The Commodity Futures Trading Commission (CFTC) and Securities and Exchange Commission (SEC) have jointly requested public comment on the regulatory definition of swaps and security-based swaps. The request, issued on July 7, 2025, arrives amid ongoing litigation between event contracts platform Kalshi and CME Group. For institutional custody operators and compliance teams, this definitional review carries direct implications for how derivative-linked digital assets must be classified, reported, and secured.
What Happened
The two primary U.S. financial regulators published a joint request for information seeking clarity on how existing swap definitions under the Dodd-Frank Act should apply to emerging financial products. The move follows CME Group's lawsuit against Kalshi, which challenges whether certain event contracts qualify as regulated swaps or fall outside existing commodity definitions.
The CFTC and SEC are specifically asking market participants to weigh in on definitional boundaries that have remained ambiguous since Dodd-Frank's passage in 2010. The agencies want input on how swap classifications interact with newer asset classes, including tokenized derivatives and on-chain financial instruments that did not exist when the original rules were written.
Public comments will be accepted for 60 days. The agencies have indicated that responses will inform potential rulemaking or interpretive guidance, though no specific timeline for action has been announced.
Why It Matters
Derivative classification determines which regulatory framework governs a financial product. For digital asset custody providers and their institutional clients, this distinction affects capital requirements, reporting obligations, and the operational infrastructure required to hold these instruments.
If the CFTC and SEC expand or clarify swap definitions to explicitly include certain tokenized derivatives, institutions holding these assets will face new compliance burdens. Custody infrastructure must then support not only secure storage but also regulatory reporting workflows, margin management, and counterparty exposure tracking.
The review also signals that U.S. regulators are paying closer attention to how traditional financial definitions apply to blockchain-native instruments. As MPC custody becomes critical for regulated decentralized finance (DeFi), the boundaries between spot assets, derivatives, and hybrid instruments will shape custody architecture requirements.
Multi-party computation (MPC) and threshold signature scheme (TSS) custody models offer particular advantages in this environment. A 3-of-3 threshold architecture, where no single party controls signing authority, provides the operational controls that regulators increasingly expect. This model eliminates single points of failure while maintaining auditability across distributed key shares.
Implications for Institutional Custody Infrastructure
The CFTC-SEC request highlights a structural challenge for institutions operating across multiple jurisdictions and asset classes. Derivative classification in the United States does not automatically align with European frameworks under the Markets in Crypto-Assets Regulation (MiCA) or with Financial Action Task Force (FATF) guidance on virtual asset service providers.
Custody providers serving banks, exchanges, and hedge funds must build infrastructure that can adapt to shifting definitional lines. A tokenized interest rate swap that qualifies as a security-based swap under U.S. law may face entirely different treatment under European rules. This jurisdictional complexity demands custody systems with flexible compliance integrations rather than rigid, single-purpose designs.
Non-custodial architecture offers a path through this regulatory uncertainty. Under a model where the client retains one key share and the custody provider holds two, the client maintains sovereign control over assets. This structure can support Crypto-Asset Service Provider (CASP) exemption under MiCA, as the custody provider does not take unilateral control of client funds.
The practical effect for exchange CTOs and bank compliance leads is significant. Custody infrastructure built on MPC/TSS with a t-out-of-n threshold model can demonstrate that no counterparty risk exists from the custody layer itself. This becomes a compliance advantage as regulators tighten oversight of derivative-linked digital assets.
SOC 2 Type II and ISO 27001 certifications provide external validation of security controls, but architecture matters more than attestation alone. A custody solution that supports 10 or more blockchains with consistent security guarantees across all of them reduces operational complexity when asset classification rules change.
What to Watch Next
The 60-day comment period will close in early September 2025. Industry responses will likely cluster around several key questions: whether tokenized derivatives should receive their own definitional category, how on-chain settlement interacts with existing clearing requirements, and whether non-custodial custody models affect derivative classification.
The CME-Kalshi litigation may resolve before regulators act on the comment submissions. A court ruling could narrow or expand the definitional scope that the CFTC and SEC are reviewing, potentially rendering parts of the public comment process moot.
Institutions should monitor both the litigation timeline and any signals from the agencies about rulemaking priorities. The CFTC has historically moved faster than the SEC on digital asset guidance, but a joint request suggests coordinated action is possible.
European developments will also influence U.S. approaches. MiCA's full implementation in 2025 creates a competing regulatory framework that U.S. agencies may reference or deliberately diverge from. For custody providers operating globally, alignment between frameworks reduces compliance overhead. Divergence increases it.
The $65 billion real-world asset (RWA) tokenization market adds urgency to this definitional work. As more traditional financial instruments move on-chain, the line between spot assets and derivatives will blur further. Custody infrastructure must accommodate both categories without requiring separate systems for each.
DAO treasurers and fintech CTOs face similar pressures. Treasury positions that include derivative exposure require custody solutions with appropriate controls and audit trails. Non-custodial models that preserve operational sovereignty while meeting regulatory expectations position institutions to navigate whatever definitions emerge from this review.
Institutions preparing for potential changes to derivative classification should evaluate whether their current custody infrastructure can support expanded compliance requirements. Vaultody's MPC/TSS architecture with 3-of-3 threshold signing, SOC 2 Type II and ISO 27001 certifications, and multi-chain support provides the technical foundation for adapting to regulatory shifts without platform lock-in or counterparty risk.
Copy link