Unpacking the SEC's Framework for ICO's

Unpacking the SEC's Framework for ICO's

. 9 min read

The SEC recently came out with its Framework for “Investment Contract” Analysis of Digital Assets. The report provides guidance for those who are planning to engage in an ICO to help them determine whether or not the sale of their digital asset meets the definition of an “investment contract” under U.S. Federal securities laws.

I’ll break it down further in much more detail, but the TLDR; the sale a digital asset which has the following characteristics most likely meets the threshold of what a security is:

  • Is expected to increase in value and seen as an investment
  • People buy more of it than they reasonably would need.
  • Is dependent on a company or group of paid developers to increase the value of the product
  • Has a figurehead or parent company that owns the network
  • Is transferrable or tradable on a secondary market.

This means that any token sold in an ICO over the past few years would qualify as a security, to include Ethereum. The biggest sticking point for me is what's the point of issuing a digital token if it's not tradable or transferable? This negates completely the structure of what was created by ICO's and will need to be addressed by lawmakers.

All of the following discussion pertains to U.S. Federal Laws and is not applicable to other jurisdictions. However, it should be said that many countries look to the US for guidance in how they should craft their own securities laws and so this document will have greater ramifications for the crypto community as a whole.

What is a Security?

According to the Investment Company Act of 1940 a security is

“any note, stock, treasury stock, security future, bond, debenture, evidence of indebtedness, certificate of interest or participation in any profit-sharing agreement, collateral-trust certificate, preorganization certificate or subsciption, transferable share, investment contract, voting trust certificate, certificate of deposit for a security, fractional undivided interest in oil, gas, or other mineral rights, any put, call, straddle, option, or privilege on any security (including a certificate of deposit) or on any group or index of securities (including any interest therein or based on the value thereof), or any put, call, straddle, option, or privilege entered into on a national securities exchange relating to foreign currency, or, in general, any interest or instrument commonly known as a ‘‘security’’, or any certificate of interest or participation in, temporary or interim certificate for, receipt for, guarantee of, or warrant or right to subscribe to or purchase, any of the foregoing.”

The framework published by the SEC is particularly focused on investment contracts, specifically for ICO’s. The basis behind an ICO is that a company or person (in the framework the term Active Person (AP) is used) issues a digital asset to persons to be used on the network. Some of the use cases are that it can provide access to a network, act as a virtual currency, stand in place for a virtual good, or simply keep value against a pegged currency. I’m sure I’ve left some use cases out, but in essence, this covers most of all crypto and digital assets. Most ICO’s did not follow US securities laws and failed to register with the SEC, or they simply excluded Americans completely.

The first major response to ICO activity was the DAO Report, which found that the issuers of the DAO Token violated U.S. Securities law when they were sold to investors. The SEC report stated that the sale of the tokens represented an investment contract, which is covered under the above stated securities law.

What is an Investment Contract

The law defines an investment contract as “an investment of money in a common enterprise with a reasonable expectation of profits to be derived from the entrepreneurial or managerial efforts of others.” This definition was determined by the U.S. Supreme Court in SEC v. Edwards, 540 U.S. 389, 393 (2004), SEC v. W.J. Howey Co., 328 U.S. 293, 301 (1946), and United Housing Found., Inc. v. Forman, 421 U.S. 837, 852-53 (1975). In most cases though, the characteristics that define an investment contract are commonly referred to as the Howey Test.

The Howey Test is broken down by each of its four points and must satisfy all four prongs to be considered a security. The points are

  1. An investment of money
  2. Into a common enterprise
  3. A reasonable expectation of profits
  4. Profits are derived from efforts of others

The SEC states in the framework that “the so-called ‘Howey test’ applies to any contract, scheme, or transaction, regardless of whether it has any of the characteristics of typical securities.” It’s a flexible set of principles rather than a hard coded set of rules. The purpose of the Howey Test is to give regulators a means to impart the phrase “if it walks like a duck, quacks like a duck…” The whole point of Howey is to not focus on the thing itself, but the characteristics which it has, which in this case are digital assets and the manner they are “offered, sold, or resold (which includes secondary market sales).”

ICO’s satisfy the first two parts easily, money (a digital asset is considered money if it is used to exchange value, regardless if it is a currency or not) is sent to a common enterprise, which is the owner of the smart contract or company receiving the assets in exchange for their token.

The bulk of the Framework is spent on picking apart the final two points, expectations of reasonable profits and those profits are derived from the efforts of others.

Most if not all ICO’s had teams backing the development of the token. Some ICO’s setup foundations to receive funds, others established companies, or even received it personally (scams). When investors gave them Ethereum in return for tokens, most projects weren’t even operational yet, the token was simply a placeholder for a mainnet to come. Without this core team, there would be no future development of the project and it would fail. Teams usually provided themselves with a percentage of tokens. More so, these teams reached out and negotiated terms for listing of their token on major crypto exchanges, creating a secondary market for it.

Any centralized entity that supports the project, it’s development, health and price can be considered an AP. Any managerial efforts by this entity also makes it an AP, even if it’s not the issuer. The point is that token holders expect the AP to work to increase the value of the token.  

One interesting point is that if an AP has a substantial stake in a digital asset or if they gave themselves a portion of tokens as compensation and the price is determined by a secondary market, this allow could mean the token is a security. I’m reminded of Zcash and their developer tax, which took 20% of mined tokens and transferred them to the Zcash foundation. It's possible that by the guidelines in the framework, even a POW coin with no ICO could be considered a security if significant rewards are paid out to an AP who is responsible for the development of the network.

Another interesting point is that a token may be a security if the issuer retains the intellectual property rights to the digital asset, as is the case with Hedera Hashgraph, who patented parts of their blockchain to keep copies from appearing post launch.

All of this activity satisfies the the fourth point and any token offered, sold and resold like this is probably meets the standards of being a security. The SEC has already gone after US companies who failed to register, such as Paragon and Airfox.

The fourth prong is the most obvious one. If people are giving money to a project in return for a token and they expect the price to rise significantly, then its a security. Profits can be, according the Framework, “among other things, capital appreciation resulting from the development of the initial investment or business enterprise or a participation in earnings resulting from the use of purchasers’ funds.” Any token which pays dividends or profits, or has realized gains coming from the improvement of the underlying network by a team of developers ticks off this prong.

I found it interesting that price plays a heavy role in the framework. If prices deviate upwards too much from the original sale price, it could pass the Howey Test. Tokens that aren’t securities need to either be price stable (but not algorithmically set) or inflationary, so that that the holder of the token could not expect his token to increase in value simply from holding it. Token buyers also should be buying more than they need and they also shouldn’t be trading it more than is expected.

Another key aspect is if secondary trading is taking place or expected. Any ICO project that isn’t trying to get listed on Binance or another competitor these days is going to suffer. Without liquidity, there is no market for the token and price craters.

Crypto tokens on the other hand are entirely speculative. They have no underlying value other than what someone is willing to pay for them at the given moment. Trading and exchange is an inherent part of the creation of every token and coin created since Ethereum. Trading is where the majority of interest comes from, especially from Asia, where crypto is a substitute for traditional gambling addictions.  

The hot item of the moment IEOs are securities offerings and this why no exchanges allow US customers into the sales. It’s illegal activity for the exchange to offer the IEO to Americans, as no crypto exchanges hold the proper licenses yet to sell securities. But the IEO serves a purpose, it leverages the popularity of the exchange to conduct a low float sale of initial tokens that potentially can hit multiples and drive hype and marketing to a product.

No one would know or care about these projects if they were not listed. The tokens themselves are typically without rights to equity, cash flows or other specifics that would give the token intrinsic value.

Essentially, a token which isn’t a security should be sold for use in a fully developed and operational decentralized network, for use for its intended functionality and meet the needs of the purchaser and the token should not increase greatly in value, be transferable or be available for exchange on secondary markets.

Think air miles. Think gift cards. Think reward points. None of these are securities. Airdrops… are questionable. If a company does an airdrop and doesn’t conduct an ICO, the token could still be considered a security if it’s “designed to advance the issuer’s economic interests and foster a trading market.”

My take away from the piece is that every token issued is a security, to include Ethereum. The SEC also though this as well, but for some reason declared that enough time had passed that the network had become "decentralized" enough to not be considered a security anymore. This effectively creates a high regulatory moat for Ethereum alone, which at this point is the only crypto token sold in an ICO to not be considered a security.

My questions would be, what are the effective measures of "decentralization?" Much of the guidance was provided in the Framework, which laid out that no AP shall retain substantial managerial, developmental or financial control over the network. Meeting this standard somehow nullifies the expectation of profits, which seem to be fine, so long as they are not the result of the efforts of others. What though is the process of running an ICO, releasing a token, which is a security, and then its transition to being not a security, as was in the case of Ethereum.

There are many questions remaining for decentralized networks who want to conduct an ICO see their network token become widely used. Changes to the law though will have to either come through the courts or Congress. There are several bills in line to be passed, and so I believe eventually we will have answers to my questions I laid out above. The capital raise process isn't broken, it works as intended, ultimately, more thought needs to be given to the post-launch regulatory environment.

Additionally, crypto tokens are designed to be transferable and traded. The whole point of running an energy intensive decentralized network is to facilitate trustless trades between parties. I don't think people could care less about most of the projects they put money into over the past few years, they were more focused on which exchanges it would trade on and how many multiples it would rise before they could sell it onwards.

The morality of allowing speculative trading is already established in the United States with existing securities laws. If this was the Commission's thoughts about the ICO market, why did they allow the ICO market to rapidly proliferate? If they knew that ICO's were securities, why didn't they act faster to clamp down on the activity? It wouldn't have been hard to issue subpoenas to issuing companies and summons to crypto exchanges.

The next few years we will experience a shift change in the ICO market as it professionalizes and additional laws are enacted regulating aspects of the issues I discussed above. I'd like to know your own thoughts on the Framework and what sort of changes you would like to see the SEC/Congress make.