The Commodity Futures Trading Commission (“CFTC”) recently published a detailed primer on smart contracts. The Primer discusses their functionality, use cases, regulatory environment and potential risks. It describes a “smart contract” as a set of coded computer functions that (1) may incorporate the elements of a binding contract (e.g., offer, acceptance, and consideration), or (2) may execute certain terms of a legal contract, or (3) allows self-executing computer code to take actions at specified times or based on reference to the occurrence or non-occurrence of an action or event (e.g., delivery of an asset, weather conditions, or change in a reference rate). The Primer also observes that a smart contract may not be a legally binding contract, which is a critical distinction for developers and entrepreneurs (and their counsel) in the digital economy.
The Primer notes that a smart contract may give rise to potential benefits through an economic transaction, including in the areas of standardization, security, economy and speed, business innovation and regulatory innovation. Examples of opportunities for regulatory innovation include:
- built-in regulatory compliance (e.g., cannot sell to a non-Eligible Contract Participant (ECP) as defined under CFTC regulations; cannot sell until mandated holding period has passed; or must report certain data);
- new regulatory reporting models (e.g., smart contracts automatically report data at pre-determined intervals); and
- stress testing built into smart contracts and regulatory nodes (e.g., execute scenarios on smart contracts to determine payouts across a network).
The Primer also provides a variety of use cases for smart contracts in the financial markets. For example, entities registered with the CFTC may use smart contracts to:
- streamline trading of products subject to oversight by the CFTC (e.g., options, futures, and swaps) and enhance efficiency from pre-trade through post-trade (e.g., price discovery, execution, clearing, and settlement);
- reduce duplicative confirmation;
- reduce trade, capital, and margin risks;
- automate fulfillment of contracts;
- enhance compliance with internal written policies and procedures and with legal obligations and regulatory requirements; and
- improve regulatory reporting.
According to the CFTC, depending on its structure, operation, and relevant facts and circumstances, a smart contract could be a commodity, forward contract, futures contract, option on futures contract, or swap, each as defined under applicable CFTC regulations. The Primer lists a number of regulatory regimes that could apply to smart contracts, including:
- Commodity Exchange Act and CFTC regulations.
- Federal and state securities laws and regulations.
- Federal, state, and local tax laws and regulations.
- The Uniform Commercial Code (UCC), Uniform Electronic Transactions Act (UETA), and Electronic Signatures in Global and National Commerce Act (ESIGN Act).
- The Bank Secrecy Act.
- The USA PATRIOT Act.
- Other Anti-Money Laundering (AML) laws and regulations.
- State and federal money transmission laws.
The Primer emphasizes that existing law and regulation apply equally regardless what form a contract takes. Accordingly, contracts or constituent parts of contracts that are written in code are subject to otherwise applicable law and regulation. As we recently summarized, for example, the Securities and Exchange Commission recently brought an action against the developer of a decentralized token exchange that functioned through a complex smart contract for failure to register with the SEC.
Against this backdrop, the Primer warns that derivatives contracts, including those that are smart contracts deployed on a decentralized blockchain, must not:
- Perpetrate or effect fraud or manipulation.
- Be traded on or processed by a facility that is not appropriately registered.
- Violate the CEA or CFTC regulations, including:
- Disruptive trading practices (e.g., spoofing).
- Failure to maintain records or reporting violations.
- Failure to be supervised appropriately or to satisfy financial integrity requirements.
- Be traded or executed by individuals or firms that are required to be registered with the CFTC but are not and do not have an exception or exemption from registration.
- Violate the Bank Secrecy Act or USA PATRIOT Act.
The Primer makes a series of warnings concerning potential cybersecurity risks inherent in smart contracts, and concludes with the aspiration that good governance standards for smart contracts may help to address the challenges and risks that they present.