SEC

The Staff’s most recent actions continue to set the stage for notice-and-comment rulemaking long-awaited by the digital asset industry.

By Zachary Fallon, Stephen P. Wink, Naim Culhaci, Donald Thompson, and Deric Behar

On May 15, 2025, the Securities and Exchange Commission’s (Commission or SEC) Division of Trading and Markets (the Staff) announced1 two actions concerning digital assets and the securities laws:

  1. Along with the Office of General Counsel of the Financial Industry Regulatory Authority, Inc. (FINRA) — it withdrew a joint statement (the 2019 Joint Statement) issued on July 8, 2019, that effectively curtailed broker-dealers from custodying digital asset securities.
  2. It issued a set of FAQs related to broker-dealer and transfer agent engagement with digital assets and blockchain (the Crypto FAQs), covering topics such as the Customer Protection Rule, custody, the Securities Investor Act of 1970 (SIPA), recordkeeping, transfer agent registration, and master securityholder files.

Withdrawal of the 2019 Joint Statement

The 2019 Joint Statement from the SEC and FINRA had declared the SEC’s prior position on broker-dealer custody of digital asset securities pursuant to Rule 15c3-3 under the Securities Exchange Act of 1934 (the Customer Protection Rule). The Customer Protection Rule requires broker-dealers to “safeguard customer assets and to keep customer assets separate from the firm’s assets, thus increasing the likelihood that customers’ securities and cash can be returned to them in the event of the broker-dealer’s failure.”

Historically, broker-dealers have approached this requirement by undertaking reasonable procedures regarding the safekeeping of securities. However, due to the risk of criminal cyberattacks on digital asset trading platforms, the 2019 Joint Statement implied that heightened standards of security applied to broker-dealers seeking to custody such assets. It noted that “significant technological enhancements and solutions unique to digital asset securities” may be needed for broker-dealers to custody digital assets in accordance with securities laws.

The Customer Protection Rule requires broker-dealers to either have physical possession or control of digital asset securities. The 2019 Joint Statement interpreted “control” in the digital asset context to mean exclusive control, noting that maintaining a digital asset’s private key may not evidence exclusive control, as another party could have a copy of the private key and transfer the digital asset security without consent. The 2019 Joint Statement stated that this was not an issue with traditional securities, as security ownership was represented by possession of original certificates and exclusive control was implicit. The 2019 Joint Statement did not provide express guidance on how a broker-dealer may demonstrate control, other than to say that some broker-dealers seeking to custody digital assets have proposed various “control locations” that the SEC and FINRA would be willing to consider as part of their general application evaluation process.

The 2019 Joint Statement also touched on considerations relating to recordkeeping, net capital computation, and SIPA coverage. Ultimately, the 2019 Joint Statement held that broker-dealers that do not seek to custody digital assets but seek to otherwise engage in brokerage activities with digital assets (e.g., private placements, or if the broker-dealer matches buyers and sellers who conduct settlement between themselves), should be permitted to do so. The 2019 Joint Statement had proposed potential non-custodial approaches for broker-dealers transacting in digital asset securities, but did not offer a potential custodial solution. Thus, it effectively closed the door for broker-dealers seeking to custody digital asset securities (for more information, see this Latham blog post).

The withdrawal of the 2019 Joint Statement is consistent with the continued push of the SEC and Staff (as well as other federal agencies) to dial back statements and guidance issued in previous administrations, in line with the crypto-friendly approach of the current administration and agency leadership. The withdrawal also cleared the way for the Crypto FAQs, which represent an incremental step forward (to echo Commissioner Hester M. Peirce’s description of the FAQs) in providing the much-needed interpretive guidance lacking from the 2019 Joint Statement.

The Crypto FAQs

The Crypto FAQs cover a range of topics relevant to broker-dealers engaging in digital assets. Key takeaways include the following.

Rule 15c3-3: The Customer Protection Rule

  • According to the Crypto FAQs, paragraph (b) of the Customer Protection Rule (“Physical possession or control of securities”) does not apply to digital assets that are not securities.

Notably, Commissioner Peirce has stated as recently as May 19, 2025, that in her view, most digital assets are not securities (“most crypto assets in existence today are not instruments enumerated in the definition of ‘security.’”)

  • According to the Crypto FAQs, a broker-dealer can establish control of a digital asset that is a security via Paragraph (c) of the Customer Protection Rule (“Control of securities”) (e.g., the custody or control of a bank), and the Staff “will not object if a digital asset security is not in certificated form when held at an otherwise qualifying control location under paragraph (c).”

While this statement leaves open certain questions regarding how custody of a digital asset security would work, it paves the way for broker-dealers to custody digital assets at their custodian banks (Rule 15c3-3(c)(5)) and to seek specific relief from the Staff in relation to custody arrangements for digital asset securities pursuant to Rule 15c3-3(c)(7) in the form of what is commonly known as a “no lien letter.”

Special Purpose Broker-Dealers (SPBD)

In December 2020, the SEC published a statement (“Custody of Digital Asset Securities by Special Purpose Broker-Dealers”) establishing a temporary safe harbor for registered broker-dealers to custody and transact in digital asset securities (the SPBD Statement). To qualify for the exemption, the SPBD Statement set forth the minimum measures that broker-dealers must take to comply with the Customer Protection Rule when acting as custodians of digital asset securities. According to the SPBD Statement, “a broker-dealer operating under the circumstances set forth in [the SPBD Statement] will not be subject to a Commission enforcement action on the basis that the broker-dealer deems itself to have obtained and maintained physical possession or control of customer fully paid and excess margin digital asset securities for the purposes of [the Customer Protection Rule]. These broker-dealers will be subject to examination by the [FINRA] and Commission staff to review whether the firm is operating in a manner consistent with the circumstances described in [the SPBD Statement].”

The guiding principle behind the SPBD Statement was to mitigate the risk of the loss or theft of digital asset securities and the impact of such an event on broker-dealers, their customers and counterparties, and other market participants (for more information, see this Latham blog post). It added multiple obligations on top of the Customer Protection Rule but did not directly amend it. The SPBD Statement sought, in a sense, to fill the gaps left by the ambiguous 2019 Joint Statement, but industry participants saw the additional requirements as onerous or untenable, such as the requirement that SPBDs limit their business only to digital asset securities. As a result, it appears that only two entities were able to successfully register with the SEC and FINRA as an SPBD and their operations have been limited.

  • According to the Crypto FAQs, compliance with the SPBD Statement is not required for broker-dealers seeking to custody digital asset securities. If a broker-dealer establishes control of a digital asset security via Paragraph (c) of the Customer Protection Rule, that is sufficient.

The SPBD Statement and the SPBD exemption (now referred to as a “safe harbor”) would seem to be obsolete in the wake of the Crypto FAQs. However, in a statement on the Crypto FAQs, Commissioner Peirce stated that “the SPBD continues to be a non-exclusive safe harbor upon which broker-dealers can rely.” She also implied that the SEC or Staff may be considering “replac[ing] the special purpose broker-dealer statement with a more fit-for-purpose statement addressing how broker-dealers may custody crypto assets that are securities, including tokenized versions of traditional securities.”

Capital Requirements

Custody and capital requirements do not prohibit a broker-dealer from facilitating in-kind creations and redemptions in connection with a spot crypto exchange-traded product (ETP), as long as proprietary positions in the ETP’s underlying assets are included in net capital calculations (and may utilize the 20% haircut for readily marketable commodities). Currently, this would apply only to bitcoin and ether — the only two digital assets underlying tradable ETPs. However, a number of applications are pending for other digital asset ETPs, and Commissioner Peirce’s statement on the Crypto FAQs confirmed that this limitation does not mean that those are the only two non-security digital assets that broker-dealers may custody and treat as readily marketable.

SIPA and Crypto Insolvency Issues

  • According to the Crypto FAQs, investment contracts that are not the subject of a registration statement filed under the Securities Act of 1933 (including digital assets) are not protected under SIPA.
  • Although SIPA does not protect custodial claims for digital assets that are not securities, the FAQs note that a broker-dealer may agree to treat such assets as “financial assets” that are carried in a “securities account” for purposes of Article 8 of the Uniform Commercial Code. Such treatment would ensure that they do not become part of the broker-dealer’s estate if the broker-dealer is placed in a liquidation under SIPA or the Bankruptcy Code.

Recordkeeping

  • According to the Crypto FAQs, a broker-dealer engaged in a non-security digital assets business “could make and keep the same records for its non-security crypto activities as it does for its securities activities.”

Transfer Agents

Section 3(a)(25) of the Exchange Act defines “transfer agent” as any person who engages on behalf of an issuer of securities or on behalf of itself as an issuer of securities in:

  • countersigning such securities upon issuance;
  • monitoring the issuance of such securities to prevent unauthorized issuance;
  • registering the transfer of such securities;
  • exchanging or converting such securities; or
  • transferring record ownership of securities by bookkeeping entry without physical issuance of securities certificates.

Under Section 17A(c)(1) of the Exchange Act, transfer agents performing these activities for a security registered under Section 12 of the Exchange Act must register with the SEC.

  • According to the Crypto FAQs, a person must register with the SEC as a transfer agent if they are engaged in any of the above Section 3(a)(25) activities for digital asset securities registered under Section 12.

Section 240.17Ad-9(b) of the Exchange Act defines “Master Securityholder File” as the official list of individual securityholder accounts.

  • According to the Crypto FAQs, a registered transfer agent can use blockchain as its official Master Securityholder File, provided that the transfer agent complies with all other applicable requirements under the federal securities laws. The transfer agent must also ensure that its records are “secure, accurate, up-to-date, produceable to the [SEC] and its staff in an easily-readable format, and maintained for the required time periods under the rules.”

This represents a critical step toward enabling atomic settlement and tokenization of listed securities. It also represents a departure from prior SEC positions, including in the 2019 Joint Statement, that restricted transfer agents’ utilization of distributed ledger technology in connection with the master securityholder file to merely publishing an unofficial “courtesy” copy of the ownership record. It further opens up another potential pathway for broker-dealers to custody digital assets, if a broker-dealer has such a transfer agent keeping such blockchain records approved as a “good control location” by the SEC pursuant to Rule 15c3-3(c)(7).

Conclusion

The Crypto FAQs are generally straightforward, and Commissioner Peirce noted as much in her statement on the FAQs, stating that “they simply reiterate what [the SEC’s] rules already say or do not say.” The Crypto FAQs and withdrawal of the 2019 Joint Statement appear to be part of SEC Chairman Paul Atkins’ directive to SEC staff across all divisions “to begin drafting rule proposals related to crypto, [and] continue to ‘clear the brush’ through staff-level statements” (for more information, see here, here, here, and here). In line with Chairman Atkins’ statement, while the Crypto FAQs “clear the brush” they leave numerous questions unanswered (e.g., regarding what broker-dealer custody of digital assets will look like in actuality). Ultimately, this is very welcome guidance that will enable broker-dealers to engage more broadly with digital assets and digital asset securities.

Follow this and other critical developments on Latham’s US Crypto Policy Tracker.