Illinois Blockchain Association Formal Comment Letter to the IL Department of Financial and Professional Regulation (IDFPR)
June 29, 2026
The Illinois Blockchain Association has submitted a formal comment letter to the IL Department of Financial and Professional Regulation (IDFPR) on the proposed rules implementing the Digital Assets and Consumer Protection Act (DACPA), published as new Part 1031 of Title 38 of the Illinois Administrative Code. The Association, and member Michael Frisch, was a proponent of the law that created DACPA, and they remain committed to getting the implementation right. The letter offers concrete, ready-to-adopt language on the issues that matter most: on defining control; fee relief for startups; aligning stablecoins reserves with the federal GENIUS act; and grandfathering of the pending applications.
The Illinois Blockchain Association (“IBA”) respectfully submits these comments on the proposed rules implementing the Digital Assets and Consumer Protection Act (“DACPA”) [205 ILCS 731], published as proposed new Parts 1031 of Title 38 of the Illinois Administrative Code.
The IBA is a non-profit member organization dedicated to advocating for sound public policy in Illinois concerning blockchain, digital assets and cryptocurrency. Our membership includes startups, founders, software developers, infrastructure providers, and established digital asset businesses operating in or seeking to operate in the State of Illinois. IBA was a proponent of P.A. 104-428/SB 1797 (Walker/Gonzalez), establishing DACPA, and remains invested in the law’s successful implementation.
Our overarching position is straightforward: Illinois can protect consumers without regulating software developers, infrastructure providers, and early-stage builders as though they were full-service custodians or financial intermediaries with custody and control over residents’ assets. Throughout the legislative process leading to DACPA, the IBA successfully convinced lawmakers that regulation should be limited to those entities with custody and control over residents’ assets. It is with those – and only those – entities where risk of fraud or theft lies. The comments below identify specific provisions where the proposed rules would benefit from clarification or revision to ensure that the law meets its intended aim. For each, we provide proposed regulatory language in italics.
Define “Digital Asset Administration”
Section 1-5 of the Act defines digital asset business activity to include “engaging in digital asset administration.” However, the Act does not define “administration.” The word “administration” has no fixed meaning within the digital assets industry. Without a clear definition, the industry would be left totally uncertain which activities concerning digital assets could be covered. Prior versions of DACPA, which were not passed into law, included an overly-broad definition of “digital asset administration” that swept in activities like “issuing” a digital asset, even where the issuer retained no custody or control over the asset or network following its launch. Trying to regulate such activity – which is truly in the realm of software development (already excluded from the definition) – would be untenable, and would further depress innovation and investment in the state.
Instead, the IBA submits that a definition of “digital asset administration” is needed that clearly limits its scope to activities where the administrator has control of a resident’s assets, but is not otherwise engaging in “exchanging, transferring, or storing” a digital asset for a resident – the other core prongs of the definition.
The IBA recommends adding the following definition to Section 1031.100:
“Digital asset administration” means possessing control over digital assets of a resident as part of a business or service being provided to the resident.
This definition anchors the regulatory trigger to the actual risk-generating activity—possessing control as a service—rather than any incidental connection to digital asset transactions. It would cover situations where, while a company may not actually be custodying digital assets, it is perhaps maintaining control over a user’s digital assets by retaining their cryptocurrency signature keys for a user as part of a business and pursuant to a service delivered to that resident. Depending on their design, certain other investment services could fall within this new “administration” prong, and which would otherwise not be within the first prong of the definition.
The definition would clarify that those whose activities do not place customer assets at risk are not inadvertently subjected to registration.
Define “Control” or “Control of Digital Assets”
The Act and proposed rules rely on concepts of custody and control without defining “control” in a manner that distinguishes facilitation from possession. Without a clear definition, non-custodial wallet providers, multi-signature participants, and protocol interface operators face uncertainty about whether their activities trigger registration.
Within the definition of “Affiliate,” the Act contains a standard definition for what it means to exert legal control over another “person.” But nowhere does the Act (or the proposed rules) define what it means to exert “control” over digital assets of a resident. This is a key concept in the law that requires a definition aligned with the actual technology.
The IBA recommends adding the following to Section 1031.100:
“Control,” for purposes of determining whether a person is engaged in digital asset business activity, means the ability to independently initiate or execute a transaction involving a customer’s digital assets without requiring the customer’s contemporaneous affirmative authorization or cryptographic signature at the time of the transaction. “Control” does not include:
(1) providing software through which a customer independently authorizes transactions using the customer’s own private keys;
(2) participating in a multi-signature or threshold-signature arrangement where the person cannot unilaterally execute a transaction without one or more additional parties’ authorization; or
(3) operating infrastructure that processes, validates, relays, or records transactions initiated by others without the ability to redirect, reverse, or withhold customer assets.
This definition was modeled after the definition of control found in UCC Article 12 (Sec. 12-105), the provision adopted to apply to digital assets. This definition draws a bright line at unilateral authority over customer assets. It protects the full range of non-custodial builders—software developers, validators, multi-sig participants, and protocol operators—while ensuring that any person who can independently move customer assets remains squarely within the Department’s supervisory scope.
Replace “Meme-Based with No Intrinsic Value or Utility” (Section 1031.100 — “Digital Asset” Definition)
The proposed definition of “digital asset” excludes tokens “not marketed, used, promoted, offered, or sold for investment or speculation,” but exempts from that exclusion tokens that are “meme-based with no intrinsic value or utility.” The legislature may have been trying to include “memecoins” in the definition of “digital asset” without specifying what memecoins are and how they are distinguished from innumerable other digital assets. This phrase is inherently subjective and provides no administrable standard for either regulators or market participants.
The IBA recommends adopting through rulemaking the following objective test to clarify the definition:
has no documented functional use within a software application, protocol, or network, as evidenced by the absence of any publicly available technical documentation, whitepaper, or code repository demonstrating a non-speculative use case; or
This language anchors the analysis in verifiable, objective indicia—published technical documentation and code—which can be assessed without requiring the Department to make subjective value judgments about the cultural or expressive content of a digital asset.
Administrative Assessment Cap (Section 1031.300(g))
Section 1031.300(g) allocates the Department’s administrative costs across registrants on a pro rata basis, divided equally between a transaction-based assessment and a custody-based assessment. While the intent clearly was to apportion costs among registrants, it contains no ceiling on the absolute amount any single registrant may owe which may result in unreasonably and unexpectedly high obligations for registrants. This problem may be especially pronounced in the first few years following implementation of the Act, where the number of registrants may be few and the costs of administration of the Act may be high as headcount is ramped up and systems are purchased.
To address this problem, the IBA recommends adding the following cap:
C) Notwithstanding subsections A) and B), no registrant’s total annual assessment under this subsection (g) shall exceed 5% of the registrant’s gross revenue derived from digital asset business activity conducted with or on behalf of residents of this State during the preceding calendar year, as reported in the registrant’s most recent renewal application.
A revenue-based cap ensures that no registrant’s assessment obligation exceeds a proportionate share of its Illinois business. It protects startups and early-stage companies with limited revenue while permitting the Department to collect meaningful assessments from large-scale operators. This approach is consistent with the proportionality principle already embedded in the pro rata methodology.
Interim Operating Authority Pending Application
DACPA’s registration requirement under Section 15-5 becomes mandatory on July 1, 2027. The proposed rules do not address the status of persons who are already engaged in digital asset business activity and submit timely applications but have not yet received a determination from the Department. Without a grandfathering provision, these persons would be required to cease operations on the effective date while awaiting approval – a death knell for many companies.
The IBA recommends adopting a grandfathering provision modeled on California’s Digital Financial Assets Law § 1214, adapted to DACPA’s framework:
a) For purposes of Section 15-5 of this Act, a person may engage in digital asset business activity, or hold itself out as being able to engage in digital asset business activity, with or on behalf of a resident of this State if the person:
1) was engaged in digital asset business activity with or on behalf of residents of this State prior to July 1, 2027; and
2) submits a completed application for registration under Section 15-10 of this Act on or before July 1, 2027 and is awaiting approval, conditional approval, or denial of that application by the Department.
b) Interim operating authority under this Section shall terminate upon the earliest of:
1) the date on which the Department issues a registration to the person;
2) the date on which the Department denies the person’s application and all administrative review or appeal periods have expired;
3) the date on which the Department determines the application to be abandoned under Section 1031.410; or
4) the date that is 30 months after July 1, 2027, unless the Department has extended interim operating authority by written notice to the person.
c) A person operating under interim authority pursuant to this Section shall:
1) comply with all consumer-protection requirements of this Act, including Sections 5-5 and 5-10;
2) comply with all examination and supervisory authority of the Department under Article 20 of this Act as though the person were a registrant;
3) maintain a surety bond in the amount required by Section 20-5 of this Act and rules adopted thereunder; and
4) cooperate fully with the Department’s processing of the person’s application, including responding to deficiency notices and requests for additional information within the time periods set forth in 1031.410.
d) A person who was not engaged in digital asset business activity with or on behalf of residents of this State prior to July 1, 2027 may not engage in such activity until the Department has issued a registration to such person under Section 15-10 of this Act.
e) Nothing in this Section shall be construed to limit the Department’s authority to issue a cease and desist order, civil penalty order, or administrative penalty order against a person operating under interim authority pursuant to this Section who violates any provision of this Act or rules adopted thereunder.
This provision protects consumers (all substantive requirements remain in force during the interim period), preserves the Department’s enforcement authority, and prevents market disruption caused by application processing timelines outside the registrant’s control. The pre-existing activity requirement in subsection (a)(1) ensures the provision cannot be used as a backdoor to unregistered entry by new market participants.
Emerging Digital Asset Business Fee Reduction
The proposed rules apply a uniform fee structure to all registrants regardless of scale, business model, or risk profile. The Department’s own Small Business Economic Impact Analysis acknowledges that approximately 45 businesses subject to Part 1031 may qualify as small businesses and that these entities “may experience some negative economic impact due to the costs” of registration, reporting, recordkeeping, annual fees, and bonding. Yet the rules impose a flat $5,000 initial application fee, a $5,000 investigation advance, and a $5,000 annual renewal fee on every registrant equally.
The IBA recommends that the Department establish a threshold-based category for smaller registrants and calibrate compliance costs accordingly. The proposal below offers the addition of proportionality logic to application and renewal fees.
A. Define “Emerging Digital Asset Business”
The IBA recommends adding the following defined term to Section 1031.100:
“Emerging digital asset business” means a registrant or applicant that certifies, subject to verification by the Department, that it meets all of the following conditions as of the date of its application or most recent renewal:
1) the registrant’s total number of Illinois customers served during the preceding 12-month period (or projected for the first 12 months of operation, in the case of an initial applicant) does not exceed 1,000;
2) The registrant’s total Illinois transaction volume during the preceding 12-month period (or projected for the first 12 months of operation) does not exceed $50,000,000 in aggregate United States dollar equivalent; and
3) The registrant does not hold digital assets in custody or control on behalf of Illinois residents in excess of $5,000,000] in aggregate United States dollar equivalent at any time during the preceding 12-month period (or, in the case of an initial applicant, does not anticipate exceeding such amount during the first 12 months of operation).
A registrant that ceases to meet the conditions of this definition shall notify the Department within 30 days and shall comply with the standard registration requirements applicable to all other registrants beginning with the next renewal period.
B. Tiered Fee Schedule for Emerging Digital Asset Businesses
The IBA recommends adding the following subsection to Section 1031.300(b):
3) Emerging Digital Asset Business Fee Reduction.
A) For each application for an initial registration submitted by an applicant that certifies it meets the definition of Emerging Digital Asset Business under Section 1031.100, the applicant shall pay a nonrefundable initial application fee of $1,500 (in lieu of the fee specified in subsection (b)(1)(A)) and a nonrefundable advance payment of $1,500 (in lieu of the advance payment specified in subsection (b)(1)(B)) for the investigation of the applicant.
B) For each application for an annual renewal of a registration submitted by a registrant that certifies it continues to meet the definition of Emerging Digital Asset Business under Section 1031.100, the registrant shall pay a nonrefundable renewal application fee of $1,500 (in lieu of the fee specified in subsection (b)(2)).
C) A registrant that claimed reduced fees under this subsection and is subsequently determined by the Department not to have met the qualifying conditions at the time of certification shall pay to the Department the difference between the reduced fee and the standard fee within 30 days of written notice from the Department, plus a $500 administrative surcharge.
The current upfront cost of $10,000 represents a material barrier for a pre-revenue or early-revenue startup with minimal Illinois exposure. A reduced fee preserves the Department’s cost recovery while lowering the barrier of entry for small and low-risk participants. The claw-back mechanism in subsection (C) prevents abuse and protects the Department’s revenue.
Clarify That Infrastructure Providers Are Not “Service Providers” Under the Act
The Act excludes from “digital asset business activity” the act of “validating a digital asset transaction, operating a node, or engaging in a similar activity to participate in facilitating, operating, or securing a blockchain system.” However, the Act separately defines “service provider” as any person that “provides a material service to a covered person in connection with the offering or provision by that covered person of a digital asset business activity,” including a person that “participates in designing, operating, or maintaining the digital asset business activity” or “processes transactions relating to the digital asset business activity.”
This creates a regulatory contradiction: a validator, node operator, or other infrastructure participant may be excluded from registration under the Act’s exclusion for blockchain-securing activity, yet pulled back into the Department’s scope of regulation as a “service provider” because its activity incidentally supports a registrant’s operations. This outcome is inconsistent with the legislative intent to exclude infrastructure participants and would subject them to examination, enforcement, and compliance obligations. The IBA recommends adding the following provision to Section 1031.100:
“Infrastructure Provider” means a person engaged in operating blockchain nodes; performing transaction validation or block production; providing staking infrastructure or delegation services; deploying, auditing, or maintaining smart contracts; providing blockchain analytics, indexing, or data services; or operating relayers, oracles, or similar activity to participate in facilitating, operating, or securing a blockchain system, where such person does not, in connection with such activity, take custody of, exercise unilateral control over, or hold private keys granting independent access to, a resident’s digital assets.
A person whose activities satisfy the definition of “infrastructure provider” shall not be deemed a “service provider” under the Act solely by reason of performing such activity, notwithstanding that the activity may constitute a material service to, or participation in the operation of, a covered person’s digital asset business activity. A person may be deemed a “service provider” only if, in addition to performing infrastructure activity, the person provides services that are specifically designed for, customized to, or exclusively deployed in connection with a particular covered person’s digital asset business activity and that are not generally available network-layer services offered to the public or to multiple unrelated participants.
This provision does not create a new exemption. It interprets the Act’s existing exclusion for blockchain-securing activity consistently with the “service provider” definition, ensuring that the legislature’s decision to exclude infrastructure participants from registration is not undermined by reimposing supervisory authority through an alternative definitional pathway. The limiting principle is already present in the “service provider” definition itself, which excludes persons who “unknowingly or incidentally” process financial data “in a manner that the data is undifferentiated from other types of data.” Infrastructure providers who serve a blockchain network generally—rather than a specific registrant’s operations specifically—present the same undifferentiated relationship.
Payment Stablecoin Reserve – Conform Reserve-Assets to the GENIUS Act (Section 1031.230).
The proposed rules at Section 1031.230(b) limit permissible reserve assets to specified (1) U.S. Treasury bills, (2) reverse repurchase agreements, (3) government money-market funds and (4) deposit accounts. The IBA supports the Department’s objective of requiring payment stablecoin reserves to consist of high-quality, liquid assets. However, the proposed rules should be revised to conform more closely to the reserve asset categories established by the GENIUS Act. This would promote consistency between Illinois and federal law, reduce operational friction for issuers subject to multi-jurisdictional supervision, and support Illinois’s ability to maintain a state-level payment stablecoin framework that substantially aligns with the federal regulatory framework. This change would also prevent Illinois from being inadvertently more restrictive than federal law with respect to highly liquid and low-risk reserve assets, including cash, Federal Reserve balances where legally available, short-term Treasury notes and bonds, certain repurchase agreements, and tokenized forms of specified reserve assets.
The IBA recommends revising Section 1031.230(b) as follows:
b) The Reserve shall consist only of the following assets:
1) United States coins and currency, including Federal Reserve notes, or money standing to the credit of an account with a Federal Reserve Bank, to the extent the Issuer is legally eligible to maintain such account;
2) Funds held as demand deposits, other deposits that may be withdrawn upon request at any time, or insured shares at an insured depository institution, including any foreign branch or agent, including a correspondent bank, of an insured depository institution, subject to any applicable limitations established by the Federal Deposit Insurance Corporation, the National Credit Union Administration, or the Secretary to address safety and soundness, concentration, or liquidity risks;
3) S. Treasury bills, notes, or bonds with a remaining maturity of 93 days or less or issued with a maturity of 93 days or less;
4) Money received under repurchase agreements, with the Issuer acting as seller of securities and with an overnight maturity, that are backed by U.S. Treasury bills with a maturity of 93 days or less;
5) Reverse repurchase agreements, with the Issuer acting as purchaser of securities and with an overnight maturity, that are collateralized by U.S. Treasury bills, notes, or bonds on an overnight basis, subject to overcollateralization in line with standard market terms, and that are:
a) Tri-party;
b) Centrally cleared through a clearing agency registered with the Securities and Exchange Commission; or
c) Bilateral with a counterparty that the Issuer has determined to be adequately creditworthy, including in the event of severe market stress, subject to any Secretary-approved credit assessment, notice, or concentration requirements;
6) Securities issued by an investment company registered under Section 8(a) of the Investment Company Act of 1940, or other registered government money market fund, that are invested solely in underlying assets described in subsections (b)(1) through (b)(5);
7) Any other similarly liquid Federal Government-issued asset approved by the Issuer’s primary federal payment stablecoin regulator, in consultation with the Secretary if applicable, or approved by the Secretary for an Issuer subject to the Secretary’s supervision, provided that such approval is consistent with the GENIUS Act and any applicable federal regulations; and
8) Any reserve asset described in subsections (b)(1) through (b)(3) or subsections (b)(6) through (b)(7) in tokenized form, provided that such reserve asset complies with all applicable federal and State laws and regulations.
This revision improves the current proposed rule by expressly recognizing cash and Federal Reserve balances, where legally available, as eligible reserve assets. Without this express inclusion, the proposed framework may unintentionally force issuers away from using the most liquid forms of reserve value. Similarly, allowing Treasury notes and bonds with short remaining maturities, rather than only Treasury bills acquired three months or less from maturity, would align Illinois with the GENIUS Act. Furthermore, allowing tokenized form of the reserve assets enhances operational liquidity and settlement efficiency without introducing unregulated counterparty risk into the reserve structure. These changes would preserve consumer protection while ensuring that Illinois’s framework remains consistent with the federal payment stablecoin regime.
Illinois has an opportunity to set a national standard by demonstrating that robust consumer protection and a thriving blockchain ecosystem are not in tension but are mutually reinforcing. The proposals in this letter do not ask the Department to weaken consumer protections. Each asks the Department to target its regulatory resources where consumer risk is concentrated and to provide clarity where ambiguity would otherwise chill the innovation that makes Illinois competitive.
The IBA and its members are invested in this State and in the success of this regulatory framework. We stand ready and welcome the opportunity to work collaboratively with IDFPR to ensure that Illinois’s digital asset rules achieve their intended goals.
Written by Michael Frisch and Bakhtawar Mirjat, as well as other members of the Illinois Blockchain Association.