Regulatory Strategy for Tokenization and ICOs

by Lindsay X. Lin

Regulation of initial coin offerings (ICOs) appears inevitable. Over the past couple months, authorities from numerous jurisdictions have issued statements declaring that tokens may be subject to various consumer protection, anti-money-laundering, and securities regulations.

On the more extreme end, Chinese and South Korean authorities have made the decisive move to halt all ICOs. In the U.S., the Securities Exchange Commission (SEC) has issued an analysis deeming The DAO tokens to be securities, announced the creation of a Cyber Unit that will investigate ICO and blockchain-related misconduct, and charged two ICOs with selling unregistered securities and defrauding investors. These developments are a harbinger of future investigations, enforcement actions, and government policymaking.

These actions are warning shots for organizations who disregard regulatory requirements, defraud token buyers, manipulate markets, and misrepresent their business and/or technology. However, they also generate confusion and uncertainty for technology-focused builders who may inadvertently run afoul of regulations due to unfamiliarity with necessary requirements. Fortunately, there is a crop of emerging organizations that spot opportunity in this confusion and hope to assist entrepreneurs with compliant token offerings.

Betting on Compliance

The uncertainty and confusion surrounding legal and regulatory requirements has created an opportunity for companies to offer products and services that can hand-hold organizations through the legalities of token creation, issuance, and transfer.

In the U.S., many organizations are betting that regulatorily compliant token offerings will be the future. The following is a survey of current efforts and developments that help to facilitate compliant ICOs and tokenization:

SAFTs: In August, CoinList pioneered the Simple Agreement for Future Tokens (SAFT) as a tool to facilitate a compliant Filecoin token issuance. The SAFT is an investment contract security that was offered to U.S. accredited investors under Regulation D 506(c) for the Filecoin issuance. SAFTs operate similarly to convertible notes: if there is a network launch before the expiration or termination of the SAFT, the Company will issue tokens to the SAFT holder in proportion to the amount paid. The creators of the SAFT model argue that the SAFT approach is very beneficial for alleviating many securities, investor protection, consumer protection, money transmitter, and tax law and policy concerns.

Multiple organizations are currently exploring utilizing the SAFT approach for their ICOs in conjunction with Regulation D 506(c) offerings.

Security Token Launch Platforms: Companies are creating platforms that facilitate compliant security token issuances. Argon Group, an investment bank that has advised multiple high profile token issuances like Civic and Blockchain Capital, has developed TokenHub, a turn-key compliant token issuance platform that is currently launching approximately $50-$100 million security token ICOs such as Science (an incubator) and Protos Cryptocurrency Asset Management (a cryptocurrency hedge fund). Additionally, Polymath recently announced the creation of a security token launch platform that features built-in compliance templates, service provider advisory, and smart contracting technology that can streamline securities and AML/KYC compliance. Moreover, Jibrel Network recently raised $3 million to build out a platform to launch compliant security token sales via “smart regulation” in which smart contracts automate certain compliance requirements.

Existing crowdfunding players such as StartEngine are also exploring the tokenization of securities issued pursuant to SEC registration exemptions Regulation A+, Regulation D, Regulation Crowdfunding, and Regulation S.

Platforms and Exchanges for Tokenized Securities: Platforms that facilitate the exchange of security tokens could be subject to SEC regulations on securities exchanges, alternative trading systems (ATS), broker-dealers, transfer agents, and clearing agencies. After the SEC’s ruling that DAO tokens were considered securities, popular cryptocurrency exchanges such as Bittrex, Poloniex, and ShapeShift declared that they will examine listed tokens under the Howey test and delist probable security tokens to avoid violation of applicable security exchange laws.

In order to list security tokens, an exchange must qualify as a securities exchange or fall under an exemption. While becoming a national securities exchange is a long and resource-intensive process, there is an exemption for ATS’s operated by registered broker-dealers.

It’s unclear whether current popular cryptocurrency exchanges are willing to undergo the burden of registering as a broker-dealer and fulfilling the requirements of an ATS. The lack of a compliant security tokens exchange would decrease the transferability and liquidity of such tokens, arguably weakening one of the benefits to tokenization.

Fortunately, some blockchain organizations are already exploring broker-dealer and ATS registration, or acquiring and/or partnering with existing broker-dealers and ATS’s. For example, tZERO (a subsidiary of Overstock.com), RenGen LLC, and the Argon Group recently announced an exclusive joint venture to launch an ATS that will enable the trading of ICO security tokens in compliance with SEC and FINRA regulations. Additionally, blockchain asset management firm Templum and broker-dealer Liquid M Capital have also unveiled plans for a registered ATS that will facilitate ICO security token exchange and issuance. It’s unclear which security tokens will be listed on these two ATS’s, but the hope is that the list will be inclusive.

On a global scale, Lykke appears to be making headway in obtaining multi-country authorizations to become a tokenized securities exchange. Lykke has already obtained Vanuatu’s Dealer in Securities license and claims to be exploring or in the process of becoming authorized as an EU broker, EU Electronic Money Institution, and UK Multilateral Trading Facility.

Decentralized Exchanges

While some community members have espoused the use of decentralized exchanges such as EtherDelta and 0x to trade security tokens, it is uncertain whether decentralized systems would escape SEC jurisdiction. If an organization controls the hosting, maintenance, and operation of a decentralized exchange protocol, this may invoke broker-dealer and ATS regulatory requirements. For example, some decentralized exchange systems may be analogized to Electronic Communication Networks (ECNs), where traders trade directly between themselves using computer-based systems that automatically match and execute orders. ECNs are classified as an ATS by the SEC and are required to be registered as broker-dealers.

Even if decentralized exchanges do not fit under any present regulatory framework, the SEC will likely take action to protect investors from unreliable and fraudulent security exchange technologies once transaction volumes escalate.

As the popularity of security tokens grows, there is significant opportunity for regulated players to enter this space.

Distributed Ledgers for Management Corporate Records: Publicly traded securities are making their way onto blockchains. On July 21, 2017, Delaware Governor John C. Carney Jr. signed an amendment to the Delaware General Corporation Law (DGCL) that expressly permits Delaware companies to create and maintain corporate records, including stock ledgers, on a blockchain. Meanwhile, NASDAQ and other exchanges are testing blockchain based settlement for stock trading. The tZERO platform already uses a blockchain-based settlement system for transacting shares.

Distributed ledger technology can help automate many back-office functions involved in traditional securities transaction management. Distributed ledger technology improves transparency into share ownership, provides easy tracking of changes in the capitalization table, and facilitates fast transaction clearing and settlement. Moreover, distributed ledger technology could feature built-in voting and governance protocols that would help to remove middlemen in current proxy voting processes.

Future of Compliant ICOs

Given the trends towards compliant security token offerings and moving securities onto blockchains, there are promising opportunities in facilitating compliance. Indeed, the cryptocurrency community will likely witness these developments within the next couple of years:

1. Growth of organizations that facilitate issuance and exchange of security tokens. We will see growth in the usage of security token launch platforms as new companies such as Polymath leverage compliance templates and adopt smart contracting technologies to help to enforce AML/KYC monitoring and transfer restrictions. As more securities are tokenized, there will be demand for SEC-registered ATS platforms that can facilitate greater liquidity for security tokens.
2. Greater reliance on securities registration exemptions. In the U.S., organizations that are conducting ICOs will explore using Regulation A+, Regulation D (including SAFTs), Regulation S, and/or Regulation Crowdfunding to accomplish their goals. Each exemption features different restrictions and requirements; an organization will choose the one most suited to their philosophy and fundraising goals.
3. Leveraging distributed ledgers for transacting registered securities. We will witness greater usage of distributed ledger technology to manage stock ledgers and perform settlements for existing and future securities.
4. Legal standards for tokenized securities. Similar to how ERC20 provided standardized technical specifications for ICO tokens on the Ethereum blockchain, lawyers and policymakers may develop an open-source framework wherein different types of tokens are categorized and linked to corresponding legal and regulatory rights and obligations. This could lead to template compliance strategies that will highlight the rights, duties, obligations, and regulatory requirements of the token issuer and buyers.
5. Development of compliance-automating smart contracts. Developers will develop smart contracts that will enforce certain anti-money-laundering and securities law requirements such as AML/KYC, transfer restrictions, whitelisting contributors, and automated reporting of suspicious transactions.
6. Focus on market manipulation and insider trading. As security tokens become popularized, the SEC will likely focus more on market manipulation involving security tokens such as “pump and dump” schemes. In September 25 announcement, the SEC expressly stated its intention to investigate cases involving fraud targeting retail investors, including microcap pump and dump schemes. Tangentially, organizations that issue security tokens will have to be aware of potential insider trading violations.

Why Compliant Organizations Will Lead the Future

As more regulatory developments unfold, it is likely that many ICOs will suffer legal challenges to their self-proclaimed “non-security” status. Given the uncertain regulatory landscape, there are multiple benefits to presuming that one’s token would be categorized as a security.

Although creating a security token invokes additional restrictions and requirements, issuing tokens under a pre-existing regulatory framework significantly reduces legal risk. Compliant organizations have certainty that they will not suffer existential business interruptions from private litigation (e.g. right of rescission and the 10b-5 right of private action) and enforcement actions arising from unregistered securities offerings. Moreover, issuing tokens under existing securities frameworks helps to define token buyers’ expectations and rights, and could potentially result in higher investment returns.

Organizations have now raised over $2.3 billion through ICOs. ICOs are no longer a marginal, novel phenomenon that can escape regulatory attention.

As mainstream investment funds and retail investors start to enter the cryptocurrency industry, compliant organizations will likely be the ones to grab the most market share. Compliant organizations are the most likely to deliver easily accessible, stable, and secure services and products. Compliance processes ensuring consumer protection, investor protection, and anti-money-laundering will help distributed ledger technology and tokenization achieve sustainable mainstream adoption.

Many thanks to Terrence Yang, Boris Reznikov, David Gobaud, and Brian Gale for reviewing and commenting on drafts of this post.

Lindsay Lin (@lindsayxlin) is counsel and program manager at Lightyear.io, a company powered by Stellar. Lightyear helps institutions implement distributed ledger infrastructure to send payments across borders as easily as sending an email. The content in this post is offered as general legal information and does not constitute legal advice. Lightyear does not provide legal consultation services.