On August 18, 2025, the Governor of Illinois, JB Pritzker, signed the Senate bill 1797, promulgating, in his words, “the first-rate guarantees in the Midwest for cryptocurrency and other digital assets”.1 This law of Illinois is the law on digital assets and consumer protection (DACPA or the law), which establishes a regulatory framework of the state level of Illinois for centralized cryptography exchanges which have customers and certain other companies of digital assets operating in Illinois. DACPA will be administered and applied by the Illinois financial and professional regulation department (IDFPR).
The highlights of this bill include:
- Grant the IDPFR Authority to regulate and supervise digital asset companies and centralized digital asset exchanges under the DACPA and the existing corporate trustee law (205 ILCS 620).
- The establishment of consumer protections has complied with those that apply to traditional financial services, such as investment disclosure, customer asset guarantees and customer service standards.
- Require financial plans and adequate procedures to combat critical risks, including cybersecurity, fraud and money laundering, in accordance with regulations for traditional financial services.2
The information sheet boasts that more states implement the regulation of digital assets, notably New York and California.3Objectively, the promulgation of the DACPA seems to be politically motivated, on the basis of the statements of Governor Pritzker and other politicians of Illinois in the press release which accompanies it, like this: “While the Trump administration is writing the federal policy, the Illinois is implementing Sense protections, the Illinois sends a clear message that we do of our people and their hard -won assets. “4
Does Illinois have the resources to apply the DACPA, or even to process requests to register under the law? The tense resources of Illinois seem to indicate the opposite.
With regard to the IDFPR, nothing indicates that current staff have the resources, capacities or expertise in the digital asset industry to administer or apply DACPA effectively. With regard to its current limited resources, an examination of the measures to apply the banking division orders and measures to apply banks, trust companies and savings institutions reveal that the IDFPR has only brought the following number of shares in this area in the past five years: 2020, four actions; 2021, three; 2022, two; 2023, one; and 2024, four.5 Until now in 2025, IDFPR has brought two application measures. Of the 16 actions established since 2020, none of them seems to involve digital assets.6
With regard to the strengths of the DACPA, in particular in article 1-10 concerning applicability, article 1-10 (a) provides that the law governs the commercial activity of the digital asset of a person or an entity doing business in Illinois “to the extent not pre-empted by federal law”. Article 1-10 (b) (1) (a) continues to provide that the DACPA does not apply to the extent that the SECURITIES EXCHANGE ACT of 1934 governs activity as a transaction in securities and that the activity is regulated by the SEC or the Secretary of State of Illinois. In addition, article 1-10 (b) (1) (b) provides that the DACPA does not apply to the extent that the law on the exchange of goods governs activity and that the activity is regulated by the Commodity Futures Trading Commission (CFTC). Thus, from the start, the applicability of the DACPA is limited by federal preemption, the regulations by the SEC and the regulations by the CFTC. Although Governor Pritzker has not mentioned this, what remains of the DACPA may well be pre-empted by the so-called “clarity law” or by other federal legislation on digital assets in the congress.
For digital asset entities to which the DACPA applies, the scope of the law is quite wide. Article 1-15 provides for “general powers and tasks which include the following elements: the issue, the revocation or the suspension of the registration; Receive, consider, investigate and act on complaints made by any person linked to any commercial activity of digital assets in Illinois; the assignment of documents and witnesses and oblige their production and attendance; make orders; Examine the books and files of each covered person, entity, affiliate or service provider; enforce the provisions of the law and any law of state or federal applicable to the commercial activity of digital assets; to collect costs, fines and civil sanctions; to lead audiences; And more.
How will an Illinois state agency with limited and tense resources are trying to cover the resources necessary for the implementation and application of DACPA? It seems to do so by forcing the funding of industry. In article 1-20, the DACPA addresses the administration costs of this law. More specifically, it requires that the expenditure of the law, including those for surveys and examinations, be supported and evaluated in relation to persons regulated by the DACPA. Article 1-20 lists the ways in which the IDFPR may establish costs per rule, which include registration, examination and investigation fees. It is understood that these costs are imposed to generate income for use in the hiring of government staff to administer and police the DACPA.
The DACPA declares the requirements for the protection of customers in article 5. These protections include customer disclosure (section 5-5); Guard and protection of customer assets (section 5-10); requirements for covered exchanges (section 5-15); and additional requirements. Article 10 then indicates compliance requirements. These include policies and procedures (section 10-10) which cover the following elements: a cybersecurity program; a program of continuity of activities; a resumption program after claim; an anti-fraud program; an anti-money laundering program; a program of conflict of interest; And more. Article 15 provides registration requirements under DACPA. Article 20, addressing supervision, provides for surety bonds and capital and liquidity requirements. Article 20-5 requires a deposit or a trust account in US dollars in the form and amount determined by the IDFPR and the maintenance at any time of the capital and the liquidity of an amount and an IDPFR form determines is sufficient to guarantee the financial integrity of the registrant.
In conclusion, the DACPA requirements are quite wide and demanding. People carrying out a commercial activity of digital assets in Illinois or, wherever they are, which are committed or stood as engaging this activity for or with an Illinois resident, must register with the IDFPR by July 1, 2027, except exemption. The IDFPR may, by rule or order, create exemptions for the law. Exemption requests can and must be submitted by a competent legal advisor.
DACPA regulations are already free from exchanges or transfers of digital asset needles, decentralized exchanges (such as UNISWAP), software development, delivery of non -butties, mining and validation. Trade owned for its own account is not considered “exchange” and is therefore outside the scope of the law. Again, the DACPA and other similar laws could be pre -empted by the adoption of the law on clarity or another federal legislation. Until this happens, we are ready to interpret the law, to deal with inscriptions under the law, to request exemptions from the law, if necessary, and to defend the companies surveyed or accused of violation of the law.
Floor notes
1 and 1 See
2 See
3 and 3 Identifier.
4 See
5 See
6. Identifier.
The content of this article is intended to provide a general guide on the subject. Specialized advice should be wanted on your specific situation.
