Commissioned, Curated and Published by Russ. Researched and written with AI.
What’s New This Week
The SEC and CFTC published joint guidance on March 17, 2026, classifying Bitcoin, Ethereum, Solana, and 13 other major cryptocurrencies as digital commodities, according to Reuters. This is a significant clarification: these assets are not securities, which removes a major compliance uncertainty that has hung over the US market since the Howey test debates began. On the stablecoin front, the GENIUS Act (Guiding and Establishing National Innovation for US Stablecoins) is the legislative vehicle in play. A key senator stated on March 18, 2026 that the bill is close to resolution, with stablecoin yield being the final sticking point.
Changelog
| Date | Summary |
|---|---|
| 23 Mar 2026 | Initial publication – SEC commodity classification, MiCA enforcement, GENIUS Act progress. |
EU MiCA
MiCA (Markets in Crypto-Assets) is the most comprehensive crypto regulatory framework in existence. It covers exchanges, stablecoin issuers, and crypto asset service providers (CASPs) across all 27 EU member states under a single passportable licence.
The implementation timeline ran in phases. Stablecoin rules came into force in mid-2024. The CASP rules – covering exchanges and trading platforms – apply fully as of July 1, 2026, which is the final compliance deadline for most firms. Some jurisdictions expired their transitional periods earlier: the Netherlands required compliance by July 2025.
As of March 2026, 14 cryptocurrency exchanges have obtained full CASP authorisation under MiCA, according to reporting from Blocklr. The number is small because the full compliance window has not yet closed – more firms are expected to apply ahead of the July 1 deadline. Firms that are not authorised by then cannot legally operate in or market to EU customers.
The ESMA (European Securities and Markets Authority) public register lists all authorised CASPs. SwissBorg obtained MiCA authorisation in France, one of the stricter supervisory jurisdictions.
One complication: Poland’s president vetoed the Crypto-Assets Market Act twice, leaving a national implementation gap. MiCA is directly applicable EU law, but it still requires national infrastructure to enforce.
What MiCA covers: exchanges, wallet providers, token issuers, stablecoin issuers. What it does not cover (yet): DeFi protocols, DAOs, and truly decentralised systems with no identifiable legal entity. The DeFi carve-out is real but not permanent – the European Commission has committed to reviewing the position.
US: Commodity Classification and Stablecoin Legislation
The Trump administration entered office in 2025 with a pro-crypto posture. The executive actions: a Strategic Bitcoin Reserve created using seized BTC; a prohibition on a US CBDC; a presidential working group on digital assets.
The Bitcoin reserve has been symbolically significant but practically limited. The reserve uses seized Bitcoin rather than market purchases, and the legislative effort to codify and expand it into a formal reserve policy had not passed as of March 2026, with observers noting a late-year defence bill as a potential vehicle.
The March 17, 2026 SEC-CFTC joint guidance classified Bitcoin, Ethereum, Solana, and 13 others as digital commodities. This matters: commodity classification means CFTC oversight, which is historically lighter-touch than SEC securities regulation. The classification resolves a long-running ambiguity that made institutional deployment difficult.
The GENIUS Act creates a federal framework for stablecoin issuers, allowing banks, non-banks, and credit unions to issue stablecoins under defined conditions. The bill was close to passage as of mid-March 2026, pending resolution on stablecoin yield rules. This would be the most significant piece of US crypto legislation to date.
The Guardian reported on March 22, 2026 that the new SEC interpretations on securities definitions could benefit Trump family crypto projects – a political complication that has attached to the narrative of regulatory reform.
UK: FCA Registration Regime
The UK FCA requires crypto businesses to register under the Money Laundering Regulations. This is not a full licensing regime in the MiCA sense – it is primarily an AML/KYC compliance gate. The FCA has been slow to approve registrations and has rejected or delayed a number of high-profile applicants.
The UK’s approach is less structured than MiCA. There is no passportable licence across jurisdictions, no clear stablecoin framework, and no comprehensive market abuse regime for crypto assets yet. The UK government has signalled intent to develop a fuller framework, but the pace has been slow compared to the EU.
The practical effect: compliant firms in the EU under MiCA cannot automatically operate in the UK. Post-Brexit, UK and EU regulatory regimes diverged, and crypto is no exception.
Asia: Singapore, Hong Kong, Japan, Dubai
Singapore (MAS): The Monetary Authority of Singapore operates a relatively permissive regime with clear licensing pathways. Major exchanges have MAS licences. The framework is considered business-friendly while maintaining AML standards.
Hong Kong: Launched a mandatory licensing regime for virtual asset trading platforms in 2023. Hong Kong has positioned itself as an institutional crypto hub, with clear rules for retail access and institutional trading. Several major exchanges have obtained Hong Kong licences.
Japan: The most mature regulatory framework globally. Japan has licensed exchanges since 2017, with strict requirements on custody, AML, and consumer protection. The framework is comprehensive and battle-tested – Japan has handled multiple exchange failures (Mt Gox being the most significant) through its regulatory structure.
Dubai (VARA): The Virtual Assets Regulatory Authority is a purpose-built crypto regulator. Binance, Bybit, and others have obtained VARA licences. Dubai’s approach is explicitly growth-oriented.
CBDCs – Where Is Digital Currency Actually Launching?
The CBDC landscape is more theoretical than live. Notable positions:
China’s digital yuan (e-CNY) has the most advanced deployment, with trials across multiple cities and integration into payment infrastructure. The scale of genuine adoption remains unclear from outside.
The US explicitly prohibited a retail CBDC under the Trump executive order. The US will not have a CBDC in the near term.
The European Central Bank is in the design phase of a digital euro, with a decision on whether to proceed expected in 2025–2026. No launch date confirmed.
The UK is in the design phase. India has a pilot in progress. Most other major economies are researching rather than deploying.
The practical reality: CBDCs are government-designed digital currencies, not blockchain-based assets in any meaningful sense. They are programmable, potentially surveilled, and represent a fundamentally different model to decentralised crypto. The DeFi community treats them as a threat rather than a complement.
DeFi’s Regulatory Grey Zone
The central question: can you regulate code? If there is no company, no identifiable operator, no server to seize – what does enforcement look like?
The US government’s answer in 2023 was to sanction Tornado Cash’s smart contract addresses, making it illegal for US persons to interact with them. That action is being litigated. The argument for the prosecution: sanctions can apply to property, not just persons. The argument against: code is speech, and sanctioning a permissionless protocol penalises users rather than operators.
MiCA sidesteps this by focusing on identifiable service providers. Fully decentralised protocols with no EU legal entity are currently outside scope. This may not last.
The practical enforcement reality: regulators can target fiat on-ramps and off-ramps. Centralised exchanges face the full weight of regulation. DeFi protocols are harder but not untouchable – the US has pursued development teams under securities and money transmission laws.
Stablecoins as the Regulatory Battleground
Stablecoins are where regulatory and financial system risk overlap. USDT (Tether) and USDC (Circle) dominate. Tether has historically operated with limited transparency over its reserves; USDC is US-regulated and maintains clear reserves in US Treasuries and cash.
The GENIUS Act, if passed, would create a federal framework requiring 1:1 reserves and regular attestation. This is broadly modelled on MiCA’s stablecoin requirements.
New entrant stablecoins – PayPal USD (PYUSD), and yield-bearing stablecoins emerging from DeFi protocols – are entering a market that is being regulated in real time.
What This Means for Builders
Practical compliance considerations as of March 2026:
If you’re operating in the EU: full MiCA CASP compliance required by July 1, 2026. This means authorisation, reserve requirements, governance standards, and consumer disclosure.
If you’re operating in the US: the commodity classification clarifies BTC/ETH/SOL but does not resolve every token. If you’re issuing tokens, the securities question is still live. Watch the GENIUS Act and the broader CLARITY Act for stablecoin and market structure rules.
If you’re building DeFi: you are currently in a regulatory grey zone. Maintain the legal infrastructure (corporate entity, legal opinions, AML monitoring) to demonstrate good faith, and watch what jurisdictions do with the DeFi carve-outs in MiCA’s review cycle.
If you’re a builder in Asia: Singapore and Hong Kong offer clear pathways. Dubai is available for offshore structuring. Japan is the most mature if you need a consumer-facing regulated entity.
The patchwork is not going away. The trajectory is towards more coverage, not less – every major jurisdiction is building regulatory infrastructure. The question is which frameworks get built right.