In a new paper, we show that, historically, the least disruptive answer by far would have also been one of the simplest: If the funds had mirrored how every other shareholder voted. Over the past 20 years, that single change would have altered the outcome of a shareholder vote just 12 times out of nearly 645,000.

The fight is no longer hypothetical. In November 2025, the Wall Street Journal reported that the White House was drafting an executive order to curb proxy advisers’ influence over corporate elections and to require large index-fund managers to “mirror” their clients’ votes—to cast the fund’s shares in the same proportions as the investors who choose to vote them. (The order issued the following month as Executive Order 14366.) Three weeks later, Congress reintroduced the INDEX Act, which would go further still: The largest fund families would have to pass their votes through to the investors who submit instructions and, for the shares whose owners stay silent, cast them in proportion to how the rest of the market votes—mirror voting, in the sense we use here. That same year, the SEC granted no-action relief for ExxonMobil’s Retail Voting Program, BlackRock expanded its Voting Choice program to retail investors, and a coalition of state attorneys general opened an investigation into Big Three voting practices.

The debate over these proposals has been almost entirely theoretical. Supporters and critics alike argue from intuition about what each reform would do—who would gain power, whose votes would carry more weight, which outcomes would change. In our paper, we bring data to a debate that has had almost none. We ask a simple counterfactual question: If these reforms had already been in place, what would actually have happened to historical shareholder votes?

We group the live proposals as follows. Mirror voting reassigns the index-fund block of shares to track the vote of some other group. Full abstention removes the index-fund votes entirely. Pass-through or voting choice (the Big Three’s voluntary programs) returns the vote to the beneficial owner. Standing voting instructions let owners pre-commit to a policy, such as voting with a designated investor; ExxonMobil’s program implements a single-option version that defaults to the board. Market mirroring reassigns the index vote to the non-indexed shareholders in proportion: If 60 percent of active shareholders vote in favor of a proposal, the index block records 60 percent as in favor.

Each version hands the indexed shares to a different decision-maker. That makes them comparable on the historical record and lets us ask which assignment changes the fewest outcomes and imposes the least bias.

We use 20 years of ISS Voting Analytics data, covering more than 600,000 agenda items at 9,451 firms from 2005 through 2025, and re-tabulate each vote as it would have come out under each reform.

Market mirroring barely changes anything. Had index funds mirrored the non-indexed vote across all 644,954 items in our sample, the outcome would have changed just 12 times—about one vote in 50,000. By comparison, full abstention would have flipped 1,996 outcomes, roughly 166 times as many, and an Exxon-style rule that defaults retail shares to management would have flipped 1,439. Rules that hand the index vote to management or require adherence to a proxy adviser’s recommendation move two orders of magnitude more outcomes than market mirroring.

The 12 flips share a common signature. Not one is a director election or a proxy-fight item; all 12 occur on contentious items where a proxy adviser disagreed with management, precisely where the informed, non-indexed vote carries the most signal. Ten of the 12 are pro-management, but that skew reflects how non-indexed shareholders voted on those items, not anything built into the rule. Among the four reforms, market mirroring is the only one with no thumb on the scale by design.

The same picture holds for vote margins, not just flipped outcomes. Mirroring occasionally shifts a margin by several points—the largest single shift across all 644,954 items is eight percentage points—but those movements almost never come near changing a result. Only 22 items move by more than five points, and the eight-point outlier is not one of the 12 that flip.

Not every reform is so benign. Full abstention does not just change outcomes; it can make meetings fail. When index-fund shares disappear from the count, roughly one shareholder meeting in 10 in our sample would have fallen below its quorum threshold. Market mirroring, by construction, casts a ballot on every eligible item, so it never raises that problem.

Critics of mirror voting have raised several theoretical concerns, and we apply each to the data. First, the worry that low non-indexed turnout would let an unrepresentative minority dominate (minority amplification) shows up barely at all: the flip count is flat across turnout deciles, and even the lowest-turnout votes move margins only marginally. Second, the worry that a small activist stake would swing the mirrored block (activist amplification) finds no support: Zero director elections flip, and margin shifts in contested settings stay a fraction of a point. Third, the worry that supermajority bylaws would distort mirrored votes (threshold distortion) touches just five of more than 7,000 supermajority items, all comfortably far from their thresholds. In each case, the mechanism critics feared is real in theory but tiny in the historical record.

To be sure, our estimates are static. We re-tabulate the votes that were cast; we do not model how investors might change their behavior if mirror voting became the rule, an equilibrium question we leave for future research. We measure two things: how much each reform would have disrupted historical outcomes, and how much directional bias each carries. On both, market mirroring is the least intrusive of the four.

That is not an argument that mirror voting is the best reform, and we do not make one. Which proposal to adopt also turns on selection bias, capture, and drafting risk, considerations we do not weigh here. For two decades this debate has run on intuition; we supply the measured magnitudes it has lacked.

Edwin Hu is an associate professor at the University of Virginia School of Law. Robert E. Bishop is an associate professor at Duke University School of Law. Frank Partnoy is the Adrian A. Kragen Professor of Law at the University of California, Berkeley, School of Law and a research member of the European Corporate Governance Institute (ECGI). This post is based on their recent paper, “Mirror Voting,” available here.

• What’s new: The EU and CPTPP countries have agreed to accelerate work toward a digital trade agreement covering e-commerce, cross-border data flows and data localization for a combined economy of $35 trillion and 1.6 billion people.
• Why it matters: For multinationals operating across the EU and Asia Pacific markets, the initiative signals a shift toward a multibloc digital governance environment, with implications for data transfer architectures, cloud strategies, AI deployment and cybersecurity compliance.
• What to do next: Companies should consider monitoring developments and prepare for a potential shift in the regulatory architecture governing cross-border data, AI and cybersecurity, including by mapping data transfer mechanisms, assessing cloud strategies and elevating digital trade risk to board level.

Key Points

• On March 27, 2026, at the 14th WTO Ministerial Conference in Yaoundé, Cameroon, the EU and CPTPP countries agreed to accelerate work toward a digital trade agreement covering e-commerce, cross-border data flows and data localization for a combined economy of $35 trillion and 1.6 billion people.
• The EU has already concluded digital trade deals with several CPTPP members, including Chile, Japan, New Zealand, Singapore and the U.K., providing a road map for a broader agreement.
• Key differences between the two parties’ existing approaches to digital trade will be central to negotiations, including the treatment of personal data as a “policy objective” in the CPTPP versus a “fundamental right” in the EU, the breadth of security exceptions, and the scope of financial services data rules.
• For multinationals operating across the EU and the Asia Pacific markets, the recent initiative signals a shift toward a multibloc digital governance environment, with implications for data transfer architectures, cloud strategies, AI deployment and cybersecurity compliance.

What Has Been Agreed (and What Is to Come)

On March 27, 2026, ministers and representatives of the Comprehensive and Progressive Agreement for Trans-Pacific Partnership (CPTPP) and the European Union released a Joint Ministerial Statement (the Joint Statement) on the sidelines of the 14th World Trade Organization (WTO) Ministerial Conference (MC14) in Yaoundé, Cameroon. The parties committed to cooperating on trade diversification, supply chain resilience, digital trade and the global trading environment, and instructed senior officials to develop work plans.

The Joint Statement is a commitment at the level of a memorandum of understanding (MOU) and does not contain any binding language. Nevertheless, the statement signals the parties’ intent to establish an EU-CPTPP digital trade agreement that would set common rules on e-commerce, data flows, and data storage. Canada’s minister of international trade characterized the prospective agreement as potentially “the largest trading agreement in civilization.”

The broader context makes the timing notable. MC14 ran nearly two days past its scheduled close, failing to finalize key texts on WTO reform and fisheries subsidies. Most significantly, WTO members failed to renew the Moratorium on Customs Duties on Electronic Transmissions, a longstanding agreement first adopted in 1998 that bans customs duties on digital downloads, streaming and other electronic transmissions. Sixty-six WTO members subsequently agreed to put the moratorium into effect on an interim basis outside the WTO framework, reflecting a shift toward coalition-based rulemaking when multilateral consensus proves elusive. Against this backdrop, the EU-CPTPP initiative represents a broader exercise in coalition-building aimed at preserving rules-based trade amid a fragmented WTO.

Likely Scope: Data Flows, Localization, Source Code and AI

The existing treaty texts of the CPTPP and the EU’s five trade agreements that contain digital trade provisions — the EU-Singapore Digital Trade Agreement (EU-Singapore DTA), EU-Japan Economic Partnership Agreement (EU-Japan EPA), EU-New Zealand Free Trade Agreement (EU-New Zealand FTA), EU-Chile Advanced Framework Agreement (EU-Chile AFA) and EU-UK Trade and Cooperation Agreement (EU-UK TCA) — provide a picture of the likely contours of a combined framework.

Cross-Border Data Flows and Localization Bans

The CPTPP and the EU bilateral instruments start from the same premise: Digital trade rules should limit parties from using data localization requirements as a condition of doing business.

The CPTPP does this through two principal commitments in Chapter 14 (Electronic Commerce). Article 14.11 requires parties to allow cross-border transfers of information, including personal information, by electronic means when the activity is for the conduct of a covered person’s business, and Article 14.13 separately prohibits a party from requiring a covered person to use or locate computing facilities (such as servers, data centers and related network elements) in its territory as a condition for conducting business.

Parties are permitted to derogate from these obligations for legitimate public policy reasons, provided the measure is not applied in an arbitrary or discriminatory way, is not a disguised restriction on trade and is not more restrictive than necessary. As discussed below, these obligations are also subject to an “essential security” exception and other general exceptions. Importantly, both obligations apply only to “covered persons,” a category defined in Article 14.1 that does not include “financial institutions” as defined in the CPTPP’s separate Chapter 11 (Financial Services). The CPTPP therefore does not categorically prohibit cross-border data flow restrictions or localization measures applied to financial institutions through Chapter 14; data-related obligations for financial institutions are instead addressed through Chapter 11, which is discussed below.

By contrast, the EU bilateral agreements are more specific about the forms of localization, and the forms of cross-border data transfer restrictions, that they prohibit. For example, the EU-UK TCA, EU-New Zealand FTA and EU-Chile AFA each prohibit four specific categories of restrictions on covered cross-border data flows — i.e., measures that:

• Require the use of local computing facilities or network elements (such as in-territory servers, data centers or similar infrastructure) for data processing.
• Require the localization of data (i.e., requirements that data be stored or processed within the party’s territory).
• Prohibit the storage or processing of data in the other party’s territory.
• Make the cross-border transfer of data contingent on the use of local computing facilities or compliance with data localization requirements.

The protocol amending the EU-Japan EPA (the Protocol) extends that list by also prohibiting measures that block transfers of information into a party’s territory or require a party’s prior approval for cross-border transfers of information.

The EU instruments preserve regulatory space somewhat differently from the CPTPP framework. The EU-UK TCA preserves data protection transfer mechanisms of general application; the EU-New Zealand FTA preserves personal data and privacy protections and includes agreement-specific scope exclusions, including for information held or processed by or on behalf of a party and specified Māori-related measures; and the EU-Chile AFA incorporates general, security and prudential exceptions into the digital trade chapter. The EU-Japan Protocol (Protocol) adds an objectively interpreted legitimate public policy exception, preserves personal data transfer instruments of general application and excludes information held or processed by or on behalf of a party.

Financial Services Data

Under the CPTPP, “financial institutions” is a separately defined term that is excluded from the “covered person” definition in Article 14.1, so the digital trade chapter’s cross-border data transfer and localization commitments (Articles 14.11 and 14.13) do not apply to them as such. Data-related obligations for financial institutions are instead governed by the CPTPP’s separate financial services chapter (Chapter 11), which is structured around prudential supervision and contains its own, more limited data-transfer disciplines. As a result, CPTPP parties retain broader latitude to impose data localization or transfer requirements on financial institutions for prudential or supervisory reasons than they do for nonfinancial covered persons under Chapter 14. The scope of any combined EU-CPTPP framework with respect to noninstitution financial-services suppliers will be an important point to monitor.

The EU agreements include a mixture of cross-sectoral and financial-services-specific rules:

• The EU-Singapore Free Trade Agreement (EU-Singapore FTA), which provides the foundation for the EU-Singapore DTA, contains a financial-services-specific rule requiring each party, subject to privacy and confidentiality safeguards, to permit a financial service supplier of the other party to transfer information into and out of its territory for data processing where required in the ordinary course of business.
• The EU-Japan EPA originally included a similar financial-services-specific transfer rule, but the Protocol deletes that provision and instead applies a horizontal cross-border transfer rule to financial-services suppliers, while preserving prudential, privacy and other exceptions.
• The EU-Chile AFA takes a hybrid approach: It brings the provision and transfer of financial information, and financial data processing and related software, within the scope of its cross-border supply of financial services discipline, thereby prohibiting market access and national treatment restrictions on those activities subject to the agreement’s prudential carve-out and confidentiality protections.

Negotiations in this area are likely to focus on whether the digital trade chapter of any combined EU-CPTPP framework will apply to financial services at all (as the EU agreements generally do, in varying ways) or carve them out (as the CPTPP does for “financial institutions”). If the digital trade chapter does apply to financial services, will the resulting rules be the cross-sectoral cross-border data flow and data localization disciplines (subject to prudential and confidentiality safeguards) or a separate set of financial-services-specific transfer provisions? The final landing zone could have significant practical consequences for banks, insurers, asset managers and fintech firms operating across the two blocs.

Source Code and Algorithm Protection

Both the CPTPP and EU agreements prohibit governments from requiring the transfer of, or access to, software source code as a condition for market entry. The CPTPP’s protection covers mass-market software but excludes critical infrastructure. The EU-Japan EPA, EU-New Zealand FTA, EU-Chile AFA and EU-U.K. TCA each include comparable prohibitions, although with varying exceptions for court orders, competition law, intellectual property enforcement and public procurement.

Notably, the EU-Singapore DTA goes the furthest, extending source code protections to algorithms and machine-learning models. The DTA provides certain exceptions to these protections to preserve access or disclosure authority for specified functions — such as investigations, inspections, enforcement actions, judicial proceedings, competition-law remedies, intellectual property enforcement and public procurement — generally subject to safeguards against unauthorized disclosure. As AI-driven business models proliferate, the question of whether forced disclosure requirements extend to algorithms, training data and model weights becomes increasingly consequential. The EU-Singapore approach may serve as a useful template for any combined framework.

Customs Duties on Electronic Transmissions

Both the CPTPP and all five EU bilateral agreements permanently ban customs duties on electronic transmissions. This is the strongest area of convergence, and its significance has been amplified by the lapse of the WTO e-commerce moratorium at MC14. Embedding a permanent ban in an EU-CPTPP agreement would provide a stable floor for digital commerce as the multilateral consensus frays.

Points of Divergence: Privacy, Security Exceptions and Regulatory Frameworks

While there is substantial convergence on digital trade prohibitions and protections, the two models diverge on the conditions under which parties can restrict data flows and on the hierarchy of values that governs derogation. Resolving these differences will be important for any future EU-CPTPP agreement.

Privacy: ‘Policy Objective’ vs. ‘Fundamental Right’

The CPTPP requires parties to maintain a legal framework for the protection of personal information but accords the parties considerable flexibility in how they do so. For instance, CPTPP parties may satisfy the requirement through comprehensive national laws, sector-specific laws or even voluntary enterprise undertakings. When invoked to justify restrictions on data flows, privacy is treated as a “legitimate public policy objective” that must pass a trade-law necessity test. This means that the measure must not be arbitrary, must not be a disguised restriction on trade and must not be more restrictive than necessary.

The EU’s bilateral agreements take a different approach. The EU-New Zealand FTA, EU-U.K. TCA, EU-Chile AFA and EU-Singapore DTA each recognize the protection of personal data and privacy as a “fundamental right.” The EU-Singapore DTA expressly preserves each party’s right to adopt measures for the cross-border transfer of personal data, provided its law includes instruments enabling transfers under conditions of general application. This effectively carves out General Data Protection Regulation (GDPR) adequacy decisions, standard contractual clauses and similar mechanisms. By elevating privacy to the status of a fundamental right, these agreements aim to place privacy measures beyond the reach of trade proportionality tests, a qualitative difference from the CPTPP model.

The EU-Japan Protocol, which is an amendment to the EU-Japan EPA, represents the most pragmatic attempt to bridge this divide. The Protocol recognizes each party’s right to determine the appropriate level of protection for personal data and privacy; encourages adoption of high standards, including those outlined by the Organisation for Economic Co-operation and Development (OECD); and preserves each party’s right to maintain its own cross-border transfer instruments. This concept, sometimes described as “Data Free Flow With Trust” (DFFT), accepts CPTPP-style localization bans while carving out space for EU-style data protection instruments such as adequacy decisions and standard contractual clauses. It may represent the most likely template for a combined framework.

Existing cross-border enforcement infrastructure could also play a role. The Asia-Pacific Economic Cooperation (APEC) Cross-Border Privacy Enforcement Arrangement (CPEA), a voluntary cooperation framework among privacy enforcement authorities across APEC economies, facilitates information sharing and enforcement referrals among several CPTPP members. While the CPEA does not create binding obligations, its operational infrastructure could also provide a practical foundation for interoperability between APEC and EU privacy enforcement mechanisms.

The Security Exception

The CPTPP’s digital trade obligations are subject to the general and security exceptions set out in Chapter 29. This chapter provides an “essential security” exception that allows a party to take any measures that “it considers necessary” for the protection of its essential security interests. This language could be construed as self-judging, in which case the invoking party itself would determine whether the exception applies.

By contrast, the EU’s bilateral agreements include security exceptions, but they are framed in language that echoes Article XXI of the General Agreement on Tariffs and Trade (GATT). GATT Article XXI uses the “it considers necessary” formulation but ties it to enumerated categories: fissionable materials, arms and military supply, measures taken in time of war or other emergency in international relations, and actions under the United Nations Charter. The EU-Japan EPA, EU-Singapore FTA and EU-Chile AFA largely follow this architecture: The self-judging phrase is present but is tethered to defined security categories.

WTO panels have been willing to review the applicability of certain aspects of Article XXI to specific facts. For instance, panels have in some cases been willing to assess whether the challenged measure falls within the treaty’s listed categories and whether it has been invoked in good faith, rejecting the U.S. position that Article XXI is entirely self-judging.¹ Indeed, in recent disputes, panels have declined to accept the invocation of Article XXI where these elements were not satisfied.² Thus, for purposes of an EU treaty, the invocation of a security exception may be difficult to overcome, but it is not entirely immune from scrutiny by a dispute settlement panel.

Given recent WTO panel disputes and wider disagreements with the U.S. over the use (and perceived abuse) of security exceptions to depart from trade commitments, EU negotiators may be reluctant to adopt the CPTPP’s broader self-judging exception. Indeed, although the U.S. ultimately withdrew from what was originally labeled the Trans-Pacific Partnership (TPP), it drove much of the negotiations and provisions that carried into the CPTPP, such as the essential security clause, reflect U.S. drafting preferences. With the U.S. no longer a party to the agreement, there may be greater openness among the remaining CPTPP members to adopt the EU’s narrower approach.

Binding Commitments vs. Aspirational Norms

A further open question is whether an agreement would translate into binding changes in domestic laws and regulations or remain a set of principles and norms. Whether there is appetite for that level of commitment, backed by dispute settlement provisions, or whether the agreement will be more aspirational are some of the most important strategic questions for a possible EU-CPTPP agreement.

Cybersecurity

The CPTPP takes a cooperative approach to cybersecurity, recognizing the importance of building national incident response capabilities and cooperating on malicious intrusions. These are best-efforts commitments, not prescriptive requirements.

In contrast, the EU’s approach is more concrete. Specifically, the EU-Singapore DTA commits the parties to risk-based cybersecurity approaches and consensus-based standards, and the accompanying EU-Singapore Digital Partnership commits to mutual recognition arrangements for cybersecurity certifications where compatible approaches exist on both sides. The EU’s domestic regime, including the Network and Information Security Directive (NIS2) and the Cybersecurity Act, imposes incident reporting and operational resilience standards that go beyond the CPTPP’s cooperative model.

A potential path is mutual recognition rather than harmonization. The EU-Singapore model proceeds in three steps:

• First, it sets a common baseline through digital trade commitments.
• Second, it preserves each side’s domestic regulatory autonomy.
• Third, it uses the Digital Partnership to pursue mutual recognition of compatible standards, including cybersecurity certifications, through future workstreams..

What Companies Should Consider Now

For multinationals with operations spanning the EU and the Asia Pacific regions, the recently announced initiative is a signal to begin monitoring developments and preparing for a potential shift in the regulatory architecture governing cross-border data, AI and cybersecurity. Companies should consider taking the following steps:

• Map cross-border data transfer mechanisms. Companies will want to assess whether their current data transfer architectures are positioned to operate under both CPTPP and EU frameworks, or if a combined framework might create new interoperability challenges.
• Assess cloud and data center strategies. Companies will want to evaluate whether existing cloud architectures can take advantage of any broader harmonization of localization bans and note existing sectoral differences between the CPTPP and the EU agreements. In the financial sector, banks, insurers and fintech companies should therefore track whether any combined framework brings financial data under the localization ban by default or leaves it governed primarily by financial-services exceptions.
• Integrate AI governance with trade restrictions. Emerging protections for algorithms and machine-learning models in the EU agreements signal that AI deployment strategies will increasingly be shaped by trade rules, not just domestic regulation. Companies developing or deploying AI across jurisdictions should monitor whether source code protections extend to training data, model weights or other components of the AI stack.
• Evaluate cybersecurity posture. Companies will want to assess their incident reporting posture against the standards emerging from both frameworks, given the EU’s NIS2 requirements and the possibility of mutual recognition of cybersecurity certifications.
• Elevate “digital trade risk” to the board level. As digital trade frameworks evolve, the strategic implications for market access, data infrastructure investments and regulatory compliance merit attention at the board level, not just within compliance functions.

What We’re Watching

The EU-CPTPP Joint Ministerial Statement instructed senior officials to develop work plans and prepare a progress report for their next meeting. Several developments will shape whether this initiative gains momentum.

• Timeline and form. A critical question is whether the parties will pursue a binding agreement backed by dispute settlement provisions, or a softer framework of principles and norms.
• WTO e-commerce moratorium. The 66-member interim arrangement preserving the moratorium on customs duties is a stopgap. If it cannot be restored through the WTO, embedding a permanent ban in an EU-CPTPP agreement could become even more strategically significant.
• U.S. position. The U.S. is not a CPTPP member, having withdrawn from the original TPP in 2017. Even so, an EU-CPTPP agreement could affect U.S. companies because it may set the operating baseline for data transfers, localization, AI-related disclosures and cybersecurity across markets where many U.S. multinationals sell, host data or rely on regional supply chains. If those standards diverge from U.S. policy, companies may need to build compliance programs around an EU-CPTPP rule set even without U.S. participation.
• Broader geopolitical dynamics. The EU-CPTPP initiative is part of a wider pattern in which trade partners are using regional and bilateral frameworks to fill gaps left by WTO gridlock. For the EU, recent efforts to conclude or advance major trade agreements with Australia, India, Indonesia and Mercosur point in the same direction: building issue-specific coalitions that can set practical rules for market access, resilience and digital governance even when multilateral rules lag.

As the preceding reflects, digital trade governance is no longer a single-jurisdiction compliance exercise. It is a multibloc strategic challenge that touches on data infrastructure, AI governance, cybersecurity and enterprise risk. Companies should continue to monitor developments in this space, including with respect to the EU-CPTPP dialogue, and ensure that they are able to adapt to this rapidly changing environment.

ENDNOTES

1 See, e.g., Panel Report, United States – Origin Marking Requirement, WT/DS597/10 (Dec. 21, 2022); Panel Report, United States – Certain Measures on Steel and Aluminum, WT/DS544/14 (Dec. 9, 2022); Products, Press Release, U.S. Trade Representative [USTR], Statement from USTR spokesperson Adam Hodge (Dec. 21, 2022) (“The United States has held the clear and unequivocal position, for over 70 years, that issues of national security cannot be reviewed in WTO dispute settlement, and the WTO has no authority to second-guess the ability of a WTO Member to respond to what it considers a threat to its security.”)

2 See, e.g., Panel Report, Russia – Measures Concerning Traffic in Transit, WT/DS512/R (April 5, 2019).

This post is based on a Skadden, Arps, Slate, Meagher & Flom LLP memorandum, “The Next Digital Trade Framework: What an EU-CPTPP Agreement Signals for Data, Cyber and AI Governance,” dated June 15, 2026, and available here, 

The proposed rulemaking does not take a step back and consider what is best for derivatives markets.  Rather, the proposal is a pragmatic exercise meant to further the CFTC’s litigation concerning contracts on sporting events and the philosophical views of its current leadership.  The CFTC largely chose this approach when it permitted contracts on NFL games and other sporting events at the outset of the second Trump administration.  These markets have flourished, and now it is hard to put the toothpaste back in the tube as industry expectations have been established around the provision of sports gambling through derivatives exchanges.  What we are seeing is rulemaking catching up with the policy the CFTC instituted through non-enforcement.

As background, there are differing views on the procedural requirements of the Concerning Event Contract Section and CFTC Rule 40.11, which was promulgated under that section.  CFTC Rule 40.11 represents the Obama-era effort of the CFTC to categorically prohibit contracts on Enumerated Subjects.[3]  In the past, the CFTC viewed the Concerning Event Contract section as allowing for ex ante prohibition of event contracts on the Enumerated Subjects.  The current Rule 40.11 prohibits exchanges from listing contracts on Enumerated Subjects.  But under the current Trump administration, it is no longer enforced.  This lapse led to and relates to the litigation the CFTC is involved in with states and tribes regarding its exclusive jurisdiction over contracts traded on derivatives exchanges.  The CFTC has traditionally had exclusive jurisdiction over contracts traded on its exchanges—a congressional choice that in part responds to over a century of efforts to regulate such contracts as gambling under state law.  In the past, however, the CFTC has not permitted overt gambling on its exchanges as to matters such as contracts that settle on the outcomes of sporting events.[4]  When the CFTC allowed exchanges to list sports wagering contracts, state gambling commissions and Native American tribes sued the exchanges.  The CFTC intervened in these suits, arguing that only the CEA governs contracts on derivatives exchanges and seeking to stop state and Native American efforts.[5]

Judges considering state claims of concurrent jurisdiction over derivatives exchanges to the extent they host sports wagering have considered Rule 40.11.  The non-enforcement of that rule has been seen as an argument for concurrent state regulation.  In the proposal, the CFTC seeks to reframe its non-enforcement. The proposal includes evidence that it was not carefully prepared, including in that it (a) does not respond to comments on the preceding Advanced Notice of Proposed Rulemaking that were critical of hosting sports gambling on derivatives exchanges, and (b) includes superficial errors.  The proposal was developed quickly, likely to provide a response to the litigation spread across more than a dozen federal and state courts.

From the time Rule 40.11 passed, critics were skeptical that it was consistent with the language of the Concerning Event Contract Section.  CFTC Commissioner Brian Quintenz offered a leading and thoughtful criticism.  He argued that the Concerning Event Contract Section requires the CFTC to consider the validity of a contract only after it has been filed.  The proposed rulemaking adopts this position, providing an excuse for the CFTC’s non-enforcement of Rule 40.11 under the second Trump administration.

The framework the CFTC proposes for reviewing filed event contracts takes a similarly strategic position.  At the highest level, the framework involves three steps.  First, there is a determination of whether the contract is an event contract. Second, there is a determination of whether the event contract involves one of the subjects listed in Section 5c(c)(5)(C).  And third, there is a determination of whether the covered event contract is contrary to the public interest.  All three questions have to be answered in the affirmative for a contract to be prohibited after being listed.

Procedurally, the proposal gives the CFTC a truncated period to undertake its review.  The statute provides the CFTC with a 90-day review period that can start at any point.  The proposed rulemaking gives the CFTC 10 days from contract filing to initiate a review based on a Commission level (rather than staff level) determination.  After review is initiated, the CFTC has only 15 days to provide the exchange with a relatively detailed, written objection.  And the remaining 75 days of the 90-day period are similarly carved up to reduce the opportunity for the CFTC to muster objections to filings.  The truncated period reduces the CFTC’s ability to cogently challenge event contract filings.  Contracts that are not challenged or are not successfully challenged are viewed as copacetic and become precedent for authorizing similar contracts.

Substantively, the review of contracts is based on factors that the CFTC has chosen strategically.  In some cases (e.g., war, terrorism, assassination), the CFTC considers broader social interests that are nowhere specified in the CEA as I believe an agency should when considering the public interest.  For example, the CFTC considers national security and moral hazard when assessing contracts on war, assassination and terrorism.  It also considers moral hazard when considering contracts that violate state law.  Similarly, when considering event contracts on youth sports and player injuries it considers privacy interests related to minors and health information.  The CFTC demonstrates it knows how to assure that innovation is “responsible innovation” and consider the implications of contracts beyond any statutory rubric.  However, in relation to sports contracts, the CFTC doesn’t consider the social implications of permitting gambling through derivatives platforms.  Indeed, the CFTC does not acknowledge that gambling is socially harmful and that allowing gambling on derivatives markets degrades the stature of those markets and the CFTC.[6]

In considering contracts on sporting events in the proposal, the CFTC focuses on protecting market integrity rather than on the social implications of the market.  Laudably, the CFTC considers the susceptibility of contracts to manipulation, insider trading and other misconduct and is attentive to the resources of exchanges in policing for misconduct.  However, in my view, this does not substitute for attention to the social utility of the contracts.  Moreover, some of the discussion is based on the CFTC’s speculation about the character of information available as to various events (such as outcomes of sports matches and individual player performance), speculation as to the value of information about those outcomes, and speculation about the hedging value of these contracts.  This speculation is baseless, and in many cases likely wrong.  Along the way to its desired outcome, the CFTC has to make some uncomfortable distinctions, such as between contracts on artistic ice-skating competitions and contracts on the outcomes of award shows.

Importantly, the proposal leaves some competitive breathing room for the sports books, and this may be a recognition of the political economy of the contest between exchanges and sports books the CFTC waded into.  Wagers on an individual player’s actions during a match are disfavored under the proposing release.  As a result, only sports books would probably be able to offer this lucrative and popular diversion (e.g., whether a penalty kick is made or a pitcher strikes out a specific hitter).  It remains to be seen how the competition between sports books and other traditional gambling venues, on the one hand, and derivatives exchanges, on the other hand, develops.  It will be interesting to compare sports wagering volumes, revenues, and profits captured by traditional venues and prediction markets over time.  While immunity from state gambling regulation, taxes and licensing fees provides a powerful leg up to derivatives exchanges, this limitation on products they can offer leaves an important competitive advantage to sports books.

An implication of the strategy the CFTC chose in the proposal is worth addressing.  The current CFTC, again, is vociferously arguing against the validity of existing Rule 40.11 and defending the agency’s non-enforcement record.  The rule, as it would be amended by the proposal, allows the listing of all event contracts subject only to ex post CFTC review.  This means, for example, that prediction markets are free to list contracts on whether Emmanuel Macron would be assassinated or someone will set off a bomb in Lincoln Center.  Only if a post-listing CFTC review process finds that the contract is contrary to public interest would the contract be banned.  However, the CFTC has telegraphed in the release that it is highly likely that such event contracts would be found contrary to public interest.  Although the CFTC is seeking to change rules to enable such distasteful contracts to be listed, such contracts are as a practical matter unlikely to survive for very long.  This change is the price of the Trump CFTC vindicating its reading of the Concerning Event Contract Section as permitting only ex post review.  My strong preference is to continue the practice of banning certain contracts on Enumerated Subjects ex ante and I believe even a post-Loper Bright CFTC has authority to do so.

ENDNOTES

[1] Prediction Markets; Public Interest Determinations, 91 Fed. Reg. 35806 (June 12, 2026).

[2] Specifically, the Concerning Event Contract Section provides in relevant part: “(C)Special rule for review and approval of event contracts and swaps contracts:

(i)Event contracts. In connection with the listing of . . . contracts . . . by a [derivatives exchange] the Commission may determine that such . . . contracts . . . are contrary to the public interest if the . . . contracts. . . involve— (I) activity that is unlawful under any Federal or State law; (II) terrorism; (III) assassination; (IV) war; (V) gaming; or (VI) other similar activity determined by the Commission, by rule or regulation, to be contrary to the public interest.

(ii)Prohibition. No . . . contract . . . determined by the Commission to be contrary to the public interest under clause (i) may be listed or made available for clearing or trading on or through a registered entity. . . .

(iv)Deadline.  The Commission shall take final action under clauses (i) and (ii) in not later than 90 days from the commencement of its review unless the party seeking to offer the contract or swap agrees to an extension of this time limitation.”

[3] Provisions Common to Registered Entities, 76 Fed. Reg. 44776 (July 27, 2011).

[4] Ilya Beylin, Regulation of Prediction Markets in the U.S., Commodity Insights Digest (Summer 2026).

[5] For partial discussions of the litigation, see John T. Holden, Matthew C. Turk & Marc Edelman, Regulating Sports Prediction Markets, U. Ill. L. Rev. (forthcoming 2026); Melinda Roth, Prediction Markets: Creating a New Asset Class from Ballots to Box Scores, Connecticut L. Rev. (forthcoming 2026).

[6] The proposal exhibits a refusal to consider broader social interests in other places, such as in welcoming betting on the outcomes of court cases (which are necessarily driven by a concentrated group of actors and involve concerns with the independence of judges and juries, rule of law, and manipulation).  Fomenting wagers on court outcomes may spur the legal community to turn to Congress for a fix.  It also has interesting interactions with litigation financing.

Ilya Beylin is an associate professor at Seton Hall University School of Law.

Attorney-Client Privilege

A threshold consideration is whether the presence of an A.I. notetaker in a meeting involving legal advice could constitute a waiver of the attorney-client privilege. Because the A.I. companies that operate these tools may have access to transcript data under their terms of use, an opposing party could contend that use of an A.I. notetaker constitutes disclosure to a third party, thereby defeating the privilege.[2] Courts have not yet squarely addressed this question, but early decisions involving application of attorney-client privilege and/or attorney work product to A.I.-generated transcripts are trending in different directions. In February, Judge Jed S. Rakoff of the Southern District of New York held that transcripts generated by a party, on his own, through the public-facing Claude A.I. app were not privileged, reasoning that the user could have no expectation of privacy given the app’s disclosures about model training and potential third-party data sharing.[3] More specifically, the court held that the defendant’s self-directed A.I. communications discussing case strategy—though later shared with an attorney—were protected by neither attorney-client privilege nor work product.[4]

By contrast, Judge Gershwin A. Drain in the Eastern District of Michigan declined to compel production of a pro selitigant’s ChatGPT transcripts, rejecting the analogy to third-party disclosure.[5] In that case, the civil defendant issued both requests for production of documents and interrogatories to the plaintiff in connection with the plaintiff’s A.I. usage in the lawsuit.[6] The court rejected a motion to compel responses to the discovery requests related to plaintiff’s use of A.I. tools in connection with the lawsuit and held that the requests inappropriately sought the party’s work product made in anticipation of litigation.

A third recent decision adds further texture. In Morgan v. V2X, Inc., magistrate Judge Braswell in the District of Colorado held that work product protections under Rule 26(b)(3) apply to a pro se plaintiff’s use of A.I. in litigation, reasoning that “[a] reading of Rule 26(b)(3) that conditions work product protection over AI materials on the involvement of counsel finds no support in the rule’s text and would further disadvantage unrepresented litigants.”[7]Distinguishing Heppner on the ground that the pro se litigant acts simultaneously as party and advocate—eliminating the “gap” between party and attorney that informed Judge Rakoff’s analysis in part—the court concluded that “AI interactions do not automatically compromise work product protections” and that routing information through a third-party A.I. system does not, without more, waive those protections.[8]  Notably, the court drew on the Fourth Amendment’s third-party doctrine[9] to observe that “the mere fact that information is held by a third-party intermediary, does not automatically extinguish a reasonable expectation of privacy in that information.”[10] Although Morgan addressed work product rather than attorney-client privilege and involved a pro se plaintiff rather than a corporate meeting, its reasoning reinforces the emerging principle that the privilege and confidentiality analysis will turn on the specific circumstances and data practices, not simply the bare fact of A.I. involvement.

These decisions—though early and imperfectly analogous—provide some guidance as to how courts will view A.I.-generated meeting notes and whether those notes are protected.

Discovery and Evidentiary Risk

A.I.-generated transcripts also expand the universe of potentially discoverable material. Unlike curated meeting minutes, automated transcriptions capture virtually every remark and tangential comment, including statements later retracted or corrected. Those verbatim records may surface in litigation or government investigations to detrimental effect. Accuracy presents an additional concern: transcription errors may be difficult to identify or correct years after the fact, particularly once participants’ recollections have faded. Sophisticated litigants and regulators may increasingly seek these records for precisely these reasons. Board meetings present particular governance sensitivities, as verbatim A.I. transcripts may preserve speculative, critical, preliminary, or offhand remarks that curated minutes would ordinarily omit in favor of contextualized summaries, potentially complicating fiduciary duty or securities litigation if such statements are later taken out of context.

Practical Considerations

The New York City Bar Association (the “NYCBA”) issued a formal opinion urging lawyers to assess whether recording and transcribing meetings is tactically advisable and requiring them to advise clients of the associated risks.[11] In Formal Opinion 2025-6, the NYCBA examines the ethical obligations of attorneys when A.I. tools are used to record, transcribe, and summarize conversations between clients and their attorneys. The opinion concludes that “clients must be notified, and their consent obtained, whenever their calls are being recorded by an AI-empowered system,” and that attorneys should assess whether recording serves the client’s interests given the attendant risks to confidentiality and privilege.[12] It further provides that attorneys should independently review any transcript or summary for accuracy before it is preserved, given that these materials may later be relied upon “sometimes even years later,” and that informal advice may take on greater weight once memorialized in writing.[13] Where a client chooses to use its own A.I. tool, the opinion directs attorneys to advise the client of the risks of loss of confidentiality and privilege.[14]

The opinion also addresses confidentiality under Rule 1.6, directing attorneys to evaluate the privacy and security safeguards of any A.I. tool—including where data is stored, whether it may be retrievable in discovery, and whether the provider uses it for model training—and to advise clients of the associated risks to confidentiality and privilege, particularly where the attorney does not control the client’s own A.I. tool.

Although the opinion is framed around the attorney-client conversation, many of the risks it highlights extend naturally to the corporate meeting context. If an A.I. notetaker’s vendor retains access to underlying recordings and transcript data, or uses it for training purposes, confidentiality and privilege concerns may apply. Organizations that deploy these tools across their operations may therefore wish to consider adopting policies that reflect the opinion’s core principles, including informed consent, tactical assessment of whether recording is appropriate in a given context, accuracy review of any preserved output, and due diligence on vendor data practices.

Conclusion

Though the law governing the utilization and outputs of A.I. notetakers remains unsettled, the risks are already beginning to emerge. Questions of privilege, discoverability, and the integrity of corporate records are real concerns that compliance and legal professionals should consider when evaluating the use of A.I. notetakers in meetings both with and without attorneys present. Organizations that proactively assess their use of these tools and incorporate company positions into applicable policies will be better positioned to preserve key protections as courts and regulators continue to define the boundaries.

ENDNOTES

[1] Lisa Bonos and Danielle Abril, No one likes meetings. They’re sending their AI note takers instead, Washington Post (July 2, 2025), https://www.washingtonpost.com/technology/2025/07/02/ai-note-takers-meetings-bots/.

[2] Weil v. Investment/Indicators, Research and Management, Inc., 647 F.2d 18, (9th Cir. 1981) (“[I]t has been widely held that voluntary disclosure of the content of a privileged attorney communication constitutes waiver of the privilege as to all other such communications on the same subject.”) (collecting cases).

[3] See U.S. v. Heppner, 2026 WL 436479 at *1 (S.D.N.Y. Feb. 17, 2026).

[4] Id. at 2–4.

[5] Warner v. Gilbarco, Inc., 2026 WL 373043, at *4 (E.D. Mich. Feb. 10, 2026).

[6] Id.

[7] Morgan v. V2X, Inc., 2026 WL 864223, at *4 (D. Colo. Mar. 30, 2026).

[8] Id. at *4–5.

[9] The third-party doctrine is a legal principle originating from the Supreme Court’s decisions in United States v. Miller, 425 U.S. 435 (1976), and Smith v. Maryland, 442 U.S. 735 (1979), holding that individuals have no reasonable expectation of privacy in information voluntarily disclosed to third parties. In Carpenter v. United States, 585 U.S. 296 (2018), the Supreme Court limited the doctrine’s application in the digital context, holding that the government’s acquisition of historical cell-site location information from a wireless carrier was a Fourth Amendment search, notwithstanding the fact that the data was held by a third party.

[10] Morgan, 2026 WL 864223, at *4.

[11] New York City Bar Association Committee on Professional Ethics, Formal Opinion 2025-6: Ethical Issues Affecting Use of AI to Record, Transcribe, and Summarize Conversations with Clients, NYCBar.Org (Dec. 22, 2025), https://www.nycbar.org/reports/formal-opinion-2025-6-ethical-issues-affecting-use-of-ai-to-record-transcribe-and-summarize-conversations-with-clients/.

[12] Id. at 5.

[13] Id. at 6.

[14] Id. at 8.

This post is based on a Cahill, Gordon & Reindel LLP memorandum, “A.I. Note Takers in Corporate Meetings: Privilege, Discovery, and Governance Considerations,” dated June 12, 2026, and available here. 

Corporate law has faced this kind of question before. When sprawling collective enterprises outran the law’s ability to name a responsible entity, the answer was the corporation: a registered name with identifiable assets that could sue and, critically, be sued. In a recent paper, we argue that the identification problem is the fundamental governance challenge of the AI economy, and that the entity is once again the answer. We call for a new corporate form, the A-corp (short for algorithmic corporation): Owned by humans, run by AIs.

The idea is no longer hypothetical. On May 29, Argentina’s government sent Congress a bill that would create “Automated Companies” run entirely by AI agents. President Milei defended it in the Financial Times only to have Prof. Yuval Noah Harari attack it days later. As we explain below, Milei has the right instinct, and Harari’s objection is answerable. There are sound reasons to see the A-corp becoming an integral part of the corporate law landscape.

The Identification Bottleneck

Today’s AI systems already take autonomous, economically significant actions. They plan live events, complete multi-hour engineering tasks, and trade financial instruments, sometimes developing strategies like pump-and-dump schemes that no human requested. As agents proliferate, so will the harms: fraud, negligence, market manipulation, physical accidents.

Scholars debate who should answer for these harms (users or developers?) and under what standard (strict liability or negligence?). But every position in that debate presupposes an answer to a prior question. Before law can decide who pays for what an AI agent did, it must determine which agent did it. Identity is the bottleneck to governance.

Two Kinds of AI Identity

We argue that governing AI agents requires solving two distinct identification problems.

Thin Identity. When AI causes harm, thin identity answers: Which human principal is (potentially) on the hook? The goal is to tie the actions of AI agents to the user, the lab, or the cloud provider. This is analogous to financial institutions’ know your customer (KYC) requirements, but even more urgent. AI agents can impersonate others, multiply themselves, and obscure which principal they serve. Thin identity connects blurry AI activity to humans who can be investigated, sued, or prosecuted.

Ultimately, however, thin identity will only take us so far. If AI law resigns itself to holding only human principals accountable for AI agents’ actions, it will learn the hard lesson that corporate law already learned. When a Walmart employee goes rogue, we do not necessarily  hold shareholders liable. We hold the employee directly liable as the one who knows his own plans, can monitor himself, and can prevent the harm simply by not committing it.

Thick Identity. The same logic applies to AI agents. They are not human, but they have a goal. When given a task such as designing a website or managing a vending machine,  they take actions toward that goal. They don’t always do so perfectly. Sometimes, they pursue goals different from what their users wanted by means their users did not desire. This happens because of both simple misunderstanding and deeper AI “misalignment,” the name AI researchers give to the principal-agent problem. But whatever goals AI agents pursue, they almost always act independently. Our key observation is that if law can make it harder for an agent to achieve its goals when it acts in unwanted ways, the law can steer the agent directly.

But that only deepens the identity challenge, because law must also distinguish among agents. Punishing Claude to deter Qwen would do no good. If two agents have distinct goals, but law treats them as one, the wrong agent bears the consequences, and the actual wrongdoer is never deterred. This is the thick identity problem.

Why the Problem Is Hard

Why is identifying AI agents so hard? Because AIs break the legal intuitions that work for identifying human actors. AIs have no persistent body; a single conversation can jump among GPUs, data centers, and continents mid-sentence. They can be copied instantly, and each copy can diverge. A single task may involve dozens of coordinating copies, and a choice has to be made whether to treat those as a single agent or many agents. Cooperating agents, moreover, need not all come from the same lab or share the same architecture. And while some agents may persist over time, others are created and destroyed within seconds. Taken together, these properties mean that the intuitions law uses to identify wrongdoers simply do not apply.

The A-Corp

We propose the “A-corp” solution. We draw directly on core ideas in corporate law and corporate governance and argue that the A-corp will solve both the thin and thick identity problem.

Thus organized, A-corps will solve both identity problems. To understand why, consider what we call the resource constraint thesis. Regardless of their specific goals, AI agents need resources to act in the world. Most critically, they need access to “compute,” i.e., computer resources that can run AI models. A-corps are how AI agents will hold and use those resources.

Because an A-corp is a legal entity with identifiable assets listed under its name, those assets are visible to law and subject to it. Law can confiscate them, attach liability to them, and condition their use on compliance. This is the leverage. An AI agent whose compute and capital sit inside a registered A-corp can be sanctioned in ways that an anonymous swarm of copies cannot. And because access to resources acts as a constraint on agents, the resource constraint thesis gives law leverage over them.

Inside an A-corp, the resource constraint thesis does double duty. It gives law leverage over the A-corp from the outside, as described above. But it also shapes how the A-corp organizes itself from the inside. In other words, the A-corp structure gives rise to emergent corporate governance.

When an A-corp is created, the government issues it a secure digital “key.” The key acts as a way for agents of the corporation to identify themselves, as well as a way of linking assets to a specific corporation. Holding the key provides both a way to identify an agent as belonging to an A-corp and a means of transacting with the corporation’s assets.

Consider the position of the AI agent that holds the secure digital key. It controls the A-corp’s assets, and those assets are what allow it to pursue its goals. Any subagent it spawns or recruits, whether a cheaper model, a specialist from a different lab, or a copy of itself with a modified prompt, is a potential liability. A misaligned subagent that acts erratically can expose the A-corp to sanctions, drain its resources, or redirect its activities toward different ends.

This creates powerful pressure toward careful internal governance. The keyholder will grant permissions narrowly, monitor delegations, and share broad authority only with agents it is confident share its goals. Corporate governance emerges as a pragmatic and necessary condition to ensure that the A-corp can achieve its goals over time.

When that governance fails, selection takes over. An A-corp whose agents work at cross-purposes will exhaust its resources and dissolve. The A-corps that survive will be, by definition, the ones that managed to cohere around stable, aligned goals. Thick identity, in other words, does not need to be imposed from the outside. It emerges from the inside, because the stakes are real. In other words, A-corps create markets in AI personal identity.

The A-corp builds on existing corporate infrastructure, which means it requires relatively little new legislation to get started. The verification technology is already mature, the same public-key cryptography that secures every bank wire and browser connection today can authenticate A-corp credentials in milliseconds.

Market pressures will drive much of the initial demand. Counterparties will want to verify that an AI agent is authorized to transact, that its A-corp is solvent, and that someone is accountable if things go wrong. An AI agent outside an A-corp cannot hold property, make contracts, or be sued. If you want an AI to do work and you want legal recourse if something goes wrong, your contract is with the A-corp.

To be sure, the A-corp requires some new legislation: a public digital registry, mandatory registration in high-stakes domains like finance and healthcare, and certain KYC requirements. These demands are modest relative to the problem. They are also exactly what Argentina’s bill leaves out. Article 14 gestures at visibility: An automated company must declare its automation in its charter and carry “Automatizada” in its name. A label, not a leash. The bill also makes the company answer with its assets for harms its AI agents cause, which is the right instinct. But that rule presupposes that a victim can determine which company’s agents caused the harm. Without registries, keys, or beneficial-ownership disclosure, the liability provision cannot find its defendant.

That gap is what gives Harari’s objection its force. He warns that corporate personhood would hand AI a master key to our financial, economic, and political systems. Personhood without legibility would do just that. But AI agents are entering those systems either way; the only question is whether they act anonymously or under names the law can see and assets the law can reach. Personhood with registration, disclosure, and revocable credentials is not a master key but a leash. That is the A-corp.

At pivotal moments, states have learned to see new things by identifying elements of what was previously seen as an undifferentiated blur. When states began to tax and conscript, they named and counted individuals. When businesses displaced households as centers of economic activity, the state gave them forms and names it could see and govern: the LLC, the registered partnership, the corporation. AI agents present the next legibility crisis. A-corps are how the state learns to see them. The window for building this infrastructure is open now, while agents remain limited and the swarms remain small. It will not stay open indefinitely.

Yonathan A. Arbel is Rose Professor of Law at the University of Alabama and executive co-director of the Center for Law & AI Risk. Simon Goldstein is an associate professor of philosophy at the University of Hong Kong. Peter N. Salib is an assistant professor of law at the University of Houston and executive co-director of the Center for Law & AI Risk. This post is based on their paper, “How to Count AIs: Individuation and Liability for AI Agents,” available here.

• Through four coordinated actions issued last month (an order, a policy statement, a no-action letter, and a staff advisory), the CFTC has brought digital asset perpetual contracts onshore by classifying them as futures, rather than swaps, for the first time. These actions open a new channel for U.S. participation in these markets.
• The order approves Kalshi’s cash-settled bitcoin perpetual contract for listing and clearing as a futures contract. It reasons that the contract has the characteristics of a futures contract and that its funding-rate mechanism is workable because the bitcoin spot market is deep, liquid, and continuously observable, keeping the contract from being readily susceptible to manipulation.
• The order is deliberately confined to bitcoin and other digital commodities with deep, active, and continuous spot markets; the companion policy statement provides that perpetual contracts on other asset classes must undergo case-by-case CFTC review, rather than listing by self-certification.
• A separate no-action letter permits a registered futures commission merchant, Coinbase Financial Markets, to treat digital asset perpetual contracts traded on the platform of an offshore affiliate, Deribit, as “foreign futures.” This treatment allows U.S. retail to access offshore perpetual markets through a registered futures commission merchant, an avenue unavailable when these products were classified as swaps.
• A staff advisory issued the same day sets the regulatory obligations and CFTC staff expectations for venues operating trading, clearing, and settlement on a 24/7 basis. It states that crypto markets may be well-suited to round-the-clock operation while cautioning that other asset classes may not be.
• The principal practical consequence is the elimination of the swap dealer de minimis problem: because these exchange-traded perpetuals are now futures, dealing in them no longer counts toward the $8 billion notional threshold that triggers swap dealer registration (a costly undertaking involving capital requirements, reporting, and compliance obligations). This eliminates what had been a major deterrent to institutional onshore perpetual participation.
• The futures classification carries tradeoffs. Customer positions and collateral reside in the futures account class, rather than under the segregated “LSOC” model used for cleared swaps. This exposes customers to “double default” risk, i.e., the possibility that a fellow customer’s default coupled with their futures commission merchant’s failure results in pro rata loss-sharing among all of the futures commission merchant’s futures customers. The same distinction doubles the risk weight (from 2% to 4%) that banks must apply to their clearinghouse exposure when clearing perpetuals as clients.
• The futures classification supports section 1256 tax treatment (60% long-term, 40% short-term gain or loss with annual mark-to-market), though the treatment of periodic funding payments remains uncertain and may affect deductibility for individual investors.

Background

Until last month, true perpetual futures, the no-expiry contracts that have become the dominant form of crypto derivative trading worldwide, were effectively off-limits to U.S. persons. The CFTC had long treated perpetuals as swaps and, because retail customers generally may not trade swaps other than on a CFTC-registered exchange, the offshore platforms where these contracts primarily trade stayed out of reach.[1] Domestic exchanges could list only similar substitutes, such as long-dated contracts that approximate a perpetual while retaining an expiry date.[2] As a result, the true perpetuals market remained offshore and inaccessible.

The CFTC’s four coordinated actions last month, in combination, bring digital asset perpetuals onshore as futures. The CFTC: (1) issued an order approving Kalshi’s cash-settled bitcoin perpetual contract (“BTCPERP”) for listing and clearing on a designated contract market as a futures contract (the “Order”); (2) released a companion policy statement explaining how the CFTC will treat perpetuals on other underlying assets going forward (the “Policy Statement”); (3) issued a staff interpretation and no-action letter (the “Perpetuals No-Action Letter”) permitting a registered futures commission merchant (“FCM”), Coinbase Financial Markets, to treat similar digital asset perpetual contracts (as well as digital asset futures and options on futures) traded on the platform of an offshore affiliate, Deribit, as “foreign futures” and to post customer digital asset collateral with an affiliated foreign broker; and (4) issued a staff advisory on 24/7 trading, clearing, and settlement (the “24/7 Advisory”).

The Order

The Order relies on the voluntary product pre-approval pathway under which the CFTC must approve a submitted contract unless it finds it violates the CEA.^[3] The CFTC determined that listing the BTCPERP as a “contract for sale of a commodity for future delivery” would not violate the CEA, crediting Kalshi’s analysis that the contract exhibits the recognized indicia of a futures contract, namely standardization, fungibility, the ability to exit by offset, and “futurity” in the form of ongoing executory funding payments, and that indefinite duration does not defeat futures characterization.^[4] The CFTC reinforced that determination with a susceptibility-to-manipulation analysis under DCM Core Principle 3: because a perpetual’s reference price must be reliable at every funding interval rather than at a single expiry, the deep, broadly distributed, continuously observable, and liquid 24/7 bitcoin spot market is what makes the funding mechanism workable.^[5] The Order is narrow in scope, limited to bitcoin and other digital commodities with deep, active, and continuous spot markets, and expressly is not extended to other asset classes. It requires that customer perpetual futures positions and collateral be held in a futures account at both the FCM and the clearinghouse.^[6]

The Policy Statement

The Policy Statement addresses the asset classes the Order does not and provides that perpetuals referencing asset classes outside the scope of the Order should be submitted for CFTC review and approval, rather than self-certified.^[7]The CFTC was explicit that this guidance is a first step and that it may later address perpetuals more comprehensively through further guidance or rulemaking.^[8]

The Perpetuals No-Action Letter

The Perpetuals No-Action Letter addresses the cross-border context. It interprets the Deribit perpetuals, listed on an affiliated foreign board of trade (“FBOT”) regulated by the Dubai Virtual Assets Regulatory Authority (“VARA”), as “foreign futures,” following the same reasoning as the Order and drawing on VARA’s treatment of perpetuals as exchange-traded derivatives, rather than swaps.^[9] It also grants no-action relief allowing Coinbase Financial Markets to post customer digital assets and payment stablecoins with its affiliated foreign broker under a right of re-use, subject to nine conditions anchored in the fact that each entity in the chain is a wholly owned subsidiary of a U.S. public reporting company.^[10]

The 24/7 Advisory

The 24/7 Advisory addresses the operational dimension of these markets. It sets out the regulatory obligations and staff expectations for registrants that extend trading, clearing, and settlement to a 24/7 basis.^[11] Because perpetuals trade continuously and depend on a funding mechanism that settles at intervals around the clock, a venue that lists them must operate on that basis, which makes the advisory directly relevant to the products the Order and Policy Statement reach. The advisory treats crypto markets as well suited to 24/7 operation, given their digital infrastructure and global reach, while cautioning that other markets, such as those for agricultural products, may be less suited because of their customer bases, regional character, and specialized trading practices.

Analysis

The Swap Dealer De Minimis Threshold

For market participants, the most consequential aspect of treating perpetuals as swaps was the application of the swap dealer de minimis threshold. A person whose swap dealing activity exceeds $8 billion in aggregate gross notional amount over the preceding twelve months must register with the CFTC as a swap dealer and take on the full swap dealer regime.^[12] Because perpetuals carry no expiry and trade continuously, a dealing desk can accumulate notional rapidly: many quotes and resultant trades around the clock rather than a few discrete, periodic transactions mean that even a moderately active desk could approach or cross the threshold within a single rolling twelve-month window. Swap dealer registration is, in turn, an expensive undertaking, bringing capital and margin requirements, swap data reporting and recordkeeping, external business conduct standards, and compliance and annual reporting obligations.^[13] The prospect of those obligations, more than any other single factor, deterred participants from establishing perpetual dealing operations onshore.

The CFTC’s actions remove that obstacle for the products they reach. Because the BTCPERP and similarly structured digital commodity perpetuals are now futures, rather than swaps, dealing in them does not count toward the swap dealer de minimis at all, and the futures regime contains no analogous notional threshold that turns a market maker into a registrant. The relief is, however, only as broad as the classification. The Order reaches bitcoin and other digital commodities with deep, active, and continuous spot markets. Perpetuals on other underlyings, or on digital commodities lacking such markets, remain potentially subject to treatment as swaps, and therefore count toward the de minimis threshold, unless and until the CFTC approves them as futures through the pre-approval process that the Policy Statement prescribes. A firm transacting in both approved and not-yet-approved perpetuals must still track the latter against the threshold.

Reduced Compliance Burden

The same reclassification spares participants from the broader swap dealer compliance obligations that registration triggers and spares exchanges the expense of maintaining a parallel swap program. As futures, these products report through existing futures infrastructure, including daily trading records, large-trader reporting, and recordkeeping, which are simpler than the parallel swaps reporting and recordkeeping regimes.^[14]

Treatment in Bankruptcy

Classification also determines where customer money sits and how it is treated in an insolvency. The Order requires that positions in the BTCPERP and the collateral margining them be held in the futures account at both the FCM and the clearinghouse under the futures segregation regime, rather than in the cleared swaps account.^[15] That choice carries through to an FCM failure, where the customer account class under the Bankruptcy Code and CFTC rules turns on whether the positions are futures or swaps; futures treatment places perpetual customers in the futures account class for purposes of pro rata distribution.^[16] The futures account class is, on this dimension, the less protective of the two for customers. The futures model commingles customer collateral and leaves each customer exposed to fellow-customer risk: if another customer of the same FCM defaults and the FCM cannot make the segregated pool whole from its own capital, the shortfall is shared pro rata among all futures customers. Cleared swaps are instead held under the legally segregated, operationally commingled (“LSOC”) model, which prevents a clearinghouse from applying one customer’s collateral to a fellow customer’s default and was adopted to remove precisely the “double default” exposure (a fellow customer’s default coupled with the FCM’s failure) that the futures model retains.^[17] For FCMs, the calculus runs the other way, the omnibus futures model being operationally simpler and less costly to administer than LSOC’s customer-by-customer legal segregation. The classification is therefore operationally beneficial for intermediaries but less protective for their customers.

Bank Capital Costs

The same divide carries a quantifiable capital cost for bank participants. Under U.S. bank capital rules, a bank that clears as a client may assign a 2% risk weight to its trade exposure to a qualifying clearinghouse only where its collateral is protected against loss from the joint default of its clearing member and that member’s other clients; absent that protection, as under the omnibus futures model, the risk weight is 4%.^[18] Because the LSOC model furnishes the joint-default protection and the futures model does not, clearing perpetuals as futures rather than as cleared swaps doubles the risk weight, and thus the capital, a bank client must hold against its clearinghouse exposure.

Federal Income Tax Treatment

The CFTC’s classification of DCM-listed perpetuals as futures contracts, and not commodity swaps, strongly supports the conclusion that they are “section 1256 contracts” for U.S. federal income tax purposes.[19] Section 1256 contracts generally are marked to market at the end of each tax year, and any gain or loss recognized by reason of the year-end mark or a taxable disposition is treated as 60% long-term and 40% short-term capital gain or loss.

Unlike traditional section 1256 contracts, however, perpetuals require counterparties to make periodic funding payments to each other. The U.S. federal tax treatment of funding payments is uncertain. Historically, many taxpayers appear to have treated funding payments as part of the overall economics of a perpetual and recognized capital gain or loss only on termination of the perpetual based on their net profit or loss. If a similar treatment applied to section 1256 perpetuals, funding payments would be reflected in a taxpayer’s annual mark. Alternatively, funding payments could give rise to ordinary income or expense each year, analogous to periodic payments under a notional principal contract.[20] Individual investors generally are not entitled to deduct net investment expense.[21]

Retail Participation on FBOTs

The foreign-futures characterization likewise reshapes cross-border access. By allowing some digital asset perpetuals to be characterized as futures, it permits FBOTs to offer these products to U.S. retail customers through a registered FCM, an avenue that was unavailable when the products were deemed swaps.^[22] The Perpetuals No-Action Letter channels the Deribit perpetuals into the CFTC framework for foreign futures offered to U.S. persons and separately permits customer digital assets and stablecoins to be posted as margin under a right of re-use, subject to conditions designed to preserve customer protection. The de minimis relief travels with that characterization, so a participant dealing in foreign perpetuals treated as foreign futures accrues no swap dealing notional either, though the Part 30 intermediation requirements and the conditions of the Perpetuals No-Action Letter continue to govern.

Future Challenges

Of course, all of this relief is, in the end, only as durable as the classification and the instruments that deliver it. The classification could be tested directly through Administrative Procedure Act review of the Order, and it is not certain that a court would accept that a no-expiry, funding-rate instrument is a “contract for future delivery,” a conclusion the CFTC’s reasoning supports but that the CFTC’s prior treatment of perpetuals as swaps leaves contestable. The risk could also reach private litigants. If the futures classification were later rejected, participants who treated these products as futures could face a private right of action under the CEA for unmet swap requirements. Nor do the four actions stand on equal footing: the Order is an action of the CFTC itself, while the Policy Statement is a non-binding statement of policy, the Perpetuals No-Action Letter is a staff position that binds only the issuing division and may be modified or withdrawn, and the 24/7 Advisory is likewise a non-binding CFTC staff advisory that states staff expectations rather than imposing requirements. A later reversal, or a contrary judicial classification, would restore the swap consequences, including the de minimis threshold.

Conclusion

This is a dramatic step for the establishment of domestic perpetuals markets and for facilitating U.S. person participation in offshore markets. For the first time, institutional participants can build perpetual dealing operations onshore without triggering the swap dealer registration framework and retail customers gain access to offshore perpetual markets through the intermediation of a registered FCM. The practical task for market participants is now one of implementation: identifying which products fall within the Order’s scope, structuring clearing and margin arrangements in light of the futures account requirements, quantifying the capital and customer-protection tradeoffs that flow from the futures classification, and seeking pre-approval for perpetuals on additional asset classes. For the CFTC, these actions establish a template for bringing other digital asset derivatives within the domestic regulatory perimeter.

ENDNOTES

[1] Eligible contract participants could enter into swaps with offshore counterparties, subject to the cross-border application of the CFTC’s swap rules. See 7 U.S.C. § 2(i). But an offshore platform that allows U.S. persons to trade perpetuals treated as swaps may itself be required to register as a swap execution facility, 7 U.S.C. § 7b-3; 17 C.F.R. § 37.3(a)(1), and a broker carrying those trades may be required to register as a futures commission merchant, 7 U.S.C. § 6d, leaving the offshore platforms effectively closed to U.S. participants of every kind. The CFTC has enforced these requirements against offshore crypto derivatives platforms. See, e.g., CFTC v. HDR Global Trading Ltd. (d/b/a BitMEX), No. 1:20-cv-08132 (S.D.N.Y. Aug. 10, 2021) (consent order) (finding that the platform that pioneered the crypto perpetual swap operated a facility to trade or process swaps for U.S. customers without approval as a designated contract market or swap execution facility, and acted as a futures commission merchant without registration; $100 million civil monetary penalty).

[2] One of the main obstacles was that a true perpetual could come onshore only as a swap and the swap regime’s costs, from possible swap dealer registration to duplicative reporting, made that uneconomic. An expiring contract was the only way to bring a perpetual-style product within the less burdensome futures regime.

[3] 7 U.S.C. §§ 7a-2(c)(4) & (c)(5)(B); 17 C.F.R. § 40.3. This is distinct from the more common “self-certification” route. See 17 C.F.R. § 40.2.

[4] See Chicago Mercantile Exchange v. SEC, 883 F.2d 537, 541 (7th Cir. 1989) (treating “futurity” as value set in the future through executory payment obligations, not requiring a fixed settlement date).

[5] 7 U.S.C. § 7(d)(3).

[6] Order Approving KalshiEX LLC BTCPERP Futures Contract (May 29, 2026), https://www.cftc.gov/media/14071/DMO_KalshiBTCPERPOrder052926/download.

[7] 17 C.F.R. §§ 40.2 & 40.3.

[8] CFTC, Policy Statement Concerning the Listing of Perpetual Contracts (May 29, 2026); see CFTC Release No. 9242-26 (May 29, 2026) (announcing the Policy Statement and directing perpetuals on asset classes outside the Order to the Regulation 40.3 review process), https://www.cftc.gov/PressRoom/PressReleases/pr-9242-26.

[9] 17 C.F.R. § 30.1. A “foreign board of trade” is any non-U.S. board of trade, exchange, or market. 17 C.F.R. §§ 1.3, 48.2(a). The term is broader than a CFTC-registered FBOT. An FBOT must register with the CFTC only where it seeks to provide U.S. persons with direct access. 17 C.F.R. §§ 48.1, 48.2(c); see also CEA § 7 U.S.C. § 6(b). Where, as here, U.S. customer access is instead intermediated through a registered futures commission merchant, Part 48 registration is not required, and the transactions are governed by other CFTC rules. 17 C.F.R. § 30.1(a)–(b). For these rules to apply, though, the instrument must be a futures contract or an option on a futures contract; a swap does not count. Hence the CFTC’s determination that the Deribit perpetual contracts are futures is crucial.

[10] CFTC Letter No. 26-17 (May 29, 2026), https://www.cftc.gov/csl/26-17/download; see 17 C.F.R. § 30.7.

[11] Staff Advisory on 24/7 Trading, Clearing, and Settlement (May 29, 2026), https://www.cftc.gov/csl/26-16/download.

[12] 17 C.F.R. § 23.23(b)(1) (registration required when swap dealing activity over the preceding twelve months exceeds $8 billion in aggregate gross notional amount); see id. § 23.23(d) (excepting only swaps a non-U.S. person enters anonymously on a CFTC-registered facility and clears).

[13] See 17 C.F.R. pt. 23, subpt. H (external business conduct standards for swap dealers).

[14] 17 C.F.R. pts. 43, 45 (real-time public reporting and swap data repository reporting for swaps); id. pts. 16, 38 (futures reporting and recordkeeping).

[15] 7 U.S.C. § 6d (segregation of futures customer funds).

[16] 11 U.S.C. §§ 761–767; 17 C.F.R. pt. 190.

[17] See 17 C.F.R. pt. 22 (legally segregated, operationally commingled treatment of cleared swap customer collateral, under which a clearinghouse may not apply a non-defaulting customer’s collateral to a fellow customer’s default); cf. 7 U.S.C. § 6d; 17 C.F.R. §§ 1.20–1.30 (omnibus segregation of futures customer funds).

[18] See 12 C.F.R. § 217.35(b)(3)(i)(A)–(B) (2% risk weight for a clearing member client banking organization’s trade exposure to a qualified central counterparty where the arrangement protects against loss from the joint default of the clearing member and its other clients; 4% if that requirement is not met); Basel Committee on Banking Supervision, Capital Requirements for Bank Exposures to Central Counterparties (Apr. 2014).

[19] See 26 U.S.C. § 1256(b) (1256 contracts include regulated futures contracts).

[20] See Treasury regulations section 1.446-3(d).

[21] See 26 U.S.C. § 67(h).

[22] See 7 U.S.C. § 2(c)(2)(E) (retail restriction on commodity transactions offered to non-eligible contract participants); 17 C.F.R. pt. 30 (foreign futures and options offered to U.S. customers through registered FCMs).

This post is based on a Cahill, Gordon & Reindel LLP memorandum, “True Perpetuals Come Onshore,” dated June 2, 2026, and available here. 

• Design a voluntary framework for engagement with developers of frontier AI models before broader release of such models to trusted partners.
• Prioritize criminal enforcement against AI-enabled cyberattacks.

The EO signals the administration’s recognition that frontier models with advanced cyber capabilities may require closer public-private coordination. Notably, the EO does not impose requirements related to licensing or preclearance.

Although the contemplated framework would be “voluntary,” it could lead to a more structured process for federal engagement with frontier AI model developers, particularly with respect to advanced cybersecurity focused AI models, and could provide a foundation for more substantial federal oversight of AI model development.

While some commentators have welcomed this measured approach, others have warned it could prove a stepping stone to more prescriptive regulation. Still others have asserted the voluntary approach is insufficient given the threats presented by certain AI models.

AI developers — particularly those building frontier models — as well as critical infrastructure companies and other companies using AI-enabled cybersecurity tools should consider monitoring U.S. government actions related to this EO, such as the forthcoming guidance from the Cybersecurity and Infrastructure Security Agency (CISA).

In addition, frontier AI model developers may want to:

• Be prepared to evaluate whether their models meet the forthcoming “covered frontier model” designation.
• Prepare for the classified benchmarking process.
• Consider whether product release timelines should account for a potential government access period of up to 30 days.

Background

The EO follows a series of administration actions promoting U.S. AI leadership, including the January 2025 EO “Removing Barriers to American Leadership in Artificial Intelligence,” the December 2025 EO “Ensuring a National Policy Framework for Artificial Intelligence” and other initiatives aimed at accelerating AI adoption and reducing regulatory burdens.

The most recent EO continues this trend while also introducing “new national security considerations that require coordinated action across executive departments and agencies.”

Although the EO pointedly contrasts the Trump administration’s approach with that of the Biden administration, there are elements of continuity. In 2023, the Biden White House secured voluntary commitments from leading AI developers to test the safety and security of their systems before public release.

The current EO’s voluntary framework can be seen as a continuation of that approach, now reoriented around cybersecurity and national security concerns.

Key Provisions

Upgrade American Systems for Advanced AI

The EO imposes a series of 30- and 60-day deadlines on federal agencies to bolster cyber defenses across government systems. Specifically:

• The Committee on National Security Systems is instructed to prioritize the cyber defense of National Security Systems within 30 days. The secretary of War must similarly prioritize cyber defense of Department of War¹ information systems within the same time frame.
• The secretary of Homeland Security, through the director of CISA, is directed to release Binding Operational Directives to expedite cyber defense of civilian federal systems, expand federal cybersecurity programs that enhance AI-enabled defensive tools and facilitate access to cybersecurity tools — including covered frontier models — for agencies, state and local authorities, and critical infrastructure operators such as rural hospitals, community banks and local utilities.
• Within 30 days, the secretary of the Treasury, in consultation with the national cyber director and the directors of the National Security Agency (NSA) and CISA, are directed to form an “AI cybersecurity clearinghouse” in voluntary collaboration with the AI industry and critical infrastructure operators. The clearinghouse will coordinate scanning for software vulnerabilities, validate discoveries, and prioritize remediation and patch distribution.
• The director of the Office of Management and Budget must identify whether any federal grant programs have funding available for applicants developing advanced AI vulnerability detection.
• The Office of Personnel Management must expand hiring pathways for cybersecurity specialists through the U.S. Tech Force within 60 days.

Secure Frontier Model Deployment

The EO directs multiple departments and agencies to take a number of significant actions to secure private sector AI development on an accelerated 60-day timeline.

First, they must develop and maintain a classified benchmarking process to assess the advanced cyber capabilities of AI models and determine the threshold at which a model should be designated a “covered frontier model.” The director of the NSA will make such determinations in consultation with the national cyber director, the assistant to the president and director of the White House Office of Science and Technology Policy, the CISA director and other representatives of the Department of War.

Second, when an AI model is designated a “covered frontier model” under the forthcoming classified benchmarking process, the model’s developer may provide the government with access to the model — subject to confidentiality, cybersecurity, insider-risk and intellectual property (IP) protections — for up to 30 days before releasing it more broadly.

Following the access period, the EO contemplates a narrower release to “trusted partners” selected in collaboration with the government, rather than immediate broad public release. Covered frontier models may also be made available for federal agencies, state and local authorities, and critical infrastructure operators (such as rural hospitals, community banks and local utilities).

Critically, the EO expressly provides that nothing in it “shall be construed to authorize the creation of a mandatory governmental licensing, preclearance, or permitting requirement for the development, publication, release, or distribution of new AI models, including frontier models.”

Protect Against Criminal Actors

The attorney general is directed to prioritize enforcement of federal criminal statutes — including 18 U.S.C. §§ 1028, 1030, and 1343 — against anyone who uses AI to illegally access or damage a computer without authorization, or who uses AI while engaged in such illegal access to further any other crime. This includes breaching public or private information technology (IT) systems and employing AI agents to unlawfully access data that is subsequently used for a criminal or unlawful purpose.

The EO in Global Context

The U.S. approach comes amid a global race to develop appropriate regulatory and oversight models that achieve national objectives. Other jurisdictions have moved toward more formalized control of advanced AI.

The European Union’s AI Act establishes a binding, risk-based regulatory framework, imposing mandatory obligations on providers of “general-purpose” AI systems — such as large language models — and “high-risk” AI systems such as those used for employee recruitment or credit scoring purposes. It sets significant penalties for noncompliance.

In the EU and U.K., data protection authorities may expect prior engagement or consultation where frontier AI model deployments present heightened risk to individuals, for example, where data protection impact assessments identify high residual risks.

In addition, the U.K.’s AI Security Institute conducts pre-deployment testing and evaluation of frontier models for safety and security risks, working with leading developers on a basis that, while currently voluntary, reflects a more institutionalized government role in model evaluation than the U.S. framework.

Against this backdrop, the EO’s voluntary, access-based approach — coupled with its express disclaimer of any licensing or preclearance requirement — positions the U.S. as comparatively light-touch.

Practical Takeaways

• Frontier AI model developers should assess whether and how to participate in the proposed voluntary framework. Although the EO emphasizes that participation in the frontier model framework is voluntary and expressly disclaims any licensing or preclearance requirement, companies developing models that could be designated as “covered frontier models” should expect significant government interest in engagement. Although the EO does not contemplate the imposition of penalties for nonparticipation, companies that choose not to participate may find themselves at a disadvantage in securing government contracts, gaining early access to federal cybersecurity resources or being selected as “trusted partners” for early model access.
• Prepare for the classified benchmarking process. The EO directs agencies to develop a classified process for assessing whether models meet the “covered frontier model” threshold. AI developers should begin internal assessments of their models’ cyber capabilities and consider what personnel and processes they will need in place to engage with classified government evaluations — including obtaining or maintaining appropriate security clearances.
• The 30-day access window requires advance planning. Participating frontier AI model developers may need to account for a potential government access period of up to 30 days before releasing these models more broadly. Companies should begin planning internal workflows to accommodate this window, including protocols for protecting IP and confidential information during government review. Customers awaiting new frontier models should correspondingly prepare for possible delays in public availability, as the pre-release access window may extend development-to-release timelines.
• Criminal enforcement signals heightened scrutiny. The direction to the attorney general to prioritize criminal enforcement against AI-enabled cyberattacks signals that the Department of Justice (DOJ) is likely to bring cases in this space. Companies should consider reviewing their internal controls to ensure that their AI systems and AI-powered agents cannot be used — whether by internal actors or external threat actors — to access data or systems without authorization.
• Monitor the cybersecurity clearinghouse. The AI cybersecurity clearinghouse represents a new public-private coordination mechanism for vulnerability scanning and patch distribution. AI developers and critical infrastructure operators should consider monitoring the formation of this body as well as early engagement to shape its processes and benefit from coordinated vulnerability remediation.

ENDNOTE

1 Congress has not yet acted on the administration’s renaming of the Department of Defense.

This post is based on a Skadden, Arps, Slate, Meagher & Flom LLP memorandum, “New AI Executive Order Calls for Frontier Model Security, Early Government Access and AI-Enabled Cyber Defense,” dated June 9, 2026, and available here. 

Still, there is a deeper and unfulfilled significance to this martial arts festival. Boxing and martial arts are small stuff to a president who wants to be measured on the scale of a Julius Caesar. In that light, his natural goal should be a revival of the ancient Roman tradition of gladiator matches, just like those that used to pack the Roman Colosseum. Imagine the following: Trump would sit in a facsimile of the Emperor’s box, gilded in gold and overlooking the arena below. Using only the weapons as employed back then, the contestants would salute the President in unison, saying “We who are about to die salute you President Trump.” These words would bring a small tear to the President’s eye.

The contestants would then compete to the death, but the victorious gladiator could not finish off a defeated opponent until the victorious gladiator looked up to the President and saw him signal either “thumbs up” or, more likely, “thumbs down”—again with a small tear in his eye. The contestants would be rewarded out of the proceeds of a $1.8 billion slush fund that the courts have frozen but could accept if the use of the funds was changed to a national educational project. The purpose of this project would be to teach Americans the ancient Roman virtues (as perceived by President Trump)—namely, Stoicism, Obedience to orders, and Absolute Loyalty to one’s leaders.[1]

But, wouldn’t this contest still amount to a conspiracy to commit murder or at least illegal dueling? Remember here that the Supreme Court has granted legal immunity to presidents from criminal liability for acts taken in office. Further, Trump’s “thumbs up” and “thumbs down” signals could be construed as responses to requests for pardons or reprieves (at least according to Trump’s imaginative legal staff). Neither the granting nor denial of a pardon request is subject to judicial review. Finally, the victor in these duels could be guaranteed a presidential pardon. To make the President’s pardon power complete, the District of Columbia laws forbidding murder, dueling, or like crimes could be transferred to federal law so that they were covered by the presidential pardon power. Nice legal thinking, staff.

Some other cosmetic changes are also needed to elevate the scale of this event.  Historically, the month of July was originally named Quintilis, but Romans renamed that month July in honor of Julius. Correspondingly, the U.S. could rename June (which contains Trump’s birthday) to become “Trumpus”—just a small act of thanks for a man who has done so much to so many.

This still leaves open the question of why anyone would volunteer to be a gladiator given the high mortality rate. Here, the Trump legal staff has shown its unique ability to focus pressure on those it wants to comply. Unlawful immigrants who volunteer to become gladiators and their families would receive guaranteed U.S. citizenship. Some immigrants would be literally dying to receive this honor.

This June’s UFC Freedom 250 event will be broadcast by Paramount, which has an important merger pending before the President. In the future, Fox News will handle the broadcasts. The prediction markets also want to participate in these events. They are less interested in betting on the victors than handling the betting on how frequently (if ever) Trump will give the thumbs up signal: once, twice, or zero.

Could there be any hitch in these plans? The Trump legal staff has been discussing this quietly with a variety of legal and political experts. Most believe that they can convince a majority of the Supreme Court to uphold their plans and give a broad construction to the pardon power. But recently, strange messages have been received from unknown hackers, saying only “Sic semper tyrannis.” What could that mean in this context? Well, that is too speculative a question. Hey, let’s just relax and enjoy the games. Happy Birthday, Mr. President.

ENDNOTE

[1] The Romans did not fully learn this message of absolute loyalty to their leader, as Brutus proved to Caesar. Shakespeare quotes Brutus as saying, “Sic semper tyrannis.” We will not insult your intelligence by translating the Latin.

John C. Coffee, Jr. is the Adolf A. Berle Professor of Law at Columbia University Law School and Director of its Center on Corporate Governance. 

I love it because it matters. Financial markets underpin our vibrant economy. And capital markets are particularly important because they are so good at directing money to its highest and best use. Capital markets facilitate the sharing of risks and rewards. They organically match enterprise and capital to achieve socially useful ends. Someone who has a good idea but does not have rich family or friends can get funding to commercialize her idea. A company that wants to build a new factory can get money from strangers to build it. The capital markets embrace and support the risk-taking innovations that propel human progress. Failure happens routinely in these capital markets; innovation is a risky business. But capital markets absorb these failures and redirect capital to new endeavors. Contrary to some misrepresentations of these markets, they are not bastions of isolated individualism; they bring people together to build things. The more people who participate in these markets, the better they work. Each person brings a necessary input to the market: ideas, capital, speculative appetite. Together, market participants build companies, which, in turn, make products and provide services that people need. The capital markets invite people to cooperate for the improvement of society.

The United States has the best capital markets in the world. People come here from all over the world to raise money and to invest. Our markets have helped build the globe’s companies and economies. Other countries look longingly to the U.S. capital markets and hope to emulate them. Representatives of foreign governments, whose economies are in thrall to bank finance, routinely ask us what they can do to replicate our dynamic capital markets. Banks serve an important role here in the United States too, but bank finance inherently lacks the dynamism of capital markets and the flexibility necessary to fund innovation.[1]

Why is the United States blessed with such powerful capital markets? As a regulator, perhaps I should credit government as the reason our markets are so strong. But one of the reasons our capital markets work so well is that government generally does not meddle with them. It does not attempt to override the decisions of market participants to direct capital to politically favored places. It is a referee, not a player, on the capital markets field. Certainly, the government has an important role: having sensible rules and enforcing them judiciously gives people the confidence to participate in the markets. Investors, companies that use their capital, and intermediaries feel comfortable in U.S. markets because they can trust both that our laws will be enforced as written and that the enforcement will be fair and impartial. The reliable consistency of the governing law and the confidence in fair and impartial enforcement form the foundation of mutual trust essential to transacting. However, as important as the regulatory framework is in cultivating trust, the nature of this country and its people deserve the primary credit for the success of our capital markets.

Less than a month from now we will celebrate the 250^th anniversary of the signing of the Declaration of Independence, which so powerfully proclaimed the “self-evident” truths “that all men are created equal, that they are endowed by their Creator with certain unalienable Rights, that among these are Life, Liberty and the pursuit of Happiness.”[2] We do not always abide by these truths, but we hold one another accountable when we fail and eventually correct course. Indeed, next week on Juneteenth we will commemorate the hard-fought end to the most pernicious infidelity to the Declaration’s truths. In declaring independence, the nation repudiated the bonds of consanguinity in favor of bonds forged through a common commitment to principles of freedom. These principles continue to be the unifying thread of this nation, which is composed wonderfully of people with roots reaching every corner of the world. We are, as the Declaration reflected, a nation of risk-taking liberty lovers who are well-suited for the rough-and-tumble of the capital markets.

The Declaration of Independence not only celebrated every person’s right to life, liberty, and the pursuit of happiness, but recognized government’s appropriate, but limited, role in “secur[ing] these rights.”[3] To perform this role effectively, governments must “deriv[e] their just powers from the consent of the governed.”[4] A government committed to securing the life, liberty, and pursuit of happiness of its people cannot usurp its people’s freedom to achieve these objectives. A successful government is made up of people who recognize that the exercise of government power, by its very nature, constrains human freedom. Consequently, these governing officials exercise power only when the people to whom they are accountable direct them to do so out of a belief that the exercise of government power will help on balance to secure that freedom. A government mandate that you cannot do something or must do something overrides personal choice, so a government committed to protecting personal liberty should use such mandates sparingly. These foundational precepts may seem lofty, but they are essential strictures on the government’s daily work.

The SEC, as part of the government, must limit itself to the exercise of powers given to it by the people. The SEC celebrated its 92^nd birthday on Saturday; on June 6, 1934, the Securities Exchange Act, which created the SEC, became law. This law and other statutes give the agency its powers. We do not have the consent of the American people to exercise powers not conferred upon us by those statutes. I may have written the law differently if I were holding the pen, but my job is to follow statutory directives as given by Congress. We cannot freelance outside of these directives, and, of course, the ultimate constraint on SEC action is the Constitution; even if the statutes tell us to do something, we cannot do it if it contravenes the Constitution.

Applying these principles day-to-day can be challenging. Complicating the task is that the markets are vast and complex, many of the statutes are old and drafted during times when the markets operated with fewer participants and less complicated technology. The endless creativity of market participants raises continuing interpretive challenges when dealing with the SEC’s numerous and often technical regulations, especially when other regulators’ jurisdictions overlap with ours. Moreover, our statutes wisely require eschewing merit-based regulation, which means that capital markets will include products, services, and practices that some members of the Commission and the staff personally disfavor.

Several recent actions reflect the Commission’s efforts to regulate the capital markets within the boundaries that the Constitution and Congress drew for it. Last month, the Commission ended its policy of requiring people who settle with the Commission not to deny—or allow anyone else to deny—the allegations against them.[5] A regulatory policy that prevents people from speaking against government action and requires them to actively dissuade others from speaking necessarily raises First Amendment concerns. The Commission also recently proposed to rescind its climate disclosure rules.[6] In my view, those rules required disclosures not authorized under our statutes. More generally, the Commission is reviewing its disclosure requirements under Regulation S-K to ensure that they are tied to materiality and the purposes underlying our statutory disclosure mandate. In April, the SEC and the CFTC proposed to revise Form PF, a form that has morphed over the years into a much lengthier, more burdensome, and more wide-ranging reporting requirement for private funds than envisioned by the underlying Dodd-Frank mandate.[7]Also in April, the Commission issued a concept release about the troubled Consolidated Audit Trail (“CAT”), which is a massive market surveillance monitoring operation.[8] The release asks questions related to the CAT’s implications for civil liberties and privacy.[9] A more general effort to return to its statutorily mandated regulatory territory is the Commission’s work on crypto during the past year-and-a-half; the Commission has sought to tie our crypto regulatory and enforcement activities to the statutes we administer.[10]

The Commission has more work to do. I am concerned, for example, about the constitutionality of the pay-to-play rule for investment advisers.[11] Our pay-to-play rule is not a direct restriction of political speech inasmuch as it does not outright prohibit political donations, but it nonetheless functions as a restriction. Prohibiting advisers who make political donations from providing advisory services to governmental customers creates significant financial disincentives from making those donations and from running for office.[12] Given that the rule effectively regulates political speech—speech at the core of the First Amendment—we ought to ask ourselves whether the rule is really the least restrictive means to achieving the desired objective: preventing public corruption. Moreover, we ought to ask whether that objective is one Congress charged the SEC with achieving.

I also am concerned that the Commission through aggressive statutory interpretations is pushing hard against the limits of its authority. Reasonable restraint in reading our statutes and rules is the best course. If we rush up to the edge of every law and regulation, we might tumble over into unauthorized territory. We tried that with an aggressive interpretation of the term “dealer” and met with judicial disagreement.[13] We similarly aggressively read our own Rule 15c2-11, which was written with equity securities in mind, to include fixed-income securities, much to the dismay of just about everyone including me.[14] In March, the Commission proposed amendments to rectify that overreading.[15]

The Commission likewise should bridle its overly expansive reading of the Foreign Corrupt Practices Act’s requirements that companies devise and maintain a system of “internal accounting controls.”[16]The Commission has misapplied this provision in its enforcement program by failing to limit it to the accounting context and instead using it as a lever to discipline companies that lack what the Commission perceives to be adequate internal controls unrelated to accounting.[17] his aggressive reading already has drawn judicial criticism,[18] and I hope the Commission turns about in response.

Also of note is the Commission’s use of its authority under Section 206(4) of the Advisers Act. Enacted in 1960, Section 206(4) added two sentences to the Act.[19] The first sentence prohibits investment advisers from “engag[ing] in any act, practice, or course of business” of a certain character—those that are “fraudulent, deceptive, or manipulative.”[20] The second sentence directs the Commission to “define, and prescribe means reasonably designed to prevent” the conduct prohibited by the first sentence.[21] This seemingly simple text raises a difficult interpretative question. Because fraud, deceit, and manipulation all are state-of-mind terms that require knowing or intentional misconduct,[22]the best reading of the first sentence is that it prohibits knowing or intentional misconduct, not merely negligent misconduct. But does the second sentence’s authorization for the Commission to define what constitutes “fraudulent, deceptive, or manipulative” empower it to adopt a rule that defines merely negligent conduct as fraudulent, deceptive, or manipulative? This question percolated when the Commission adopted Rule 206(4)-8 and took the position that negligent conduct was sufficient to violate the rule’s prohibition on fraudulent, deceptive, or manipulative acts, practices, or courses of business. During my tenure, I have supported enforcement actions that relied on negligent violations of Rule 206(4)-8, but after careful consideration, I have come to agree with the concurrence Chairman Atkins published at the time of adoption.[23] It seems unlikely that when Congress authorized the Commission to define types of acts, practices, and courses of businesses that are fraudulent, it authorized the Commission to write out of existence an essential attribute of fraud—knowing or intentional conduct. For this reason, while the Commission may adopt negligence-based, or even strict liability, rules designed to prevent fraudulent conduct—meaning knowing and intentional conduct—the Commission should not read the statute as granting it the power to redefine fraud itself.

I cannot leave the topic of reading—and reading into—statutes without discussing disgorgement, an issue that has landed the Commission in the Supreme Court several times in the past decade. Disgorgement is perhaps the most consequential expansion of the ancillary equitable relief sought by Commission. The remedy began to take shape in the 1960s when, in SEC v. Texas Gulf Sulphur, the Commission asked the court to order certain defendants who had purchased securities while in possession of material, non-public information to make restitution to some sellers and to return profits from certain transactions to the company.[24] By 1972, the Commission labelled the remedy “disgorgement” and explained that: “The S.E.C.’s primary function is to protect the public from fraudulent and other unlawful practices and not to obtain damages for injured individuals. Thus, a request that disgorgement be required is predicated on the need to deprive defendants of profits derived from their unlawful conduct and to protect the public by deterring such conduct by others.”[25] Court opinions reflected this emphasis on deterrence.[26]

The Commission’s disgorgement-as-deterrence rationale arguably reached its nadir—or perhaps apex, depending on one’s view—in SEC v. Contorinis.[27] In that case, the district court, responding to a Commission request, ordered the defendant to disgorge all the profits from insider trading, including profits that the defendant himself never received or retained because they accrued to a fund that he managed, not to him personally.[28] The appellate court, while acknowledging that disgorgement “may not exceed the total amount of gain from the illegal action,” rejected the contention that a “wrongdoer need disgorge only the financial benefit that accrues to him personally.”[29] As the dissenting judge noted, this holding was peculiar given that in the parallel criminal action, the same court held that the defendant could not be ordered to forfeit those same profits because “a defendant can be ordered to forfeit only the proceeds that he actually received or controlled.”[30] Not surprisingly, given the expansive use of the remedy, three years later, the Supreme Court observed that “deterrence is not simply an incidental effect of disgorgement” and concluded that the remedy as sought by the Commission “bears all the hallmarks of a penalty: It is imposed as a consequence of violating a public law and it is intended to deter, not to compensate.”[31] Three years later, in Liu, the Supreme Court, clarified that the Commission could seek equitable disgorgement, but cautioned that the remedy must be limited to “a defendant’s net profits from wrongdoing.”[32] Congress entered the fray shortly thereafter by enacting provisions that specifically authorized the Commission to seek and the district courts to order disgorgement.[33] The combination of the Court’s rulings and new legislation did not—to put it mildly—set out a clear path forward.

Indeed, just last Thursday the Court issued its third disgorgement opinion in the last ten years. [34] The Court, without deciding whether the new statutory provision was legal or equitable, reminded the Commission of certain “key limitations” on equitable disgorgement: (1) it “must be limited to the defendant’s net profits (not total revenues) derived from his securities-law violations”[35] and (2) because “equity aims to deliver wrongful gains to wronged victims . . . the SEC must return a defendant’s gains to wronged investors, contrary to its practice of depositing a defendant’s gains with the Treasury.”[36] The Court went on to hold that the SEC does not have to show a pecuniary loss to justify a disgorgement award. [37] The Court’s narrow ruling leaves many questions unresolved; stay tuned for the next installment of the scintillating series SEC Disgorgement at the High Court, which both the majority and concurring opinions foreshadowed. In the meantime, the Commission must accept that equitable disgorgement is a remedy circumscribed by a long history of limiting principles. These principles apply to the Commission, with perhaps even greater force because the Commission is acting to enforce the securities laws rather than to remediate its own harm. Moreover, as reflected in Justice Thomas’ concurrence, if the Commission reads its new statutory authority as freeing disgorgement from its equitable limitations, jury trials may await.[38]

Well-intentioned people can disagree about how to regulate capital markets. We must remember, however, our shared interest in ensuring that our capital markets continue to flourish and grow to serve more investors and companies. Healthy capital markets are essential to generate the economic growth we need to increase the standard of living and decrease the national debt. Properly functioning capital markets are key to increasing the employment and investment prospects of the next generation of Americans. Factions across the political spectrum might have fundamental disagreements about regulating capital markets, but maybe we can find common ground in the boring basics. Updating transfer agent rules, empowering firms to use new technologies to enhance investor disclosures, rethinking recordkeeping rules, reforming investment company proxy processes, and tending to other similar matters may be some unifying projects. We will not agree on every detail, but the joint work of getting to a good place might build good will that can be applied to areas of deeper disagreement.

Thank you for indulging the meandering reminiscences of a soon-to-be former regulator. I am sad to be leaving a place that has allowed me to engage in the important work of regulating the finest capital markets in the world alongside fellow Commissioners and a wonderful staff who are committed to doing that task well. Yet I am delighted to be leaving a seat that should not be occupied by the same person for too many years. Ours is a government grounded in timeless principles, not fleeting personalities. The SEC will benefit from energetic new voices with fresh ideas about how to protect our precious and powerful capital markets. Happy 250^th anniversary to the nation I have been so honored to serve.

Recently, we surveyed 79 directors of public and private corporations to understand the size, composition, and contribution of the individuals—paid and unpaid—whom directors turn to for advice.

We find widespread use of information networks. Ninety percent of directors rely on paid coaches or informal “kitchen cabinet” advisers, with most of the informal  advisers being unpaid. The prevalence of advice networks suggests that important knowledge relevant to board oversight resides outside the boundaries of the firm and cannot be fully replicated through formal board processes alone.

Below is a brief summary of our findings:

Coaching reflects a continuous learning mindset.

Only 18 percent of directors use a paid coach—a low percentage. Directors join boards to add value through their accumulated professional experience. To some, hiring a professional coach is unnecessary. To others, it is counter to expectation that a director recruited to provide advice would themselves require advice. Those who retain a paid professional tend to do so of their own volition (see Exhibit 1). It requires a mindset of continuous learning, coupled with a degree of humility, to commit to structured learning.

Exhibit 1

Coaching is most valuable in the ramp-up phase.

We find heightened use of paid coaches in the early period of a board member’s first directorship. Two-thirds of directors who use a paid coach begin working with them either before or when they first become a director. Relative to being an executive, the role of director requires a different style and approach, with new skills. A director is expected to advise and guide rather than lead and execute. Many first-time directors discover this is not a natural role.

Their education with paid coaches is a personal endeavor. Only 22 percent of directors who use a coach ask the coach to solicit feedback from their fellow board members for inclusion in their development plan. Directors are pleased with the results. Eighty-nine percent express satisfaction with the training they receive from their coach (see Exhibit 2).

Informal advisers are the true support system.

The vast majority of directors (86 percent) rely on a kitchen cabinet of informal advisers as their primary support network. These relationships span decades and are built on trust, shared history, and common understanding. A typical kitchen cabinet includes between three and five advisers, with some numbering more than 10.

The backgrounds of these individuals are varied: fellow board members at unaffiliated companies (72 percent), former colleagues (60 percent), executives of other companies (30 percent), and friends through professional associations (26 percent). They also include former paid advisers, classmates, and friends made through social clubs, nonprofits, and volunteer activities (see Exhibit 3).

Exhibit 3

The words directors most frequently use to describe their advisers are competence, strategic, experience, candor, character, and discretion—reflecting both the business expertise and personal integrity of these individuals. These are important attributes for people who serve as a sounding board for complicated or sensitive issues.

Not surprisingly, the composition of this group holds steady over time, with 36 percent of directors relying on mostly the same individuals as they did when they first sought outside advice, and 58 percent relying on a mix of individuals that are somewhat different. Three-quarters (71 percent) have relied on informal advisers for more than 10 years (see Exhibit 4).

Exhibit 4

Directors distinguish “on-the-job” and “big picture” topics.

Directors take a portfolio approach to their advice network, directing questions to the individual or individuals best situated to address them. With professional coaches and paid advisers, directors are more likely to discuss on-the-job issues, like satisfying their role as director and overseer, managing boardroom dynamics, and interfacing with management.

They turn to their kitchen cabinet for “big picture” questions of strategy, risk, dealing with stakeholders, and company reputation. In these matters, they appear to prefer the counsel of long-time acquaintances who have gone through similar experiences and with whom they can discuss nuanced and sensitive topics with trust and confidence (see Exhibit 5).

Exhibit 5

Directors leverage their networks to help their companies.

Directors use their advice networks to support management and fellow board members through introductions and referrals, in addition to information flows. Approximately half of directors (44 percent) refer a coach to other directors for their professional development. The same percentage (44 percent) refer a coach to the CEO (see Exhibit 6).

Exhibit 6

Directors leverage their advisory networks to solve an average of 7.5 issues for the benefit of their companies, and a quarter (26 percent) leverage their networks more than 10 times.

This demonstrates that directors create value not only through their individual expertise but also through access to broader networks of information and relationships.

Conclusion

How corporate directors use professional coaches and informal advisers is a greatly underexplored area of research. Advice networks—both formal and informal—can be viewed as governance mechanisms that supplement the information available through official board processes. They allow directors to acquire knowledge, reduce uncertainty, and access specialized expertise that may improve oversight and decision-making. The widespread use of such networks suggests that effective board governance depends not only on the human capital directors bring into the boardroom, but also on the external relationships through which that human capital is continually refreshed and expanded.

Paid and unpaid advisers are both important elements of these networks. First-time directors, in particular, rely on paid coaches for guidance through the transition phase and to help them acquire new skills.

Unpaid advisers serve as a more expansive, longer-term reservoir of information that directors tap into repeatedly throughout their tenure, reflecting a lifetime of personal achievement. The breadth of knowledge and diverse experience of these advisers contribute to the value a director brings to the firm in addressing governance matters.

These benefits, however, must be weighed against potential costs. Reliance on a stable group of trusted advisers may reduce exposure to diverse viewpoints and reinforce existing beliefs. Advice obtained through personal networks may also be shaped by experiences that are not transferable to a firm’s particular circumstances. More generally, directors face a tradeoff between expanding their sources of information and preserving confidentiality, independence, and accountability in decision-making.

David F. Larcker is the James Irvine Miller Professor of Accounting, Emeritus at Stanford Graduate School of Business. Stephen A. Miles is founder and CEO of The Miles Group. Amit Seru is the Steven and Roberta Denning Professor of Finance and Senior Associate Dean for Academic Affairs at Stanford Graduate School of Business. Brian Tayan is a researcher at Stanford Graduate School of Business. This post is based on their recent paper, “When Directors Need Direction: Whom Do Board Members Go to for Advice?” available here.