()

First, it was digital currencies like bitcoin. Then, it was distributed ledger technologies like blockchain. Now, another potentially groundbreaking innovation from this same community of technologists has vaulted to the forefront and taken center stage—the Initial Coin Offering, or ICO.

An ICO is a decentralized method for funding digital start-up projects. Similar to crowdfunding, an ICO allows the project developers to circumvent traditional sources of initial capital, such as banks or venture capitalists. Instead, the developers raise money by issuing digital “tokens” to investors in exchange for digital currency, like bitcoin or ether. In return, the tokens typically entitle the investor to certain rights, such as the right to buy and sell goods and services offered by the project, or the right to share in the future profits of the project. A clear benefit of an ICO is that it allows project developers to tap into a vast pool of tech-savvy investors at a very early stage—sometimes when the digital product being developed is nothing more than an idea on a page.

And the money is pouring in. In the first half of this year alone, ICOs have raised over $1.2 billion in funding, which far exceeds the amount raised through traditional venture capital financing. Tokens are being snapped up at a feverish pace. One recent ICO raised over $35 million in under 30 seconds. Another set a record in September by raising over $257 million. As the numbers indicate, the ICO market is red hot and is showing no signs of slowing down. Celebrities are even starting to get into the mix; Floyd Mayweather and Paris Hilton have each promoted particular ICOs on social media within the past month.

All of this froth has spawned a Wild West atmosphere where investors are throwing money at what can be, at best, unproven technologies and, at worst, outright scams. Speculators who have little interest in the technologies and are just looking to cash in on short-term upticks in token prices are driving prices ever higher. Indeed, the situation has already been compared unfavorably to the dot.com bubble of the 1990s, prompting many to call for basic regulatory guidance to reign in the lawlessness.

Enter the SEC. On July 25, 2017, the SEC stepped in to fill the regulatory void, issuing a report which stated that tokens may be regulated as securities under certain circumstances. But now that the sheriff has arrived, what can we expect?

Brief History of ICOs

ICOs existed for several years before the SEC weighed in on the subject. The earliest ICOs primarily funded the creation of alternative digital currencies to compete with bitcoin. In exchange for an investment of bitcoin, investors would receive a certain amount of the new digital currency being launched—hence the name Initial Coin Offering. For example, the very first ICO was completed in July 2013 and raised over $600,000 in bitcoin to fund the creation of a digital currency called Mastercoin.

In the past two years, however, developers have been moving away from creating new alt-coins and are instead developing decentralized applications (or DApps) that offer investors digital goods or services that can be paid for with so-called “utility tokens” or “app coins.” The recent ICO for the digital start-up Brave provides a helpful example. Brave is a web browser that automatically blocks ads and trackers. Brave users must use Brave’s proprietary token, the Basic Attention Token (or BAT), to pay for these ad-free browsing services. Brave’s ICO earlier this year raised over $35 million in ether from investors who received BATs in return. Hence, the ICO provided Brave with additional capital to further develop its product, and provided investors with tokens that allow them to pay for the ad-free services offered by the Brave web browser.

Utility tokens such as the BAT have a value beyond their functional value; they have speculative value as well. To borrow a “real world” example that has been used to explain this concept, consider the launch of a new casino. To drum up enthusiasm for the opening of the casino, the casino decides to sell a limited supply of its own gambling chips to customers in exchange for cash. The chips are the equivalent of a utility token with a functional value—they serve as a currency within the casino and give the customer the right to use the services offered by the casino; namely, the right to gamble at the casino’s tables. But if the hype surrounding the launch of the new casino grows and prospective investors believe the expected value of the casino will increase over time, then the chips have speculative value as well. Investors will purchase the chips not because they want to use the chips to gamble at the casino, but so they can trade the chips on the secondary market to realize a profit. In this situation, where chips are being issued and purchased primarily for speculation, they start looking less and less like pure utility tokens that derive their value from their functionality, and more and more like securities that derive their value from the expected success of the casino.

The SEC Steps In

As token offerings started showing some of the same attributes as securities offerings, many commentators assumed that it was only a matter of time before the SEC stepped in to regulate tokens as securities. The collapse of the Decentralized Autonomous Organization (The DAO) in 2016 provided the SEC with its opportunity.

The DAO was a for-profit entity that sponsored digital start-up projects. Developers submitted various project proposals to The DAO to obtain funding. Investors in The DAO purchased DAO tokens, which entitled them to vote on which projects would receive funding. The tokens also entitled the investors to receive a share of the profits generated by DAO-funded projects. Soon after The DAO completed its ICO in May 2016, a hacker exploited a flaw in The DAO’s code and diverted approximately one-third of the $150 million raised by the ICO. The developers of The DAO reimbursed the investors, but The DAO itself disappeared.

The SEC used The DAO as a test case to work through the thorny question of whether a token is a security. In its final report, issued on July 25, 2017 (the DAO Report), the SEC concluded that DAO tokens were, indeed, securities under the federal securities laws. In reaching that conclusion, the SEC analyzed the DAO tokens under the familiar test articulated in SEC v. Howey defining an “investment contract” under the securities laws; namely, one that involves (1) an investment of money, (2) in a common enterprise, (3) with a reasonable expectation of profits, (4) to be derived from the efforts of others. The DAO tokens met the first three factors fairly easily. The fourth Howey factor was less straightforward because it was not immediately apparent that profits of The DAO were derived from the managerial efforts of others, especially since the investors voted on which projects to fund. Ultimately, the SEC concluded that the fourth factor was met and that DAO tokens satisfied the Howey test.

The Enforcement Horizon

With the release of the DAO Report, the SEC has issued a clear warning signal that no amount of innovative technology will exempt ICOs from federal securities laws—if a token looks and acts like a security, it will be regulated as one. However, the SEC stopped short of labeling all tokens as securities and all ICOs as securities offerings. Rather, the SEC opted for a case-by-case approach, stating that the determination “will depend on the facts and circumstances, including the economic realities of the transaction.”

Now that the SEC has arrived on the scene, the two immediate questions are, what will ICO issuers do in response and what will the SEC do next? As to the first question, we already have some preliminary answers. While some token developers are attempting to comply with U.S. securities laws, far more have chosen to locate their projects in overseas jurisdictions and not to market their tokens to U.S. citizens, and to specifically design their tokens to fall outside of the Howey test. This solution has recently become more of a challenge, as several other countries, including Singapore, Canada and Hong Kong, have followed the SEC’s lead and indicated that they will start regulating tokens as securities.

As to the second question, we can only speculate. Now that the SEC has issued its warning, it seems logical to assume that it will be looking for an appropriate test case to bring an enforcement action. A case where investors suffered a large quantifiable harm and where the token easily passes the Howey test would, of course, be preferable. Beyond that, what the case will look like remains to be seen. But the message of the DAO Report is clear: The sheriff is now in town and is looking to impose a little law and order.

First, it was digital currencies like bitcoin. Then, it was distributed ledger technologies like blockchain. Now, another potentially groundbreaking innovation from this same community of technologists has vaulted to the forefront and taken center stage—the Initial Coin Offering, or ICO.

An ICO is a decentralized method for funding digital start-up projects. Similar to crowdfunding, an ICO allows the project developers to circumvent traditional sources of initial capital, such as banks or venture capitalists. Instead, the developers raise money by issuing digital “tokens” to investors in exchange for digital currency, like bitcoin or ether. In return, the tokens typically entitle the investor to certain rights, such as the right to buy and sell goods and services offered by the project, or the right to share in the future profits of the project. A clear benefit of an ICO is that it allows project developers to tap into a vast pool of tech-savvy investors at a very early stage—sometimes when the digital product being developed is nothing more than an idea on a page.

And the money is pouring in. In the first half of this year alone, ICOs have raised over $1.2 billion in funding, which far exceeds the amount raised through traditional venture capital financing. Tokens are being snapped up at a feverish pace. One recent ICO raised over $35 million in under 30 seconds. Another set a record in September by raising over $257 million. As the numbers indicate, the ICO market is red hot and is showing no signs of slowing down. Celebrities are even starting to get into the mix; Floyd Mayweather and Paris Hilton have each promoted particular ICOs on social media within the past month.

All of this froth has spawned a Wild West atmosphere where investors are throwing money at what can be, at best, unproven technologies and, at worst, outright scams. Speculators who have little interest in the technologies and are just looking to cash in on short-term upticks in token prices are driving prices ever higher. Indeed, the situation has already been compared unfavorably to the dot.com bubble of the 1990s, prompting many to call for basic regulatory guidance to reign in the lawlessness.

Enter the SEC. On July 25, 2017, the SEC stepped in to fill the regulatory void, issuing a report which stated that tokens may be regulated as securities under certain circumstances. But now that the sheriff has arrived, what can we expect?

Brief History of ICOs

ICOs existed for several years before the SEC weighed in on the subject. The earliest ICOs primarily funded the creation of alternative digital currencies to compete with bitcoin. In exchange for an investment of bitcoin, investors would receive a certain amount of the new digital currency being launched—hence the name Initial Coin Offering. For example, the very first ICO was completed in July 2013 and raised over $600,000 in bitcoin to fund the creation of a digital currency called Mastercoin.

In the past two years, however, developers have been moving away from creating new alt-coins and are instead developing decentralized applications (or DApps) that offer investors digital goods or services that can be paid for with so-called “utility tokens” or “app coins.” The recent ICO for the digital start-up Brave provides a helpful example. Brave is a web browser that automatically blocks ads and trackers. Brave users must use Brave’s proprietary token, the Basic Attention Token (or BAT), to pay for these ad-free browsing services. Brave’s ICO earlier this year raised over $35 million in ether from investors who received BATs in return. Hence, the ICO provided Brave with additional capital to further develop its product, and provided investors with tokens that allow them to pay for the ad-free services offered by the Brave web browser.

Utility tokens such as the BAT have a value beyond their functional value; they have speculative value as well. To borrow a “real world” example that has been used to explain this concept, consider the launch of a new casino. To drum up enthusiasm for the opening of the casino, the casino decides to sell a limited supply of its own gambling chips to customers in exchange for cash. The chips are the equivalent of a utility token with a functional value—they serve as a currency within the casino and give the customer the right to use the services offered by the casino; namely, the right to gamble at the casino’s tables. But if the hype surrounding the launch of the new casino grows and prospective investors believe the expected value of the casino will increase over time, then the chips have speculative value as well. Investors will purchase the chips not because they want to use the chips to gamble at the casino, but so they can trade the chips on the secondary market to realize a profit. In this situation, where chips are being issued and purchased primarily for speculation, they start looking less and less like pure utility tokens that derive their value from their functionality, and more and more like securities that derive their value from the expected success of the casino.

The SEC Steps In

As token offerings started showing some of the same attributes as securities offerings, many commentators assumed that it was only a matter of time before the SEC stepped in to regulate tokens as securities. The collapse of the Decentralized Autonomous Organization (The DAO) in 2016 provided the SEC with its opportunity.

The DAO was a for-profit entity that sponsored digital start-up projects. Developers submitted various project proposals to The DAO to obtain funding. Investors in The DAO purchased DAO tokens, which entitled them to vote on which projects would receive funding. The tokens also entitled the investors to receive a share of the profits generated by DAO-funded projects. Soon after The DAO completed its ICO in May 2016, a hacker exploited a flaw in The DAO’s code and diverted approximately one-third of the $150 million raised by the ICO. The developers of The DAO reimbursed the investors, but The DAO itself disappeared.

The SEC used The DAO as a test case to work through the thorny question of whether a token is a security. In its final report, issued on July 25, 2017 (the DAO Report), the SEC concluded that DAO tokens were, indeed, securities under the federal securities laws. In reaching that conclusion, the SEC analyzed the DAO tokens under the familiar test articulated in SEC v. Howey defining an “investment contract” under the securities laws; namely, one that involves (1) an investment of money, (2) in a common enterprise, (3) with a reasonable expectation of profits, (4) to be derived from the efforts of others. The DAO tokens met the first three factors fairly easily. The fourth Howey factor was less straightforward because it was not immediately apparent that profits of The DAO were derived from the managerial efforts of others, especially since the investors voted on which projects to fund. Ultimately, the SEC concluded that the fourth factor was met and that DAO tokens satisfied the Howey test.

The Enforcement Horizon

With the release of the DAO Report, the SEC has issued a clear warning signal that no amount of innovative technology will exempt ICOs from federal securities laws—if a token looks and acts like a security, it will be regulated as one. However, the SEC stopped short of labeling all tokens as securities and all ICOs as securities offerings. Rather, the SEC opted for a case-by-case approach, stating that the determination “will depend on the facts and circumstances, including the economic realities of the transaction.”

Now that the SEC has arrived on the scene, the two immediate questions are, what will ICO issuers do in response and what will the SEC do next? As to the first question, we already have some preliminary answers. While some token developers are attempting to comply with U.S. securities laws, far more have chosen to locate their projects in overseas jurisdictions and not to market their tokens to U.S. citizens, and to specifically design their tokens to fall outside of the Howey test. This solution has recently become more of a challenge, as several other countries, including Singapore, Canada and Hong Kong, have followed the SEC’s lead and indicated that they will start regulating tokens as securities.

As to the second question, we can only speculate. Now that the SEC has issued its warning, it seems logical to assume that it will be looking for an appropriate test case to bring an enforcement action. A case where investors suffered a large quantifiable harm and where the token easily passes the Howey test would, of course, be preferable. Beyond that, what the case will look like remains to be seen. But the message of the DAO Report is clear: The sheriff is now in town and is looking to impose a little law and order.