The SEC's Crypto Approach Has Entered a New Phase
The SEC's approach to cryptocurrency regulation has undergone a significant transformation in 2025-2026. After years of regulation by enforcement under former Chair Gensler, the Commission has shifted toward a framework that provides clearer guidance while maintaining enforcement authority over genuine fraud and unregistered securities offerings. This shift reflects both political changes — a more crypto-sympathetic administration — and practical recognition that enforcement alone was not creating the regulatory clarity the market needed to mature responsibly.
The numbers tell the story of the transition. SEC crypto enforcement actions declined from 46 in 2023 to 28 in 2025, but the average case size increased significantly. The Commission is bringing fewer but more consequential cases, targeting outright fraud, market manipulation, and clear securities law violations rather than pursuing ambiguous regulatory boundary cases. Meanwhile, the SEC has issued multiple guidance documents clarifying how existing securities laws apply to specific categories of digital assets — something the industry had been demanding for years.
The Howey Test Evolution for Digital Assets
What Qualifies as a Security in 2026
The Howey test — requiring an investment of money in a common enterprise with an expectation of profits derived from the efforts of others — remains the foundational framework for determining whether a digital asset is a security. But its application to crypto has been refined through litigation and guidance. The most significant clarification came from the Ripple Labs decision on appeal, which established that the same digital asset can be a security in one transaction context and not in another. XRP sold directly to institutional investors as an investment contract is a security. XRP traded on secondary markets between individuals who have no relationship with Ripple may not be.
This transaction-context framework has been extended to other digital assets. The practical impact is that the classification of a token depends not just on its technical characteristics but on how and to whom it is sold, what representations are made, and whether purchasers reasonably expect profits from the efforts of an identifiable team. Tokens with fully decentralized governance and no identifiable development team are increasingly treated as commodities rather than securities. Tokens where a founding team retains significant holdings and actively develops the protocol remain in the securities classification danger zone.
The DeFi Classification Challenge
Decentralized finance protocols present the hardest classification questions. A truly decentralized exchange with no central operator, no treasury, and no governance token arguably does not involve a common enterprise and thus fails the Howey test. But most DeFi protocols are not truly decentralized — they have development teams, governance tokens, treasuries, and identifiable decision-makers. The SEC has brought several enforcement actions against DeFi protocols arguing that their governance structures constitute sufficient centralization to trigger securities classification.
The emerging framework distinguishes between DeFi protocols that are genuinely decentralized — where no entity can unilaterally modify the protocol or extract rents — and those that maintain centralized control behind a decentralization facade. This distinction is technically complex and fact-intensive, which means it will continue to generate enforcement uncertainty for protocols in the gray zone between centralization and decentralization.
Stablecoin Regulation: Clarity Emerging
The stablecoin regulatory framework has advanced significantly. The Stablecoin TRUST Act, which passed with bipartisan support, establishes federal licensing requirements for stablecoin issuers, mandates 1:1 reserve backing with approved asset types, requires regular audits, and provides a pathway for both bank and non-bank issuers to operate legally. This legislation resolved the regulatory uncertainty that had frozen institutional adoption of stablecoins for payments and treasury management.
Under the new framework, stablecoins backed by U.S. dollar reserves and issued by licensed entities are explicitly not securities — a critical clarification that resolves years of ambiguity. Algorithmic stablecoins, however, face additional scrutiny and disclosure requirements reflecting the lessons of the Terra-Luna collapse. The framework creates a two-tier system: licensed stablecoins that can be freely used in commerce and payments, and unlicensed stablecoins that face restrictions similar to unregistered securities.
Exchange Regulation and Market Structure
The SEC's approach to cryptocurrency exchange regulation has shifted from demanding that existing exchanges register under traditional securities exchange frameworks to developing a tailored registration path that accounts for the unique characteristics of digital asset trading. The proposed Alternative Trading System for Digital Assets framework would allow crypto exchanges to register with the SEC while operating under rules designed for digital asset markets rather than traditional equity markets.
This framework addresses several structural issues: 24/7 trading hours, cross-asset trading (securities and commodities on the same platform), custody requirements for digital assets, and the integration of decentralized and centralized trading mechanisms. Major exchanges including Coinbase and Kraken have engaged constructively with the rulemaking process, and the first registrations under the new framework are expected by late 2026.
Enforcement Actions That Still Matter
While the overall enforcement posture has softened, the SEC has maintained aggressive enforcement against fraud, market manipulation, and consumer harm. Notable 2025-2026 actions include cases against multiple meme coin promoters for undisclosed paid promotion of worthless tokens, enforcement against a DeFi protocol whose founder drained $180 million from user deposits through a smart contract backdoor, and a coordinated action with the DOJ against a crypto lending platform operating as an unregistered investment company.
The pattern is clear: regulatory gray areas are getting clearer guidance rather than enforcement, but clear violations — fraud, theft, market manipulation, and undisclosed conflicts of interest — continue to draw aggressive SEC action. The Commission has also increased coordination with the CFTC, FinCEN, and international regulators, creating a more comprehensive enforcement net for cross-border crypto crimes.
What This Means for Market Participants
For token projects: the path to regulatory clarity exists but requires careful legal analysis of your token's classification under the evolving Howey framework. Projects that can demonstrate genuine decentralization, utility, and commodity-like characteristics have a clearer path than those with centralized teams and investment-oriented marketing. For exchanges: the ATS-DA framework provides a registration path that was previously unavailable — engage with it proactively. For investors: the regulatory environment is improving, but diligence remains essential. Regulatory clarity does not eliminate fraud risk, and the crypto market continues to attract bad actors alongside legitimate innovation. For institutional adopters: the stablecoin framework and exchange registration path remove two of the largest barriers to institutional crypto adoption. The infrastructure for compliant institutional participation is being built in real time.
