Continuing its efforts to engage with FinTech innovators and market participants in the adoption of new technologies, the Commodity Futures Trading Commission (“CFTC”) and its LabCFTC[1] released a Primer on Smart Contracts (the “Primer”) on November 27. The Commission focused its Primer on (1) detailing the technical aspects of smart contract technology; (2) examining potential benefits and risks connected to their widespread adoption; and (3) the CFTC’s role in regulating the adoption of the technology within those markets under its jurisdiction.
The Primer is notable as a form of proactive engagement with market participants on the implications under the Commodity Exchange Act (“CEA”) and CFTC regulations from their use of a new and innovative technology, prior to its widespread adoption. Of particular importance is that the CFTC not only addressed the use of smart contracts to automate traditional derivatives contracts, but also made a point of stating that, depending on how a smart contract is structured, it could qualify as a CFTC-regulated derivative product itself.
The CFTC also appears to be viewing smart contracts as another use of technology to automate financial markets, much like algorithmic trading, stop loss orders, and smart order routers. The CFTC’s current leadership seems inclined to take a principles-based approach to these types of innovations. But, notably, the CFTC has in the past favored a more prescriptive approach, for example by proposing enhanced regulation of algorithmic or automated trading. Other regulators have, at times, also taken or proposed to take a more prescriptive approach to these types of trading innovations. Distinguishing smart contracts might accordingly be important to ensure appropriately tailored regulation of them.
Background on Smart Contract Technology
As the Primer detailed, smart contract technology is merely computer code designed to self-execute a transaction at a pre-specified time and/or based on the occurrence or non-occurrence of a specific action or event.[2] However, a smart contract is only as “smart” as the code that was written or the external reference data that is selected.
In the Primer, the CFTC pointed to the following technical aspects of a smart contact necessary to understanding both its potential market benefits and the inherent risks of widespread adoption:
- Authentication of transaction parties and asset ownership – Smart contract code accomplishes this through the use of private cryptographic “key” identifiers held by parties to a transaction operating on a particular blockchain that have been pre-programmed to verify those parties’ assent to the transaction.
- Utilization of outside information to trigger actions automatically – When counterparties agree to use an “oracle,”[3] pre-programmed to monitor external reference data, the contract can incorporate this data without further human assistance.
- Self-execution of transactions – When private key identifiers and data from oracles are properly incorporated into a smart contract, a transaction’s execution can be automated to occur at the agreed upon time or an event’s occurrence.
The Potential Benefits and Costs of Smart Contract Adoption in Financial Markets
Based on these technical capabilities, the CFTC used the Primer to highlight the substantial benefits of market-wide smart contract adoption. For instance, smart contracts could reduce transaction times, and counterparty and settlement risk. Additionally, if properly coded, they could ease regulatory compliance and reporting and help foster business innovation.
To illustrate these benefits, the Primer highlighted a series of financial market use cases. These included the streamlining of post-trade processes and the use of oracles to assist in conducting real-time valuations and margin calls within derivatives markets, and the automation of dividends and stock splits in securities markets. Across both markets, widespread use of smart contracts could lead to more efficient trade settlement and clearance, and greater standardization in data reporting and recordkeeping.
In one example, the CFTC demonstrated how smart contracts could automate the functions of a credit default swap. As the Primer details, a smart contract could be coded to calculate required quarterly premium payments to be sent from a bank to its counterparty swap dealer and automatically execute the transaction. Similarly, an oracle could monitor for the occurrence of a relevant default, leading to an automatic transfer payment from the swap dealer to the bank.
Simultaneously, the CFTC detailed the potential risks that widespread adoption could bring. In particular, the Primer highlighted potential reductions in transparency and accountability and how the technology’s adoption may undermine the integrity of markets. Additionally, smart contracts could invite fraud and manipulation, particularly where a contract is coded to favor insiders or where illicit actors exploit the data monitored by a contract’s oracle.
Smart contract technology can also increase business risks, specifically via operational, technical, and cybersecurity risks inherent in the technology. Smart contracts rely heavily on external factors like the maintenance of the blockchain the contract operates on or the reference data selected for a oracle. Smart contracts could also suffer from poor governance by those entering into the agreement. Such operational risks directly parallel technical risks emanating from human errors in drafting a contract’s code, or technical failures or disruptions, such as a forked blockchain or the undermining of an oracle or its reference data. Finally, the CFTC noted the potential cybersecurity risks, such as the hacking of a smart contract’s code or the purposeful manipulation of an oracle’s external data source to cause the improper transfer of assets.
The CFTC’s Role in Smart Contract Adoption and its Suggestions to Market Participants
In light of these costs and benefits, the CFTC proactively addressed market participants on its role in the markets, and its expectations for parties operating within its jurisdiction. The CFTC possesses exclusive regulatory jurisdiction over commodity futures and commodity swaps contracts, and the authority to bring enforcement actions against fraud and manipulation in spot commodity markets.
The CFTC made clear that it will act to fulfill its mission of protecting derivatives market integrity, reducing systemic risk, and promoting responsible financial innovations. In doing so, the CFTC signaled it intends to take a principles-based, functional approach to regulating the use of smart contracts within its jurisdiction. After acknowledging that traditional derivatives contracts could be facilitated and executed via smart contract, the CFTC specifically asserted that a smart contract itself could be a product regulated or supervised by the Commission, “depend[ing] on [the contract’s] structure, operation, and relevant facts and circumstances.”[4] The message being, similar to the one that the SEC has recently made, that the use of smart contract technology to perform a regulated function does not alter the application of the relevant regulations.
In light of this, the Primer strongly encouraged persons seeking to employ smart contracts to consult with a qualified attorney in considering whether the structure of a particular code may lead a smart contract to qualify as a financial product subject to CFTC jurisdiction. Doing so would thus help facilitate the adoption of the technology in compliance with appropriate regulatory requirements.
To fulfill this mission, the CFTC also provided the following guidance on how market participants could adopt the technology while reducing their risks of non-compliance and protecting against fraud and manipulation:
- Smart contracts could be pre-programmed to conduct transactions that will automatically be carried out in compliance with the CEA and CFTC regulations. Thus, compliance could be accomplished in a more cost-efficient manner.
- Governance standards could be adopted that create industry-wide presumptions regarding the legal character of contracts and that assign responsibility for the design and operation. Additionally, mechanisms to resolve disputes and ensure a contract’s enforceability through proper coding should also be adopted.
Takeaways
As the Primer made clear, where a smart contract implicates the CFTC’s jurisdiction, either by being used to execute, settle, or margin a traditional derivative instrument, or by qualifying as a CFTC-regulated derivative itself, the Commission will expect compliance with the CEA and all CFTC regulations. Still, the CFTC did so by sending the message that it intends to take a principles-based approach to smart contract technology, looking to support innovation that is responsibly adopted within markets. The Primer is thus notable for proactively alerting traditional derivatives market participants and new FinTech industry entrants to be mindful of their obligations. Furthermore, stating up front that a smart contract could itself be a CFTC-regulated or supervised financial product should encourage parties to seek legal counsel in advance of any regulatory infractions that could harm markets.
Additionally, the specific industry guidance within the Primer may help with the development of financial markets to achieve the potential benefits of industry-wide smart contract adoption, while mitigating the risks. The Primer should encourage parties to code smart contracts to automatically comply with existing CFTC regulations and reporting requirements to prevent violations. Meanwhile, by highlighting the vulnerability of smart contracts to fraud and manipulation, the Primer may help market participants to adopt compliant, risk mitigating structures that facilitate any transition to this new technology in the most efficient and effective manner possible.
[1] The LabCFTC is a unit within the Commission tasked with leading the CFTC’s regulation of the FinTech industry and assisting FinTech innovators with operating in compliance with CFTC regulations.
[2] Examples of such events might include the market price movements of foreign exchange rates in a foreign exchange swap agreement, or a hurricane making landfall in a specific location in the context of a catastrophe bond, each automatically triggering payments to an appropriate party to the transaction.
[3] Essentially, an “oracle” is a trusted, third party entity linked to a smart contract to automatically feed off-blockchain information into a smart contract to automate the execution of a transaction on the particular blockchain. See Josias N. Dewey et. al, The Blockchain: A Guide for Legal and Business Professionals at 31 (2016).
[4] In particular, the Primer cites that a smart contract could, on its own, qualify as a “commodity,” or be structured in such a manner that it operates as a forward, future, option on a future, or a swap agreement, subject to full regulation by the Commission.