The SEC, Digital Assets, and Game Theory

Digital assets, cryptoassets, cryptocurrencies, and security-tokens have become ubiquitous. Yet approaches to regulating them differ around the globe. In the U.S., the Securities and Exchange Commission (“SEC” or “Commission”) has become a uniquely active crypto-regulator. In my recent article, I examine the Commission’s approach to digital-asset markets.

The Commission has not provided a clear rule for determining whether a digital asset is a security subject to the federal securities laws or something else, like a commodity not subject to the securities statutes. Instead, the SEC has opted for the more flexible approach of enforcement actions that rely on the definition of securities as investment contracts under the Supreme Court’s Howey test.[1] Howey provides a broad, functional definition of securities.[2] Chair Gary Gensler’s recent statements suggest that the SEC will continue this approach,[3] even though regulation through enforcement of rules may increase uncertainty in the market and undermine regulatory clarity.

It is likely that the SEC initially understood the need for clarity and attempted to mitigate the risk of uncertainty in crypto markets with a clear and predictable enforcement strategy. This strategy helped the SEC give market participants an incentive to comply with securities laws and cooperate with Commission staff. More recently, however, that clarity has given way to tactical inconsistencies illustrated by the three legal battles of 2020–2021: Kik,[4] Telegram,[5] and Ripple.[6] These inconsistencies undermine the value of enforcement as an efficient and predictable regulatory device.

In my article, I begin by examining the data on crypto-related enforcement actions. In 2017-2020, crypto-enforcement actions were broad, involving multiple market actors, including issuers of digital-asset securities, broker-dealers, exchanges, a foreign-based rating agency, and several promoters. The enforcement efforts focused not only on the antifraud provisions of the federal securities laws, but also the registration provisions of the Securities Act (Section 5) and the Exchange Act (Sections 5 and 15). Most defendants and respondents were from the United States, although the highest penalties and disgorgement amounts were paid by non-U.S. and multi-jurisdictional companies. The SEC initiated approximately equal numbers of crypto-actions in court and in administrative proceedings and brought charges against entities and their insiders.

This massive crypto-enforcement program should not, however, be examined solely through the lens of numbers.[7] Game theory helps to reveal how this approach comported with the SEC’s statutory objectives and promoted regulatory clarity, at least initially. This “game” between the Commission and private parties may be described as the game of cooperation. Generally, the main, or “dominant,” strategy of any rational player is to maximize its payoff. For the SEC, this strategy takes the form of promoting innovation by reciprocating cooperation (by, for example, imposing a more lenient penalty or forgoing enforcement altogether). The worst possible strategy — the one with the lowest payoff, called the “strictly dominated strategy” — is to condone violations. Ignoring violations undermines market integrity and exposes investors to risk. In the public world of crypto, such regulatory responses to violations are quickly noticed by market participants. No rational player, including the Commission, would use a strictly dominated strategy. Knowing this, crypto-firms should seek to cooperate with the Commission to avoid enforcement. The Commission would in turn maximize its policy payoffs by reciprocating and cooperating with the well-intentioned firms.

The wrinkle, however, is that this dynamic game is not only about cooperation but also about coordination where players develop interdependent strategies. Namely, there could be cases where the SEC might reply with enforcement to attempts to cooperate, and the factors tipping the balance in favor of either cooperation or enforcement would be unknown to the private players beforehand. However, private firms must know the preferences of the Commission as they decide whether to cooperate with the SEC (and incur compliance costs). Put differently, private firms are more likely to be good citizens if they know what is expected of them.

In the absence of a formal rule, this information comes only from enforcement. If the SEC did not take cooperation into account in the past, crypto-firms would expect to get nothing from being good citizens and could forgo costly compliance altogether. The result would be a suboptimal equilibrium of ab initio non-compliance.

To avoid this outcome, enforcement policies should be consistent and reward cooperation, which would minimize non-coordination and lower barriers to entry for private firms. This is indeed what SEC crypto-enforcement did in the first two years, in 2017-2019: The Commission created predictable rules of the game through enforcement. The major actions (including The DAO Report, Munchee,, and others) support this conclusion.

Unfortunately, from the second half of 2019 through mid-2021, the strategy foundered, as illustrated by Kik, Telegram, and Ripple. Ripple, a global payments system, was charged with violations of the registration provisions of securities law (there were no allegations of fraud). In the complaint, the SEC sought both a civil penalty and disgorgement that was pegged to the full amount of the consideration received by Ripple in the past eight years (about $1.38 billion) and any prejudgment interest.

Telegram, an instant messaging service that issued digital-asset securities to finance its new blockchain, attempted to cooperate with the SEC for a year, modified its project to incorporate SEC staff’s comments, and had a good reputation in the developer community. The SEC, however,  effectively shut it down and forced Telegram to pay what at the time was the highest penalty and disgorgement amount for registration violations – defendants were “jointly and severally liable for disgorgement of $1,224,000,000” and ordered to pay a civil penalty in the amount of $18,500,000,291, which constituted a 73 percent loss vis-à-vis the total proceeds from the offering.

By contrast, Kik, an instant messaging app, did not attempt to cooperate,  was insolvent according to the SEC, and was never widely adopted. Yet it received lenient treatment and survived the enforcement action. Kik was enjoined from violating securities law and agreed to pay a civil penalty of only $5 million, i.e., about 5 percent of its offering proceeds.

My article examines these three cases and demonstrates that they represent a departure from the initially coherent enforcement strategy of the Commission. They lie outside the strategy of cooperating with and rewarding the good “crypto-citizens”: The SEC has drastically changed its approach, ignored cooperation, and failed to show leniency in enforcement as a way to support cooperating non-fraudulent innovators. These inconsistencies may reduce the positive effects of the SEC’s predictable regulation through enforcement in crypto. The benefits of cooperation with the Commission are now unclear, and the task of promoting clarity and certainty through enforcement is more difficult, perhaps necessitating a formal rule in digital-asset markets.


[1] SEC v. W. J. Howey Co., 328 U.S. 293, 298 (1946) (defining “investment contract”).

[2] On the distinctions between formal and functional rules, see Howell E. Jackson, Regulation in a Multisectored Financial Services Industry: An Exploratory Essay, 77 Wash. U. L. Rev. 319 passim (1999).

[3] Dave Michaels & Alexander Osipovich, SEC Chief Gary Gensler Braces for Clash With Crypto Traders, The Wall St. J., Aug. 5, 2021.

[4] SEC v. Kik Interactive, No. 19-cv-5244, 2020 U.S. Dist. LEXIS 181087 (S.D.N.Y. Sept. 30, 2020). See also Carol R. Goforth, Regulation of Crypto: Who is the SEC Protecting?, Am. Bus. L.J. (forthcoming 2021), available at

[5] SEC v. Telegram Grp. Inc., No. 19-cv-9439, 2020 U.S. Dist. LEXIS 53846 (S.D.N.Y. Mar. 24, 2020).

[6] Complaint, SEC v. Ripple Labs, Inc., No. 1:20-cv-10832 (S.D.N.Y. Dec. 22, 2020).

[7] For an international overview, see, e.g., Douglas S. Eakeley & Yuliya Guseva, with Leo Choi & Katarina Gonzalez, Crypto-Enforcement Around the World, 994 S. CAL. L. REV. POSTSCRIPT 99 (2021).

This post coms to us from Professor Yuliya Guseva at Rutgers Law School. It is based on her recent article, “The SEC, Digital Assets and Game Theory,” available here.