Initial Coin Offerings (also referred to as “ICOs” or “token sales”) are presenting new challenges for regulators in determining the application of securities laws. Until recently, the ICO market was unrestrained by law or regulation; inhibited only by investor appetite. But last month, the Securities and Exchange Commission (SEC), threw cold water on the ICO market when they released an investigative report that looked at one specific ICO, known as the DAO (the “DAO Offering”) and concluded that the DAO offering was an offering of securities that was subject to federal regulation.
The SEC’s determination is applicable to just one ICO; one that had a unique structure and operational characteristics. It remains to be seen how the determination will affect previous ICOs and the ICO market going forward. As noted by Jeff John Roberts at Fortune Tech, the SEC determination did not opine on circumstances such as “app tokens” or tokens with another form of “underlying utility”. Other uncertainties include the status of private currency tokens (interestingly, as noted by Cooley LLP in its analysis of the SEC determination, the SEC referred to Ethereum’s Ether as a “currency”, not a security), use-or-lose tokens, and yet to be developed iterations of digital coinage. In essence, the SEC determination left unanswered the question of whether (and to what extent) there can be circumstances where a coin offering would not to be subject to U.S. securities laws.
But the SEC’s report did provide enough analysis for us to surmise the conditions under which any given ICO would likely qualify as a security. The key conditions include: the significance of promoters, managerial and gatekeeping functions, voting and information rights, the nature of control of an enterprise, the potential for profit, and the impact of secondary exchanges.
The determination also makes clear that an explicitly “for-profit” ICO speculative venture, with centralized management and control, is likely to trigger a “security” characterization. Avoiding such a determination would require, at a minimum, a truly decentralized structure, without curators, gatekeepers, and reliance on management. It would also likely need to eliminate the profit intention (and opt for the alternative of an underlying “utility of use” benefit), restrict or significantly control secondary trading, give token purchasers meaningful control over the voting, operation, promotion and safekeeping of the enterprise, and make available to purchasers all information required to make informed decisions.
Even if these factors are accounted for, the outcome is still uncertain given the existence of other legal applications that could be utilized by the SEC, the economic reality test, and the operational nature of widely held ventures. As a result, some lawyers are already advising token or coin issuers to adhere to securities regulations, or seek a suitable exemption like Regulation D or S. However the ICO market unfolds from here, it is clear that the SEC’s report is but the first salvo in what is likely to be a drawn-out conflict between regulatory agencies, specifically the SEC, and those who seek to evade their authority.
Understanding Initial Coin Offerings and Blockchain Technology
Technology companies, such as software development firms, or other companies designing digital platforms or other projects, are increasingly looking to ICOs as an alternative to traditional capital raising measures (like debt or equity offerings). In an ICO, a business or promoter (an “offeror”) will sell digital coins or tokens to purchasers (an “offeree”) in an organized initial offering – similar in many respects to an initial public offering of securities.
Generally, these coins are purchased through fiat money or by a trade of another virtual currency – such as Bitcoin or Ether (which is a virtual currency used on the Ethereum Blockchain). The newly acquired coins will often provide an offeree with an ability to use a new platform or service, or otherwise participate in a project in some way. The coins may also represent an investment, or speculative, opportunity for the offeree, in the event that the project is successful and a secondary market is available, or if the coins otherwise participate in a virtual currency exchange. It is the opportunity for profit that gives rise to the SEC determination in the case of the DAO.
To create and distribute the coins for an offering, an offeror will utilize “blockchain technology” (a “Blockchain”). A Blockchain is a decentralized encrypted ledger that is distributed and maintained by a wide number of participants (capable of inspecting it) in a network, and it provides a secure means of processing and verifying transactions thereby supplanting the need for intermediaries to validate transactions. To call the current ICO market “red hot” might be an understatement. Some analysts are calling it a bubble, and even rappers and famous athletes are getting in on it. In 2017, during the month of July alone, the New York Times reported 34 coin offerings raising over $665 million.
Background – The DAO and the Structure of the DAO Offering
The concept of the DAO originated from a white paper (the “White Paper”) published by Slock.it Chief Technology Officer Christoph Jentzsch. The SEC, in its report, summarized the White Paper as desiring an entity (the DAO) that “would use smart contracts to attempt to solve governance issues it described as inherent in traditional corporations” and would “supplant traditional mechanisms of corporate governance and management with a blockchain such that contractual terms are ‘formalized, automated and enforced using software.’”
The DAO, as an entity, was the first iteration of the White Paper concept and was described by Jentzsch as “for-profit” since offerees would be able to purchase tokens (the “DAO Tokens”) by exchanging Ether, and then use these newly acquired tokens to vote on DAO projects and to obtain profit payments, which Jentzsch likened to “dividends” in a typical company structure. Profit participation was a material part of the SEC Determination, which unequivocally concluded that the DAO Tokens were purchased in anticipation of receiving a return on investment – just like that in a standard investment contract. Further, like a venture capital fund, the Ether (received from the DAO Offering) was “pooled” to fund DAO projects and DAO Token holders stood in a position to share from any profits that resulted from a successful project.
After a series of promotional efforts, including the launching of a website, the DAO raised nearly $150 million U.S Dollars, between April 30, 2016 and May 28, 2016, through a pseudononymous offering (an offeree’s pseudonym was their Ethereum Blockchain address) of 1.15 billion DAO Tokens which were purchased through the exchange of nearly 12 million Ether. There were no resale restrictions on the DAO Tokens in the secondary market and as noted by the SEC Determination “[p]rior to the offering period, Slock.it solicited at least one U.S. based web-platform to trade DAO Tokens on its system.” The DAO Tokens could also be freely traded on the Ethereum Blockchain.
Despite assurances by Slock.it that their platform was secure, vulnerabilities in the DAO code began to appear as early as May 2016 and on June 17, 2016, after the close of the DAO Offering, a hacker was able to divert approximately 3.6 million Ether (valued at around $50 Million USD at the time) from the DAO Blockchain address to an Ethereum Blockchain address which it controlled; however, the DAO’s code prevented the hacker from moving the Ether away from that address for 27 days. To control the damage, and restore the Ether, Slock.it full instituted a “Hard Fork” which effectively transferred the Ether raised from the DAO Offering to a recovery address where offerees could exchange their purchased DAO Tokens for Ether. Although the funds were recoverable, the experience of the DAO Offering highlights the risks involved in this new market.
SEC Analysis: The July 25, 2017 Report
The difficulty in regulating an ICO lies in the fact that each offering is very different – and conveys on the offerees unique rights. As Jeff John Roberts at Fortune tech recently noted, some ICOs “can look a lot like traditional securities, because they enable companies to take investor’s cash while holding out the potential for profit.” However, this is not always the case, as many offerings are promoted as a currency or digital asset sale. Adam T. Ettinger of Sheppard Mullin Richter & Hampton recently suggested on his firm’s, venture law blog, that the currency or asset sale characterization can be likened in many ways to IBM in 1960 selling individual punch cards to “develop and manufacture a new mainframe.” Etinger continues, “[i]s the punch card a security? Many companies that have sold tokens in ICOs have taken the position that their tokens are more like punch cards, and merely the pre-sale of useful articles that will permit operation of the blockchain platform they have built or have yet to build.”
The threshold question of whether the DAO Tokens were securities comprised the bulk of the SEC Determination’s analysis. The SEC, citing the well-known “Howey test” among other cases, used a substance over form approach to find that the DAO Tokens were an “investment of money in a common enterprise with a reasonable expectation of profits derived from the entrepreneurial or managerial efforts of others.” This reasoning centered around three key “economic realities” in the analysis:
i. The Nature Of Payment and Expectation of Profit
Citing Uselton v. Comm. Lovelace Motor Freight, Inc. the SEC stated that payment didn’t need to take the form of cash, and that the Ethereum Ether, used to purchase the DAO Tokens, were an exchange of value capable of creating an investment contract. Further, offerees who purchased DAO Tokens did so with a reasonable expectation that the venture would earn profits. The various promotional materials that were used by Slock.it, as well as the pronouncements made by Slock.it’s founding members, and the efforts to make the coins exchange listed, point towards a venture that was designed to be “for-profit”.[14
ii. Profit Derived from the Management Efforts of Others
After determining that the enterprise was designed with a return on investment in mind, the SEC, citing SEC v. Glenn W. Turner Enters., Inc., then looked to whether that return was “derived from the management efforts of others”. The SEC concluded that the efforts of Slock.it, its co-founders, and the designated curators were “essential to the enterprise” based on the following factors: investor expectations were influenced by promotional activity and marketing materials which were controlled and monitored by Slock.it; curators represented to potential offerees that they were “experts in Ethereum” and “Blockchain protocol”; offerees expected that Slock.it would take on managerial roles in the venture post-launch to continue to monitor and safeguard operations, vet contractors and proposals, and determine quorum voting thresholds and results; curators had identifiable control over the voting mechanisms as well as their own removal; and Slock.it had total control over the security response to the code vulnerabilities.
iii. Limited Voting Rights Of The Tokens
The SEC further concluded that the voting rights associated with the DAO Tokens were limited and that token holders therefore held no “meaningful control over the enterprise” because their voting rights were largely “perfunctory” and holders had very limited means to communicate with each other. Central to this determination was the function that the curators played in the operation of the DAO. Curators controlled the proposals that were voted on by DAO Token holders and there was no information provided to these holders to make informed voting decisions. In addition, the SEC concluded that the nature of the offering (under pseudonym and widely dispersed) made it difficult for DAO Token holders to “join together to effect change or to exercise meaningful control.” As a result, the DAO Tokens were likened to shares in a widely held corporation.
The SEC concluded its report by stating that the definition of “issuer” was broad enough to include the DAO, which was an unincorporated organization, and that since the DAO was “responsible for the success or failure of the enterprise” it was “the entity about which the investors needed information material to their investment decision.”
Would True Decentralization Have Generated a Different Result?
The SEC chose not to pursue an enforcement action in relation to the DAO Offering and left a measure of uncertainty as to how future ICO’s would be assessed. Concurrent with the SEC Determination the regulator also released an Investor Bulletin on Coin Offerings where it noted, “[d]epending on the facts and circumstances of each individual ICO, the virtual coins or tokens that are offered or sold may be securities.” This however implies that a given offering may not in fact be an offering of securities as well. The SEC Determination did not articulate a specific set of circumstances that would enable a coin offering to “not be a security” but rather it focused its analysis on the DAO Offering in determining that securities laws applied to that specific context. As such, innovations such as “app tokens” or tokens that have utility independent from investment speculation are still the subject of regulatory speculation.
The White Paper envisioned a decentralized structure of The DAO – including voting rights with respect to contract proposals, new projects and profit payouts. However, it was clear from the SEC determination that the structure was not truly decentralized. Not only did Slock.it control the promotion, marketing, operation and security response of the enterprise, but it was also able to designate individuals to act as curators and hold “ultimate discretion” to control the proposals that were reviewed, voted on, and (ultimately) funded by The DAO. Also, the curators were given significant control on the voting rights, and process for DAO proposals.
The question arises – if the DAO was truly decentralized, would this have enabled it to obtain a determination from the SEC that the tokens were not securities? This is uncertain. In determining that the DAO Offering was a “security” the SEC relied on case law discussing the importance of investor reliance on the operational and promotional efforts of others (including management) and found this to be the case with the DAO Offering. If the DAO, for instance, removed the curator function, and adjusted voting rights so that there was a truly decentralized structure – in that it enabled equal participation in project initiatives, profit payouts and security breach responses – would this have changed the analysis?
It is possible, albeit tenuous, and a number of contextual factors would need to be present. First the terms of management, promotion and control would need to operate on a fully decentralized basis so as to overcome the precedent in SEC v. Glenn W. Turner Enters., Inc. where it was found that a multi-level marketing scheme was an investment contract, despite most of the labour coming from the investors since the promoter controlled the management and marketing. Next, the ICO structure would need to enable full information rights so that token holders could make informed decisions when voting on proposals.
Even with a resolution of the operational, control and information rights issues, there are still lingering concerns regarding the size of ICO offerings and the fact that identities of investors are not generally apparent in a Blockchain. This is relevant to the question of whether token holders can exercise meaningful control over an enterprise (or whether they are reliant on the management efforts of others). In the case of the DAO, the SEC noted that, despite the existence of online forums, the pseudonymous offering “created great dispersion among individuals and/or entities who were invested in The DAO”, and when added to the many other individuals or entities trading DAO Tokens in a secondary market, there was a context that bore “little resemblance to that of a general partnership”. In support of this position, the SEC cited the cases of Cf. Williamson v. Tucker (which dealt with partnership interests sold widely to the public) and SEC v. Merchant Capital, LLC to stand for the proposition that a widely issued, geographically dispersed, public offering does not provide any meaningful sense of investor control since an individual holder’s interest is diluted to become like that of a public company shareholder.
Where the ICO Market Goes from Here
What will happen next in the ICO market is somewhat uncertain. It may still be possible to create a token that falls outside the ambit of securities legislation. Overcoming the Howey Test on the threshold question might be difficult however. A coin offering would need a truly decentralized structure, without the imposition of gatekeepers, wherein investors enacted real control over the operation, promotion and safekeeping of the enterprise, and have access to all available information in order to make informed judgements. Also the intention of profit making is material to the analysis, as is the existence of a secondary market for the tokens.
Even if all these factors are eliminated it is still uncertain that this would suffice given the economic reality test and the practical operation of widely held ventures. Further, it is uncertain whether the SEC will only look to Howey to determine the analysis going forward, in the case of innovative iterations of coin offerings that are distinguishable from the DAO, since there are other tests, as noted by ICO attorney Alfredo Silva of Morrison Foerster, like that in Reves v. Ernst & Young which cites factors such as resemblance to other types of securities, parties’ motivation, the existence of secondary markets and expectations of the public in determining the question of security. As such, Silva suggests that without “on point SEC guidance” for innovative new offerings (like a specific no-action letter) uncertainty will remain in this area for the near future.
 Report of Investigation Pursuant to Section 21(a) of the Securities Exchange Act of 1934: The DAO, Securities Act Release No. 81207 (July 25, 2017) [hereinafter SEC Determination].
 See generally, William Mougayar, The Business Blockchain 1-100 (Wiley, 2016).
 SEC Determination, supra note 1 at 3.
 See Slock.it, Slock.it DAO demo at Devcon1: IoT + Blockchain, YouTube (Nov. 13. 2015) https://youtu.be/49wHQoJxYPo.
 SEC Determination, supra note 1 at 11-12
 Id. at 11-12
 Id. at 5-7.
 See id. at 8, “During the period from May 28, 2016 through September 6, 2016, one such Platform executed more than 557,378 buy and sell transactions in DAO Tokens by more than 15,000 of its U.S. and foreign customers. During the period from May 28, 2016 through August 1, 2016, another such Platform executed more than 22,207 buy and sell transactions in DAO Tokens by more than 700 of its U.S. customers.”
 Id. at 9-10.
 See SEC v. W.J. Howey Co., 328 U.S. 293, 301 (1946).
 See SEC v. Edwards, 540 U.S. 389, 393 (2004); see also United Housing Found., Inc. v. Forman, 421 U.S. 837, 852-53 (1975); Tcherepnin v. Knight, 389 U.S. 332, 336 (1967).
 SEC Determination, supra note 1 at 11.
 See Uselton v. Comm. Lovelace Motor Freight, Inc., 940 F.2d 564, 574 (10th Cir. 1991).
 See SEC Determination, supra note 1 at 11-12.
 SEC v. Glenn W. Turner Enters., Inc., 474 F.2d 476, 482 (9th Cir. 1973).
 See SEC Determination, supra note 1 at 12-13.
 See id.
 See id. at 13-14.
 See also id at 14, “Indeed, based on the particular facts concerning The DAO and the few draft proposals discussed in online forums, there are indications that contract proposals would not have necessarily provide enough information for investors to make an informed voting decision, affording them less meaningful control. For example, the sample contract proposal attached to the White Paper included little information concerning the terms of the contract. Also, the Slock.it co-founders put forth a draft of their own contract proposal and, in response to questions and requests to negotiate the terms of the proposal (posted to a DAO forum), a Slock.it founder explained that the proposal was intentionally vague and that it was, in essence, a take it or leave it proposition not subject to negotiation or feedback.”
 See id. at 14-15.
 Id. at 15-16.
 See Epicenter, EB134 – Emin Gün Sirer And Vlad Zamfir: On A Rocky DAO, YouTube (June 6, 2016), https://www.youtube.com/watch?v=ON5GhIQdFU8.
 The White Paper also suggested that curators could reduce voting quorum requirements by 50% every other week.
 See Glenn W. Turner Enters., Inc., supra note 24.
 See generally SEC v. Merchant Capital, LLC, 483 F.3d 747 (11th Cir. 2007); SEC v. Shields, 744 F.3d 633, 643-45 (10th Cir. 2014).
 See SEC Determination, supra note 1 at 14-15.
 Cf. Williamson v. Tucker, 645 F.2d 404, 422-24 (5th Cir. 1981).
 SEC v. Merchant Capital, LLC, 483 F.3d 747 (11th Cir. 2007).
 See also generally Steinhardt Group, Inc. v. Citicorp., 126 F.3d 144, 152 (3d Cir. 1997).
 See Howey, supra note 19.
 See Reves v. Ernst & Young, 494 U.S. 56 (1990).