange Commission (SEC) reached a settlement in November 2018 with a smart contract developer relating to an unregistered securities exchange. This matter related to a digital “token” trading platform. The platform was a marketplace for bringing together buyers and sellers for digital asset securities through the combined use of an order book, a website that displayed orders, and a “smart contract” run on the Ethereum blockchain. According to the SEC, the “smart contract was coded to validate the order messages, confirm the terms and conditions of orders, execute paired orders, and direct the distributed ledger to be updated to reflect a trade.” The SEC further added that the platform “had both the user interface and underlying functionality of an online national securities exchange and was required to register with the SEC or qualify for an exemption.” It was the SEC’s first enforcement action based on findings that such a platform operated as an unregistered national securities exchange.
The SEC further noted that the system executed millions of orders for ERC20 tokens, including tokens that are securities under the federal securities laws. It stated that most transactions occurred after the SEC issued its 2017 DAO Report, which concluded that certain digital assets, such as DAO tokens, were securities and that platforms that offered trading of these digital asset securities would be subject to the SEC’s exchange registration requirements or operate pursuant to an exemption.
Two things are clear. First, smart contracts are powerful tools and their use will increase as more blockchain and DLT deployments occur. Second, the U.S. regulators are increasing their scrutiny of and enforcements against offerings that do not comply with the law. This includes certain activities of smart contract developers.
For these reasons, it is critical that smart contract developers (and anyone else using this technology) ensure that their offerings are compliant with the law. Over the past couple of years, much of the regulatory focus has been on ICOs. The matters addressed above should serve as a reminder that as the industry moves on from ICOs and focuses on actual deployment of smart contract-based applications, other regulatory issues need to be addressed.