CFTC to Codify Non-Custodial Wallet Developer Protections
Commodity Futures Trading Commission (CFTC) Chair Michael Selig announced on May 5, 2026, at CoinDesk's Consensus Miami conference that the agency intends to codify its existing no action position on non custodial wallet software developers into formal regulation, offering the clearest federal green light yet for builders of self custody payment infrastructure in the United States. [1][2] From No Action Letter to Binding Rule The announcement builds directly on CFTC Letter No. 26 09 , issued by the agency's Market Participants Division on March 17, 2026 , in response to a request from Phantom Technologies Inc. , the developer behind the Phantom self custodial wallet. That letter stated the Division would not recommend enforcement action against Phantom or its personnel for failing to register as an introducing broker (IB) or as associated persons, provided Phantom's role remained limited to passively enabling user transactions without holding customer funds. [3] The Phantom letter was widely recognized as the CFTC's first no action position specifically tailored to a self custodial crypto wallet provider, but it carried an inherent limitation: the relief applied only to Phantom based on the specific facts it presented, and other market participants could not rely on it without independently submitting their own requests. [4] "We are seeking to formally incorporate this stance into rulemaking," Selig said at Consensus Miami, signaling the CFTC's intent to transform a fact specific accommodation into a market wide standard that any qualifying non custodial software developer could rely upon without seeking individual relief. [1] The proposed rulemaking would establish conditions under which developers are explicitly excluded from broker registration obligations. Based on the Phantom letter framework, those conditions include: restricting the developer's role to passively transmitting orders without exercising discretion; ensuring users maintain funds in custody with a registered derivatives clearing organization or futures commission merchant; requiring delivery of standard risk disclosures; and mandating that users retain independent access to the underlying exchange or broker without routing through the wallet interface. [4] Implications for Payments Infrastructure The regulatory clarity arrives at a pivotal moment for stablecoin payment infrastructure that depends on non custodial wallet rails. WalletConnect Pay , which powered over $400 billion in transaction volume in 2025 and connects more than 700 wallets across 500 million users , has positioned 2026 as the year it scales stablecoin payments into point of sale terminals globally, including through integrations with payment hardware maker Ingenico across more than 120 countries . [5] MetaMask , operated by Consensys , and Phantom itself serve tens of millions of users who interact with decentralized finance protocols and derivatives venues. A codified exemption removes lingering registration uncertainty that has previously forced some non custodial interface developers to either limit functionality or seek costly individual no action relief. The formalization affects any wallet or front end software that routes orders to CFTC regulated designated contract markets (DCMs) without intermediating the settlement of funds. Diverging Global Regulatory Paths The CFTC's direction stands in sharp contrast to legislative trends in Europe and Russia, where regulators have moved to impose disclosure requirements on self hosted wallet holders rather than protecting the developers building the software. | Jurisdiction | Policy Direction | Threshold / Mechanism | Status (May 2026) | | | | | | | United States (CFTC) | Codifying developer exemption from broker registration | Conditions based; no fund custody by developer | Proposed rulemaking announced May 5, 2026 | | France | Mandatory annual declaration of self hosted wallets to tax authority (DGFIP) | Holdings exceeding EUR 5,000 (~USD 5,900) | National Assembly passed first reading; Senate review pending | | Russia | Reporting of foreign cryptocurrency wallets to Federal Tax Service | Wallet openings/closings within 30 days; effective July 1, 2026 | Bill submitted to State Duma, April 2026 | | European Union | Travel Rule verification for self hosted wallet transfers | Transfers above EUR 1,000 | In force under Transfer of Funds Regulation | France's National Assembly passed a first reading anti fraud bill in April 2026 requiring residents to file annual declarations with the Direction Generale des Finances Publiques (DGFIP) for any self hosted wallet holding more than EUR 5,000 in digital assets. The measure, which targets software wallets such as MetaMask and Phantom as well as hardware devices such as Ledger , was later dropped by the joint parliamentary committee at its second reading on April 28, 2026, though the EU's Anti Money Laundering Authority (AMLA) could revive comparable requirements at the European level. [6] Russia separately submitted legislation to the State Duma in early April 2026 requiring residents to report the opening and closing of foreign cryptocurrency wallet addresses to the Federal Tax Service within one month of any change, effective July 1, 2026. [7] The Russian bill is part of a broader framework that would require licensed domestic intermediaries for any cryptocurrency transaction, effectively narrowing the practical utility of unhosted wallets for Russian residents regardless of formal ownership rights. Conditions and Market Readiness Selig did not release proposed rule text at Consensus Miami, and any formal rulemaking would require a public comment period before adoption. The CFTC has not indicated a specific timeline for publishing a notice of proposed rulemaking. However, the commitment to codify the Phantom framework signals that the current leadership intends to move quickly to provide certainty to an industry that has long operated under informal staff lev…