BetterNews #7: Security Token Dilemma

During May the Bank of Lithuania (BoL) was calling for views and feedback on its Guidelines on security token offerings (STOs). Before that, in April the Financial Services Commission (FSC) of Mauritius has issued a Guidance Note to explain its regulatory approach to STOs. In this issue of BetterNews, we would like to concentrate on and go through the details of guidelines recently published in Mauritius and Lithuania, and also we decided to remind you about guidelines published last year in Lithuania (by another regulator), Jersey and Canada. We believe that considering the current crypto market trend of intense interest in respect of security tokens, the rise of platforms for the listing of such tokens and existing legal vacuum these guidelines might be useful for prospective issuers in launching compliant token offering. It is obvious that emerging security token ecosystem is the future of ICOs and clear legislation is a critical piece of the puzzle for issuers and investors, and the law should respond to this tendencies and provide the participants with a proper regulatory framework.

We know that majority of the issuers are considering Malta as a harbor for tokenization and it is probably the right choice to make, however in this issue we will not discuss the legislation of Malta as it gained a lot of attention already.

Summary

The FSC of Mauritius clarified that security tokens are classed as securities as defined in the Securities Act 2005, represented in digital form.

The Bank of Lithuania has called for views on its Guidelines on STOs establishing the regulatory framework for the market participants and explaining the rules to be applied for the determination of token category. Lithuanian Ministry of Finance published Guidelines for token Issuers. Guidelines provide clarity in fields of token’s and ICO’s classification, the applicability of existing legislation of Lithuania, including interpretation of AML / KYC, taxation and accounting rules in respect of ICOs. Guidelines specify that existing legislation regulating security market also regulates specific types of tokens granting profits or governance rights, this kind of tokens will be considered as security and the obligation to comply with relevant legislation will follow.

Jersey Financial Services Commission has issued a Guidance Note on its approach to initial coin offerings (ICOs) aimed to create a transparent process for ICOs. The Guidance Note is focused on consumer protection and anti-money laundering promoting Island’s reputation as a well-regulated and reputable jurisdiction. Guidance Note establishes that specific type of consent granted by the regulator will depend on whether the token is categorised as a “security” under Jersey legislation. Considering the absence of clear definitions of security the Guidance Note stipulates that a token which has one or more of the listed characteristics will be regarded by the JFSC as security.

The Canadian Securities Administrators (CSA) published a Staff Notice regarding the securities law implications of ICOs. CSA Staff Notice outlines specific situations that may have an implication on the presence of one or more of the elements of an investment contract in the context of an offering of coins or to]kens. Additionally regulator provides guidance on the applicability of securities laws to offerings of coins or tokens, including utility tokens.

Detailed overview

Mauritius

The FSC of Mauritius has issued a Guidance Note on the 8 April 2019 (the Note) to explain its views regarding STOs. This Note explains that security tokens are “securities” as defined in the Securities Act 2005, in digital format. Additionally, when STOs are conducted in or from Mauritius, this offering will be subject to the Securities Act 2005 and other applicable local regulations.

Issuers of security tokens are required to get prior approval of the FSC however there are exceptions for several categories of investors, such as sophisticated or expert investors, expert funds as well as professional and specialised collective investment schemes (definitions of these terms are given in Mauritius legislation).

According to the Note, any person soliciting another person to enter into transactions involving security tokens must hold the appropriate license under the Securities Act 2005 and must ensure “strict compliance with the applicable regulatory requirement” as carrying out financial services without a license is a criminal offense.

The FSC also warned about the high-risk nature of STOs and urged investors to ascertain all risks before investing in STOs. The regulator also reminded investors that they are not protected by any statutory compensation arrangements in Mauritius.

Lithuania (#Litechnia)

On May 7 the BoL announced consultations on the issued STO Guidelines. The consultations have lasted until May 20 and to the moment results were not published. According to the Guidelines, it will apply from July 21, 2019.

The Guidelines reflect the approach of the regulator to security tokens as a financial instrument, particularly focusing on the qualification of tokens (what tokens qualify as securities tokens or other financial instruments), assessing specific cases, providing recommendations related to the issue of security tokens and explaining applicable legal regulation.

It is contemplated that the Guidelines will apply to all of the market participants including issuers, investors, advisors, offering platforms and other involved parties. The existing financial markets regulation and supervisory framework will cover “investment-type” tokens and hybrids of “investment-type” and/or “utility-type” and/or “payment-type” tokens. The BoL defines “investment-type” tokens as tokens with specific characteristics that mean they meet the definition of transferable securities or other financial instruments like a share or a debt instrument as set out in the Law on Markets in Financial Instruments (local MiFID II).

The BoL supports a “substance over form” approach when it comes to qualifying tokens, including to prevent regulatory arbitrage. For a better understanding of legal qualification methodology, the regulator discusses in the Guidelines features of a sample set of six ICOs crypto-assets. Consequently, if the token qualifies as transferable securities or other types of MiFID II (and also the Law on Markets in Financial Instruments) financial instruments, a full set of relevant EU and national financial rules are likely to apply to their issuer, crowdfunding or other trading platforms and/or firms providing investment services/activities to those instruments.

We also would like to remind that the last year the Lithuanian Ministry of Finance has released Guidelines regarding ICOs outlining among other things cases when tokens could be considered as securities and how token sales can be regulated by various laws within the country.

The Guidelines were made in the best traditions of ICO world as a fancy presentation and then you compare “appearance” of this document with the similar regulatory documents you may feel Lithuania’s desire to be as crypto friendly as possible. The Guidelines intended to be a comprehensive tool describing Lithuanian legal framework for ICOs, however, the final disclaimer states that the Guidelines should not be treated “as an official interpretation of the legislation”.

The Guidelines classify tokens issued as part of ICOs and ICOs itself as either granting “profits or governance rights” or not granting.

Tokens that do not grant profits or governance are divided into two types:

1. Tokens that grant a right to use a product or service (known as utility tokens) (subject to current Civil Code regulations);
2. Tokens used as a payment instrument.

This category also covers ICOs structured as a charity.

Tokens that grant profits or governance also have two types listed below:

• Tokens with characteristics of securities (subject to the Law on Securities);
• Tokens with characteristics of financial instruments (subject to the Law on Markets in Financial Instruments, this Law also applies to entities organizing and/or engaged in active secondary trading in tokens).

This category also covers ICOs wit characteristics of a project defined by the Law on Crowdfunding.

Classification also includes entities that collectively invest the funds received through ICO in different projects (“cryptofunds”) and these entities are subject to the following regulations:

• the Law on Collective Investment Subjects,
• the Law on Collective Investment Undertakings Intended for Informed Investors,
• the Law on Collective Investment Undertakings Intended for Professional Investors.

The Guidelines specify that based on token characteristics and rights granted to their holders, including the right to participate in the company management process or receive part of the company’s profit then there is a probability that tokens will be treated as a security and the obligation to comply with relevant legislation will apply in respect of the issuer. According to the Guidelines, the BoL will regulate and scrutinize entities that are engaged in the issuance of tokens that have the features of securities.

All ICOs are subject to anti-money laundering (AML) and counter-terrorist financing (CFT) laws. Anti-Money Laundering and Counter Terrorist Financing Law of Lithuania will be amended in order to comply with 5th AML Directive. According to the information given in the Guidelines “amendments will concentrate on provisions relevant to virtual currency exchanges and wallet services operators, aiming at increasing transparency and clarity of regulation together with stability and security of the financial mark”.

The Guidelines also contain the link with the reference to the previously published opinion of the Bank of Lithuania which released a paper in respect of virtual currencies and ICOs, stating that “financial services must be clearly dissociated from activities related with virtual currencies”.

In addition to regulatory aspects, the Guidelines also offer thoughts from the taxation and accounting perspective. We will prepare a separate post with the analysis of rules established by Lithuanian authorities in this regard. Stay tuned!

Jersey

As you know from one of our previous reports, the Jersey Financial Services Commission (“JFSC”) issued a Guidance Note in which it detailed its approach regarding classification of tokens and rules of the application process for the issuers ICOs.

According to the Guidance Note, Jersey-based Issuers must satisfy the following requirements:

• be incorporated in Jersey;
• receive the JFSC’s consent under the Control of borrowing (Jersey) Order 1958 (COBO) before undertaking any activity;
• comply with Sound Business Practice Policy;
• apply relevant AML / CFT requirements to persons that either purchase tokens from, or sell tokens back (very considered approach) to, the ICO Issuer;
• appoint a trust company service provider (TCSP) licenced by the JFSC;
• appoint and maintain a Jersey resident director who is a natural person and also a principal person of the TCSP appointed by the issuer;
• be subject to an ongoing audit requirement;
• have procedures and processes in place to mitigate and manage the risk of retail investors investing inappropriately in the ICO, and to ensure retail investors understand the risks involved;
• prepare and submit to the JFSC an Information Memorandum (JFSC mentions White Paper as a form of Information Memorandum) made in compliance with requirements applicable to a prospectus issued under the Companies (Jersey) Law; and
• ensure that any marketing material is clear, fair and not misleading.​

As established by Guidance Note token which has one or more of the following characteristics will be treated by the JFSC as security:

• a right to participate in the profits/earnings of the issuer or a related entity (JFSC understands that it is common practice in the market to separate token issuer from an operational company);
• a claim on the issuer or a related party’s assets;
• a general commitment from the issuer to redeem tokens in the future;
• a right to participate in the operation or management of the issuer or a related party expectation of a return on the amount paid for the tokens.

Tokens which are not deemed to be securities, s might be classified as:

• utility tokens conferring merely a usage right or the right to access a product or service, and
• cryptocurrency tokens designed to behave like a currency, being a store of value and medium of exchange and referred to in some jurisdictions as a payment token.

In comparison with other jurisdictions (such as Switzerland), JFSC does not refer to “hybrid” tokens with features of securities and utility tokens as well.

Regulator stipulates that utility token should not be treated as a security token solely by reason of the fact that it might be traded in the secondary market (e.g. listed on the cryptocurrency exchange). Whether or not a token is a “security” makes no difference as the requirements given in Guidance Note are applicable to all issuers (but do not think that classification is useless, it will help ICO promoters to determine whether or not they need to
comply with Jersey rules on the issue of securities), however, JFSC may consider relaxing conditions for non-security tokens in certain circumstances.

Application for the COBO consent is to be accompanied by an analysis prepared by the issuer’s legal advisers (reminds Malta and VFA Agents) outlining:

• the proposed activity including relevant timelines;
• details of the issuer and the ICO;
• rationale for the ICO, amount to be raised and use of proceeds;
• summary of the features of the tokens;
• summary of the token purchase and redemption processes;
• service providers to the issuer;
• relationship between issuer and holder of tokens;
• the management of underlying assets and security rights over such assets for token holders;
• how the activity will be wound up/dissolved and assets (if any) distributed to the token holders;
• Jersey legal and regulatory analysis, including consideration of relevant legislation or other regulatory laws.

The issuer also must seek the prior consent of the JFSC to any material change to the matters contained in the application, particularly changes in specified counterparties including, but not limited, the TCSP.

According to the Guidance Note ICOs should be treated as a “sensitive activity” under the JFSC’s Sound Business Practice Policy. The practical consequence of this is that certain AML/CFT rules should apply to the issuer:

• carry out checks on the purchasers of the tokens who purchase coins directly from the issuer, and
• apply relevant checks in respect of token holders in the event of buy-back.

ICO issuer will be required to:

• establish and obtain evidence to verify identity, and
• establish and depending on the level of risk obtain evidence to verify the source of funds and source of wealth.

JFSC notes that there is no international standard regarding the application of AML/CFT requirements in respect of ICOs and the issuers of ICOs. Therefore the analogy with exchange conducting Money Service Business should apply.

Issuers are required to ensure that any marketing materials are clear, fair and not misleading and describe applicable regulatory treatment. ICO related prospectus / information memorandum (White Paper) should not be published and tokens must not be issued unless JFSC has first made a confirmation of “no objection”.

The Guidance Note contains additional requirements for the board of directors of the issuer. They must advise the JFSX promptly about defaults on any token issued. Upon submission of issuer’s Annual Return (audit is also obligatory), the directors must confirm that to the best of their knowledge there have been no breaches of the COBO Consent and its conditions save as previously disclosed to the JFSC.

The Guidance Note is the next step following well-known crypto projects launching from Jersey. Jersey might be interesting for prospective issuers as being well-regulated international finance center and at the same time offering ICO regulation that makes this sphere less “grey area” for investors.

Canada

The Canadian Securities Administrators (CSA) published Staff Notice 46–308 — Securities Law Implications for Offerings of Tokens, which provides guidance on the applicability of securities laws to offerings of tokens, including ones that are commonly referred to as “utility tokens”. The Notice follows the initial guidance document published in 2017 where regulator clarified that token offerings might be considered an offer of securities.

As was highlighted in the previous document, businesses and their professional advisors should consider and apply the case law when interpreting whether an offering constitutes an “investment contract”, i.e. does it involve:

• an investment of money
• in a common enterprise
• with an expectation of profit
• that arises significantly from the efforts of others.

Upon assessment of token’s nature, the CSA are focussed on substance over form (the same approach is taken in Lithuania) and indicates that the economic realities of the offering as a whole should be considered, as well as technical characteristics of the token being offered. In general, the CSA’s approach is consistent with the approach of the SEC.

The CSA lists several examples of proposed ICO it has seen to date and these examples illustrate that the ICO is an “investment contract” subject to the application of securities laws, including:

• token is for use in a platform that is still under development;
• token is not immediately delivered to investors;
• the stated purpose of the offering is to raise capital to develop the platform or support the value of the token;
• issuer offers free tokens or other benefits to promoters of the ICO (bounty and developers);
• management of the issuer retains a significant number of unsold tokens as compensation;
• the tokens can be a currency or have broad utility, but there is no proof of widespread use or acceptance;
• management of the issuers has represented they have special expertise that will increase the value of the token;
• there is a fixed number of tokens or access to new tokens will be limited;
• issuer allows purchasers to buy tokens in an amount that “does not align with the purported utility of the token”, such as a $100,000 purchase of tokens that can be used for personal music downloads;
• marketing of the offering targets investors who would not reasonably be expected to use issuers products / services;
• management states that the tokens will increase in value, or encourages others to make such statements;
• reasonable expectation (or marketing strategy) that issued tokens will be tradable on a cryptoasset trading platform (CSA will examine White Papers and statements in other media for information regarding secondary tradability of tokens).

The Staff Notice also identifies certain factors that could cause regulators to view a token not as an “investment contract”, including:

• tokens have a fixed value that does not change over time, and are available continually;
• tokens are distributed to users for free (not as part of an overall sale of an ancillary or secondary product or service”);
• each token has unique characteristics.

The CSA also mentioned the practice of structuring token distributions in multiple steps. The Staff Notice proofs that CSA studies the crypto world thoroughly and understands commonly used ICO structures including ones that are used to minimize the application of Canadian securities laws, including prospectus requirements. In particular, CSA refers to offerings involving SAFTs. Under the SAFT the first step is the sale of a right to receive a token, under which right in itself is a distribution of the security. The second is the delivery of the token at future date. Tokens delivered at this stage might be recognized as security, even if they have utility features because they continue to fall under the definition of “investment contract”.

Issuers may rely on prospectus exemptions (such as the accredited investor exemption), which give rise to resale restrictions (in case of capital-raising prospectus). Such resale restrictions will limit the token’s listing on a cryptoexchanges.

According to the CSA securities law requirement also apply to any person who is in the business of trading in or selling securities. Such a person must be registered as a dealer. The term “trade” has a broad definition and includes advertisements, solicitation and etc.

In order to avoid “costly regulatory surprises”, the Staff Notice also encourages businesses with proposed offerings of tokens to consult qualified legal counsel and to contact Canadian securities regulators through the CSA Regulatory Sandbox. The CSA notes that securities law requirements may apply to ICOs regardless of the location of investors.

As a conclusion, we may say that the Staff Notice contains welcomed guidance for those engaging in ICOs and provides a clear path to CSA’s vision and certainty to issuers.