Aurelio Gurrea Martínez is an Assistant Professor of Law at Singapore Management University
While many securities regulators are still debating whether and, if so, how to regulate Initial Coin Offerings (ICOs), this new source of finance keeps growing worldwide. In 2017, companies raised around 3.7$ billion. In the first three quarters of 2018, this figure reached more than $17 billion. Therefore, despite the scepticism that some authors and regulators have raised about the use of ICOs, the truth is that the market is buying this product. With this in mind, I provide an outline of what kinds of legal strategies would be appropriate to protect purchasers and prospective purchasers of tokens, including purchasers of tokens that are not or would not be considered securities.
Functional vs legal classification of tokens
In a recent paper about the law and finance of ICOs, my co-author Nydia Remolina and I propose a simple classification of tokens based on both their function and their legal nature. As for their function, we follow the classification suggested by FINMA. Along these lines, we distinguish between asset tokens (those that resemble shares, bonds, etc.), utility tokens (those that offer access to goods and services) and payment tokens (those that represent cryptocurrencies). Regarding their legal nature, we distinguish between security tokens (those that qualify as “securities” under a particular country´s securities laws) and non-security tokens (everything else). We argue that the legal classification of a token, which should be the relevant classification for securities regulation, depends on the features, structure, distribution, and marketing of the issuance of tokens, as well as a particular country´s securities laws. Hence, even though the function of a token may help determine its legal nature, a further analysis will be required, and many ‘utility tokens’ can be classified as securities tokens from a legal perspective, while many ‘assets tokens’ (which may look like securities tokens) might end up being non-security tokens from a legal perspective.
Regulatory approaches to deal with ICOs
Whether or not authorities are inclined to undertake such lengthy investigations diverges considerably. For example, while some countries, such as China and South Korea, have prohibited ICOs, other jurisdictions (e.g., Mexico) are requiring authorization for any issuance of tokens (no matter whether they are security or non-security tokens). Yet other countries, including the United States, Singapore, and Switzerland only inspect transactions likely to be securities, or embedded in a complex web coordination problems (e.g. free-rider, under provision of information) that are deemed to collectively pull a fundraise within the domestic regulator’s regulatory perimeter.
As mentioned in our paper, none of these models sound entirely convincing to us. The Chinese approach may harm innovation and access to finance. The Mexican approach can be very costly, not only in terms of delay but perhaps more importantly in terms of staff to be hired and trained just to manage this task. Finally, the approach followed in the US, Singapore and Switzerland may fail to protect purchasers of tokens (‘tokenholders’) for two primary reasons. First, securities regulators do not review all issuances of tokens, meaning products that are clearly speculative investments can escape supervision, even where they have (some but presumably not enough) security-like features. Second, and closely related, non-security tokens are unprotected from potential developer opportunism.
It’s worth emphasizing that several factors make the risk of opportunism in ICOs higher than in any issuance of shares or bonds. First, ICOs routinely involve larger asymmetries of information between issuers and tokenholders, due to the complexity of the technology involved in an ICO and the opacity of accompanying disclosures. Second, there seem to be a type of ‘market euphoria’ in the crypto market that probably makes tokenholders more exposed to irrational behaviour. Third, unlike what happens in the purchase of shares or bonds in a public company, tokenholders are not protected by a market for corporate control that may incentivize the managers to maximize the value of the firm. Promoters cannot be removed. Therefore, they will not have the same incentives to maximize the interest of the tokenholders. Finally, while the purchasers of security tokens (‘security tokenholders’) are protected by a country´s securities law, those buying non-security tokens (‘non-security tokenholders’) suffer from a higher risk of opportunism by the founder since their primary legal protection is the white paper – which is, in some cases, no more than a PDF uploaded to a website that might even disappear a few months after the ICO is launched. Consequently, these corporate governance problems seem to justify a regulatory response even more intense than in the context of a regular issuance of shares or bonds.
How tokenholders can be protected
In an attempt to promote innovation and access to finance while protecting investors and the stability of the financial system, my co-author and I propose a new regulatory model to deal with ICOs based on three pillars. First, we propose that any issuance of tokens should be notified to the securities regulator (or any other regulatory authority) through a simple, harmonized electronic form providing some basic information about the issuance. As some authors have previously noted, this basic information may include the promoter’s location, problem and proposed technology solution, description of the token, blockchain governance, qualifications of the technical team, and risk factors (Brummer, 2018). Likewise, we would also add applicable law, identity of the promoters, legal advisors, accounting and finance aspects of the ICO (among other reasons, to determine whether the tokenholders will be classified as ‘equityholders’ or ‘debtholders’, and how the ICO may impact the company´s financial ratios and covenants), and legal or contractual protections available to protect tokenholders (if any). By filing this electronic form to the relevant authority, investigations to detect fraud can be initiated more easily (especially taking advantages of the use of regtech), what in return can reduce the number of scams due to the higher chances to detect fraudulent behaviours in ICOs.
Second, taking into account that the evidence suggests that more than 80 percent of ICOs are scams, we also propose that pension funds should be prohibited from participating in a token pre-sale since they invest money on behalf of the general public and their potential failure could have severe consequences for the stability of many domestic financial systems. Moreover, since most of the capital structure of a bank is formed by deposits, and most of the depositors are non-sophisticated debtholders, we find this protective, risk-averse policy even more convincing for banks, again, especially in the context of a pre-sale. Finally, while we do not suggest prohibiting the sale or pre-sale of tokens to retail investors, we encourage regulators to require adequate disclosures where information asymmetries abound. They should also encourage investors to consider the risks of fraud and malfeasance. A good example of such an approach can be seen in the ‘Howey coin’ website and campaign created by the SEC.
Third, whereas security tokenholders are protected through a country´s securities laws, non-security tokenholders are only protected by the white paper – which may, under some cases, mean nothing. For this reason, we propose a variety of legal remedies to protect non-security tokenholders. Along these lines, regulators should promote a system of smart disclosure in the electronic form required to any issuance of tokens. Thus, by focusing on how the information is provided rather than just imposing disclosure obligations, tokenholders will be able to make better decisions. Furthermore, regulators could impose “cooling off” periods that allow non-security tokenholders to return tokens within a given period and without cost. Thus, the possibility of returning the token could correct some irrational behaviours potentially existing at the moment of purchasing the token. Additionally, regulators could impose standards of behaviour aiming to prevent expropriation by founders. As shown in the experience of financial consumers, this type of ‘conduct regulation’ may seem more efficient and effective than prohibiting terms or products (‘product regulation’). Finally, policy makers should also establish a legal presumption stating that any ambiguous provision in the white paper should be interpreted in favour of non-security tokenholders. Thus, the burden of proof will be on the promoters. By implementing all of these measures, regulators will be able to reduce the current ‘contracting failures’ existing between promoters and tokenholders.
Many countries are developing guidance and several regulatory strategies to deal with ICOs. In my opinion, however, most of these regulatory models present some flows and they do not provide any effective devices to protect non-security tokenholders. In this piece, I have summarized some of the proposals that my co-author and I have suggested to protect tokenholders. In our opinion, regulators still need to implement further policies to enhance the level of protection provided to tokenholders. Otherwise, not only they will be putting investors’ and consumers’ money at risk by facilitating the existence of scams, but they will also jeopardize the most valuable asset existing in financial markets: people´s trust.