Many initial coin offerings (ICOs) have recently raised large amounts of capital without the regulatory constraints of traditional initial public offerings (IPOs) and other capital-raising strategies. On July 25, the U.S. Securities and Exchange Commission (SEC) reminded the industry and so-called "disruptors" that federal securities laws may apply to some of these offerings.
ICOs have been described as a new business construct that allows an organization launching a business based on blockchain technology to raise operating funds without the regulatory constraints and requirements that are applied to a traditional underwritten IPO. Being apparently outside the regulatory framework made ICOs very attractive as a fundraising tool. The SEC has made it clear, however, that some ICOs are subject to the full panoply of the securities laws. ICO market participants must now discern between those ICOs that may continue without regulatory constraints without missing a beat and those that must conform to the U.S. securities laws. This treatment is not elective or optional - if the ICO involves the offering of a security, the ICO must be done in accordance with established securities law requirements or proceed under an exemption if available.
SEC Issues Pronouncements
On July 25, the SEC issued a flurry of commentary, including, first and foremost, a Report of Investigation Pursuant to Section 21(a) of the Securities Exchange Act of 1934 (the Report). The Report described an SEC investigation of The DAO, a now-defunct virtual organization, and its use of distributed ledger, or blockchain, technology to facilitate the offer and sale of "DAO Tokens" to raise capital.1 The Report was introduced through a news release, which also referenced an investor bulletin describing the SEC's analysis of ICOs.
For those who hoped that the SEC would allow cryptocurrency and ICO markets to evolve unregulated, their hopes were dashed by the report and the bulletin. The SEC did not outlaw ICOs by any stretch of the imagination, but it did indicate that, depending on the facts and circumstances, an ICO may indeed involve an offering of securities. In that case, organizations that proceed without registering with the SEC or that structure the offering in such a manner so as to qualify for an exemption from registration will violate federal securities laws. The remedies for such a violation include rescission of the offering, cease-and-desist orders, fines and penalties, bans from participating in the securities industry, bans on serving as an officer or director of a public company, and, in the most egregious cases, referral to the local U.S. Attorney for possible criminal prosecution. So, whether an offering involves a "security" is a very important initial determination.
A Brief Primer
The key that unlocks the regulatory oversight and control by the SEC is the offer, sale, purchase, solicitation or other activity involving "securities." Although federal laws include definitions of what constitutes a "security,"2 courts have interpreted the term broadly to encompass a wide variety of investment arrangements. Importantly, the Report confirms the longstanding federal securities law principle that it does not matter what name a promoter of an investment gives to "what" is being offered and sold - what matters are the underlying characteristics of what is being offered. Just because an ICO says it involves the sale of "tokens" or "coins" and investors are not offered something explicitly called "shares," "stock" or "securities" is irrelevant - the label does not control whether the offerings are securities subject to regulation by the SEC and state securities law agencies. The SEC and courts use a "principles-based" approach to this determination, which, by its very nature, is extremely flexible and enables the regulator to address activity through the characterization of an instrument as a security.3 Needless to say, there are no "bright lines" as a result.
If an instrument or interest is a security, then its offer and sale is regulated by the Securities Act of 1933, and registration with the SEC will be required unless an exemption is available. Registration of a traditional underwritten public offering is time consuming and expensive, and, once an issuer becomes public, it becomes subject to extensive reporting requirements pursuant to the Securities Exchange Act of 1934.
On the exemption front, the most commonly used exemption is the so-called "private placement" exemption, codified under SEC Regulation D. In contrast to a public offering, in which anyone is eligible to invest, a private placement is limited to "accredited investors," which are wealthy individuals and institutions, and does not require any specified disclosures or audited financial statements. Whether issued through a public offering or a private placement, if the instrument is a security and is held by more than 2,000 holders of record or more than 500 nonaccredited investors (subject to certain exceptions), the issuer will be subject to extensive reporting requirements pursuant to the Securities Exchange Act of 1934.
Obviously, neither SEC registration nor an exempt offering provides the same freedom of action and limited expense and time to completion as compared to an unregulated ICO. After July 25, an ICO will not be subject to securities offering regulation only if the tokens being offered and sold are not "securities." So the trick is to determine the characteristics that will cause an ICO coin offering to involve a "security."
In the Report, the SEC concluded that the tokens offered and sold by The DAO in its ICO, which generated approximately $150 million of proceeds, were securities that were required to be registered with the SEC, and, as they were not registered, they were issued in violation of the federal securities laws. The Report makes clear that the SEC believes, depending on the specific facts and circumstances, that blockchain tokens can constitute "securities," and, when they are, they are subject to regulation.
The SEC based its finding that DAO Tokens were securities on the "investment contract" rubric initially articulated in the 1946 U.S. Supreme decision of SEC v. W. J. Howey Co., which is now referred to as the Howey test. Under Howey, a financial arrangement will be characterized as an "investment contract" and treated as if it were a security if it involves an investment of money, or other tangible or definable consideration, in a common enterprise with a reasonable expectation of profit to be derived primarily from the entrepreneurial or managerial efforts of others. The form (whether there is a certificate, voting rights, defined equity participation, etc.) is irrelevant. The principles laid down by Howey are seminal and instructive.
Purchasers of DAO Tokens did not purchase interests in a company in the conventional sense, but the SEC had no difficulty concluding that The DAO was an "issuer." Although there was no entity per se formed under state law, such as a corporation or partnership, that had acted as the issuer, the SEC determined that The DAO, as an unincorporated organization, and its founders and others that participated in the ICO, constituted an "issuer" for securities law purposes.
The purchase of tokens through payment of Ether cryptocurrency satisfied the "investment of money" prong of the Howey test. The fact that The DAO promised investors a share of profits earned on projects in which the collective funds of The DAO were invested satisfied the "common enterprise" and "reasonable expectation of profits" prongs of the Howey test. The "investment of money," "common enterprise" and "reasonable expectation of profits" prongs are likely to be satisfied in many, but certainly not all, ICOs.
"Efforts of Others"
The key aspect of the Howey analysis for ICOs is whether the potential future profits would be "derived from the entrepreneurial or managerial efforts of others."4 The DAO described itself as autonomous, which implied that The DAO included no entrepreneurial or managerial efforts of others. In the Report, the SEC did not accept that conclusion. The SEC determined that the organization and people that created The DAO also actively marketed The DAO (including operating a website that promoted The DAO and operating online forums discussing The DAO), selected the "Curators" (who vetted proposals before they were voted on by DAO Token holders), monitored The DAO's operation, and took public actions when The DAO's operations encountered difficulties.
While the Curators did not have the full power of a conventional corporate board, by selecting and crafting proposals for votes by DAO Token holders, they exerted significant managerial control over The DAO. Since the Curators were selected by the creators of The DAO, who also directly expressed their ongoing views though postings made available on public forums, it is reasonable to say that, in addition to overtly promoting The DAO as an investment (including arranging in advance of the ICO for a secondary trading market for DAO Tokens), The DAO's creators also exerted considerable managerial control. The managerial power and influence of The DAO's creators in the view of the SEC or severely undercut the argument that The DAO was autonomous and led the SEC to conclude that potential future profits of DAO Token holders were in fact substantially dependent on "the entrepreneurial or managerial efforts of others."
DAO Token holders did have voting rights, which might have shown that managerial control of The DAO was held directly by them. The SEC concluded that those voting rights were of limited power and utility, and that DAO Token holders were not able to exert direct managerial control. DAO Token holders were quasi-anonymous, with no ability to contact each other or to form groups able to exercise voting rights or managerial control. Because the Curators vetted proposals before a vote, DAO Token holders had little to no meaningful ability to take actions undesired by the Curators or The DAO founders. The founders were able to create proposals that were purposely vague and were subsequently approved by the DAO Token holders. The actual voting process was designed in such a way that a proposal submitted to a vote was likely to be approved.
The SEC concluded that DAO Token holders did not have effective managerial control over The DAO, which further facilitated a conclusion that the efforts of the founders and the Curators were the "undeniably significant ones, those essential managerial efforts which affect the failure or success of the enterprise."5
Because The DAO pooled investor money and then made investments in other initiatives on a commingled basis, the Investment Company Act of 1940 was also implicated by the arrangement. If you take a step back and look at the arrangement, it really was no different than a standard private investment fund that happens to poll its investors for advice before committing capital. That is an archetypical investment company, for which either an exemption must be found or for which a separate registration under the Investment Company Act of 1940 would need to be filed.
Also unaddressed here are the tax implications of The DAO structure. Even though it is unincorporated, it still nevertheless is an association of some sort, and that will attract an entity-level tax. Subchapter M (which is the conduit tax rule that mutual funds rely on) is only available if the entity has registered under the Investment Company Act of 1940.
Broker-Dealer and Securities Exchange Considerations
The person promoting the sale of the coin or token may need to be registered as broker-dealer with the SEC and with the Financial Industry Regulatory Authority (FINRA). It is often mistaken that, if the promoter is not taking a "commission," then the promoter is not acting as broker or underwriter. That is not the law. The presence of a commission or transaction-based compensation is usually indicative of broker-dealer status; however, the converse is not necessarily true. A person may still be acting in the capacity of a broker and be subject to licensure and regulation notwithstanding the absence of transaction-based compensation.
Once the coins or tokens are issued, then the question becomes what happens if they are traded in the secondary market. If the coins or tokens are not "securities," then the securities laws will not restrict secondary trading. If the coins or tokens are "securities," then, in order for secondary trading to take place, either the initial issuance of the security needs to be registered under the Securities Act of 1933 or an exemption from registration must be applicable and any restrictions on transfers must have lapsed.6 If, on the other hand, the exchange is listing a coin or token for purchase and that coin or token for purchase is determined to be a security, then the exchange is most likely required to be licensed as a broker-dealer and as a national securities exchange or as an alternative trading system, depending on the functionality of the exchange.
All of this regulation, including the potential application of U.S. securities laws, means that many ICOs will need to be either offered and sold in the United States to accredited investors only or offered and sold only outside the United States to non-U.S. persons in order to be exempt from the reach of U.S. securities laws. The fundamental question is, therefore, "is the instrument a security?" If the "coin" or "token" being issued meets the Howey test, then it is a security from inception. If, on the other hand, it does not meet all elements of the Howey test, then it may not be a security.
Does the coin or token provide the purchaser with the mere opportunity to access and use a technology protocol, similar to purchasing an access key in order to unlock software installed on a device? Those types of tokens that allow "participation" (including potentially future releases and access to changes of the software) and do not otherwise include any investment interests may very well not be securities. There are certainly other types of tokens that do not implicate the Howey test and would therefore not be considered to be securities.
The Report creates a potential roadmap for determining whether an ICO has a "reasonable expectation of profits to be derived from the entrepreneurial or managerial efforts of others." Taking the SEC's views at their broadest, in order for an ICO not to constitute a security, there can be no substantial involvement of a promoter, founder or other centralized governing body in the management or ongoing activities of the ICO organization, and managerial control must effectively be exercised by the token holders. If the tokens can be traded and this trading involves an asset that meets the Howey test, then it is likely that the SEC's jurisdiction will be implicated. As the Report clearly illustrates, the conclusion is very fact specific and highly dependent on the particular features of technology protocol and the associated coin or token.
The SEC has made it clear that it is the responsibility of the offeror in the ICO, the exchange on which the coins are traded, and the purchaser of the coins to evaluate whether or not the "coin" being purchased in the ICO is an "investment contract" or "security" subject to regulation under the U.S. securities laws. Because of the complexity of the issues involved, qualified securities counsel should be consulted before determining whether to proceed, regardless of whether you are a promoter, an issuer, a financial intermediary or an investor.
Another way to look at this is: Should the issuer "embrace regulation," concede the status of the coin or token as a security, and meet all of the requirements laid out by the law, rather than spend thousands of dollars trying to avoid regulation especially when these efforts may not be successful? The rigor and formality of the IPO process is designed to make it more difficult for fraud to occur. That does not mean that innovation cannot streamline that process. The SEC has made it clear, though, that it is not going to stand idly by and allow an ecosystem to develop outside of the scope of the applicable securities laws absent direction from Congress.