In a much-anticipated action, on July 25 the SEC issued a Section 21(a) report of its investigation into an offering of digital tokens by “The DAO,” an unincorporated virtual organization. Though declining to take enforcement action against The DAO, the SEC used the opportunity to warn others engaged in similar activities that an unregistered sale of blockchain tokens can, depending on the circumstances, be an illegal public offering of securities. Simultaneously, the SEC issued a bulletin warning investors about such sales, often called “initial coin offerings” or ICOs. The DAO 21(a) report focused on a fact-pattern where the classic test for a “security” under federal law, announced in the Supreme Court’s 1946 case SEC v. W.J. Howey Co., was easily met: the tokens were sold for value and represented ownership interests in a common enterprise, and the purchasers had an expectation of profit from the efforts of others. And the tokens were distributed in a manner that bore the hallmarks of a traditional securities offering.
The Stunning Rise of ICOs
The SEC’s guidance comes at a time when ICOs are experiencing exponential growth, with $1.2 billion raised by more than fifty projects in the first half of 2017 alone, according to Autonomous Research. Before the SEC’s guidance, ICOs were on pace to dwarf venture capital funding of virtual currency and blockchain-related startups.
The DAO ICO
In 2016, promoters of The DAO commenced an ICO selling tokens to investors in exchange for Ether, a virtual currency, raising approximately $150 million. The DAO was created by a German company called Slock.it, and was designed to allow holders of DAO tokens to vote on projects that The DAO would fund, with any profits flowing to token-holders. Slock.it marketed The DAO as the first instance of a decentralized autonomous organization, powered by smart contracts on a blockchain platform. Ultimately, but unrelated to the issue examined by the SEC, a hacker siphoned off over $50 million of The DAO’s value. The community’s decision to unwind the theft spawned a new virtual currency alongside Ether, called Ether Classic.
The DAO 21(a) report applied the Howey interpretation of the term “investment contract,” a component of the definition of “security” under both the Securities Act of 1933 and the Securities Exchange Act of 1934. As summarized in the report, an investment contract “is an investment of money in a common enterprise with a reasonable expectation of profits to be derived from the entrepreneurial or managerial efforts of others.” After easily concluding that payment in virtual currencies like Ether constitute investments of “money” and finding that investors in The DAO had a reasonable expectation of profit, the SEC focused on whether the profits were derived from the entrepreneurial efforts of others.
The SEC found that DAO token-holders were significantly reliant on the promoters’ efforts, analyzing statements made by the promoters in The DAO’s white paper, its website and various internet and social media forums. Further, the SEC noted that token-holders’ voting rights were limited in nature and that the promoters controlled site content, voting procedures and information available to token-holders.
When Are ICO Tokens Securities?
The technologies underlying The DAO, ICOs and tokens are radically new. But as we have long been advising clients, the SEC, the CFTC and other federal and state regulators are accustomed to applying existing law to new technological constructs. As the SEC’s reliance on Howey shows, the principles espoused in the DAO 21(a) report are not novel, and indeed some previous analyses of the securities-law implications of tokens, such as Coin Center’s framework, have applied Howey in a similar fashion.
Perhaps most fundamentally, the DAO 21(a) report shows that where an ICO or other distribution of tokens is presented to purchasers as an investment opportunity—implicitly or explicitly on the basis of profits that purchasers might derive from the future success of a business, or from selling the tokens into a rising market—the SEC will conclude that the tokens are securities. On the other hand, the report’s analysis probably does not apply if the token on offer has some other practical utility—such as widespread recognition as a general medium of exchange, or current exchangeability for an available product or service—and if participants are purchasing the token to actually use it, either now or in the future, rather than for speculative purposes. Going forward, we expect that prudent promoters who seek to avoid application of the federal securities laws will clearly emphasize the practical utility of the token and avoid marketing it—either openly or with winks and nods—on the basis of its investment potential.
We see the DAO 21(a) report as a clear announcement to the ICO market that new ICOs will be closely scrutinized. While an accompanying statement by the SEC’s Divisions of Corporation Finance and Enforcement is supportive of the potential for ICOs to provide capital for young companies, the statement encourages those who employ “new technologies to form investment vehicles or distribute investment opportunities” to consult with counsel and even the SEC staff, at FinTech@sec.gov. Although not all ICOs will be subject to regulation as securities offerings, promoters should certainly consider the possibility that the SEC will treat them as such. The SEC is unlikely to issue a 21(a) report the next time it does so.
Implications for the Token Ecosystem
The possibility that some token sales will be classified as securities offerings has significant implications. Aside from potential criminal or civil liability for the promoters of an illegal, unregistered public offering of securities, purchasers of such securities have a statutory right of rescission to force sellers to repurchase the securities at their original purchase price, plus interest. In addition, a company that raises funding in an unregistered public securities offering will be operating with funds derived from unlawful conduct and as a result may have problems raising additional non-ICO capital, obtaining banking services, creating commercial relationships with established, regulated financial institutions (such as investment banks and broker-dealers) and obtaining regulatory licenses.
In order to comply with securities laws, the public offering of a token that is a security must be made under a registration statement, including a prospectus, filed with and declared effective by the SEC. Any false or misleading statements in the prospectus, whether or not intentional, can give rise to liability for the issuer, any seller, any underwriter and their respective control persons, among others. At this point, we are not aware of an ICO that has been registered under the federal securities laws, and complying with the SEC’s registration rules will likely require a great deal of creativity and adaptability from both the promoters and the SEC staff.
There is, of course, a large and thriving market for unregistered securities offerings conducted under exemptions such as Regulation D, which mainly applies to private placements to sophisticated investors.
While we note that many ICOs have been conducted offshore, in the absence of transfer restrictions and other features to prevent U.S. buyer participation, the Regulation S exemption for offshore offerings may not be available; to our knowledge, no ICO has grappled with applying these restrictions. The DAO 21(a) report may push some ICO promoters to establish a registration exemption, though this will restrict their ability to sell tokens to a wide retail investor base and will limit any secondary market in their tokens.
Additionally, conducting an exempt offering would solidify a token’s status as a security, likely cutting off promoters and token-holders from token service providers, such as exchanges and custodians, that are not registered with the SEC in any capacity. For this reason, the DAO 21(a) report has implications for the broader token ecosystem. As the SEC noted, companies such as virtual currency exchanges that provide secondary-market trading in tokens that are securities, but that are not registered as securities exchanges, are violating the federal securities laws. Any intermediary or service provider who handles such tokens should consider whether its activities require registration with the SEC in some capacity; for example, as a securities exchange, broker-dealer, alternative trading system or clearing agency. The DAO 21(a) report also raises the possibility that certain people associated with The DAO may have been acting as investment advisers under the Investment Advisers Act of 1940, or that The DAO itself was an investment company under the Investment Company Act of 1940. Although activities limited to Bitcoin and other tokens that are primarily used as currencies may be unaffected, the DAO 21(a) report should prompt a fresh review.