Not content to leave the SEC in undisputed first place when it comes to regulation by enforcement, the CFTC’s recent civil enforcement action against Ooki DAO broke new ground on the CFTC’s enforcement front against decentralized autonomous organizations that violate applicable CFTC regulations (itself a worthy cause, make no mistake). The CFTC is now pursuing two innovative strategies that could have a complete chilling effect on U.S. participations in DAOs.
Contemporaneously with the civil enforcement action against Ooki DAO, the CFTC filed and settled charges against bZeroX, LLC (bZeroX), and its founders and co-owners, Tom Bean and Kyle Kistner for “illegally offering leveraged and margined retail commodity transactions in digital assets.” Between June 1, 2019 and August 23, 2021 bZeroX illegally operated the bZx Protocol, a system of smart contracts on the Ethereum blockchain that allowed users to trade in margined or leveraged retail commodity transactions in a decentralized environment (i.e., without intermediaries). According to the settlement, bZeroX could only legally conduct these activities if acting as a registered futures commission merchant (FCM) or on a registered designated contract market (DCM). However, bZeroX failed to meet either requirement.1 There was not much new in the case-and-desist order against bZeroX, Bean and Kistner.
The civil enforcement action brought the fireworks that the cease-and-desist order may have lacked. In its complaint[insert link], the CFTC argues that a DAO is “an unincorporated association” and the members of the unincorporated association are the “holders of Ooki Tokens (or of BZRX Tokens, when the Ooki DAO was doing business as the bZx DAO) who have voted those tokens to govern (e.g., to modify, operate, market, and take other actions with respect to) the Ooki Protocol (formerly named the bZx Protocol).” This approach (concluding that anyone who voted the governance token is a member of the unincorporated association and liable for its actions that violate the Commodities Exchange Act) is novel to say the least and has no foundation in any CFTC precedent, so much so that it prompted CFTC Commissioner Summer Mersinger to file a dissent that called the CFTC’s approach “regulation by enforcement.”
If that is not exciting enough, here is a kicker: Members of an unincorporated association may be held personally liable for the debts and liabilities of the association if they authorize or ratify the activity. Unlike in an LLC or a corporation, there is no limit to the liability of an individual member. In other words, if the court sides with the CFTCs position, any holder of an Ooki governance token that has voted the token could be liable for all of the DAOs liability without limit. Nucular, indeed.
But wait, there’s more! In Part 2 of the Ooki Saga we will highlight the novel service of process method approved by the court in this case.
1 The CFTC also found that bZeroX failed to adopt a customer identification program (CIP) and conduct similar diligence required by FCMs under the Bank Secrecy Act.