A seemingly straightforward enforcement action by the Commodities Futures Trading Commission (CFTC) has attracted the attention of US regulators, large digital asset industry players and the crypto industry in general for its potential wide-reaching implications for DAO governance.

The CFTC pushed back on various amicus briefs filed by top industry participants in the digital asset space regarding the Ooki DAO enforcement action. The amicus briefs voiced concerns about the CFTC’s ongoing suit against the Ooki DAO; the suit is the first attempt to hold token holders of a decentralized autonomous organization (DAO) personally liable for the actions of the DAO merely by the holder’s participation in governance of the DAO.

On September 22, 2022, the CFTC settled charges against blockchain protocol and company bZeroX, LLC (bZeroX), along with its founders, for illegally offering leveraged and margined retail commodity transactions in digital assets, engaging in activities only registered futures commission merchants can perform, and failing to adopt a customer identification program as part of a Bank Secrecy Act compliance program. bZeroX claimed prior to the settlement it transferred control of the bZx protocol to bZx DAO (now renamed Ooki DAO).

The CFTC also brought suit against Ooki DAO as the successor with the same founders implementing the same bZeroX protocol (now renamed the Ooki protocol). The CFTC contended that the Ooki DAO was essentially the same organization as bZeroX even though it was operated as a DAO, and filed an enforcement action for the same violations.

The CFTC, citing extensive caselaw in its Order, finds that the Ooki DAO meets the federal definition of an “unincorporated association” because it is (i) a voluntary group of persons, (ii) without a charter, (iii) formed by mutual consent, (iv) for the purpose of promoting a common objective. Therefore, it argues, since members of an unincorporated association can be held personally liable for the actions of an association, certain token holders of the Ooki DAO can be held personally liable for actions of the DAO. Those token holders include “those authorized to work on behalf of the Ooki DAO [including its] members, officers, employees, and agents.”

The CFTC further took a stance with respect to voting governance token holders – a first among financial regulators – effectively categorizing token holders into two different categories: passive token holders and active voting token holders. Industry members, along with CFTC Commissioner Mersinger, dissented to this arguably aggressive stance and argued the CFTC is attempting to create a legal theory that would hold all active governance token holders liable for the actions of the DAO. In practice, this would mean any token holder that votes – whether that is a material governance issue or a small administrative issue – would be at risk of being held liable for all actions of the DAO, while those who hold tokens but choose not to vote could potentially avoid liability. As Commissioner Mersinger highlighted, this approach is “arbitrary and unfair” and would disincentivize participation in DAO governance – “particularly for those who may want to vote in a manner that effectuates change to comply with the law.”

Interestingly, the CFTC motion pointed out that the DAO chose not to wrap itself in a corporate structure. While multiple states have attempted to set up LLC-like frameworks to recognize a DAO as a proper corporate entity, these frameworks raise even further questions (See our article regarding the Wyoming DAO law here.) It is also an open question whether, if the Ooki DAO had wrapped itself in a corporate structure, the CFTC still would have attempted to pierce the corporate veil and hold the members liable.