With more than $3.4 billion raised worldwide, 2017 has arguably been the “Year of the Initial Coin Offering” (ICO), but recent signals from the Securities and Exchange Commission (SEC) and Commodity Futures Trading Commission (CFTC) suggest that companies seeking to conduct ICOs in the future may face challenges, and companies that already have conducted ICOs may be subject to liability. In a speech at the Institute on Securities Regulation on November 9, 2017, SEC Chairman Jay Clayton said, “I have yet to see an ICO that doesn’t have a sufficient number of hallmarks of a security.” Furthermore, the CFTC has stated that the coins issued in an ICO could be a commodity. Further, on December 11, 2017, Chairman Clayton released an extensive statement on cryptocurrencies and ICOs.
With this informal guidance in mind, ICOs may be due for a significant course correction in the months ahead. With the stratospheric rise in the value of Bitcoin, as well as the dramatic increase in ICOs, there has been significant regulatory scrutiny of ICOs, including through the SEC’s formation of a dedicated cybercrimes unit of its Enforcement Division.
This client alert provides an overview of the typical features of an ICO, addresses certain considerations of structuring an ICO to be a private placement of securities and discusses the potential implications if the SEC deems the typical ICO to be a securities offering.
A “coin” or a “token” is a virtual currency or cryptocurrency that has some form of value. These coins are maintained on a blockchain, also called distributed ledger technology, where every holder of a coin, in essence, has a virtual spreadsheet of all the other coins of the same type, and each coin has features akin to a virtual lock and a virtual key. A transaction will only occur when one party uses its key and the counterparty opens its lock, at which time, they join to create another link in the chain. Transactions are recorded chronologically, forming a chain that one could hypothetically trace back to the creation of the coin.
In an ICO, a company or decentralized organization creates its own tokens to provide exclusive access to a certain product or service that the seller provides; in other words, the tokens are the only currency accepted to pay for the seller’s product or service. When an ICO is structured in this way, the token is referred to as a “utility token.” A company that provides cloud-based storage services, for example, may require that its utility tokens—instead of U.S. dollars or another government-backed currency—be used to pay for its services. This feature provides the first of two significant incentives to purchase utility tokens: the purchaser believes there is value in the seller’s product or service to which the utility token provides access.
Other ICOs have been used to provide some type of revenue stream or ownership rights. For example, an ICO can be structured to entitle the purchaser to a share of future revenues of the enterprise, or revenues generated from a particular hard asset. This may allow someone to monetize an asset that otherwise would be illiquid. These coins may or may not entitle the holder to voting rights or other ownership traits that would normally attach to stock or a bond.
Not only can tokens be used for utility or revenue, but a secondary market has developed where utility tokens may be traded over online exchanges for fiat currencies (such as U.S. dollars), other utility tokens providing exclusive access to a different product or service or other virtual currencies (such as Bitcoin and Ethereum). The value of the utility token in the secondary market is tied to the perceived value of the product, service or underlying asset. Therefore, a purchaser has a direct interest in the seller’s success in developing such product or service. This marketplace provides the second significant incentive for purchasing utility tokens: the purchaser receives the opportunity to exchange the utility token at a future date for a different token or virtual currency at a higher value than what was originally paid.
Although ICOs vary in purpose and structure, most tend to share these fundamental features.
Until recently, there was no formal guidance from the SEC, CFTC or other regulators regarding an ICO’s regulatory compliance. In July 2017, however, the SEC released its Section 21(a) Investigative Report on The DAO, a virtual entity that raised approximately $150 million through an ICO in April and May 2016. The DAO was eventually hacked, losing one-third of its assets and causing it to return the amount paid for its tokens to certain purchasers. In its Investigative Report of the matter, the SEC determined that, depending upon the particular facts and circumstances, a token may be a security and an ICO may be a securities offering under federal securities laws.
To make such a determination with respect to the DAO tokens, the SEC examined the facts and circumstances of the DAO ICO in light of the test first applied in the seminal case of SEC v. W. J. Howey Co., 328 U.S. 293 (1946). Under the Howey test, an instrument is a security if: (1) there has been an investment of money, (2) in a common enterprise, (3) with the reasonable expectation of profits and (4) resulting from the managerial efforts of others. The SEC went on to explain that the DAO tokens were securities under the Howey test because: (1) the consideration used to pay for the DAO tokens was money; (2) the DAO was a common enterprise; (3) the purchasers of the DAO tokens expected to receive a portion of the value created by the DAO through its operational activities in the form of a dividend-like distribution; and (4) the DAO’s operations were sufficiently directed by individuals other than the purchasers and that the value created by the DAO resulted from the managerial efforts of others. In addition, the SEC noted that the exchanges upon which tokens are traded in the secondary market would have to be registered with the SEC as national securities exchanges under Section 6 of the Securities Exchange Act of 1934 if the tokens traded on those exchanges were securities.
Certain tokens may even more explicitly be securities. For example, Delaware recently became the first state to permit corporations to issue shares via distributed ledger technology. Furthermore, the stock exchange industry is heavily invested in blockchain technology, which indicates that once the laws catch up to technology, they may permit trading of shares through a distributed ledger. This may have a number of advantages, such as greater certainty about chain of title and eliminating the need for certain intermediaries such as transfer agents, depositaries and custodians. Down the road, it is quite possible that an IPO could be an ICO at the same time or that stock exchanges will require shares to be issued as tokens to ensure greater security.
Certain ICOs may not be securities offerings, and some tokens may not be securities. In addition to the SEC’s guidance, the CFTC has indicated that certain virtual currencies may be commodities and that ICOs may be subject to CFTC oversight. For example, Bitcoin Cash and Ethereum are mined and spent in a manner that probably makes them true currencies that may be commoditized, such as the Bitcoin futures exchange recently launched by the CBOE. Further, “utility token” ICOs might not be securities or commodities offerings if the tokens only allow services to be purchased or participation in something non-securities-related. Furthermore, a token might be both a security and a commodity at the same time, much like a hybrid swap, which would subject the ICO to two different regulatory regimes. A token may even shift its characteristics over time, starting its life as a security and eventually becoming a currency.
If an ICO is deemed to be a securities offering, it must be either registered with the SEC pursuant to the Securities Act of 1933 (the “Securities Act”) or exempt from registration.
An ICO must meet certain requirements of a private placement to qualify for an exemption from registration. Depending on the particular exemption relied upon, those requirements relate to, for example: (1) the information about the issuer, the issuer’s business and the offering that must be provided to potential investors; (2) the number of non-accredited investors permitted to participate in the offering; (3) the steps the issuer must take to confirm the accredited or non-accredited status of an investor; (4) the ability of the issuer to use advertising or general solicitation to promote the offering; (5) limits on the total amount that may be raised in the offering; (6) certain rights that must be provided to investors; and (7) restrictions upon the transferability of the securities. Complying with these requirements can be costly and time-consuming, but the consequences of failing to comply with them may include civil actions, criminal charges, a prohibition from participating in future securities offerings and/or personal liability to return invested funds to investors. Furthermore, issuers should remember to comply with state law registration requirements as well, and many states utilize a test other than the Howey test to determine whether or not an instrument is a security.
In addition to the guidance regarding the DAO, in December the SEC released a statement from Chairman Clayton highlighting a number of his concerns regarding ICOs, including:
These items lay out a roadmap of what the SEC’s Division of Enforcement is likely to focus on in connection with ongoing and future ICOs. This comes as little surprise, as a number of these have been priority items for the SEC for many years. Furthermore, the release includes a number of sample questions for main street investors to ask when investing in a cryptocurrency. These questions may help issuers in ICOs frame the disclosures made to potential investors.
If Chairperson Clayton’s recent statements are any indication, many issuers conducting ICOs will have to comply with securities laws. ICOs will, therefore, have to be structured in one of three ways: (1) as an offering registered under the Securities Act, (2) as an offering exempt from registration and compliant with private placement rules and regulations or (3) where the tokens offered are not securities.
It is certainly possible, and perhaps likely, that this evolving regulatory landscape will have a chilling effect on ICOs in 2018, since secondary market exchanges may be required to register with the SEC as national securities exchanges or alternative trading markets, regulatory compliance requirements increase the costs to issuers of conducting an ICO and non-securities-based ICOs lose their appeal to investors because they lack the potential to realize a return on investment. Companies with a continued interest in conducting an ICO will have the option of structuring the offering in a variety of ways, but should be mindful of the risks that have now been presented with a stricter application of securities laws, rules and regulations.
Furthermore, certain past ICOs may now be subject to liability. Various actions may be taken if a security is issued without either registration or an exemption from registration. For instance, under federal law and the laws of most states, an invalid offering is subject to a right of rescission or the ability of the holder to get their money back, plus statutory interest, from the issuer. In addition, the SEC or other regulators may bring enforcement actions. Last week, the SEC brought its first formal action against a fraudulent ICO, and we expect to see many more of these in the not-too-distant future.
The foregoing has been prepared for the general information of clients and friends of the firm. It is not meant to provide legal advice with respect to any specific matter and should not be acted upon without professional counsel. If you have any questions or require any further information regarding these or other related matters, please contact your regular Nixon Peabody LLP representative. This material may be considered advertising under certain rules of professional conduct.