Regulatory Framework — Current SEC and Federal Guidelines
Section 12: Regulatory Framework — Current SEC and Federal Guidelines
RWA Tokens Platform Whitepaper · Version 10.0 Groovy Company, Inc. · May 2026 Document Reference: RWA-REG-SPEC-001 v3.0
The platform's regulatory foundation rests on the binding federal taxonomy in SEC–CFTC Release No. 33-11412 and a series of staff statements and federal frameworks issued through 2026. This section documents every authority that governs platform operation, with technical mapping from each authority to platform architectural components.
12.1 SEC–CFTC Release No. 33-11412 (March 17, 2026, Binding)
12.1.1 Authority and Effect
Release No. 33-11412 establishes the Five-Category Taxonomy for digital assets and is the controlling federal classification framework for the platform. It supersedes prior fragmentary digital-asset guidance and provides binding classification across SEC and CFTC jurisdictional surfaces.
12.1.2 Five-Category Taxonomy
Category 1
Digital Commodity (non-security)
GROO Utility Token (where applicable)
Category 2
Digital Currency / Stablecoin
Settlement layer (USDC, PYUSD via GENIUS Act)
Category 3
Digital Tool / Utility Token
GROO Utility Token (alternative classification path)
Category 4
Digital Collectible / NFT
Outside platform scope
Category 5
Digital Security
ST22 Digital Securities (M1, M2, M3) and Groovy Security Token (STO)
12.1.3 Category 5 Models
Within Category 5, the Release distinguishes two compliance models:
Model A — Third-Party Sponsored
A platform intermediary holds tokens or controls compliance overlays. Counterparty risk exists. Mapped by the January 28, 2026 Joint Staff Statement to higher-counterparty-risk Category 2 architectures.
Model B — Issuer-Sponsored
The issuer authorizes tokenization via board resolution; DLT functions as the official shareholder register; runtime-level enforcement removes admin-override risk. The platform operates exclusively under Model B across all three modules.
12.1.4 Architectural Compliance with Release No. 33-11412
Issuer-authorized mint
Issuer board resolution; Empire onboarding gate refuses without Certificate of Designation (M1) / Articles of SAE (M2) / Articles of BAE (M3)
§17A custody
Empire Stock Transfer §17A-registered transfer agent; sole onboarding authority across all three modules
1:1 backing
Custody Oracle per-slot Ed25519 attestation; Control CV-01 enforces on every transfer
Compliance at every transfer
SPL Token-2022 Transfer Hook (42 controls + module-aware extensions)
Immutability
Transfer Hook program ID bound to mint at creation; Certora E.4, E.6
Asset identifier
CUSIP (M1) / property ID (M2) / basin ID (M3) on-chain in SecurityConfig
12.2 January 28, 2026 Joint Staff Statement on Tokenized Securities
12.2.1 The Seven Pillars Framework
The Joint Staff Statement clarifies the seven pillars of Category 1 Model B and explicitly distinguishes Model B from Category 2 third-party sponsored tokenization:
Direct Issuer Authorization — board resolution authorizes the mint
Official Shareholder Register on DLT — the on-chain ledger is legally the register
SEC §17A-Registered Qualified Custody — qualified custodian holds underlying
True Equity Backing (1:1) — verifiable on-chain attestation
Clear Ownership Chain / Asset Identifier — on-chain mapping to underlying
Investor Protection (compliance enforcement at every transfer) — runtime-enforced
Token Standard Compliance (immutable, no admin override) — protocol-level immutability
12.2.2 The Category 1 Model B vs Category 2 Distinction
The Joint Staff Statement explicitly identifies the compliance gap that defines Category 2: application-layer compliance overlays that can be bypassed. ERC-3643's transfer() function is a Category 2 architecture. ST22's runtime-enforced Transfer Hook is a Category 1 Model B architecture.
12.2.3 Native Pillar Satisfaction
1
Direct Issuer Authorization
⚠️ Off-chain
✅ On-chain
2
Official Shareholder Register on DLT
❌ Token ledger ≠ register
✅ MSF + on-chain ledger reconciled per slot
3
SEC §17A Qualified Custody
⚠️ Possible but rare
✅ Architectural requirement
4
True Equity Backing 1:1
⚠️ Off-chain attestation
✅ Per-slot Ed25519
5
Clear Ownership Chain
⚠️ Off-chain mapping
✅ On-chain CV-05
6
Investor Protection
⚠️ Application-layer
✅ Runtime-enforced
7
Token Standard Immutability
❌ Proxy upgrades + admin functions
✅ Bound at creation
ST22 native score: 7/7. ERC-3643: 3/7. Section 14 (ERC-3643 vs ST22) provides the detailed comparison.
12.3 April 13, 2026 SEC Staff Statement on Covered User Interface Providers
12.3.1 Authority and Effect
The Covered User Interface Statement clarifies that compliance enforcement at the user-interface layer is insufficient; runtime-level enforcement carries weight in regulatory characterization. It addresses the architectural pattern where a UI claims to enforce compliance but the underlying token contract permits non-compliant behavior outside that UI.
12.3.2 Platform Alignment
The platform's architecture maps directly to the Statement's framework:
cedex.market is a Covered UI Provider. It hosts the order book, trading UI, account management, and onboarding flows.
Substantive compliance enforcement happens at the Solana Transfer Hook layer, not at the UI. Even if a user submits transfer transactions directly to a Solana RPC endpoint bypassing cedex.market, the SPL Token-2022 program will refuse the instruction unless the registered Transfer Hook is invoked successfully.
12.3.3 Architectural Composite Weighted Score
The platform's internal analysis of the April 13, 2026 Covered UI Statement produced a composite weighted score of approximately 92% across 10 findings — the highest known alignment of any platform reviewed. Findings included:
Runtime-enforced compliance vs UI-layer
Runtime-enforced (Layer 2)
Independence from UI for compliance
Yes — RPC bypass cannot avoid hook
§17A custody integration
Yes — Empire Stock Transfer
Immutability of compliance logic
Yes — Certora E.4, E.6
Investor onboarding gate
Empire-anchored, not UI-anchored
Ownership-chain on-chain
Yes — CV-05
1:1 backing attestation
Per-slot, on-chain — Control CV-01
Compliance-on-every-transfer
Yes — Transfer Hook + module-aware extensions
Holding-period enforcement
On-chain via HoldingPeriodAccount; Certora E.5
Cross-asset-class architectural unity
Yes — single architecture, three modules
12.4 Wyoming Digital Asset Statute — W.S. 34-29-101 et seq.
12.4.1 Authority and Effect
Wyoming's digital-asset statute (W.S. 34-29-101 et seq.) provides the legal foundation under which DLT records function as effective transfer notification under state law. The platform's governing law is Wyoming for all platform documents. Wyoming provides:
Treatment of DLT records as legally effective transfer-notification layer
Recognition of digital-asset securities as a recognized category of property
Clarification that on-chain transfers can satisfy state-law transfer requirements when properly structured
12.4.2 Platform Alignment
DLT as transfer notification
SPL Token-2022 ledger functions as transfer notification layer
Master register controlling
Empire MSF is the legally controlling shareholder register
Reconciliation requirement
Custody Oracle Ed25519 attestation per Solana slot
Recognition of cryptographic verification
Native Ed25519 precompile satisfies cryptographic-verification provisions
Wyoming domicile + Wyoming governing law + W.S. 34-29-101 alignment provide the state-law backbone that complements federal SEC compliance.
12.5 GENIUS Act — Stablecoin Settlement
12.5.1 Authority and Effect
The GENIUS Act establishes the federal framework for compliant payment-stablecoin issuance and use. It provides:
Recognition of payment stablecoins as compliant settlement instruments
Reserve requirements (1:1 USD backing)
Audit and attestation requirements (monthly reserve attestations)
Issuer-licensing framework
Clarity around the use of payment stablecoins for tokenized-securities settlement
12.5.2 Platform Settlement Architecture
The platform settles all ST22 purchases and CEDEX trades in USDC (Circle) or PYUSD (Paxos) — both GENIUS Act-compliant payment stablecoins. The platform does not accept fiat wire transfers or native crypto for ST22 purchases. ADR-009 documents the rationale:
Regulatory clarity
GENIUS Act establishes federal compliance framework for payment stablecoins
Atomic on-chain settlement
Stablecoin transfer and ST22 transfer occur in the same Solana transaction
Velocity match to Solana finality
~400 ms; fiat wires take 1–3 business days
No counterparty risk on settlement leg
USDC and PYUSD are 1:1 USD-backed
Institutional reserves
Both publish monthly reserve attestations
12.6 Reg D / Reg S / Reg CF Offering Exemption Framework
12.6.1 Reg D — US Accredited Investors
Statutory basis
Regulation D under Securities Act of 1933
Investor class
US accredited per §501(a)
Holding period (Rule 144)
6 months for unrestricted resale of fully-paid securities of reporting issuers
Holding period (general restricted)
12 months for non-reporting issuers under Rule 144(d)
Platform standard
6 months (RULE_144_HOLDING_SECS = 15_778_800) for reporting-issuer Reg D
On-chain enforcement
Control HP-24 reads HoldingPeriodAccount.holding_period_secs
Accreditation verification
Empire Stock Transfer at onboarding; Control IV-12 verifies on-chain status
12.6.2 Reg S — Non-US Investors
Statutory basis
Regulation S under Securities Act of 1933
Investor class
Non-US per Rule 902 definition
Distribution compliance period
12 months for Category 3 issuers (most common platform configuration)
Platform standard
12 months (REG_S_COMPLIANCE_SECS = 31_536_000)
On-chain enforcement
Control HP-24 + Control IV-18 (US-person check during compliance period)
Empire role
Sets Jurisdiction::RegS; stores non-US verification
12.6.3 Reg CF — US Retail Crowdfunding
Statutory basis
JOBS Act §4(a)(6); Regulation Crowdfunding Rules 100–504
Investor class
US retail (subject to investor limits)
Annual investment limit
Per-investor limits scaled by income / net worth per JOBS Act §4(a)(6)
Holding period
12 months for restricted securities (REG_CF_HOLDING_SECS = 31_536_000)
Funding portal requirement
FINRA-registered funding portal partnership
On-chain enforcement
Control HP-24 + Control IV-19 (Reg CF investor limit)
Empire role
Reg CF eligibility per JOBS Act §4(a)(6); income/net-worth verification
12.6.4 On-Chain Holding-Period Enforcement (Certora E.5)
Holding periods are immutable timers stored in HoldingPeriodAccount. The purchase_timestamp is set exactly once at token delivery and never written after. Certora invariant E.5 formally proves the timer cannot be shortened by any execution path. There is no admin function to bypass — not in the Transfer Hook, not in governance, not in the SecurityConfig program.
12.7 CFTC Letters 25-39 (2025) and 26-05 (2026)
12.7.1 Authority and Effect
The Commodity Futures Trading Commission issued staff Letters addressing tokenized derivatives (Letter 25-39) and tokenized commodities (Letter 26-05). The platform's GROO Utility Token classification under Release No. 33-11412 (Category 1 Digital Commodity or Category 3 Digital Tool, not a security) intersects CFTC jurisdiction. Module 3 (CORECM) intersection with strategic-mineral supply-chain assets implicates CFTC-adjacent regulatory considerations.
12.7.2 Platform Engagement
The platform engages with the CFTC rulemaking comment period (August 2026) and will submit comment letters via direct mail to the Secretary, Christopher Kirkpatrick, and the Market Participants Division. The comment period is the formal mechanism for industry input on CFTC rulemaking.
12.7.3 Module 3 CFTC Implications
Module 3 commodity-supply-chain tokenization may implicate CFTC jurisdiction in specific cases:
Where ST22 Module 3 tokens reference a future commodity-delivery obligation (potential derivatives characterization) — the platform's BAE structure avoids this by tokenizing equity in a corporate vehicle rather than a future delivery
Where ST22 Module 3 trading creates synthetic commodity-price exposure — addressed via the CB-21 NAV variant (where applicable) and BAE corporate-equity structure that is not direct commodity-price exposure
12.8 Howey Test — Historical Reference
12.8.1 Authority Status
The Howey test (SEC v. W.J. Howey Co., 328 U.S. 293 (1946)) remains the foundational securities-classification test, but the binding federal taxonomy is now Release No. 33-11412 with its Five-Category framework. The Howey four-factor analysis is preserved as historical doctrinal reference, but operational classification of platform tokens follows the Release.
12.8.2 Howey Application to Platform Tokens
GROO Utility Token
No common enterprise (peer-to-peer use); no expectation of profits from efforts of others; bonding-curve distribution removes promoter influence
Category 1 (Digital Commodity) or Category 3 (Digital Tool)
Groovy Security Token (STO)
Common enterprise (Groovy Company); profit expectation tied to platform performance; managerial efforts of platform team
Category 5 (Digital Security)
ST22 Digital Securities
Common enterprise (per-issuer); profit expectation; managerial efforts of issuer
Category 5 (Digital Security)
Where Howey and the Release conflict in marginal cases, the Release controls as the more recent and more specific federal pronouncement on digital-asset taxonomy.
12.9 Module 3 Federal Frameworks — Critical Minerals Supply Chain
Module 3 (CORECM) operates within a constellation of federal frameworks governing US strategic-minerals supply-chain policy. Each framework is surfaced on-chain through the Classification Oracle (Section 6.8).
12.9.1 USGS Critical Minerals List
The US Geological Survey publishes the Critical Minerals List (most recently updated 2022, with annual reassessment). It defines minerals classified as critical to US economic and national security based on supply-chain vulnerability and strategic importance. Classification Oracle bitfield: STATUS_USGS_CRITICAL.
12.9.2 DOE Critical Materials Strategy
Department of Energy framework that includes specific programs around coal-derived REE recovery and other strategic-mineral supply-chain initiatives. Classification Oracle bitfield: STATUS_DOE_CRITICAL.
12.9.3 Section 232 of the Trade Expansion Act of 1962
Section 232 authorizes the President to impose tariffs and import restrictions on national-security grounds. Federal-action kind: KIND_SECTION_232 (Classification Oracle field). REG-42 federal-action variant triggers automatic 60-minute SLA freeze on detection.
12.9.4 Defense Production Act (DPA) Title III
DPA Title III authorizes federal investment in domestic critical-minerals production. Classification Oracle bitfield: STATUS_DPA_III_PROGRAM. Federal-action kind: KIND_DPA_III.
12.9.5 Inflation Reduction Act — Critical Minerals Provisions
The IRA includes critical-minerals tax credits (e.g., 30D vehicle credit's domestic-content thresholds) and supply-chain incentives. Classification Oracle bitfield: STATUS_IRA_30D_ELIGIBLE.
12.9.6 Executive Order 14017 — America's Supply Chains
EO 14017 directs federal agencies to assess and strengthen supply chains in critical sectors. Classification Oracle bitfield: STATUS_EO14017_LISTED. Federal-action kind: KIND_EXECUTIVE_ORDER.
12.9.7 Energy Act of 2020
Establishes federal critical-minerals research and innovation programs. Classification Oracle bitfield: STATUS_ENERGY_ACT_2020.
12.9.8 Defense Logistics — National Stockpile
Where applicable, BAE participation in National Defense Stockpile programs is flagged via Classification Oracle bitfield STATUS_DEFENSE_LOGISTICS.
12.10 SEC EDGAR Reporting Posture (Module 1)
For Module 1 issuers that are SEC-reporting companies, the platform's ST22 issuance does not change SEC reporting obligations. The issuer continues to file 10-K, 10-Q, 8-K, and beneficial-ownership reports per Exchange Act Section 13. The on-chain ledger feeds Layer 9 IDOS (via the EDGAR Oracle, Section 6.6) for issuer-distress signal generation but does not substitute for required SEC filings.
12.11 Anti-Money Laundering and Sanctions Compliance
12.11.1 BSA / AML Program
Empire Stock Transfer operates a Bank Secrecy Act / Anti-Money Laundering program covering all platform investor onboarding. The program includes:
Customer Identification Program (CIP)
§326 USA PATRIOT Act compliance
Customer Due Diligence (CDD)
FinCEN CDD Rule (31 CFR 1010.230)
Beneficial ownership
UBO identification per CDD Rule
Enhanced Due Diligence (EDD)
High-risk wallet path triggered by AML Oracle risk score 31–70
Suspicious Activity Reporting (SAR)
FinCEN SAR filing as required
Recordkeeping
5-year retention per BSA
Annual independent testing
Per BSA examination requirements
12.11.2 OFAC / SDN Compliance
The OFAC Oracle (Section 6.3) provides per-transfer SDN screening via a Bloom filter encoding sanctioned addresses. Controls SX-08 and SX-09 reject transfers involving sanctioned addresses. Control SX-10 rejects transfers when the OFAC oracle is stale beyond 90 minutes. The program covers all jurisdictions where Empire onboards investors.
12.12 Authoritative References (Consolidated)
SEC–CFTC Release No. 33-11412
March 17, 2026, binding
SEC Joint Staff Statement on Tokenized Securities
January 28, 2026
SEC Staff Statement on Covered User Interface Providers
April 13, 2026
GENIUS Act
Federal stablecoin framework
Wyoming Digital Asset Statute
W.S. 34-29-101 et seq.
CFTC Letter 25-39
2025
CFTC Letter 26-05
2026
Securities Act of 1933 — Reg D
17 CFR 230.501 et seq.
Securities Act of 1933 — Reg S
17 CFR 230.901 et seq.
JOBS Act §4(a)(6) — Reg CF
17 CFR 227.100 et seq.
Securities Exchange Act §17A
Empire Stock Transfer registration
USGS Critical Minerals List
USGS publication
DOE Critical Materials Strategy
DOE publication
Section 232 of Trade Expansion Act of 1962
19 U.S.C. § 1862
Defense Production Act Title III
50 U.S.C. § 4533
Inflation Reduction Act — Critical Minerals
Public Law 117-169
Executive Order 14017
"America's Supply Chains," February 24, 2021
Energy Act of 2020
Title III of Consolidated Appropriations Act, 2021
EIP-3643
December 2023, Final
SPL Token-2022 Specification
spl-token-2022 source; spl-transfer-hook-interface v0.6+
12.13 Case Law
SEC v. W.J. Howey Co.
328 U.S. 293 (1946)
Foundational securities-classification test (historical)
SEC v. Telegram
448 F. Supp. 3d 352 (S.D.N.Y. 2020)
Issuer-discretion enforcement risk; supports immutability rationale
SEC v. Kik Interactive
492 F. Supp. 3d 169 (S.D.N.Y. 2020)
Distribution architecture as a Howey factor
Copley Fund
Various
Investment-company classification adjacency
NAPFM v. SEC
Various
Administrative-procedure considerations for SEC rulemaking
Coinbase
Various
Digital-asset platform regulatory characterization
Risley
Various
Token-classification considerations
Crypto Freedom Alliance v. SEC
Various
Recent challenges to SEC digital-asset positions
RWA Tokens Whitepaper V10 — Section 12 — Confidential — Groovy Company, Inc.
Last updated
Was this helpful?