On March 17, the U.S. Securities and Exchange Commission’s (SEC) Division of Corporation Finance published a 68-page interpretive release that, for the first time, tells the digital asset industry what is and is not a security. Four of the five categories it defines — digital commodities, digital collectibles, digital tools, and stablecoins — are not securities. The release also introduces a concept with no precedent in the federal securities laws: An investment contract that ceases to exist.
That alone would be the most significant crypto guidance the SEC has ever issued. But at SEC Speaks 2026, the Commission went further. Chairman Paul Atkins called the prior administration’s regulation-by-enforcement approach a failure. Commissioner Uyeda described exchanges that turned away when they tried to register and token issuers who received subpoenas instead of guidance. The SEC simultaneously announced a harmonization MOU with the U.S. Commodities Futures Trading Commission (CFTC) and began developing an innovation exemption for tokenized securities platforms.
For the dozens of companies and individuals still carrying the scars of the old regime — pending investigations, open Wells processes, active litigation — this is not just a policy shift. It is a set of arguments that did not exist six months ago. The question is how to deploy them.
The five-category taxonomy
Corp Fin’s interpretive release organizes digital assets into five categories, each with different regulatory consequences:
Digital commodities — Bitcoin, Ethereum, and other assets that function primarily as stores of value or mediums of exchange without dependence on any issuer’s ongoing managerial efforts. Not securities. The release treats this as settled, effectively ratifying years of staff statements and market consensus.
Digital collectibles — NFTs, meme coins, and similar assets whose value derives from cultural, aesthetic, or community factors rather than expectations of profit from an identifiable issuer’s efforts. Not securities. This category resolves a long-running ambiguity that generated significant enforcement activity.
Digital tools — Functional tokens that provide access to a network, protocol, or application and whose utility does not depend on continued efforts by a promoter or issuer. Not securities. The critical inquiry is whether the token’s value is driven by its utility or by expectations of profit tied to someone else’s work.
Stablecoins — Payment stablecoins as defined under the Genius Act. Not securities. The release defers to the legislative framework and declines to assert independent SEC jurisdiction.
Digital securities — Tokenized versions of traditional securities (stocks, bonds, fund interests). Remain securities, fully subject to the federal securities laws. The tokenization of the wrapper does not change the nature of the underlying instrument.
The taxonomy itself is significant. But the most consequential piece of the interpretive release is not the categories — it is the analysis of when an investment contract forms around a non-security digital asset and, just as important, when that investment contract ceases to exist.
The separation framework
Under SEC v. W.J. Howey Co., an investment contract requires an investment of money in a common enterprise with an expectation of profits derived from the efforts of others. The SEC has long argued that token sales satisfy Howey because purchasers invest in a project with the expectation that the issuer’s continued development efforts will increase the token’s value. That argument is how dozens of enforcement actions were brought against token issuers.
The interpretive release now acknowledges what defense counsel have argued for years: Even if a token sale initially involves an investment contract, the investment contract can cease to exist as the project matures and becomes self-sufficient. When the network is decentralized, the protocol is functional, and the token’s value no longer depends on the issuer’s ongoing managerial efforts, the Howey analysis no longer holds. The asset transforms from something sold pursuant to an investment contract into a non-security digital asset.
The release itself frames this as a separation of the asset from the investment contract; for clarity, this article refers to the concept as a “transformation” — reflecting the functional reality that the asset’s regulatory status changes as the underlying enterprise matures.
This is a genuinely novel legal framework. The securities laws have never recognized the concept of a security that stops being a security through the natural maturation of the underlying enterprise. And it carries immediate implications for pending enforcement matters.
What this means for pending cases
The Commission has already dismissed or declined to pursue more than a dozen crypto enforcement matters initiated under the prior administration — including high-profile actions against Coinbase, Binance, Kraken, and Gemini, and investigations into Uniswap Labs, OpenSea, Crypto.com, Robinhood, and Ondo Finance. In SEC v. Ripple Labs, the SEC dismissed its appeal and cross-appeal, leaving the district court’s final judgment intact. But many cases remain pending — some in active litigation, others in the investigative or Wells stage.
For targets of pending investigations, the interpretive release provides three categories of arguments that did not exist six months ago.
The asset was never a security. If the digital asset at issue falls into one of the four non-security categories under the new taxonomy, the enforcement theory collapses at the threshold. An asset that is not a security cannot be the subject of a securities fraud action, a registration violation, or an unregistered offering case. Defense counsel should immediately analyze whether the asset at issue in their client’s matter falls within the taxonomy’s safe harbors — and if it does, press the staff to dismiss.
The investment contract ceased to exist. Even if the token sale initially involved an investment contract, the transformation doctrine provides a defense if the project has since matured. Defense counsel should assemble evidence of decentralization: the transition from founder control to community governance, the reduction in the issuer’s role in protocol development, the emergence of independent validators or node operators, and the cessation of promotional activity that tied the token’s value to the issuer’s efforts. If the project has transformed, the enforcement action is based on a legal theory that the Commission itself has now abandoned.
The enforcement action was an exercise in regulation by enforcement that the Commission has repudiated. This is the political argument, and it should not be underestimated. Chairman Atkins, Commissioner Uyeda, and Commissioner Peirce have all publicly stated that the prior enforcement approach was wrong — not just imprudent, but wrong. A Wells submission or litigation brief that quotes these statements and argues that continuing the case would be inconsistent with the Commission’s own stated position puts the staff in the uncomfortable position of defending a theory that three of five commissioners have rejected.
The SEC-CFTC memorandum of understanding (MOU) and jurisdictional clarity
Separately, Chairman Atkins announced a memorandum of understanding with the CFTC to harmonize regulatory definitions, coordinate oversight, and share data. For digital asset companies that have spent years trying to determine whether their products fall under SEC or CFTC jurisdiction — and facing the risk of enforcement from both — the MOU is a welcome development.
The practical impact for defense counsel is twofold. First, the MOU should reduce the risk of duplicative enforcement, where both agencies bring parallel actions against the same conduct under different legal theories. Second, the MOU’s harmonization of definitions — particularly around security futures, security-based swaps, and the boundary between securities and commodities — should narrow the jurisdictional gray zone that has been the source of so much enforcement uncertainty.
For companies currently under investigation by both agencies, the MOU creates an opportunity to argue that the matter should be resolved by one regulator, not both — and to invoke the harmonization framework as evidence that the agencies themselves recognize the inefficiency of parallel proceedings.
The innovation exemption
The Division of Trading and Markets is developing what it calls an “innovation exemption” — a framework that would allow platforms using distributed ledger technology to experiment with trading tokenized securities outside the full weight of traditional market structure rules, while permanent regulations are developed. The details remain to be worked out, but the concept signals a regulatory posture that is fundamentally different from the prior approach.
For companies that were penalized under the prior regime for failing to comply with rules that the Commission now acknowledges may not fit — the irony is bitter but the practical lesson is clear. The regulatory environment has changed. The arguments available to defense counsel have expanded. And the window for using those arguments is open now.
What companies and counsel should do
If you have a pending investigation: Request a meeting with Enforcement staff to discuss the interpretive release’s application to your matter. Frame the conversation around the taxonomy, the transformation doctrine, and the Commission’s stated policy shift. If the asset at issue is not a security under the new framework, ask for the investigation to be closed.
If you have received a Wells notice: Your Wells submission should lead with the interpretive release. Integrate the taxonomy analysis, the transformation doctrine, and the Commission’s public repudiation of regulation by enforcement. The three-commissioner consensus that the prior approach was wrong is not just helpful context — it is a statement about how the current Commission views the very theory under which your client was investigated.
If you are in active litigation: Evaluate whether a motion to dismiss or a request for voluntary dismissal is appropriate in light of the changed regulatory framework. The SEC has voluntarily dismissed crypto cases in recent months. If your case rests on a legal theory that the Commission has now publicly abandoned, the staff may be receptive to a resolution that avoids an adverse precedent.
If you have not been contacted but were operating in the gray zone: The interpretive release is a compliance roadmap. Analyze your token, your platform, and your activities against the five-category taxonomy. If you are in a non-security category, document that analysis and preserve it. If you are in a gray area, engage with the Commission proactively — Corp Fin has signaled an open-door policy, and the Crypto Task Force is actively seeking industry input.
The regulatory pendulum has swung. For digital asset companies and their defense counsel, the opportunity to reshape pending matters and establish compliant pathways forward will not last indefinitely. The time to act is now.
Ashwin J. Ram is a partner at Buchalter LLP in Los Angeles, where his practice includes cryptocurrency and blockchain-related defense matters, securities litigation, and government investigations. He is admitted to practice in California, New York, Illinois, and the District of Columbia.