Part 3: Developments in the United States and the Rising Tide of Enforcement

In 2017, the use of initial coin offerings (“ICOs”) as an alternative means to raise capital took off worldwide. By the end of the year, ICO sponsors raised over $5.6 billion globally through token offerings.[1] At the same time, U.S. regulators’ focus on ICOs has rapidly expanded as well. Since releasing the DAO Investigative Report in July 2017 (the “DAO Report”), the U.S. Securities and Exchange Commission (the “SEC”) has steadily increased its focus on ICO activity. As exemplified by numerous investor advisories, the creation of the Cyber Unit within the Enforcement Division with the purpose to halt and deter cyber-related misconduct in the securities markets, enforcement actions against ICOs, and the Office of Compliance Inspection and Examinations’ (“OCIE”) announcement that monitoring ICO sales will be one of its top 2018 priorities, it is clear that the SEC views ICOs as squarely within the scope of its mandate for regulation and enforcement. Unsurprisingly, state enforcement actions and private class action litigation targeting ICOs are also on the rise.


Under the Securities Act of 1933 (the “Securities Act”), offers and sales of securities must be made pursuant to either an effective registration statement on file with the SEC or pursuant to an exemption from registration.[2] The SEC’s authority to regulate ICOs hinges on whether ICO tokens constitute a “security” as defined under both the Securities Act and the Securities Exchange Act of 1934 (the “Exchange Act”).[3]

In the DAO Report, the SEC indicated that ICO tokens can meet the definition of an “investment contract” under the Supreme Court’s test in SEC v. W.J. Howey Co., thus qualifying as securities under the Securities Act and Exchange Act. Under the Howey test, an investment contract exists when there is: (1) an investment of money; (2) in a common enterprise; (3) with a reasonable expectation of profits; (4) from the managerial or entrepreneurial efforts of others.[4] As the SEC indicated in the DAO Report, where purchasers use financial value to buy tokens from ICO token issuers seeking to fund a common enterprise and the purchasers’ motivation is at least partially to obtain profits from their investment, the SEC will view the tokens as an investment contract, and therefore as securities, if those profits are derived from the managerial efforts of others.[5]

Finally, the SEC emphasized in the DAO Report that where ICO tokens meet the definition of a “security” under the Howey test, those persons providing a marketplace for buyers and sellers of such securities may constitute an “exchange” under the Exchange Act.[6] In such circumstances, those persons would be required to either register as a national securities exchange under the Exchange Act or operate under an appropriate exemption.

How ICO token issuers (and their lawyers) have responded to the DAO Report

Since the SEC’s warning in the DAO Report that ICO tokens may be securities and therefore within the scope of the U.S. securities laws, ICO token issuers seeking to raise capital have sought to either avoid the characterization of their tokens as “securities,” or attempted to structure the ICO to fall within an exemption from registration under the U.S. securities laws. Others are considering structuring their ICOs so that they comply with the SEC’s Regulation A+. In addition, we are aware of one instance where an ICO issuer is seeking to register the offer and sale of its tokens pursuant to a registration statement on Form S-1.[7]

Many issuers have emphasized their tokens’ consumptive value, pitching them as “utility tokens.” The utility token model is designed to give token holders access in the future to a product or service that the ICO token issuer will create with the funds raised in the ICO. Issuers of “utility tokens,” argue that the tokens are not an investment in a common enterprise, but rather a prepaid discount coupon for the eventual product or service.

Alternatively, ICO token issuers have sought to structure their ICOs to fall under an exemption from the registration requirements, such as the private placement offering safe harbor under Rule 506 of Regulation D,[8] or by limiting offers and sales of tokens to non-U.S. investors in reliance on the exemption for offerings outside the United States under Regulation S.[9] ICO token issuers have also sought to employ the Simple Agreement for Future Tokens (“SAFT”) framework whereby the “SAFTs” are sold before the underlying platform on which the tokens will be used is launched at which point the SAFTs will generally be convertible into tokens. The argument is that the SAFTs are securities but that the tokens issued after the platform’s launch will not be under the Howey test because they will be used on the platform and will not be issued for investment purposes.

After the DAO Report: Regulation, enforcement and litigation

Recent SEC statements on ICOs

Shortly after the DAO Report, SEC Chairman Jay Clayton began issuing multiple warnings directed towards investors and ICO token issuers concerning the risks of unregistered and potentially fraudulent securities offerings in the form of ICOs. In November 2017, while delivering a speech, Chairman Clayton went off script in stating, “I have yet to see an ICO that doesn’t have a sufficient number of hallmarks of a security.”[10]

In December 2017, Chairman Clayton issued a formal, public statement on SEC oversight and regulation over ICOs and cryptocurrencies.[11] In discussing ICOs, Chairman Clayton indicated that whether a token constitutes a security “depends on the facts,” but also that many utility token issuers thus far have structured offerings providing rights “more analogous to interests in a yet-to-be-built” company than merely participation interests in a closed network.[12] As such, Chairman Clayton indicated that “by and large, the structures of [ICOs] that I have seen promoted involve the offer and sale of securities and directly implicate the securities registration requirements and other investor protection provisions of our federal securities laws.”[13] Furthermore, the Chairman stated that he has asked the SEC’s Division of Enforcement to prioritize actions against ICOs that violate the securities laws.

Recently, Chairman Clayton has expanded the scope of his warnings on activities in the ICO market beyond the token issuers themselves. On January 22, 2018, at the Securities Regulation Institute, Chairman Clayton indicated that he was disturbed by instances where lawyers assisted ICO token issuers by structuring their ICO to include many key features of a securities offering, but also either claimed that the tokens were not securities, or provided clients with equivocal advice that fell short of properly informing them when their token offering likely was an offering of “securities.” Chairman Clayton indicated that such actions have “deprived investors of the substantive and procedural investor protection requirements of our securities laws” and harmed clients who proceeded with ICOs without complying with securities laws. Chairman Clayton indicated he has instructed the SEC staff to look for attorneys failing to meet the obligations of the U.S. securities bar. While testifying before the Senate Banking Committee on February 6, 2018, Chairman Clayton expressed concerns over unregulated virtual currency and ICO token exchanges, and whether they provide adequate protections for investors. In both sets of planned comments, Chairman Clayton moved beyond the threshold question of whether individual ICOs are securities into broader concerns relating to the market for ICOs.

The Cyber Unit and SEC enforcement actions

Contemporaneous with the SEC’s warnings regarding ICOs last year, the SEC staff prioritized enforcement actions against unregistered and fraudulent offerings. In September 2017, the SEC established the Cyber Unit within the Enforcement Division, tasked with focusing on all aspects of digital misconduct implicating the U.S. securities markets. The Cyber Unit brought its first charges late last year against PlexCorps for securities fraud in relation to its 2017 ICO that raised over $15 million from investors on claims that they could expect a 1,354% profit within the first month. Although PlexCorps, a Quebec-based enterprise, has filed a motion to dismiss for a lack of personal jurisdiction,[14] the case remains pending before the United States District Court for the Eastern District of New York.

More recently, the SEC instituted cease-and-desist proceedings at the Cyber Unit’s initiative against an ICO in progress, in In the Matter of Munchee.[15] The SEC found a reasonable expectation of profits from the significant entrepreneurial and managerial efforts of others where the issuer (Munchee) stated it would build an “ecosystem,” enabling profits for investors due to the increased value of tokens; promised to aid in building a secondary trading markets for tokens; and that it would edit the app for users to receive increased utility that purchasers had from holding the tokens.[16] While the issuer structured the offering as a sale of “utility tokens,” the SEC made clear that where the economic realities of a transaction in a financial instrument satisfy the definition of a security, providing an additional consumptive use will not stop the SEC from finding that the token is a security.[17]

This rising tide of enforcement actions from the SEC seems only set to continue in 2018. On February 7, 2018, OCIE, the SEC’s main examination and investigations unit, announced it intends to place cryptocurrency and ICO market activities on its list of exam priorities for 2018. In its 2018 National Exam Program Examination Priorities (“Exam Priorities Report”), OCIE indicated that it intends to monitor the sale of ICO tokens, “and where the products are securities, examine for regulatory compliance.” Following the announcement, the SEC initiated a probe of ICO token issuers in February 2018, sending out numerous subpoenas, which, according to CEO Patrick Byrne, included “very broad questions” aimed at learning everything possible about the mechanics of ICOs.[18] It has been reported that one focus of the SEC’s investigatory probe is the SAFT framework. Should the SEC choose to act on any of the information it obtains from this probe, it could provide the first public comments from the SEC on whether the SAFT framework or other efforts to conduct exempt ICOs comply with the U.S. securities laws.

The OCIE Exam Priorities Report also indicated that the SEC will be prioritizing examinations of broker-dealers and investment advisers to ensure that their activities in ICO token secondary markets also comply with U.S. securities laws.[19] Following the OCIE Report, on March 7, 2018, the SEC Divisions of Enforcement and Trading and Markets issued a joint pubic statement to alert ICO token market participants of their exchange trading obligations under the U.S. securities laws. Echoing the DAO Report, the public statement highlighted the requirement for those platforms serving as “exchanges” for ICO tokens that qualify as securities to either be registered with the SEC as national securities exchanges or to operate under an exemption from registration. The SEC encouraged such market participants to register as alternative trading systems, and consequently as broker-dealers, subjecting them to regulation by both the SEC and FINRA. With these developments, it is clear that token issuers and those market professionals advising investors on ICOs who do not take heed of the SEC’s multiple warnings and run afoul of U.S. securities laws are doing so at their own risk.

State Enforcement Actions

In addition to enforcement at the federal level, a number of state regulators have recently targeted unregistered and fraudulent ICOs. ICO token issuers were warned of impending state securities law enforcement via an investor alert issued by the North American Securities Administrators Association on January 4, 2018, expressing concerns over wild speculation and fraud in ICOs, and indicating that state securities administrators were prepared to bring enforcement actions for violations of applicable state laws. Shortly thereafter, Texas and North Carolina’s state securities regulators issued separate cease-and-desist orders against the BitConnect ICO, alleging fraud, the misleading of investors, and violations of state securities registration requirements; these were the first actions by state securities regulators against ICO token issuers. In the weeks since the BitConnect orders, regulators in Massachusetts (on multiple occasions), New Jersey, and South Carolina have brought additional enforcement actions against ICO token issuers operating in violation of state securities laws. The message for issuers seeking to raise capital through ICOs in the United States is clear: consideration must be given to securities laws at both the federal and state level prior to beginning an offering.

Private class action litigation

In the months since the DAO Report was released, investors in several ICOs have filed class action lawsuits against ICO token issuers alleging U.S. securities law violations. In particular, investors have accused a number of ICO token issuers of conducting unregistered public securities offerings, and committing securities fraud. One of the most prominent examples involving a series of four class action lawsuits filed against Tezos, which conducted an ICO in July 2017 raising $232 million in virtual currency assets that were later trading at a market price above $1 billion. The class action lawsuits allege violations of the registration requirements under the securities laws and securities fraud on the basis that the highly publicized internal governance fights between the founders of Tezos and the company’s board of directors have substantially decreased the value and liquidity of their investment.[20]

Further class action lawsuits have been filed against a number of other ICO token issuers for U.S. securities law violations relating to their 2017 offerings, including one by Centra that raised over $30 million following endorsements by Floyd Mayweather. As with the PlexCorps case, these class actions are currently in federal courts and not before the SEC, meaning that if these cases proceed to trial, we will see how the courts apply the Howey test to ICOs.

Key considerations for ICOs in the United States

ICO token issuers and their counsel would be well-served in heeding the warnings regulators have given to the market and structure their ICOs in accordance with the securities laws by either registering the tokens or structuring the offering pursuant to an available exemption from the registration requirements. While the SEC Cyber Unit is currently focusing on ICOs and enforcement of violations of the registration requirements under the securities laws, the Cyber Unit may well turn its attention to the secondary markets on which ICO tokens are traded, and possible violations of market participants and the exchanges on which tokens trade under the Exchange Act. As indicated by OCIE’s announcement that the SEC intends to prioritize the monitoring of ICOs in 2018, it is clear that a key theme for ICOs in the United States this year will be increased regulatory scrutiny and enforcement.

[1] Ani Banerjee et. al., The State of the Token Market: A Year in Review & an Outlook for 2018 (Fabric Ventures and TokenData, January 2018) available at:

[2] Securities Act §§ 5(a), (c).

[3] Securities Act § 2(a)(1); Exchange Act § 3(a)(10) (Both definitions include “investment contracts”).

[4] 328 U.S. 293 (1946).

[5] As the SEC indicated in the DAO Report, when determining whether ICO token purchasers have a reasonable expectation that their potential profits would come from the managerial efforts of others, it will consider factors such as: (1) whether the efforts of a promoter or a third party are essential to the enterprise; (2) the level of control token holders have over the token’s protocols and operations; (3) whether investors’ expectations of profits were heightened by the marketing of the tokens; and (4) the level of control that agents of the issuer have over voting proposals concerning its operations.

[6] Exchange Act Section 3(a)(1) defines an “exchange” as “any organization, association, or group of persons, whether incorporated or unincorporated, which constitutes, maintains, or provides a market place or facilities for bringing together purchasers and sellers of securities or for otherwise performing with respect to securities the functions commonly performed by a stock exchange as that term is generally understood, and includes the market place and the market facilities maintained by such exchange.” In the DAO Report, the SEC also pointed to Exchange Act Rule 3b-16(a)’s functional test for determining whether a person constitutes an “exchange,” which asks whether the person: “(1) brings together the orders for securities of multiply buyers and sellers; and (2) uses established, non-discretionary methods (whether by providing a trading facility or by settling rules) under which such orders interact with each other, and the buyers and sellers entering such orders agree to the terms of the trade.”

[7] We note that this registration statement is subject to SEC review and that the token issuer may not move forward with the offering unless the registration statement is declared effective by the SEC following review and comment by the SEC staff.

[8] Typically, ICO token issuers have attempted to structure their offerings in compliance with Rule 506(c) under the Securities Act. Rule 506(c) permits issuers to raise an unlimited quantity of funds and does not prohibit general solicitation and general advertising, so long as the issuer only sells securities to investors that the issuer has taken reasonable steps to verify are “accredited investors.”

[9] See Rule 903 under the Securities Act. Regulation S provides an exemption from registration for offerings made entirely outside the United States, provided that: (a) the offer or sale is made in an “offshore transaction”; (b) there are no “directed selling efforts” made in the United States, i.e. the issuer cannot “condition the U.S. market” for the securities being offered or sold; and (c) additional requirements are satisfied based on the “category” of the issuer, which is determined on the basis of whether there is a substantial U.S. market interest in the class of securities offered. As ICOs are almost exclusively marketed through the internet without restrictions on access by persons in the United States, the marketing of ICOs in this respect is not compatible with the prohibition on “directed selling efforts” under Regulation S.

[10] Dave Michaels and Paul Vigna, SEC Chief Fires Warning Shot Against Coin Offerings, Wall St. J., Nov. 9, 2017,

[11] Jay Clayton, Statement on Cryptocurrencies and Initial Coin Offerings (Dec. 11, 2017),

[12] Id.

[13] Id.

[14] PlexCorps in its motion to dismiss has asserted that its offering was limited to non-U.S. persons and therefore the offering was outside the scope of the jurisdiction of U.S. securities laws and their registration requirements.

[15] SEC Release No. 33-10445 (2017).

[16] Id. at 8-9.

[17] Id. at 9.

[18], which is conducting an ICO on a private placement basis to raise funding for its tZERO platform, announced in a filing on Form 8-K on March 1, 2018 that the SEC Division of Enforcement had informed the company in February 2018 that it was conducting an investigation into the tZERO ICO.

[19] In particular, the OCIE Exam Priorities Report indicates that the office’s areas of focus will include, “whether financial professionals maintain adequate controls and safeguards to protect these assets from theft or misappropriation, and whether financial professionals are providing investors with disclosure about the risks associated with these investments, including the risk of investment losses, liquidity risks, price volatility, and potential fraud.”

[20] See e.g. Complaint, Gaviria v. Dynamic Ledger Solutions, Inc., 6:17-CV-01959-PGB-KRS (M.D. Fla. 2017); Complaint, MacDonald v. Dynamic Ledger Solutions, Inc., 3:17-CV-07095-RS (N.D. Cal. 2017). According to the complaints, the Tezos ICO tokens were to derive their value from the development of a Tezos blockchain network that was set to launch within four months after the ICO took place. It has since come to light that internal corporate governance procedures laid out in the Tezos founding documents could preclude the network from becoming operational for up to three years, allegedly freezing the value of the tokens for the duration.