Regulating Wallet Providers: From Interim Relief to a Durable Framework

In a prior blog, we introduced the role of wallet providers in supporting digital assets activity and the importance of ensuring that wallet providers who provide broker services are subject to consistent regulation appropriate to their role in the markets. These questions and their regulatory implications were underscored in April, when the SEC Division of Trading and Markets released a statement creating an interim framework for wallet providers to support tokenized securities transactions without registering as brokers. The statement created the concept of a Covered User Interface (CUI), a non-custodial wallet provider who is able to facilitate its users tokenized securities trades, such as by providing information on potential trading venues, and helping compose transactions so they can be executed on chain.
As the tokenized securities markets continue to grow and develop, we encourage the SEC to look beyond the statement and approach the question of wallets and the interactions with securities regulation in a durable, structured way that will drive innovation broadly across the markets and address key questions on the statutory role of the broker in the context of wallet services. In our recent letter to the SEC, we made four core recommendations to build on the statement:
- Clarify the Application of Broker-Dealer Principles to Covered User Interface Activity: The Statement is a major change from the historical interpretation of the broker definition under Section 3(a)(4) of the Exchange Act, and raises important questions about determining what combination of activities would trigger broker registration requirements.
- Process, Durability, and the Need for Formal Rulemaking: The statement has significant market structure implications which underscores the need for a notice-and-comment rulemaking process. This will put these models on a more durable footing and provide a robust regulatory framework which can support broad industry innovation that has positive, sustainable impacts on our U.S. securities markets.
- Need for Structured Oversight of CUIs: CUI Providers operating within the parameters of the Statement would remain unregistered and outside the SEC’s existing surveillance frameworks, which could limit the SEC’s understanding of the development and evolution of a key element of the emerging tokenized securities landscape, and make it difficult to identify actions that can harm investors or markets until after the fact.
- Gaps in Market Coverage and Regulatory Framework Considerations: The Statement provides a pathway for digital assets in one type of activity: CUIs and wallets working with clients who are not otherwise registered (likely largely retail clients but potentially crypto native institutions) engaging in user-initiated transactions via self-custodial wallets. Looking forward, the SEC needs to address how wallet-based operating models can be integrated in the securities markets more broadly, such as for institutional activity and in connection with registered firms.
Clarifying the Application of Broker-Dealer Principles to CUI Activity
We appreciate the Staff’s effort to provide a workable framework for on-chain technology, and we believe the importance of these changes merits public input and durable rules via notice-and-comment process. In our prior blog on wallet providers, we introduced the distinctions between wallets and brokers, and the core elements of broker regulation. In our view, the Statement is a significant departure from many historical interpretations of the broker definition under Section 3(a)(4) of the Exchange Act.
While SEC no-action letters and enforcement actions have shaded the boundaries of broker status, historically, it has not been the prevailing view of the SEC or practitioners that a user interface for trading securities – which may effectively include connecting to execution venues, exercising discretion regarding which venues to display, preparing transaction instructions, and handling orders, while at the same time receiving transaction-based compensation – could be operated outside of a registered broker dealer regime or without the involvement of a broker-dealer elsewhere in the order execution work flow.
While we appreciate that the Statement seeks to circumscribe the scope of permissible activities through the restrictions on CUI providers’ activities, it nonetheless represents a notable shift in the role of the broker that warrants further deliberation.
Nor does the statement address whether the combination of services offered by a CUI in an on-chain environment would be permitted were they to be offered off-chain in “traditional” securities markets. SIFMA has argued for technology neutrality as a core framework for approaching the integration of digital assets in established regulatory frameworks, and encourage the SEC to continue applying this principle by providing market participants with consistent guidance across asset classes.
More broadly, the statement does not clearly articulate the analytical framework for determining what activities of a CUI Provider would cause it to enter broker-dealer territory. It acknowledges that certain regulatory requirements applicable to brokers – such as order handling, conflicts of interest, and disclosures – also make sense for firms operating CUIs, yet it remains unclear how those requirements can be effectively enforced for unregistered entities. In particular, additional guidance is needed to identify when a technology or activity falling outside SEC’s regulatory scope would, when combined with other regulated activities, enter broker-dealer territory. We ask the SEC to address in future rulemaking where the aggregation of certain activities could functionally amount to a CUI Provider holding itself out as a broker.
Rather than relying solely on statements, the SEC should explore ways to provide a more structured integration of CUI and wallet provider services into established regulatory frameworks through formal rulemaking. These could include:
- Developing middle-ground regulatory solutions, which preserve key regulatory responsibilities and supervisory structures where appropriate. The SEC has done this successfully in the past, including through Regulation ATS and Regulation Crowdfunding
- Recognizing that wallets that facilitate the holding and transfer of securities broadly exist on a continuum of functionality and CUIs offer varying levels of features and services, the SEC should clarify the outer boundary of the wallet-broker delineation – i.e., the point at which wallet activity crosses into broker-dealer territory requiring registration.
Process, Durability, and the Need for Formal, Comprehensive Rulemaking
SIFMA supports the SEC’s work to integrate new technologies and operating models into the regulatory framework. Our goal is to ensure that this integration proceeds through channels that provide legal durability, broad stakeholder input, and consistency with the SEC’s investor protection mandate. Statements, while valuable as interim guidance, do not carry the same legal weight as SEC rules and are subject to modification and rescission without market input. This makes them challenging to rely on, particularly on a long-term basis, for firms aiming to innovate within the parameters of a solid compliance program that is based on clear and comprehensive regulations.
A more structured rulemaking process that develops a clear path for wallet provider integration into established, well-regulated securities markets will put emerging technologies on a secure regulatory footing and enable innovation by a broader range of market participants. The SEC should also address how registered broker-dealers, investment advisers, and other intermediaries may adopt CUI-type functionality without inadvertently compromising their existing compliance obligations.
Structured Oversight of CUIs is Needed to Support Continued Regulatory Modernization and Protect Investors
The Statement does not establish formal channels for supervision, reporting, or oversight of CUI Providers operating within the parameters of the Statement. As a result, these providers may operate outside the SEC’s existing examination and surveillance frameworks.
This could limit the SEC’s ability to observe how this activity evolves and implicates the emerging tokenized securities landscape. Better insight into CUI Provider-driven activity will help inform policymaking as the SEC continues to modernize its rulebook to accommodate digital innovation. It would also support the SEC’s ability to identify the degree to which the statement’s conditions are being met and any potential investor protection or market integrity concerns.
To support monitoring, the Statement should be supplemented to incorporate supervision, reporting, and accountability mechanisms that provide the SEC with practical visibility into CUI activity while supporting responsible innovation.
Gaps in Market Coverage and Regulatory Framework Considerations
As noted above, the Statement provides a clear pathway for only one type of wallet activity involving user-initiated transactions via self-custodial wallets. As the SEC considers how to develop this approach through notice-and-comment rulemaking, we encourage the SEC to address a broader set of questions about how wallet-based and CUI-related functionality should operate across the securities markets, including for registered intermediaries, custodial wallet providers, institutional users, and on asset management use cases, including the following questions:
- How should CUI-type functionality apply to registered intermediaries? How can registered intermediaries offer, integrate or partner with CUI-type functionality for their customers while continuing to satisfy existing obligations under U.S. securities laws and regulations?
- How should the framework apply across custodial and non-custodial wallet models? How does regulatory analysis differ across self-custodial wallets, custodial wallet providers, and hybrid models in which a regulated intermediary, technology provider, or third party performs different functions in the transaction lifecycle?
- How should questions of display bias and implicit recommendations be addressed? The permission for CUI Providers (as unregistered entities) to rank and display trading venues is among the most consequential aspects of the Statement and warrants careful consideration. The ways in which execution options are selected, displayed, sorted and ranked within the CUI raises the potential for display bias and creation of implicit recommendations, creating investor protection and execution quality concerns even when the ultimate selection of execution venue is made by the investor.
- How should institutional and asset management workflows be treated? The SEC should consider how CUI-type functionality may be used in institutional and asset management contexts that differ from retail wallet interactions.
- How should responsibility be allocated when errors, fraud, or operational incidents occur?
- What operational and technology risk standards should apply to CUI-related activity?
- How should AML, KYC, account-opening, and wallet controls be incorporated? This is especially important where activity involves registered intermediaries or institutional participants that already operate within established compliance frameworks.
- How should investor rights and securities-law obligations operate in wallet-based models?
- How should CUI activity involving NMS securities interact with the existing execution stack and with existing market structure rules? Market structure rules (such as Regulation NMS, Reg ATS, Regulation SHO) serve to ensure that U.S. securities markets remain fair, orderly and resilient, and it is critical to consider their application to tokenized securities activity in order to protect these markets while facilitating their growth.
- How should cross-border wallet activity be addressed? Because wallet-based activity can operate across jurisdictions, the implications of cross-border transactions, non-U.S. wallet providers, offshore execution venues, and users accessing U.S. tokenized securities infrastructure from outside the U.S. should be considered
Conclusion
SIFMA appreciates the Staff’s willingness to provide a workable framework for on-chain technology. However, an interim statement is not a substitute for the durable, comprehensive framework that tokenized securities markets will need as they scale. The questions the statement leaves open are fundamental: where the aggregation of CUI activities crosses into broker territory, how unregistered providers can be brought within meaningful oversight, and how wallet-based models should operate for registered intermediaries and institutional participants. These questions go to the statutory role of the broker and to the market-structure protections that keep trading fair and orderly, and they are best resolved through notice-and-comment rulemaking informed by input from a broad range of market participants. We therefore encourage the SEC to build on the statement through formal rulemaking grounded in a technology-neutral posture that protects investors and preserves market integrity while also promoting innovation.
