Over the last 12 months, a growing number of start-ups, primarily those offering blockchain-based services, have raised capital utilizing so-called initial coin offerings or token sales (collectively referred to herein as ICOs). For a number of months, the fundamental question hanging over the ICO space was the view of the Securities and Exchange Commission (SEC) as to whether token sales were, in fact, securities offerings. On July 25, 2017, the SEC provided important initial guidance on its views when it released a Section 21(a) Report of Investigation on its findings regarding the token sale by The DAO in May 2016 (the Report).1 The SEC also simultaneously released an Investor Bulletin on ICOs (the Bulletin). Below, we provide a brief overview of ICOs, a summary of the SEC’s Report and Bulletin, and the ramifications for future ICOs.
The fundamental question hanging over the ICO space was the view of the SEC as to whether token sales were securities offerings.
In essence, an ICO involves the sale of a cryptocurrency “token” in return for which a purchaser might receive anything ranging from simple access to a future service once it is launched to rights in the profits generated by the venture. Most token purchasers, however, likely expect that they will earn a profit by selling their tokens once they appreciate in value. While some token issuers have acknowledged that they are offering and selling securities under U.S. law, the majority of token issuers have taken the position that their transactions do not involve the offer or sale of any security. These issuers generally publish a “white paper” describing the planned project and the parameters of the token sale; some are more forthcoming than others about the risks and terms and conditions of the proposed venture.
The DAO, one of the first ICOs, was based on the concept of a Decentralized Autonomous Organization. The idea behind these virtual organizations is to replace traditional organizational decision-making and governance with smart contract computer code on a blockchain. In the case of The DAO, a for-profit entity was established to sell tokens (DAO Tokens) to investors for the purpose of raising capital to make investments in future projects. Token purchases were made through the Ethereum cryptocurrency Ether (ETH). Those who purchased tokens during the one-month buy-in period in May 2016 were allowed to vote through computer code on which projects The DAO would invest in, with a majority vote required for a project to be funded. Importantly, token holders would also share in the earnings from the projects and could otherwise monetize their investments in DAO Tokens by reselling them on the secondary market. Token purchases were through pseudonyms, such that the identity of the purchasers was not known.
While The DAO touted its automated governance, there was also a critical human layer. A group of “curators” performed certain security functions but also decided which proposals the token holders would get to vote on, as well as the order and frequency of proposals.2
In its analysis of whether The DAO had improperly offered and sold securities, the SEC noted that new technologies do not remove conduct from the purview of U.S. federal securities laws and emphasized that “[a]ll securities offered and sold in the United States must be registered with the Commission or must qualify for an exemption from the registration requirements.” Furthermore, the SEC stated, “any entity or person engaging in the activities of an exchange must register as a national securities exchange or operate pursuant to an exemption from such registration.” Based on the facts and circumstances, the SEC determined that (i) DAO Tokens are securities under the Securities Act of 1933 (the Securities Act) and the Securities Exchange Act of 1934 (the Exchange Act), (ii) The DAO was required to register the offer and sale of DAO Tokens under the Securities Act unless a valid exemption from such registration applied, and (iii) any exchange on which DAO Tokens were traded was required to register under the Securities Act as a national securities exchange or operate pursuant to an exemption. Importantly, the SEC did not go so far as to categorize all tokens as securities and therefore subject all ICO issuers and the related exchanges to the applicable registration requirements. Instead, it noted that the determination depends on the particular facts and circumstances and economic realities of the transaction.
DAO Tokens Are Securities
The definition of “security” under Section 2(a)(1) of the Securities Act (and the nearly identical definition under Section 3(a)(10) of the Exchange Act) includes not only a number of specific types of financial instruments, such as notes, bonds, debentures and stock, but also broad categories of financial instruments, such as evidences of indebtedness and investment contracts. This ensures that the U.S. federal securities laws apply not only to the financial arrangements known to Congress at the time the primary statutes were enacted, but also to any prospective instruments created by those who seek the use of the money of others on the promise of profits.
Because they do not otherwise appear under the definition of security, the SEC sought to characterize The DAO tokens under the “investment contract” test initially adopted by the U.S. Supreme Court in SEC v. W.J. Howey Co.,3 where the Supreme Court defined “investment contract” as a contract, transaction or scheme in which (i) a person invests money in a common enterprise; (ii) with a reasonable expectation of profits; (iii) to be derived from the entrepreneurial or managerial efforts of others.
The SEC easily concluded that investors in The DAO had invested money (noting that an investment of value, such as the Ethereum cryptocurrency, was no different from cash). The SEC also easily found that investors reasonably expected profits, given that they were repeatedly informed in marketing materials that The DAO’s objective was to fund projects in exchange for a return on investment.
The key area of inquiry for the SEC was whether one could conclude that the investors were relying on the managerial efforts of others when they themselves had a direct role in voting on which projects would be funded. In making this determination, the SEC focused on whether the efforts of others were “the undeniably significant ones ... that affect the failure or success of the enterprise.”4 Here, the SEC found that the curators played the requisite role. The curators held themselves out as experts in, among other matters, the blockchain protocol, determined which projects would be voted on by DAO Token holders, addressed security issues and more generally held itself out in marketing materials as a group that investors could rely on for their managerial efforts.
The SEC also concluded that the voting rights of the DAO Token Holders was limited. In a critical sentence that could impact other ICOs relying on the active participation of token purchasers to avoid coming under the Howey test, the SEC noted: “[e]ven if an investor’s efforts help to make an enterprise profitable, those efforts do not necessarily equate with a promoter’s significant managerial efforts or control over the enterprise.” The SEC concluded that the voting rights of DAO Token holders was largely “perfunctory.” Since they could only vote on projects approved by the curators, token holders did not receive sufficient information to vote in a meaningful way, and there were no means to obtain additional information. Equally important, the SEC focused on the fact that because the widely dispersed DAO Token holders could not identify and effectively communicate with each other and there was a large number of them, they could not be deemed to be in a position to effectuate meaningful control.
In sum, because DAO Tokens were determined to be securities that were offered and sold to individuals in the U.S. without the benefit of a valid exemption from registration, the SEC concluded that The DAO was required to register the offer and sale of DAO Tokens, which it had failed to do.
Exchanges Offering DAO Tokens
A critical question that has been looming over the ICO sector is whether exchanges that allow token holders to exchange tokens need to register as a national securities exchange or operate pursuant to an exemption. The Report provides some thoughts on this issue as well. Section 3(a)(1) of the Exchange Act defines an “exchange” as any group or entity that “provides a market place or facilities for bringing together purchasers and sellers of securities or for otherwise performing with respect to securities the functions commonly performed by a stock exchange as that term is generally understood.” An alternative trading system (ATS) is commonly used and exempted from the definition of “exchange” under Section 3(a)(1) if it complies with Regulation ATS, which includes the requirement to register as a broker-dealer and file a Form ATS with the SEC to provide notice of its operations.
As the SEC notes, the functional test as to whether a trading system meets the definition of an exchange is whether it provides (i) a marketplace “for bringing together purchasers and sellers of securities or for otherwise performing with respect to securities the functions commonly performed by a stock exchange;” (ii) brings together the orders for securities of multiple buyers and sellers; and (iii) uses “established, non-discretionary methods under which such orders interact with each other,” and that are accepted by those trading on the exchange. Given the SEC’s view of DAO Tokens as securities, it follows that the SEC concluded that exchanges that allowed trading DAO Tokens should have been registered or availed themselves of a valid exemption.
Investor Bulletin on ICOs
When it released its investigative report, the SEC also released an Investor Bulletin cautioning investors about the potential risks of investing in an ICO:
- ICOs may inappropriately entice investors by guaranteeing high returns or low risk in a new technology and investment space;
- Virtual currency exchanges and other entities holding virtual currencies may be vulnerable to fraud, technical glitches, hacks and malware, and virtual tokens or currency may be stolen by hackers (see our July 19, 2017, client alert “Lessons From CoinDash Initial Coin Offering Hack”); and
- Although federal securities laws offer some degree of protection, in the event of fraud or theft, investors’ ability to recover may be limited. Many third-party wallet services, payment processors and virtual currency exchanges are located overseas or operate unlawfully. Additionally, it may be more difficult to trace the money, given that ICOs are decentralized and financial institutions are often not involved in the transactions. This may pose unique challenges for law enforcement officials and affect both the ability to recover funds and law enforcement officials’ ability to freeze or secure virtual currency.
The Bulletin also outlined several warning signs that investors should look for when considering participating in an ICO:
- Opportunities that guarantee outsized returns, especially those that advertise “little or no risk”;
- Unsolicited sales pitches (i.e., scenarios where the potential purchaser does not know the sender and did not request the information);
- Pressure to buy immediately or creating a sense of urgency;
- ICOs offered by unlicensed individuals or firms; and
- Lack of net worth or income requirements or investment limits, especially where the ICO involves the offer or sale of securities.
Finally, the Bulletin provided a list of useful questions that investors should consider before investing in an ICO:
- What will your money be used for?
- What rights do you get by virtue of holding the virtual coin or currency? (e.g., profit-sharing, voting rights, early access, etc.)
- Does the ICO offer a clear business plan?
In the event you want to get your money back, how and when can you do so?
- Can you get a refund from the company?
- Can you resell the coin or token?
- Are there any resale restrictions?
- Is the investment professional who is offering, transacting or advising on the ICO licensed or registered?
- Is the blockchain open and public?
- Has the blockchain code been published?
- Has there been an independent cybersecurity audit?
Statement of Divisions of Corporation Finance and Enforcement
In conjunction with the Report and Bulletin, the SEC’s Divisions of Corporation Finance and Enforcement issued a statement regarding ICOs. While lauding ICOs as a means to facilitate capital formation and provide investors with new investment opportunities, the statement notes that the SEC is “mindful of our obligation to protect investors and recognize that new technologies can offer opportunities for misconduct and abuse.” The SEC encouraged marked participants to consult with securities counsel when “employing new technologies to form investment vehicles or distribute investment opportunities.”
Although many expected the SEC to take a position on ICOs, some were surprised that the SEC elected to focus its investigative report on The DAO as opposed to one of the other ICOs or perhaps a token exchange. Others were surprised at the SEC’s decision to issue an investigative report as compared to bringing an enforcement action. However, we believe that few should be surprised by the SEC’s analysis of the issue at hand — namely, that certain ICO issuers are offering tokens in a manner that falls under U.S. securities regulations. As with any regulatory decision that is highly fact-specific, one must be cautious not to draw too many firm conclusions. Nonetheless, certain important points emerge from the Report:
- The SEC has made clear that the traditional approach to analyzing whether an offering is a security applies equally to the uses of new technologies such as ICOs offered through a blockchain. And, as most suspected, the SEC is closely watching this space.
- ICOs are not, by default, securities offerings. Rather, one must carefully review the expectations of the potential token holders and the rights they are afforded in light of the Howey test. Any potential ICO issuer who was ignoring the Howey test in structuring its offering is now on firm notice that it can no longer do so.
- The SEC did not address ICOs that offer token holders only the right to access a future service that has not yet been built (so-called “access tokens” or “utility tokens”). However, issuers of such tokens will need to find a way to encourage buyers to purchase such tokens without touting future returns, either explicitly or implicitly. Even for access tokens and utility tokens, the Howey test remains the touchstone for analyzing whether any transaction involves the offer and sale of a statutory security.
- The SEC took a strict view on the level of participation that is required by investors to avoid the Howey test prong of being “derived from the entrepreneurial or managerial efforts of others.” ICO issuers who felt that they could circumvent this prong by giving buyers some rudimentary role in the endeavor may need to look more closely at their offering.
- The Report serves as a clear reminder that any securities offered and sold in the United States, regardless of form, must comply with the federal securities laws, including the requirement to register with the SEC or to qualify for an exemption from the registration requirements (such as in a private placement pursuant to Regulation D).
- The Report is also a reminder that, absent an exemption, any exchange on which such tokens are traded may need to register as a national securities exchange or as an ATS. Furthermore, any person who receives compensation in connection with a token sale may be required to register as a broker-dealer. Similarly, any person who provides advice regarding the investment in or value of the tokens may be required to register as an investment adviser. Additionally, a company or fund that purchases tokens must be aware that it potentially could be deemed an investment company under the Investment Company Act of 1940.
1 Release No. 81207 / July 25, 2017.
2 Although not directly relevant to the SEC’s analysis, a couple of weeks after The DAO token offering ended, an individual or group found a flaw in The DAO’s code that allowed it to redirect approximately one-third of the total Ethereum raised by The DAO offering to an address controlled by the attacking group. This required a major code “fork” to the Ethereum blockchain to address the issue. The incident generated considerable negative attention on The DAO offering.
3 SEC v. W.J. Howey Co., 328 U.S. 293, 301 (1946).
4 Citing SEC v. Glenn W. Turner Enters., Inc., 474 F.2d 476, 482 (9th Cir. 1973).
This memorandum is provided by Skadden, Arps, Slate, Meagher & Flom LLP and its affiliates for educational and informational purposes only and is not intended and should not be construed as legal advice. This memorandum is considered advertising under applicable state laws.