ICO Wednesdays: When Everything is a Security

Never one to shy away from the dark underbelly of fintech, I’ve decided to lead off our second installment of ICO Wednesdays with a discussion of security tokens and the United States. We will also brush past the murky domain of government affairs.

The bottom line: US regulators have ultimately landed on a fairly conservative position with respect to token issuance.

Kik: Exhibit A

Kik is being slapped with $100 million action with respect to its offering. Based on what I have read, it does not appear that there was ill intent, and there does appear to be efforts on the part of a company to comply with applicable regulation, they just appear to have called the ball wrong.

Attorneys I have consulted on these questions of tokens and security tokens have highlighted that full disgorgement is a potential enforcement action. That’s right, you could be liable to give back 100% of your token offering, even if you have spent some of it.

In my opinion, the major tokens (Bitcoin, Ethereum, XRP - the top 3 by market cap and trading volume) enjoy a special status by virtue of their scale. Action against them would have a chilling effect on innovation in the space, and so regulators might take a more jaundiced view about a very public and messy attack (this is disclosed on my website and LinkedIn, but to highlight, in 2018 I spent 6 months formally advising Ripple. I no longer do so). While I believe that the regulators have evaluated all of the top tokens, my impression is that controls and government affairs, on the part of individuals with vested interest in all three tokens, in combination with scale, would mitigate any significant regulatory action in the near term. Barring an obvious misstep of course. (Think Bitcoin is decentralized? Think again. If you look at who has publicly advocated for Bitcoin and against other tokens, and you see how they are getting paid, you will begin to follow the money. One former regulator has been particularly egregious about this).

First mover advantage has its benefits. I don’t see that same kind of treatment we see with respect to Bitcoin, ETH, and XRP as we will for new, large scale token offerings. In the United States at least, it seems increasingly clear that the regulators are asserting that all token offerings are security offerings. This means that they need to be in compliance with relevant securities law. There are even suggestions that token offerings conducted under sophisticated investor rules such as “Reg D” or “Reg A” may be viewed as more akin to a public listing.

I am involved with one company that conducted a successful token offering, Endor. The team went through great lengths during KYC to ensure that they had no US citizens participating in the purchase of tokens, even though many tried to buy it. My understanding is that management adopted the more prudent approach of simply excluding US investors, rather than trying to figure out where the regulatory frog would hop.

Government affairs: forewarned is forearmed

It’s worth mentioning regulatory affairs. Many of the new generation of fintech companies first encounter the regulators when they receive an enforcement letter. Regulators and policymakers speak a unique and specific language, and they need to be communicated with proactively, to help them understand how a particular company plays a role in the ecosystem and how it is complying with applicable law. Fintechs, particularly ones that have adopted a “stick it to the man” philosophy, may not appreciate the importance of a proactive regulatory affairs approach.

Financial services isn’t the taxi industry. You can’t use the Uber regulatory model as a guide. Because of the risks of terrorist financing and other national security implications, and because the risks of criminal activity to be mediated over new financial services platforms is so great, the standard to which a fintech is held is higher.

There is also a societal impact issue: if a poor person can’t take an Uber, or a Lyft, they still have public transportation options such as a subway or bus or trolley, and they can still typically take a taxi. If financial services companies begin excluding poor people from access to services, perhaps because they had don’t have a credit history, or have not built a strong credit history because they have not been given the benefit of financial literacy and good financial habits that wealthier people have access to, or maybe because the fintech can’t adequately KYC the individual - we create a cycle of poverty.

This means is that the attitude of “move fast and break things” doesn’t work so well when you get scale in financial services. It means that you can’t just willfully violate regulation and law (as Uber is alleged to have done), and then anticipate that public sentiment will force the regulators to change their positions later.

I note that the net promoter scores of some of the top banks in the world have at times been negative. And the net promoter score of some new fintechs have been quite extraordinary (they are comparable to Apple, a world class consumer company). 

Unfortunately, that’s not enough. If you are in financial services, you need to have a proactive regulatory affairs strategy. You need to be engaging with regulators well in advance of any enforcement action, and help them understand what you’re doing and how you are in compliance. And you need to comply with relevant law and regulation, rather than specifically violate it and hope that you will be able to fix it later.

A Token of My Affection

Okay, so let’s get back to token offerings specifically.

John D’Agostino, Oxford guest speaker and founder of the Digital Assets Working Group (DAWG), points out that “some ICO’s argued their tokens had a utility function had in fact turned out to not have such utility function. Therefore the next generation of company that seeks to convince...regulators that it truly has utility based ecosystem will have a much higher hurdle.”

So what kind of compliance do you have to look at if you’re doing a token offering in the United States? First of all, you can anticipate millions of dollars of expense. You’re going to need audited financials, disclosures of significant holdings in the company by owner and amount and percentage, and a host of other items that would typically be found in an initial public offering. It still might be worth it to you because you might be at a scale where this is an interesting source of financing. But it should be treated very similarly to a public offering rather than some novel private sale.

Is it possible to get away with actions other than what I am recommending? Potentially, for a while. It’s assuming risk. Based on what I have been hearing through the rumor mill, and with no specific knowledge of specific enforcement actions, if I were working with a company that were issuing a token, I would recommend that they follow full securities disclosures and filings if they’re going to do it in the United States, or I would recommend that they look at another domicile that is friendlier to a more liberal approach to token offerings, coupled with a strong compliance function that ensured that they did not have US citizens or entities purchase tokens..

And bear in mind, the US is a ferociously complicated regulatory landscape, with 50 state attorneys general vying with the SEC and the CFTC to grapple with disruptive technologies like blockchain and disruptive applications like token offerings. Most other domiciles in the world have a more simple approach to regulation and enforcement.

Aside from domiciles that have completely banned token offerings, the US now represents the further end of conservative.

In the future columns, we will explore more moderate or even liberal approaches to token issuance. Next stop: the trinity of the UK, Canada and Australia.

* * * * *

Propel your business forward

• Launch your business with Oxford faculty and expert industry professionals. 
• Get exposure to and feedback from London area venture capitalists. 
• Build your ties with your cohort of peers. 

Join Oxford Fintech Lab starting December 7

exclusively for executives who have completed one of my online programmes

* * * * *

Opinions expressed herein are my own, and may not represent those of the University of Oxford or any other institutions with which I am affiliated. My disclosures can be found on the Visionary Future website.