The Legal Status of DAOs in 2026
A decentralised autonomous organisation is, in the most common legal analysis, not an organisation at all. It has no legal personality. It cannot own property, enter contracts, or be sued as an entity. Its participants may be legally indistinguishable from partners in an unincorporated business, which in most jurisdictions means they bear unlimited personal liability for the organisation's obligations.
That is the default position. The gap between how DAOs present themselves — as collectively governed, decentralised, autonomous — and how they are treated by legal systems that were not designed with them in mind is one of the more practically significant unresolved questions in crypto regulation. Progress has been made, but it is uneven, and the legal landscape in 2026 remains genuinely fragmented.
The Liability Problem
The core legal problem with an unrecognised DAO is liability allocation. When something goes wrong — an exploited smart contract, a failed investment, a regulatory violation — who is responsible?
In the absence of a legal entity, the answer defaults to the individuals involved. Common law jurisdictions generally treat unincorporated associations as either general partnerships, where all members share unlimited liability, or as some form of joint venture. Neither is a comfortable legal position for participants who may have joined a DAO by purchasing governance tokens with no intention of taking on personal liability for the organisation's activities.
The CFTC enforcement action against the Ooki DAO in 2022 made this concrete. The Commission filed suit against the Ooki DAO — which had no legal entity, no registered office, and no identifiable management — and served process on it via a help bot and a governance forum post. A federal court ruled that the DAO had been properly served and entered a default judgment against it. The judgment could not be easily enforced against the DAO as an entity, but the case established that regulators are willing to pursue enforcement against DAOs directly, and that the individuals behind them face exposure.
The Wyoming Experiment
Wyoming was the first US state to create a legal structure specifically for DAOs, through legislation that came into effect in 2021. The Wyoming DAO LLC provides limited liability protection to DAO members while allowing the organisation to operate under smart contract governance rather than traditional management structures.
The Wyoming model has attracted genuine interest and some significant adoptions. Several protocol foundations and DeFi governance organisations have incorporated as Wyoming DAO LLCs. The structure provides a legal identity, which allows the DAO to open bank accounts, enter contracts, and own property. It provides limited liability protection to token holders, which eliminates the general partnership exposure. And it is relatively flexible about governance, permitting the operating agreement to defer to on-chain smart contract mechanisms.
The limitations are also real. Wyoming law requires some form of physical presence or registered agent in the state. The interaction between Wyoming DAO LLC law and federal law — particularly the question of whether governance tokens constitute securities under federal law — is not resolved by the state structure. And perhaps most significantly, Wyoming's limited liability protection applies in Wyoming; how a federal court or another state's court would treat the liability shield has not been fully tested through litigation.
The Marshall Islands, Tennessee, Vermont, and Utah have introduced comparable structures. None has emerged as a clear winner for DAO incorporation, and the lack of convergence on a standard approach creates ongoing uncertainty.
The Foundation Model
The most common approach taken by significant DeFi protocols is not US-based DAO incorporation but the establishment of a foundation entity in a jurisdiction with favourable regulatory treatment.
The Cayman Islands foundation company has become a popular structure for DeFi protocol governance. It is a non-member entity that can hold assets, enter contracts, and provide a legal face for interactions with the traditional world, while being structured to act in the interests of the protocol's community rather than having conventional shareholders. The Swiss association and foundation models have served a similar function, as has the Marshall Islands non-profit.
These structures provide legal personality and reduce the direct liability exposure of token holders, but they create their own tensions. A foundation that exercises genuine control over a protocol's direction is harder to characterise as decentralised. A foundation that is genuinely decentralised — that truly cannot direct the protocol because governance is fully on-chain — may struggle to provide the practical legal functions a foundation is supposed to perform.
The SEC has focused on this tension in its analysis of governance tokens. Where a foundation or development team retains meaningful influence over a protocol's direction, the Howey test analysis shifts: token holders who depend on the efforts of that team to generate value may be holding investment contracts, not governance instruments.
The SEC's Token Classification Problem
The legal status of DAO governance tokens under US securities law remains one of the most practically significant unresolved questions for the sector.
If governance tokens are securities, then their issuance, trading, and distribution must comply with federal securities laws. Unregistered issuance of securities is a serious violation. The platforms on which unregistered securities trade may themselves be operating as unregistered securities exchanges. The compliance implications cascade.
The SEC's position, articulated through enforcement actions rather than formal rulemaking, has been that most governance tokens meet the Howey test: they involve an investment of money in a common enterprise with an expectation of profit derived from the efforts of others. The agency has pursued actions against specific token issuers on this basis without resolving the question broadly through regulation.
The Ripple decision by the Southern District of New York in 2023, which found that secondary market sales of XRP to retail investors did not constitute securities transactions even though the original institutional sales did, introduced nuance that the SEC continues to contest. The question of when a token transitions from a security to a non-security as a network becomes more decentralised is legally unresolved and practically critical for governance token design.
The CLARITY Act, which progressed through the US legislative process in 2024 and 2025, attempts to provide a statutory framework that would classify sufficiently decentralised tokens as commodities rather than securities. Its implementation, if completed, would resolve some of this uncertainty, but the legislation's passage and the rule-making required to implement it remain pending as of mid-2026.
How Courts Have Handled DAO Disputes
Beyond regulatory enforcement, the question of how courts handle internal DAO disputes — between token holders, between the DAO and external counterparties, between a DAO and its developers — is being worked out case by case.
The general approach of US courts has been to look through the DAO structure to the identifiable individuals behind it. In the absence of a recognised legal entity, courts have treated DAOs as general partnerships or unincorporated associations and applied the relevant state law. This means that individuals who were never intending to be partners — who simply held governance tokens — may find themselves treated as such in litigation.
The UK has shown greater judicial flexibility. A 2023 High Court ruling allowed service of process on members of a DAO through NFT airdrop, acknowledging that traditional service mechanisms cannot reach a DAO as an entity. The court's willingness to adapt procedural rules to the practical reality of DAO governance structures reflects a pragmatic approach that some other jurisdictions have been slower to adopt.
Arbitration clauses embedded in smart contract terms of service have been used to attempt to route DAO disputes away from court entirely. The enforceability of these clauses — when a user may not have read the terms, may not have understood that interacting with a smart contract constituted agreement to arbitrate, and may be in a jurisdiction where the arbitration clause is not recognised — is unresolved.
Where This Leaves DAO Operators
The practical position for teams building and operating DAOs in 2026 is one of managed legal uncertainty rather than resolved clarity.
The minimum defensible position for a DAO with significant operations — one that holds treasury assets, employs contributors, enters vendor relationships, and has meaningful user interaction — is to have a legal entity somewhere. The choice of jurisdiction depends on the specific activities, the geographic composition of participants, and the regulatory environment the DAO's primary operations touch.
Pure governance functions — on-chain voting on protocol parameters — can plausibly be structured to sit within the DAO without passing through a legal entity. The functions that require interacting with the traditional world — banking, contracts, employment, taxes — need a legal home.
The design choices made at the outset of a DAO's operation affect legal outcomes significantly. A DAO that is genuinely decentralised from inception, with no founding team retaining privileged control, is in a structurally different legal position than one that is nominally decentralised but operationally controlled by a small group. Designing for genuine decentralisation is both a technical and legal exercise, and the distinction between the two is increasingly scrutinised.
The legal frameworks are developing, but they are developing slowly and inconsistently across jurisdictions. Teams operating in this environment need legal counsel who understand both the technology and the applicable law — a combination that is less rare than it was five years ago but still not abundant.
This article reflects Daniel Reeves' analysis of regulatory and legal developments and does not constitute legal advice.