Lately there has been a lot of talk about Security Tokens, especially with Overstock’s tZero Security Token Exchange Platform garnering a lot of attention. Despite the word being tossed around the cryptocurrency space so much lately, many still do not fully understand what it means to be a security token, and what implications it has for the currency/project as a whole.
First, we will distinguish between two type of tokens: Utility Tokens and Security Tokens.
NOTE: This analysis does not include information about cryptocurrencies used as a store of value/medium of exchange (Think Bitcoin, BitcoinCash, Decred, Monero, ZCash), basically the currencies that function to replace fiat. Nor will we address stablecoins, coins pegged to real assets (at least supposed to be) such as tether.
Utility vs Security
The tokens we are talking about in this paper revolve around access to a service, platform, or project that aims to solve a real world problem via use of a blockchain. The first type we will discuss is a Utility Token.
Utility tokens may also be referred to as app coins, user tokens, or network access tokens, among other names. There are several examples of these in use today including filecoin and siacoin for data storage, Basic Attention Token for internet advertising, Golem for computational power, Dent for mobile data, and Populous for invoice financing. What each of these have in common is that they provide access to the service or platform that is the basis of the cryptocurrency project.
For an example of how these work, we will use SiaCoin (and we’ll just pretend that SiaCoin was offered via an ICO and not mined from the start). SiaCoin provides a platform for the buying and selling of data storage. The platform connects sellers that have excess storage available for rent to buyers that wish to store their data through the Sia Platform. The sellers offer up their space in a contract on the platform and the buyers accept that contract for a price (set by the sellers) which is paid in SiaCoin. Thus why SiaCoin is classified as a Utility Token. SiaCoin does not entitle holders of the token to any profits made on the platform, does not denote any ownership interest in the Sia project, nor does it give the holders any voting rights for decisions made in regards to the platform or the Sia Project as a whole. The token only has function WITHIN THE PLATFORM ITSELF. The specific use of the token on the platform and solely as a medium of exchange for data storage within the bounds of the Sia platform is vital for its classification as a Utility token. Despite these aspects of utility, however, it does not save the token from being classified a security on its own. Meeting the standards of a Security Token while providing uses as a Utility Token would still leave the currency in danger of being classified a security.
In comparison, Security tokens serve purposes outside of specific use as exchange within the platform OR IN ADDITION to use within the platform. These other purposes can include the token representing shares of ownership of the project itself, a tool for profit/loss sharing, giving the holder status as a creditor/lender, giving the holder a claim in bankruptcy as an equity interest holder/creditor, or giving the holder the right to repayment of purchase price and/or payments of interest. Some of these include SiaFund token for the SiaCoin project, tZero tokens for the tZero security exchange platform, KODAKCoin tokens for the KODAKOne platform,
To stay in line with our previous example, we will discuss SiaFund Tokens to explain security tokens. 10,000 SiaFund tokens were issued as a means of funding the Sia project, and 1159 were initially sold in an IPO in 2014. As of recently Nebulous (parent company funding most of the Sia Project) still held 8,741 of the SiaFund tokens and is holding a Tokenized Security Offering (TSO) in compliance with SEC regulation to sell 750 SiaFund Tokens.
Here are a couple of important details that help make the SiaFund Token a Security Token: SiaFund Tokens were offered to the public in exchange for money, holders of the SiaFund token are entitled to 3.9% of the fees from every transaction made on the Sia network, and funds from the sale of the SiaFund Tokens are being used to fund the Sia Project venture. It is important, therefore, that the Sia team took the time to register the sale of SiaFund Tokens with the SEC as a Tokenized Securities Offering (TSO) and only offer the sale to qualified investors.
So SiaFund Tokens are considered a Security Token, but why do these qualities make it a security and how do I know what other coins can be considered securities?
Classifying the SiaFund Token as a Security
According to US Court Rulings, one way to determine if an offering is considered a security and subject to SEC securities regulations is via the Howey Test. The Howey Test states that an offering is considered a security if:
1. It is an Investment (of either money or assets)
2. Investment is made in a common enterprise
3. There is an expectation of profit
4. Profits come primarily from the efforts of a promoter/third party (holder of the offering cannot reasonably have a large influence on if the investment will be profitable)
In the case of the SiaFund Token, the purchasers of the token are investing money or digital assets for the token, the investment is in a common enterprise (the investments are pooled and each investors shares evenly in the risks/profits of the project), the purchasers reasonably expect profit from the investment (in this case from the fee distribution mechanism), and the profit comes largely from efforts of the promoters/a third party (the Sia Project’s success relies on the development team to provide a working platform good enough to capture a share of the market and provide revenue to the investors, the investors themselves are not making the project successful).
The Howey Test — Is the Crypto a Security?
The Howey Test (the four part test above) is how US regulators — the SEC — currently determine whether an asset is a security. Here we will break it down further for use in a more broad application than just with the specific example of the SiaFund Token. The token must pass each part of the test in order to be considered a security (passing meaning that the part of the test is true of the asset).
1. It is an Investment
This first part is pretty simple. The receiver of the token must be putting forth something for the receipt of the tokens. It can be money or assets. ICOs allow either money to be exchanged for their tokens or in-kind contributions (usually in the form of other cryptocurrencies). Thus, exchanging fiat or cryptocurrencies for the promise of the tokens from the ICO satisfies this requirement. Pretty straightforward.
One way that some ICO issuers have tried to get around this is by claiming the proceeds are “donations” and the tokens are also donations, not being paid for. Do not let this fool you, this will not work to disqualify the ICO as a security, as seen with Tezos.
2. The Investment is in a common enterprise
This portion of the definition is also fairly straightforward. For the sake of cryptocurrency we will consider the horizontal definition of a common enterprise. This is where the investors money is pooled together creating a pool of investors and they share in the successes and failure of the venture together. Because almost every ICO is offered to multiple investors and the money is together controlled by the issuers of the token with each token offering the same benefits to investors, this portion of the test is almost always satisfied.
3. There is an expectation of profits from the investment
4. Profits come primarily from the efforts of the promoter/a third party
These two are a little more complex. Due to some rulings on the howey test in the past, these are considered to be paired with each other. We will address these separately, then how they are considered together.
Those putting the money forth expect to be able to turn a profit on their investment, whether by profit sharing aspects of ownership of the token (like that of SiaFund Token holders receiving 3.9% of fees from all transactions on the network), by the tokens representing a form of equity/ownership of the project, giving status as a creditor or lender, giving rights to interest payments or repayment of purchase price, or a claim in bankruptcy as a equity interest holder/creditor. These methods are all directly related to performance of promoters/sellers/third parties involved in the project, and will (almost) always satisfy this portion of the test. However, these are often not true for many tokens that consider themselves “utility” tokens.
The expectation of profits must also be primarily from the effort of promoters/third parties. As mentioned above, those methods rely on persons affiliated with the project to cause the profits to come forth. Although not explicitly stated that the third parties must be affiliated with those offering the tokens for sale, the current rulings have only ruled offerings as securities in cases where the third party was affiliated with the enterprise making the offering. A small influence on the project by others or even those having bought the tokens is not enough to cause the token to fail this portion of the test, so those relying on some contributions for open source software, bug bounty programs, or a distributed mining system would most likely not be exempt.
These lay the basis for this portion of the test, but for those claiming to be Utility tokens that could be considered security tokens there is another, more difficult to decipher part. The situation where investors buy the token with the intention to hold it and later resell it for a higher price. In this situation, the purchase of the tokens with an expectation of selling for profit at a later date must be the PRIMARY reason for purchasing the token. This is where most “utility” tokens attempt to disqualify themselves from being considered a security. If it can be reasonably inferred that the tokens were purchased to gain access to using the platform (e.g. as a currency on the platform to be exchanged for services) then the token may be ruled to be exempt. The possibility of selling the asset for profit on a secondary market (that is not affiliated with the issuers of the token) is not enough in and of itself to qualify it as a security, as was shown by past rulings on commodity futures contracts.
Despite these ways to disqualify a token as a security, the SEC operates on a principal of “substance over form” meaning that even if the token is designed with some functionality it can still be considered a security if in practice it is not being used for those reasons. When considering these things you should consider if those buying the token are primarily motivated to use it as intended on the platform, or to hold and resell to obtain a profit on the investment. SEC Chairman issued a public statement in December saying “merely calling a token a ‘utility’ token or structuring it to provide some utility does not prevent the token from being a security.” Thus many of the popular “utility” tokens that were offered in an ICO could still be classified a security and should be examined with extreme scrutiny before purchasing.
For more help determining if a token is a security or a utility token, Coinbase has created a helpful framework for judging the likelihood a token is a security. Although not definite by any means, it should help give you a good idea of the risk that the token is later classified by the SEC as a security token. Find it at the top of this Coinbase Blog post.
What Does This Mean for Those Tokens Ruled as Securities?
Any tokens that are ruled as securities, whether the ICO has been conducted already or not, are going to suffer immensely if they are ruled to be securities by the SEC.
Those that have not yet disbursed their tokens will be forced to take action to prevent them from being prosecuted for securities fraud. This could include refunding investors money that has been paid for undisbursed tokens or halting the ICO until it has been registered with the SEC as a security offering, which is a complicated and time consuming process that will heavily delay the eventual ICO, if it happens. If/when the ICO is conducted, one of two things will happen.
If offered publicly, the coins can be sold to “qualified clients” — those with $1 million AUM with the advisor immediately after entering the contract with the advisor; net worth of more than $2.1 million solely or with a spouse excluding the primary residence; an executive officer, director, trustee, general partner, advisor, or a similar capacity of the fund manager; owns at least $5 million worth of investments; or is an employee involved in the investment activity of the advisors for at least 12 months. In a new amendment to regulation D — rule 506(c), the SEC also allows publicly offered securities to “accredited investors” as long as the company takes extra steps to verify the client’s status as an accredited investor (definition below).
If offered privately, only to individuals known by those offering the security tokens, then they can be an “accredited investor” — those with a net worth exceeding $1 million solely or with a spouse outside of the primary residence, sole income in excess of $200,000 (or $300,00 with a spouse) for the last two years and reasonable expectation to achieve the same the following year, an entity owned exclusively by accredited investors, or an entity not formed for the purpose of purchasing the tokens with assets over $5 million. In the amendment to regulation D mentioned above — rule 506(b), the SEC allows privately offered securities to be sold to up to 35 non-accredited investors given that investors are provided with extensive information on the issuers of the security
This is a huge change to how most ICOs are run now. Most ICOs have been trying to position themselves as “crowdfunding campaigns” and offering to the general public regardless of investor status. With the impending regulation crackdown it will change the structure and way that ICOs operate as a whole, and severely limit those who have access to them. While I do not necessarily agree with this limitation, it is hard to argue against the SEC doing this as we have seen how so many fraudulent ICOs have lost investors Millions of dollars.
Tokens that have already been disbursed will be nearly impossible to feasibly reclaim, and the companies that have issued their tokens and used the money already will be subject to heavy penalties by the SEC at a federal level. This could very well bankrupt many cryptocurrency projects, cause the development of the project to cease, and result in the tokens’ value decreasing enormously. In addition to this happening to the issuers of the tokens themselves, exchanges listing these tokens that are not registered with the SEC will be subject to immense fines and thus most likely will cease to list the tokens on their exchange. As you can imagine, this also will be devastating the the price of the underlying cryptocurrency and could cause you to lose your investment.
We all hope that the coins behind these extremely promising projects do not end up being classified as security tokens, but many of the favorite “utility” tokens that were first released as ICOs are at risk of meeting these standards. In those cases the projects themselves and the holders of that particular currency would be at a large risk of losing their investments and the project as a whole being severely hindered. Check all of your holds, critically assess the likelihood that it could be classified as a security token by these definitions, and invest intelligently. Don’t get left hung out to dry when the SEC comes down on your favorite “Utility” Token.