When Does a Fintech Platform Become a Broker?
Key Takeaways
A fintech platform can trigger introducing broker obligations based on what it does in practice, even if it describes itself as a software provider or technology platform.
CFTC No-Action Letter No. 26-09 allows certain fintech platforms to facilitate access to derivatives trading without introducing broker registration, but only under specific facts and conditions.
Platforms may be permitted to market trading access, introduce users to counterparties, and receive certain fees, provided they stay within the limits described in the no-action letter.
Relief under the letter does not eliminate compliance obligations, as firms must still address disclosures, recordkeeping, marketing controls, and coordination with registered entities.
No-action letters are fact-specific staff positions, not formal rules, and small changes to a platform’s business model can lead to a different regulatory outcome.
Fintech companies should evaluate introducing broker registration requirements early in product design, especially when user onboarding, order routing, counterparty introductions, or trading-related revenue are involved.
A recent CFTC no-action letter issued to a crypto wallet software provider is raising an important question for fintech companies: when does a technology platform cross the line into regulated brokerage activity? As trading functionality becomes embedded into wallets, apps, and user interfaces, the distinction between infrastructure and intermediation is becoming less clear.
CFTC Letter No. 26-09, issued in March 2026, provides a practical example of how regulators are thinking about this boundary. It addresses a model where a self-custodial wallet provider enables access to derivatives trading through registered entities, without directly handling customer assets or executing trades. The outcome is not a broad exemption, but a conditional position tied to specific facts, controls, and limitations.
This article breaks down what the letter actually says, how it fits within existing CFTC guidance, and what it means for fintechs.
At InnReg, we help fintech platforms navigate introducing broker requirements and CFTC expectations. From structuring trading access models to building compliance programs and managing ongoing operations, our team supports platforms working at the edge of innovation.
Overview of the CFTC Letter No. 26-09
The CFTC no-action letter (Letter No. 26-09) was issued in response to a request from Phantom Technologies, a provider of self-custodial crypto wallet software. The company sought confirmation that its planned expansion into derivatives trading access would not require registration as an introducing broker (IB) or associated person, given how its product is structured.
The request highlights a pattern many fintechs are dealing with today. Products are no longer just tools. They combine interfaces, asset access, and connections to regulated trading venues in one place. That raises a practical question about where regulatory obligations begin under the Commodity Exchange Act.
The CFTC’s Market Participants Division responded with a limited position. It said that, based on the specific structure described, it would not recommend enforcement for failing to register as an IB, as long as certain conditions are met. This is not a general exemption. It applies only to the model as presented.
Activities Covered Under the No-Action Position
The letter addresses a structure where a software provider enables users to access derivatives markets through registered intermediaries, while staying out of trade execution and asset custody.
The activities covered include:
Providing a front-end interface that allows users to view market data and submit orders
Enabling users to transmit orders directly to registered entities such as FCMs or IBs
Offering access to derivatives products like perpetual contracts and event-based contracts
Charging fees or receiving compensation tied to platform usage
Marketing the availability of trading access and relationships with counterparties
Importantly, the structure assumes that all trading activity occurs through properly registered entities, and that customer funds are held within the existing derivatives market infrastructure, not by the software provider itself.
Why Is This CFTC No-Action Position Different From Prior Guidance?
Earlier CFTC guidance around technology providers focused on a narrower concept. Software firms could avoid IB registration if they acted purely as infrastructure providers and stayed away from any activity resembling solicitation or intermediation.
This letter reflects a shift. The CFTC acknowledges a model where a platform may:
Introduce users to specific trading counterparties
Promote access to certain products
Participate economically through fees or revenue sharing
These elements would typically raise IB registration concerns. However, the CFTC accepted that certain of these activities can occur without registration if the provider remains operationally passive in execution and meets defined conditions.
This expands the conversation beyond traditional “technology provider” frameworks and addresses how modern fintech products actually function.
What It Does and Does Not Mean
It is important to read this CFTC no-action letter carefully. The scope is narrower than it may appear at first glance.
What it means:
The CFTC is willing to evaluate hybrid fintech models that sit between software and intermediation
Certain activities that resemble IB functions may be permitted without registration under specific conditions
There is recognition that front-end platforms play a growing role in how users access derivatives markets
What it does not mean:
It does not eliminate IB registration requirements for similar businesses
It does not apply broadly to all wallet providers or trading interfaces
It does not bind the Commission or establish formal rulemaking
The key takeaway is that this is a conditional, fact-driven position, not a general rule. Fintech firms should treat it as a signal, not a safe harbor.
When Software Triggers Introducing Broker Registration
As fintech products evolve, the boundary between a software provider and a regulated intermediary becomes harder to define. Under the Commodity Exchange Act, registration requirements are triggered by activity, not by how a company describes itself. A platform can be labeled as “technology,” but still fall within the introducing broker (IB) scope based on what it actually does.
Introducing Broker (IB) Definition Under the Commodity Exchange Act
An introducing broker is broadly defined as a person or entity that solicits or accepts orders for derivatives transactions, typically for compensation. This definition has been interpreted expansively over time.
It does not require direct execution. It also does not require custody of assets. Activities such as referring customers, facilitating order flow, or being compensated in connection with trading activity can fall within IB scope.
For fintech platforms, this means the regulatory analysis starts with function, not structure. If your platform plays a role in bringing users into trading relationships, IB considerations may apply.
Associated Person Requirements
In addition to entity-level registration, individuals involved in these activities may also be subject to regulation. An associated person (AP) is generally anyone who engages in solicitation, customer interaction, or supervision related to trading activity on behalf of an IB.
In practice, this can cover a wide range of roles. Employees involved in business development tied to trading access, marketing specific products, or interacting with users during onboarding may all fall within scope. The definition is broader than it first appears. Even indirect involvement in how users are brought into trading can raise AP considerations.
See also:
How Software Providers Can Trigger IB Registration
Many fintech platforms drift into IB territory without planning to. It is usually not one feature that creates the issue, but how different parts of the product and business model interact.
Common triggers include:
Introducing users to specific trading counterparties
Highlighting or promoting particular derivative products
Receiving transaction-based fees or revenue sharing tied to trading activity
Embedding order routing functionality within the platform
Structuring the user journey around access to trading
Individually, some of these elements may not be decisive. Together, they can create a profile that looks similar to an intermediary role.
This is the core issue addressed by the CFTC no-action letter discussed in this article. It shows how a platform can approach this boundary and what constraints may apply if registration is not pursued.

Need help with broker-dealer compliance?
Fill out the form below and our experts will get back to you.
What the CFTC No-Action Letter Allows for Software Providers
The CFTC no-action letter introduces a more flexible view of what software providers can do without being treated as registered intermediaries, as long as certain boundaries are respected. It recognizes that modern fintech platforms often sit between pure infrastructure and traditional brokerage functions.
At the same time, the position is narrow. It does not remove registration requirements. It outlines how a platform can operate within a specific structure without triggering them.
Role of Self-Custodial Wallet Software
A key factor in the analysis is the role of the software itself. In this model, the wallet provider does not take custody of assets or control user funds. Instead, it functions as a tool that allows users to manage credentials and initiate transactions.
This distinction matters. The absence of custody and control over assets helps position the platform as a facilitator rather than a financial intermediary. However, this alone is not sufficient. The broader set of activities still needs to be considered.
Front-End Interfaces and Order Routing
The letter allows platforms to offer interfaces where users can view market data, monitor positions, and initiate trades. These interfaces can also serve as the mechanism through which orders are transmitted to registered entities such as FCMs or IBs.
The key limitation is how far that involvement goes.
The platform’s role must remain limited to enabling the user to send instructions, not shaping how those instructions are executed. Once an order is submitted, the process must be handled entirely by the registered intermediary, without intervention from the software provider.
Marketing and User Onboarding Activities
One of the more notable aspects of this CFTC no-action letter is that it permits certain marketing and onboarding activities that would typically raise IB concerns.
Platforms may promote access to derivatives trading and maintain relationships with specific counterparties. They may also guide users toward those relationships as part of the product experience.
However, there are limits. These activities must remain structured in a way that does not amount to active solicitation or advisory conduct. The distinction is subtle, and it depends heavily on how the platform presents and frames these interactions.
For fintech teams, this is often where the real complexity lies. Product design, marketing language, and onboarding flows all contribute to how regulators interpret the platform’s role.
Key Conditions Software Providers Must Meet Under the CFTC No-Action Letter No. 26-09
The relief provided in this CFTC no-action letter is conditional and tied to a defined set of operational and compliance requirements. These conditions are central to why the position was granted.
Disclosure and Risk Requirements
The letter places a strong emphasis on transparency. Platforms are expected to explain how they work with counterparties and whether there are any financial incentives connected to user activity.
Risk disclosures also need to reflect the realities of derivatives trading. Sometimes these are delivered by the registered entity, but in other cases, the platform needs to handle this itself.
The focus is on user understanding. It is not just about including disclosures in the terms. It is about how clearly they are communicated and whether users actually acknowledge them during onboarding.
See also:
Restrictions on Conduct and Marketing
The platform’s communications are expected to follow standards similar to those applied to registered firms. This includes restrictions around misleading statements, promotional content, and how trading opportunities are presented.
At the same time, there are limits on how marketing can be structured. Certain types of promotional activity that would normally require pre-approval may not be permitted in this context.
The platform must operate as if it were subject to IB marketing rules, even if it is not formally registered. This creates a higher bar for content review, messaging, and internal controls.
Joint Liability with Registered Entities
One of the more significant conditions is the requirement for shared responsibility between the platform and its counterparties. The software provider and the registered entity must enter into agreements that allocate liability for regulatory violations tied to the activity.
This changes the dynamic of the relationship. It is not just a technical integration or referral arrangement. It becomes a coordinated compliance framework.
Both parties are exposed to regulatory risk arising from the platform’s activities, which makes due diligence and contractual structuring a critical part of the model.
Recordkeeping and Compliance Obligations
The letter also requires the platform to maintain records related to its activities and compliance with the stated conditions. This includes documentation of disclosures, user acknowledgments, and operational practices.
The expectation is not minimal. Recordkeeping must be aligned with existing CFTC standards, which are typically applied to registered entities.
For fintech companies, this often requires building internal processes that resemble a compliance program. This is where many teams underestimate the effort involved. Operating under a CFTC no-action letter still requires a structured compliance infrastructure, not just product-level adjustments.
Area | What Is Required | Impact on Fintechs |
|---|---|---|
Disclosure and Risk | Clear explanation of counterparty relationships and any financial incentives; delivery of derivatives risk disclosures | Platforms must design onboarding flows that clearly communicate both trading risks and the platform’s role, with user acknowledgment built into the experience |
Conduct and Marketing | Communications must follow standards similar to IB rules, including restrictions on misleading or promotional content | Marketing, product copy, and user messaging need structured review processes, even if the firm is not registered as an IB |
Joint Liability | Written agreements with registered entities assigning shared responsibility for regulatory compliance | Partnerships with FCMs or IBs become compliance-driven relationships, requiring legal structuring and ongoing coordination |
Recordkeeping and Compliance | Maintenance of records aligned with CFTC standards, including disclosures, acknowledgments, and operational documentation | Platforms need internal compliance processes and systems, not just product features, to support ongoing regulatory expectations |
In practice, this is where firms often seek external support. Teams like InnReg typically step in at this stage to help translate regulatory conditions into workable processes, especially for fast-moving platforms that do not have a full in-house compliance function.
Learn how InnReg helps fintech translate regulatory requirements into policies and procedures →
How This CFTC No-Action Letter Compares to Prior Fintech Platform Guidance
The CFTC no-action letter builds on earlier guidance for technology providers, but it also moves beyond it in important ways. Previous interpretations were based on a much narrower view of what a platform could do without triggering registration requirements.
What the Earlier Fintech Platform Letters Allowed
Earlier CFTC staff letters focused on technology service providers that acted as neutral infrastructure. These platforms were expected to stay in the background and avoid any involvement that could resemble intermediation.
In practice, this meant the provider could support order entry or connectivity, but only under strict conditions. The platform could not recommend counterparties, promote trading activity, or participate in the economics of transactions. Users were also expected to have pre-existing relationships with registered firms.
The model was intentionally limited. It was designed for tools, not for integrated fintech products.
Where Phantom’s Model Goes Further
The structure described in this CFTC no-action letter reflects how modern platforms actually operate. Instead of acting as passive infrastructure, the platform plays a more visible role in the user experience.
It can introduce users to specific counterparties, promote access to derivatives products, and participate economically through fees or revenue sharing. These elements would normally fall outside the scope of earlier guidance.
What makes this different is that these activities are permitted, but only within a tightly controlled framework. The platform still cannot take on execution or custody functions, and it must operate within defined compliance boundaries.
Why No-Action Relief Was Necessary
The existing guidance did not fully address this type of model. Once a platform begins to combine interface, distribution, and commercial participation, it no longer fits the definition of a neutral technology provider.
That creates a gap. Without relief, the platform could be required to register as an introducing broker, along with its personnel.
The no-action letter fills that gap by addressing a hybrid model that sits between infrastructure and intermediation. It signals that the CFTC is willing to engage with these structures, but only on a fact-specific basis and with clear conditions attached.
For fintech teams, the takeaway is practical. If your model goes beyond passive technology, you cannot rely on earlier guidance alone. You need to assess where it fits within current interpretations and whether additional regulatory analysis is required.
See also:
Risks and Limitations of Relying on a CFTC No-Action Letter
A CFTC no-action letter is not a safe harbor or a substitute for registration. It reflects the view of a specific division of the CFTC staff, based on a defined set of facts. That distinction matters when you are building or scaling a product around it.

Non-Binding Nature of Staff Positions
No-action letters are issued by CFTC staff, not the Commission itself. They do not carry the same legal weight as formal rules or regulations.
This means the position can change. It can be revisited, limited, or withdrawn depending on how the market evolves or how similar models develop.
The key point is that a no-action letter reflects enforcement discretion, not a permanent regulatory outcome. It reduces risk under specific conditions, but it does not eliminate it.
Fact-Specific Limitations
No-action letters are built around a specific set of facts. The details matter, including how the product works, how users interact with it, and how revenue is generated.
Even relatively small changes can shift the analysis. Adjusting onboarding flows, highlighting certain counterparties, or changing how fees are structured can lead to a different outcome.
Using a CFTC no-action letter as a general template can be risky. What worked in one structure does not automatically carry over to another.
Potential for Future Rulemaking
The letter itself acknowledges that future rulemaking or guidance could change how these activities are treated. The CFTC has not finalized how software providers that facilitate trading should be regulated.
As the market develops, regulators may revisit these models and introduce clearer rules. That could narrow or expand what is currently permitted.
This creates a moving target. What is acceptable under a no-action position today may be treated differently under future regulation.
Practical Compliance Takeaways for Fintechs
CFTC No-Action Letter No. 26-09 provides a useful reference point, but the real value comes from how it is applied. For fintech teams, the focus should be on identifying where their product and business model intersect with regulatory expectations.
When to Consider IB Registration: If your platform introduces users to trading counterparties, influences access to products, or earns revenue tied to trading activity, IB analysis should be part of your planning. These signals often appear at the product design stage, not after launch.
Structuring Partnerships With FCMs and IBs: Relationships with registered entities need to be structured as compliance frameworks, not just integrations. Roles, responsibilities, and liability should be clearly defined, especially around onboarding, disclosures, and oversight.
Designing User Flows and Disclosures: How users interact with your product shapes regulatory interpretation. Disclosures, prompts, and onboarding flows should clearly reflect both trading risks and the platform’s role in facilitating access.

Francesco is the Founder & CEO of InnReg with over 15 years of experience in fintech compliance and operations. He previously served as CCO at TradeKing and Zecco, helping grow the firm into the 6th largest US online broker before its $275M acquisition by Ally Bank. He holds FINRA Series 4, 7, 24, 53, and 63 licenses and an MPA from Harvard Kennedy School.
How Can InnReg Help?
InnReg is a global regulatory compliance and operations consulting team serving financial services companies since 2013.
We are especially effective at launching and scaling fintechs with innovative compliance strategies and delivering cost-effective managed services, assisted by proprietary regtech solutions.
If you need help with broker-dealer compliance, reach out to our regulatory experts today:
Related Articles

















