September 2017 - THE SEC AND THE ICO

Some people are making real money investing in cryptocurrencies. Just this year, Bitcoin has gained 300%. Another cryptocurrency, Ethereum, is up more than 2,300%.

An increasingly common use of these currencies is the initial coin offering, or ICO. Companies are using ICOs to raise funds by offering investors the chance to buy into a new venture using a cryptocurrency in exchange for virtual tokens instead of stock in the company. The tokens grant investors access to a product or service to be offered by the token issuer. Sound confusing? Here’s how Kevin Roose illustrated the process in a column in the New York Times:

Imagine that a friend is building a casino and asks you to invest. In exchange, you get chips that can be used at the casino’s tables once it’s finished. Now imagine that the value of the chips isn’t fixed, and will instead fluctuate depending on the popularity of the casino, the number of other gamblers and the regulatory environment for casinos. Oh, and instead of a friend, imagine it’s a stranger on the internet who might be using a fake name, who might not actually know how to build a casino, and whom you probably can’t sue for fraud if he steals your money and uses it to buy a Porsche instead. That’s an ICO.1

In recognition of the likelihood of abuse, China’s Central Bank, the People’s Bank of China, has recently put an end to ICOs there, claiming they are rife with fraud, pyramid schemes and other criminal activity. Chinese ICOs scheduled to launch this month have been put on hold.

The SEC, perhaps because it lacks the sweeping powers of China’s Central Bank, has taken a more measured approach in warning potential ICO sponsors and online platforms that support trading of tokens that they might be subject to US securities laws, which they have pretty much ignored to date. The SEC picked on one particular ICO, which called itself The DAO, which stands for Decentralized Autonomous Organization, a term used to describe a “virtual” organization embodied in computer code and executed on a distributed ledger or block chain.

The concept of a DAO entity is memorialized in the document known as a “White Paper.” This one would use “smart contracts” to solve governance issues it described as inherent in traditional corporations. The DAO’s website explained its intended purpose this way: “To blaze a new path in business for the betterment of its members, existing simultaneously nowhere and everywhere and operating solely with the steadfast iron will of unstoppable code.” (Seriously?)

The token issue sold out. However, before The DAO could commence funding projects, an attacker exploited a flaw in its code to steal approximately one-third of The DAO’s assets.

The DAO was able to get investors their money back, but an unwelcome consequence was that the contretemps got the attention of the SEC, which saw a larger issue: Whether the tokens were securities under the Securities Act of 19332 and the Securities Exchange Act of 19343, necessitating registration with the SEC of both the tokens and the exchanges on which they are traded (unless they qualified for an exemption from the registration requirements). You get the feeling that the SEC knew the answer before it undertook what it described as an “investigation.”4

Under Section 2(a)(1) of the Securities Act and Section 3(a)(10) of the Exchange Act, the definition of security encompasses an “investment contract.”5 An investment contract is an investment of money in a common venture premised on a reasonable expectation of profits derived from the entrepreneurial or managerial efforts of others. The definition is “flexible,” so that it can be adapted to a fit “countless and variable schemes devised by those who seek the use of the money of others on the promise of profits.”6 So, to the SEC, the scope of the term investment contract is broad enough to include an offer which involves a decentralized autonomous organization, a cryptocurrency or a block chain-enabled means for raising capital, or a scheme involving all three at once.

The only serious question for the SEC was whether rights of token holders to vote on projects the coin issuer would undertake made them more than passive participants in the enterprise. The short answer was that limited voting rights and the wide distribution of the tokens rendered the owners’ contribution to the management of The DAO insignificant.

The SEC cautioned that its conclusion did not necessarily apply to all ICOs, and each case had to be judged on its own facts. But it’s hard to imagine circumstances in which an ICO wouldn’t involve a security, given the broad reach of that term, except in the unlikely event that the issuer of tokens were willing to cede management control to the buyers.

The SEC declined to pursue an enforcement action against The DAO, probably thinking it was pointless. The flaw in its code likely doomed the whole enterprise anyway.

What the SEC more likely intended was to send a message to the sponsors of ICOs (and the platforms that support secondary trading in the tokens), and anyone thinking of becoming a sponsor, that there is more to soliciting investments for profit in a common venture than just circulating a “White Paper” online.

The SEC’s other aim in all of this is surely to afford potential investors in ICOs the procedural protections and the disclosure of material information that come with registration. Whether that works either to reduce the possibility of ICO scams or to cool the ardor of investors for these schemes remains to be seen.


1 Roose, “Such Currency. Much Risk,” NY Times, September 16, 2017, p.B3.

2 15 U.S.C. §§77a et seq.

3 15 U.S.C. §§78a et seq.

4 Report of Investigation Pursuant to §21(a) of the Securities Exchange Act of 1934: The DAO, Release No. 81207, (July 25, 2017). The facts in the text are those related in the SEC’s report.

5 15 U.S.C. §§77b(1).

6 SEC v. W.J. Howey Co., 321 U.S. 293, 299 (1946).