This post was drafted with Bri'ana Thomas, a 3L at Brooklyn Law School.

Initial Coin Offerings (“ICO”) have become the flyest thing in startup fundraising. New ventures have raised over $4 billion this year alone, surpassing the $265 million raised collectively in 2015 and 2016. This has resulted from the explosion of Bitcoin and the economic benefits that early Bitcoin adopters have received--everyone is now looking for investment opportunities in the next Bitcoin. As a result, many are participating in ICOs for new cryptocurrency tokens (or coins or altcoins) created by startup founders with the hopes that they will have the same economic growth as Bitcoin. This trend is exciting for founders who want their projects funded as quickly and cheaply as possible. However, as beneficial as ICOs may be to fund new projects, many founders are, against legal counsel’s better judgment, skirting around US securities laws to effect cheap and quick fundraising rounds.

An ICO is like an IPO, except with cryptocurrencies. An ICO is effectively a pre-sale of coins for a project that leverages a blockchain-based technology. Under an ICO, ventures will offer a certain number of coins to platform contributors, end users, and investors in exchange for participation or other cryptocurrencies like Bitcoin or Ether. In turn, a secondary market for these tokens can be easily created on cryptocurrency exchanges if the ICO is successful. Unlike IPOs though, ICOs are not always primarily used to raise money from investors (or fools--see below); at their heart, ICOs are a way of distributing a platform’s crypto-coins on the open market at a discount, perhaps to incentivize participation in the platform. That is, if you want to run a blockchain venture without a middle man (this is the stated benefit of a blockchain, after all), you need coins out on the market to engage in transactions on that blockchain. 

The U.S. Securities and Exchange Commission (“SEC”), which would normally be in charge of regulating IPOs, has been closely following ICOs because of their rise in popularity and general lack of consumer protection. Indeed, a number of ICOs are being revealed as scams.   Additionally, ICO issuers are generally not following protocol for issuing securities under US law.  The reason for this might be that, unlike in an equity financing where a company issues profit-participation rights or shares of stock in exchange for an investment, ICOs issue digital assets that may resemble an equity or debt security without necessarily rising to the level of a security (more on this below). In turn, in most cases ICO issuers skip the long, expensive process of a traditional round of equity financing, which would typically involve lawyering up, negotiating archaic terms determined by VC funds, drafting complex documentation, and making appropriate SEC filings. Instead, they create a cryptocurrency on Ethereum, and sell their coins to investors.

This raises the question: is a coin issued under an ICO a security?  And if so, what does that mean for ICO issuers?

A “security” is an umbrella term for many different kinds of investments – stock, notes, bonds, investment contracts etc. – that are intangible. Under the Howey Test adopted by the US Supreme Court, certain transactions can qualify as “investment contracts,” which are securities, if they meet the following criteria: 1) An investment of money 2) In a common enterprise 3) With an expectation of profits 4) Which are derived solely from the efforts of the promoters or third parties.

Based on the Howey Test, there are many factors to consider when determining whether a token is a security, such as if there is an investment of money, the timing of the pre-sale, what token holders have to do to get economic benefits, the token’s function, the mechanism for getting any economic benefits, the extent of token holders’ control (e.g., by voting), and how the token is marketed.

Currently, major players in the crypto market (Coinbase, Coin Center, etc.) argue that if a token is functional (i.e. a utility token), the platform is launched and the token is functional at the time of launch then the token is likely not a security.

The SEC has officially cracked down on at least two ICO’s, the DAO and Munchee Inc, for failure to register with the SEC.

The DAO was a virtual organization created by a company called The DAO was to be like an investor-directed fund where the number of DAO tokens you have would give you the right to cast votes with respect to investment opportunities. Individuals selected by would perform essential DAO tasks such as initial review and approval of projects for DAO token holders to vote on.

The SEC evaluated the DAO ICO against the Howey Test. The SEC determined that, not token holders, had responsibility for the management of the DAO, and that token holders did not have the right to exercise meaningful control over the enterprise. In turn, the SEC recommended that DAO coins were in fact securities. See the SEC's discussion of DAO coins as "investment contracts" on page 11 of this investigation report.  The SEC only released these findings posthumously, however--The DAO sunk after it succumbed to serious security vulnerabilities.

Munchee Inc. (“Munchee” or “MUN”) was the subject of the most recent ICO shut down by the SEC. The company, which already has an existing iPhone application, wanted to raise $15 million in capital to transfer its application to a blockchain and create an “ecosystem” for the company and others to buy and sell goods. The company communicated that the token holders could make a profit on the tokens, and they would actively seek participation in cryptocurrency exchanges to promote a secondary market inciting a reasonable belief that token holders could expect a return on their investment.  This, along with the inherent risks of pre-functionality token sales, caused the SEC to issue an order requesting that Munchee halt the ICO. The SEC commented that “even if MUN tokens had a practical use” at the time of the offering, it would not preclude the offering from security status since the “manner of sale” matters. In essence, the SEC said that, even if a token is functional prior to sale, if you pitch the token as a security you are risking security status regardless of any agreement (i.e., a Simple Agreement for Future Tokens) used to sell pre-sale tokens and safeguard against SEC sanctions.

An example of an ICO that may be considered (at this time) to avoid security status under the Howey Test is the Filecoin crowdsale. Filecoin is a blockchain-based storage network utilizing cryptocurrency that allows users to rent out their computers’ free storage. The ICO--the largest to date, raising $257 million dollars--used the Simple Agreement for Future Tokens (“SAFT”), which “provides investors with the right to fully-functional utility tokens, delivered once the network is created and tokens are functional.” This ICO was limited to accredited investors, unlike most ICOs, to adhere to SEC regulations. Here, investors only receive the tokens once the platform is in operation, perhaps making it more analogous to buying a video game on pre-order--and leaving the third prong of the Howey Test unmet.

It could also, however, be argued that by only allowing accredited investors, Filecoin was not targeting actual users of the network, but rather investors who expect a return, so it would not matter if the platform and token were fully functional or not. Additionally, the SEC considers the simple agreement for future equity, or SAFE (upon which the concept of a SAFT is based), is considered a security by the SEC

With the above examples in mind, it behooves us to point out that, to date, no ICO has registered with the SEC.

Startups need to be mindful of the Howey Test and the approaches they are using to incentivize purchasers. Marketing an ICO as an investment with a potential secondary market, even with a functional token and a platform in operation, may still garner them unwanted security status. Startups must also be careful in using ICOs to raise cash. If the goal is merely to skip regulatory oversight, the ICO is probably going to do you more harm than good.