Explore how differences between the federal Howey test and state-level “risk capital” tests are reshaping securities enforcement, why the gap matters now, and what issuers, exchanges, and financial intermediaries should do to navigate a patchwork of regulatory standards. 

The below is a summary of WilmerHale’s recent blog post located here: https://www.wilmerhale.com/en/insights/client-alerts/20250909-howey-vs-risk-capital-differences-in-securities-law-tests-take-on-greater-importance-in-a-period-of-potential-growth-in-state-level-securities-enforcement

The Rising Importance of State-Level Enforcement

Federal enforcement priorities are shifting, leaving potential gaps in securities oversight. In this environment, state attorneys general and securities regulators are stepping forward to fill the void using their blue sky laws statutes dating back to 1911 that empower states to regulate securities apart from federal actors.

While most states follow federal tests like Howey or Reves, others apply the risk capital test, a broader standard that can capture instruments not traditionally considered securities under federal law. This divergence is no longer academic: states such as California, Oregon, Washington, and Michigan are actively invoking risk capital principles in enforcement, including recent actions involving cryptocurrency platforms and digital assets.

For issuers, exchanges, advisers, and broker-dealers, the result is a heightened risk landscape: even where federal regulators stand down, state enforcers may proceed aggressively.

Essential Differences Between the Tests

Federal Howey Test

Derived from SEC v. W.J. Howey Co. (1946), the federal test finds an “investment contract” and therefore a security where there is:

1. An investment of money

2. In a common enterprise

3. With profits expected solely from the efforts of others

This framework has been the cornerstone of federal securities law for decades, but it is relatively narrow in scope.

State Risk Capital Test

First articulated in Silver Hills Country Club v. Sobieski (Cal. 1961), the risk capital test looks at whether investors’ funds are placed at risk in an enterprise without managerial control, with the possibility of future benefits. It does not require an expectation of profits from others’ efforts making it easier for states to classify novel instruments as securities.

• California: Applied to country club memberships, fractional promissory notes, and limited partnerships.

• Oregon: Extended to franchising agreements and, in 2025, to allegations that Coinbase offered unregistered securities.

• Washington: Codified risk capital into statute, applying it to partnership interests.

• Michigan: Applied the test to timeshare leases, while narrowing scope in other contexts to avoid overbreadth.

Lessons from Recent Enforcement

Oregon v. Coinbase (2025)

In April 2025, Oregon’s attorney general sued Coinbase under the state’s risk capital test, alleging the exchange offered unregistered securities. Coinbase removed the case to federal court, arguing Howey governs and preempts state law. Oregon countered that its test is distinct and broader, seeking remand to state court.

This jurisdictional tug-of-war underscores the practical impact of divergent tests: they affect not only liability exposure but also the forum in which disputes are litigated.

Broader Implications

• California & Oregon: Willing to classify creative financing arrangements as securities, even where federal law would not.

• Washington & Michigan: Statutory or judicial adoption of risk capital signals a readiness to scrutinize unconventional investments.

• Democratic-led states: Increasingly deploying these standards to fill perceived federal enforcement gaps, particularly in the digital asset space.

Compliance and Risk Management Checklist

To navigate this patchwork effectively, firms should incorporate the following safeguards:

• Instrument Classification: Assess whether offerings meet the Howey test at the federal level and the broader risk capital test in relevant states.

• State Law Mapping: Identify which jurisdictions apply risk capital principles (e.g. CA, OR, WA, MI) and tailor compliance accordingly.

• Contract Drafting: Include compliance obligations in transaction and offering documents, acknowledging potential state-level exposure.

• Regulatory Engagement: Be prepared for investigations from attorneys general or securities regulators acting under blue sky authority.

• Crypto-Specific Risks: For exchanges and token issuers, evaluate whether digital assets could fall within risk capital definitions, even absent federal action.

• Legal Counsel: Engage state-focused securities counsel early to mitigate cross-jurisdictional exposure.
  
  

Structuring Effective Compliance Strategies

Companies should view state-level risk capital enforcement as an integral part of their regulatory landscape. Practical strategies include:

• Proactive Audits: Conduct preemptive reviews of offerings and financial products for exposure under both federal and state tests.

• Continuous Monitoring: Track evolving state AG positions, particularly in Democratic-led jurisdictions pursuing expansive policy agendas.

• Jurisdictional Planning: Anticipate litigation strategy federal removal vs. state court remand when designing offerings and defending enforcement actions.

• Tailored Disclosures: Ensure offering documents provide sufficient risk disclosure for both Howey and risk capital analyses.
  
  

Conclusion

The distinction between the federal Howey test and the state-level risk capital test has never been more consequential. As federal enforcement priorities shift, state regulators are seizing the opportunity to apply broader standards and pursue novel theories of liability.

For issuers, exchanges, broker-dealers, and advisers, the message is clear: compliance must extend beyond federal law to the diverse and in some states, more expansive definitions of securities under blue sky laws. Firms that recognize and adapt to this fractured enforcement landscape will be best positioned to mitigate risk and thrive in a period of heightened state-level activity.

Learn more