As cryptocurrencies and blockchain assets become more popular and begin to permeate into the wider financial markets, regulators have struggled to understand how they work and how to treat them under existing legal frameworks. From only a year or two ago when unregulated token offerings by largely unknown individuals were the norm, to last month's crackdown by the North American Securities Regulators Association on cryptocurrency exchanges in Canada, United States and Mexico and the recent subpoenas served by the U.S. Commodity and Futures Trading Commission on Bitstamp, Coinbase, itBit and Kraken, the scene is changing rapidly.

In Canada on August 24, 2017, the Canadian Securities Regulators (CSA) issued CSA Staff Notice 46-307 – Cryptocurrency Offerings on which we have commented previously. Canadian regulators echoed statements made by the U.S. Securities and Exchange Commission (SEC) in that many of the cryptocurrency offerings they had reviewed involved the offer and sale of securities and that securities laws would apply to these transactions. The notice discussed how offerings of cryptoassets which had the characteristics of securities would engage (a) prospectus requirements in connection with their distribution to the public; (b) registration requirements in connection with trading and advising with respect to these assets; (c) investment fund requirements in connection with pooled investments and (d) securities exchange requirements for marketplaces that dealt in security-type cryptoassets. The notice made clear that Pacific Coast Coin Exchange v. Ontario (Securities Commission)1 [Pacific Coin] was the operative test in Canada to determine whether a particular cryptoasset was a security or not based on whether it was an investment contract. The test is a four-prong one:

  1. an investment of money;
  2. in a common enterprise;
  3. with the expectation of profit; and
  4. to come significantly from the efforts of others.

The Canadian test is very similar to the U.S. test set out in S.E.C. v. Howey (W.J.) Co.2 [Howey] which rapidly became part of the crypto-world lexicon. Generally, this should not have raised many eyebrows.

The focus thereafter moved to whether a particular cryptocoin, cryptotoken or cryptoasset was a security or not and whether a particular ICO or ITO passed the "Howey test". Ever creative blockchain developers devised new cryptoassets that were colloquially called "utilities" or "utility tokens". These assets were designed to have a primary use or purpose (much like a ticket to a show or a token used in a vending machine) apart from any investment feature which furthered the argument that such assets should not be classified as securities.

On June 11, 2018, the CSA issued Staff Notice 46-308 – Securities Law Implications for Offering Tokens. The new notice largely reiterates the position set out 2017 with examples of how token offerings can be classified as securities offerings in certain situations. One interesting point that was addressed is the practice of some blockchain companies in giving tokens away for free to members of the public, termed by the industry an "air drop". Here, the Canadian analysis in Pacific Coin diverges slightly from Howey but ends up in the same place. Unlike the line of U.S. case law that suggests providing securities without consideration could still constitute regulated activity, the very heart of the Pacific Coin test requires an investment of money (or other valuable consideration). Add to that the definition of "trade" under the Securities Act (Ontario) which also pre-supposes or requires an exchange for consideration one would think that the air drop itself was safely outside the hands of the regulators in Canada as it could not be termed a security and certainly not a trade of a security. Not so fast!

The test in Pacific Coin is slightly broader than Howey. Even where all the elements of the four-prong test set out above have not been satisfied, Pacific Coin points out that securities regulators in Canada are mandated to additionally consider the policy objectives and the purpose of the securities legislation they are entrusted to administer (namely, the protection of the investing public by requiring full and fair disclosure) in drawing any conclusions. This acts a little like a contractual "basket clause". The Supreme Court of Canada has stated that substance, not form, is the governing factor in determining whether a contract (or group of transactions) is an investment contract.3 This approach has been stressed by the CSA from the start. The inquiry is highly contextual and regulators and courts are permitted to consider investment materials and the overarching business plans of the issuing entity(s) in their entirety, including the manner in which the investment was marketed to the public. So in an air drop situation, if the issuer pre-mines tokens or holds back tokens that it intends to sell into any trading market that develops for the air dropped coins later, the entire business plan can be classified as a securities issuance.

Although eyebrows may inch slightly upward, again the analysis is not unexpected. Then on June 11, 2018, William Hinman the Director of Corporate Finance at the SEC made some prepared remarks at the Yahoo Finance All Markets Summit in San Francisco and likely caused some eyebrows to meet hairlines. Mr. Hinman discussed why Bitcoin would generally not be considered a security. In the case of Bitcoin, there is no central authority to which investors look to for the provision of efforts to increase the value of this asset. Since this critical element is missing, Bitcoin cannot be considered a security and is more akin to a commodity. This view is widely held in the industry and the bar in both Canada and the United States. What was more interesting was Mr. Hinman's comments about Ether (the token used in connection with the Etherium network). Mr. Hinman concluded that Ether, like Bitcoin is generally not considered a security. This should be a welcome relief for the hundreds of platforms based on the Etherium network (that necessarily use Ether). If Ether was properly a security, all of them would be classified as derivatives—what a mess!

Mr. Hinman's comments were very well thought out and nuanced. The most surprising thing that came from them is the suggestion that Ether may have been a security at one point.

"[P]utting aside the fundraising that accompanied the creation of Ether, based on my understanding of the present state of Ether, the Ethereum network and its decentralized structure, current offers and sales of Ether are not securities transactions. And, as with Bitcoin, applying the disclosure regime of the federal securities laws to current transactions in Ether would seem to add little value. Over time, there may be other sufficiently decentralized networks and systems where regulating the tokens or coins that function on them as securities may not be required. And of course there will continue to be systems that rely on central actors whose efforts are a key to the success of the enterprise. In those cases, application of the securities laws protects the investors who purchase the tokens or coins.

I would like to emphasize that the analysis of whether something is a security is not static and does not strictly inhere to the instrument. Even digital assets with utility that function solely as a means of exchange in a decentralized network could be packaged and sold as an investment strategy that can be a security. If a promoter were to place Bitcoin in a fund or trust and sell interests, it would create a new security. Similarly, investment contracts can be made out of virtually any asset (including virtual assets), provided the investor is reasonably expecting profits from the promoter's efforts."

It would appear that an instrument can go from being a security to a utility and back again based largely on the context of the transactions around it. For example, imagine a blockchain startup that has a plan to develop a platform that will be accessed using their proprietary token. Offering the token to the public in advance of the platform being created would be an offering of securities as the token would be highly speculative and its value would depend on the developers making true on their promise to develop the platform and give it functionality. Offering the token after the platform is up and the system is sufficiently decentralized could assist in avoiding the security characterization.

If this is correct (and each case will be highly contextual and must be judged on its own merits) one could conceivably structure an advance offering of tokens pursuant to an exemption to the prospectus requirement such as to accredited investors. Sophisticated investors would be capable of assuming the risk in backing the venture and would ostensibly be able to negotiate terms (and sufficient disclosure) with the developers to structure the business plan into something palatable to all parties. Once the platform is up and operational and the system sufficiently decentralized, the tokens may lose their securities characterization thereby becoming freely tradable and a ready exit for the initial accredited investors. Of course, the trick would lie in determining when the system was sufficiently autonomous to bring it out of the securities law regime.

So the complexities mount. Not only are regulators grappling with unique instruments such as cryptocoins and tokens but also with the myriad of business structures and specific features of each individual offering and hybrids thereof. The basic taxonomy at least has started to emerge. With time and a great deal of thought a clearer regulatory picture will emerge but for now each case will require a detailed analysis on its own merits.