Wyoming’s Blockchain Legislation

Wyoming continues to position itself as a business-friendly state most recently by passing groundbreaking blockchain legislation defining cryptocurrency coins or tokens as a whole new asset class separate from securities and commodities.  While it is unlikely that Wyoming’s new statutes will impact the SEC’s view that most, if not all, cryptocurrencies, or at least those issued to investors or used for capital raising, are securities, or the CFTC’s view that cryptocurrencies that are used as a medium of exchange, are a commodity, Wyoming has done what federal lawmakers have not yet endeavored – created comprehensive blockchain legislation.

In March 2018, Wyoming passed five separate bills addressing securities, corporate, banking and tax matters which could entice cryptocurrency and blockchain businesses to locate within the state. The statutes are part of an initiative in Wyoming called ENDOW – Economically Needed Diversity Options for Wyoming.

HB 19

Wyoming House Bill 19 provides an exemption for virtual currency, including bitcoin and ethereum, used within Wyoming from money transmitter laws and regulations subject to providing certain specified verification authority to the Wyoming Secretary of State and Wyoming Banking Commissioner.  The specified verification authority includes representations, warranties and undertakings by the issuer of “utility tokens” to confirm beneficial ownership of the token and to prevent unauthorized or fraudulent duplication of the token by third parties.

HB 19 defines a “virtual currency” as “any type of digital representation of value that: (i) is used as a medium of exchange, unit of account or store of value; and (ii) is not recognized as legal tender by the United States government.”

As a reminder, the CFTC has regulatory oversight over futures, options, and derivatives contracts on virtual currencies and has oversight to pursue claims of fraud or manipulation involving a virtual currency traded in interstate commerce.  Beyond instances of fraud or manipulation, the CFTC generally does not oversee “spot” or cash market exchanges and transactions involving virtual currencies that do not utilize margin, leverage or financing.  Rather, these “exchanges” are regulated as payment processors or money transmitters under state law.

However, despite the Wyoming state law exemption, businesses which issue or exchange these tokens would still be subject to FinCEN’s regulations and the requirements to comply with the Bank Secrecy Act (BSA).  The BSA requires virtual currency exchangers and administrators, including those businesses that issue a virtual currency in exchange for other virtual currencies, fiat currency or types of value, to complete anti-money laundering (AML), know your customer (KYC) and other procedures to combat the financing of terrorism and prevent or detect the abuse of virtual currency to facilitate cyber-crime, money laundering, terrorist financing, black market sales of illegal or illicit products and services and other high-tech crimes. For more on FinCEN and the BSA, see HERE.

HB 70

Wyoming House Bill 70 removes utility tokens from specified securities and money transmission laws.  In particular, any person that develops, sells or facilitates the exchange of an open blockchain utility token would not be required to comply with specified securities and money transmission laws subject to providing specified verification authority.  The purpose of the statute is to make clear that utility tokens issued for non-investment purposes, are exempt from the Wyoming securities laws including registration and exemption provisions and broker-dealer registration requirements.

HB 70 defines an “open blockchain token” as a digital unit which is: (i) created (a) in response to the verification or collection of a specified number of transactions relating to a digital ledger or database, (b) by deploying computer code to a blockchain network that allows for the creation of digital tokens or other units, or (c) using any combination of (a) and (b); (ii) recorded in a digital ledger or database that is chronological, consensus-based, decentralized and mathematically verified, especially related to the supply of units and their distributions; and (iii) capable of being traded or transferred between persons without an intermediary or custodian of value.

HB 70 provides that the purpose of the token must be for “a consumptive purpose, which shall only be exchangeable for, or provided for the receipt of, goods, services or content, including rights of access to goods, services or content.”

Furthermore, HB 70 would not apply where the developer or seller of the token sold the token to the initial buyer as a financial investment.  The requirement that the token not be an investment can only be satisfied if: (i) the developer or seller does not market the token as a financial investment; and (ii) at least one of the following is true: (a) the developer or seller reasonably believed that it sold the token for a consumptive purpose; (b) the token has a consumptive purpose that is available at the time of sale and can be used at or near the time of sale; (c) if the token does not have a consumptive purpose at the time of sale, the token is prevented from being resold until the consumptive purpose is available; or (d) the developer or seller takes other reasonable precautions to prevent the buyers from purchasing the token as a financial investment.

The SEC has been clear in numerous statements that it believes that tokens that are issued for the purpose of capital raising and an increase in value, are securities offerings that must comply with the federal securities laws.  The SEC’s position relates to factors such as the method of issuance and sale of the tokens, use of proceeds, investment intent and expectation of profit, ability to increase value, whether the “utility” has been built out or established, and ability for secondary trading.  The SEC has specifically not taken into account the ultimate utility value of the token, nor directly answered the oft asked question of whether a token that is issued in a securities offering, can then morph into a commodity or other asset class, not subject to the securities laws.  It is my view, and the general view of the marketplace, that “utility tokens” can be sold in a “securities offering.”

Although the Wyoming statute attempts to address the investment intent, and even appears to attempt to address the SEC main criteria, I would suggest that issuers of any tokens should continue to comply with the federal securities laws until there is further guidance and certainty at the federal level.

SF 111

SF 111 provides that virtual currency is not subject to taxation as “property” in Wyoming.  That is, virtual currency would be treated as personal property, not subject to Wyoming property taxes.  SF 111 amends a prior statute that exempted money and cash on hand, currency, gold, silver and related items by adding virtual currencies.  Like HB 19, SF 111 defines a “virtual currency” as “any type of digital representation of value that: (i) is used as a medium of exchange, unit of account or store of value; and (ii) is not recognized as legal tender by the United States government.”

HB 101

HB 101 allows for the maintenance of corporate records of Wyoming entities via blockchain that utilizes electronic keys, network signatures and digital receipts.  In particular, the Act authorizes the use of electronic networks or databases for the creation or maintenance of corporate records, authorizes the use of a data address to identify shareholders, authorizes the acceptance of shareholder votes if signed by a network signature that corresponds to a data address and specifies the requirements for the use of electronic networks and databases.  In addition, the Act requires the secretary of state to review and update its rules for consistency.

HB 126

HB 126 allows the creation and use of “series LLC’s.”  Delaware is well known for its series LLC statute.  Series LLC have become popular in the blockchain space and accordingly it is thought that this will attract blockchain-based businesses.

Further Reading on DLT/Blockchain and ICOs

For a review of the 2014 case against BTC Trading Corp. for acting as an unlicensed broker-dealer for operating a bitcoin trading platform, see HERE.

For an introduction on distributed ledger technology, including a summary of FINRA’s Report on Distributed Ledger Technology and Implication of Blockchain for the Securities Industry, see HERE.

For a discussion on the Section 21(a) Report on the DAO investigation, statements by the Divisions of Corporation Finance and Enforcement related to the investigative report and the SEC’s Investor Bulletin on ICOs, see HERE.

For a summary of SEC Chief Accountant Wesley R. Bricker’s statements on ICOs and accounting implications, see HERE.

For an update on state-distributed ledger technology and blockchain regulations, see HERE.

For a summary of the SEC and NASAA statements on ICOs and updates on enforcement proceedings as of January 2018, see HERE.

For a summary of the SEC and CFTC joint statements on cryptocurrencies, including The Wall Street Journal op-ed article and information on the International Organization of Securities Commissions statement and warning on ICOs, see HERE.

For a review of the CFTC’s role and position on cryptocurrencies, see HERE.

For a summary of the SEC and CFTC testimony to the United States Senate Committee on Banking Housing and Urban Affairs hearing on “Virtual Currencies: The Oversight Role of the U.S. Securities and Exchange Commission and the U.S. Commodity Futures Trading Commission,” see HERE.

To learn about SAFTs and the issues with the SAFT investment structure, see HERE.

To learn about the SEC’s position and concerns with crypto-related funds and ETFs, see HERE.

For more information on platforms that trade cryptocurrencies and more on the continued regulatory confusion in the space, see HERE.

For information on FinCEN’s role and requirements related to the cryptocurrency marketplace, including requirements for issuers of ICOs, see HERE.

The Author

Laura Anthony, Esq.
Founding Partner
Legal & Compliance, LLC
Corporate, Securities and Going Public Attorneys
330 Clematis Street, Suite 217
West Palm Beach, FL 33401
Phone: 800-341-2684 – 561-514-0936
Fax: 561-514-0832
LAnthony@LegalAndCompliance.com
www.LegalAndCompliance.com
www.LawCast.com

Securities attorney Laura Anthony and her experienced legal team provides ongoing corporate counsel to small and mid-size private companies, OTC and exchange traded issuers as well as private companies going public on the NASDAQ, NYSE MKT or over-the-counter market, such as the OTCQB and OTCQX. For nearly two decades Legal & Compliance, LLC has served clients providing fast, personalized, cutting-edge legal service. The firm’s reputation and relationships provide invaluable resources to clients including introductions to investment bankers, broker dealers, institutional investors and other strategic alliances. The firm’s focus includes, but is not limited to, compliance with the Securities Act of 1933 offer sale and registration requirements, including private placement transactions under Regulation D and Regulation S and PIPE Transactions as well as registration statements on Forms S-1, S-8 and S-4; compliance with the reporting requirements of the Securities Exchange Act of 1934, including registration on Form 10, reporting on Forms 10-Q, 10-K and 8-K, and 14C Information and 14A Proxy Statements; Regulation A/A+ offerings; all forms of going public transactions; mergers and acquisitions including both reverse mergers and forward mergers, ; applications to and compliance with the corporate governance requirements of securities exchanges including NASDAQ and NYSE MKT; crowdfunding; corporate; and general contract and business transactions. Moreover, Ms. Anthony and her firm represents both target and acquiring companies in reverse mergers and forward mergers, including the preparation of transaction documents such as merger agreements, share exchange agreements, stock purchase agreements, asset purchase agreements and reorganization agreements. Ms. Anthony’s legal team prepares the necessary documentation and assists in completing the requirements of federal and state securities laws and SROs such as FINRA and DTC for 15c2-11 applications, corporate name changes, reverse and forward splits and changes of domicile. Ms. Anthony is also the author of SecuritiesLawBlog.com, the OTC Market’s top source for industry news, and the producer and host of LawCast.com, the securities law network. In addition to many other major metropolitan areas, the firm currently represents clients in New York, Las Vegas, Los Angeles, Miami, Boca Raton, West Palm Beach, Atlanta, Phoenix, Scottsdale, Charlotte, Cincinnati, Cleveland, Washington, D.C., Denver, Tampa, Detroit and Dallas.

Contact Legal & Compliance LLC. Technical inquiries are always encouraged.

Follow me on Facebook, LinkedIn, YouTube, Google+, Pinterest and Twitter.

Legal & Compliance, LLC makes this general information available for educational purposes only. The information is general in nature and does not constitute legal advice. Furthermore, the use of this information, and the sending or receipt of this information, does not create or constitute an attorney-client relationship between us. Therefore, your communication with us via this information in any form will not be considered as privileged or confidential.

This information is not intended to be advertising, and Legal & Compliance, LLC does not desire to represent anyone desiring representation based upon viewing this information in a jurisdiction where this information fails to comply with all laws and ethical rules of that jurisdiction. This information may only be reproduced in its entirety (without modification) for the individual reader’s personal and/or educational use and must include this notice.

© Legal & Compliance, LLC 2018

Copy of Logo

FinCEN’S Role In Cryptocurrency Offerings

In the continuing dilemma over determining just what kind of asset a cryptocurrency is, multiple regulators have expressed opinions and differing views on regulations. Likewise, multiple regulators have conducted investigations and initiated enforcement proceedings against those in the cybersecurity space. The SEC has asserted the opinion that most, if not all, cryptocurrencies are securities; the CFTC has found them to be commodities; the IRS’s official definition is the same as the CFTC, and in particular a digital representation of value that functions as a medium of exchange, a unit of account, and/or a store of value, and now the Financial Crime Enforcement Network (FinCEN) has asserted that issuers of cryptocurrencies are money transmitters.

In particular, in a letter written to the US Senate Committee on Finance on February 13, 2018, FinCEN indicates that it expects issuers of initial coin offerings (ICOs) to comply with the Bank Secrecy Act (BSA), including its anti-money laundering (AML) and know your customer (KYC) requirements. FinCEN’s letter responded to a December 14, 2017 directed to it from the US Senate Committee on Finance requesting information on FinCEN’s oversight and enforcement capabilities over virtual currency financial activities. As with other agencies such as the SEC and CFTC, FinCEN desires to promote the financial innovation that can come with blockchain technology and cryptocurrencies, while preventing criminals, hackers, sanctions evaders and hostile foreign actors.

Virtual currency exchanges and administrators

FinCEN has been working with the Office of Terrorism and Financial Intelligence (FTI) to ensure that AML and procedures to combat the financing of terrorism apply to virtual currency exchanges and administrators that are in the US or do business in whole or part in the US, but do not have a physical presence here.  Virtual currency exchanges and administrators have been subject to the BSA’s money transmitter requirements since 2011. In 2013 FinCEN issued specific guidance that explicitly states that virtual currency exchanges and administrators are money transmitters that must comply with the BSA. An exchange that sells ICO coins or tokens, or exchanges them for other virtual currency, fiat currency or other value that substitutes for currency, is a money transmitter that is subject to the BSA.

To assist in identifying risks and the illicit use of virtual currency, including the abuse of virtual currency to facilitate cyber crime, money laundering, terrorist financing, black market sales of illegal or illicit products and services and other high-tech crimes, FinCEN examines BSA filings from virtual currency money services businesses (MSB) and other emerging payments providers, including filings pertaining to digital coins, tokens and ICOs. Trends, red flags and risks and reported to US law enforcement and other governmental agencies.

Entities that are subject to the BSA must: (i) register with FinCEN as a MSB; (ii) prepare a written AML compliance program that is designed to mitigate risks, including AML risks, and to ensure compliance with all BSA requirements including the filing of suspicious activity reports (SAR) and currency transaction reports; (iii) keep records for certain types of transactions at specific thresholds; and (iv) obtain customer identification information sufficient to comply with the AML program and recordkeeping requirements.

SAR reports that are filed with FinCEN have identifying information about the owner/customer. In cases where a bitcoin address is identified, FinCEN performs a blockchain analysis which can often enable investigators to tie it to a virtual currency exchanger, hosted wallet, or other source that may have the identity of the account owner. Blockchain network analytic tools can also tie a targeted bitcoin address to other persons that have transacted with a particular bitcoin address.  The investigative process may involve the issuance of subpoenas and FinCEN cooperates with law enforcement to help identify and trace bitcoin used in criminal activity.

FinCEN also conducts reviews and exams of registered MSBs. Of the approximate 100 registered entities, FinCEN has examined approximately one-third and has initiated several enforcement proceedings as a result of those exams. However, financial crimes and terrorism are international issues and not all countries regulate virtual currency businesses or require them to keep records. Accordingly, FinCEN has been working to encourage foreign countries to regulate these businesses and to cooperate in criminal investigations.

ICO issuers

FinCEN is working with the SEC and CFTC to clarify and enforce AML and counterterrorism obligations of businesses that engage in ICO activities. Although the FinCEN letter indicates that the obligation to comply with the BSA and its ensuing AML, registration, SAR and other requirements depends on the nature of the financial activity and a facts-and-circumstances analysis, ICO participants have unilaterally interpreted the FinCEN letter as requiring all ICO issuers to comply in one way or another.

FinCEN specifically states that an issuer that sells convertible virtual currency, including in the form of ICO coins or tokens, in exchange for another type of value, including fiat currency, is a money transmitter that must register as an MSB and comply with the BSA, including AML and KYC procedures. However, to the extent that an ICO involves the sale of securities or derivatives that would be under the jurisdiction of the SEC through its regulation of broker-dealers or CFTC through its regulation of merchants and brokers in commodities, those entities could comply with the SEC and CFTC’s AML and counterterrorism requirements.

The Securities Exchange Act of 1934 (“Exchange Act”) specifically requires brokerage firms to comply with the BSA and FinCEN rules. Brokerage firms are also required to comply with AML rules established by FINRA, including FINRA Rule 3310. The purpose of the AML rules is to help detect and report suspicious activity including the predicate offenses to money laundering and terrorist financing, such as securities fraud and market manipulation. FINRA also provides a template to assist small firms in establishing and complying with AML procedures.

In May 2016, FinCEN issued new final rules under the BSA requiring financing institutions, including brokerage firms, to adopt additional anti-money laundering (AML) procedures that include specific due diligence and ongoing monitoring requirements related to customer risk profiles and customer information. The rules also require financial institutions to collect and verify information about beneficial owners and control person of legal entity customers.  My blog on those rules can be read HERE.

FinCEN requires that financial institutions address the following four key elements in all of their AML programs: (i) customer identification and verification; (ii) beneficial ownership identification and verification; (iii) understanding the nature and purpose of customer relationships to develop risk profiles; and (iv) ongoing monitoring for reporting suspicious transactions and maintaining and updating customer information.

Further Reading on DLT/Blockchain and ICOs

For a review of the 2014 case against BTC Trading Corp. for acting as an unlicensed broker-dealer for operating a bitcoin trading platform, see HERE.

For an introduction on distributed ledger technology, including a summary of FINRA’s Report on Distributed Ledger Technology and Implication of Blockchain for the Securities Industry, see HERE.

For a discussion on the Section 21(a) Report on the DAO investigation, statements by the Divisions of Corporation Finance and Enforcement related to the investigative report and the SEC’s Investor Bulletin on ICOs, see HERE.

For a summary of SEC Chief Accountant Wesley R. Bricker’s statements on ICOs and accounting implications, see HERE.

For an update on state-distributed ledger technology and blockchain regulations, see HERE.

For a summary of the SEC and NASAA statements on ICOs and updates on enforcement proceedings as of January 2018, see HERE.

For a summary of the SEC and CFTC joint statements on cryptocurrencies, including The Wall Street Journal op-ed article and information on the International Organization of Securities Commissions statement and warning on ICOs, see HERE.

For a review of the CFTC role and position on cryptocurrencies, see HERE.

For a summary of the SEC and CFTC testimony to the United States Senate Committee on Banking Housing and Urban Affairs hearing on “Virtual Currencies: The Oversight Role of the U.S. Securities and Exchange Commission and the U.S. Commodity Futures Trading Commission,” see HERE.

To learn about SAFTs and the issues with the SAFT investment structure, see HERE.

To learn about the SEC’s position and concerns with crypto-related funds and ETFs, see HERE.

For more information on platforms that trade cryptocurrencies and more on the continued regulatory confusion in the space, see HERE.

The Author

Laura Anthony, Esq.
Founding Partner
Legal & Compliance, LLC
Corporate, Securities and Going Public Attorneys
330 Clematis Street, Suite 217
West Palm Beach, FL 33401
Phone: 800-341-2684 – 561-514-0936
Fax: 561-514-0832
LAnthony@LegalAndCompliance.com
www.LegalAndCompliance.com
www.LawCast.com

Securities attorney Laura Anthony and her experienced legal team provides ongoing corporate counsel to small and mid-size private companies, OTC and exchange traded issuers as well as private companies going public on the NASDAQ, NYSE MKT or over-the-counter market, such as the OTCQB and OTCQX. For nearly two decades Legal & Compliance, LLC has served clients providing fast, personalized, cutting-edge legal service. The firm’s reputation and relationships provide invaluable resources to clients including introductions to investment bankers, broker dealers, institutional investors and other strategic alliances. The firm’s focus includes, but is not limited to, compliance with the Securities Act of 1933 offer sale and registration requirements, including private placement transactions under Regulation D and Regulation S and PIPE Transactions as well as registration statements on Forms S-1, S-8 and S-4; compliance with the reporting requirements of the Securities Exchange Act of 1934, including registration on Form 10, reporting on Forms 10-Q, 10-K and 8-K, and 14C Information and 14A Proxy Statements; Regulation A/A+ offerings; all forms of going public transactions; mergers and acquisitions including both reverse mergers and forward mergers, ; applications to and compliance with the corporate governance requirements of securities exchanges including NASDAQ and NYSE MKT; crowdfunding; corporate; and general contract and business transactions. Moreover, Ms. Anthony and her firm represents both target and acquiring companies in reverse mergers and forward mergers, including the preparation of transaction documents such as merger agreements, share exchange agreements, stock purchase agreements, asset purchase agreements and reorganization agreements. Ms. Anthony’s legal team prepares the necessary documentation and assists in completing the requirements of federal and state securities laws and SROs such as FINRA and DTC for 15c2-11 applications, corporate name changes, reverse and forward splits and changes of domicile. Ms. Anthony is also the author of SecuritiesLawBlog.com, the OTC Market’s top source for industry news, and the producer and host of LawCast.com, the securities law network. In addition to many other major metropolitan areas, the firm currently represents clients in New York, Las Vegas, Los Angeles, Miami, Boca Raton, West Palm Beach, Atlanta, Phoenix, Scottsdale, Charlotte, Cincinnati, Cleveland, Washington, D.C., Denver, Tampa, Detroit and Dallas.

Contact Legal & Compliance LLC. Technical inquiries are always encouraged.

Follow me on Facebook, LinkedIn, YouTube, Google+, Pinterest and Twitter.

Legal & Compliance, LLC makes this general information available for educational purposes only. The information is general in nature and does not constitute legal advice. Furthermore, the use of this information, and the sending or receipt of this information, does not create or constitute an attorney-client relationship between us. Therefore, your communication with us via this information in any form will not be considered as privileged or confidential.

This information is not intended to be advertising, and Legal & Compliance, LLC does not desire to represent anyone desiring representation based upon viewing this information in a jurisdiction where this information fails to comply with all laws and ethical rules of that jurisdiction. This information may only be reproduced in its entirety (without modification) for the individual reader’s personal and/or educational use and must include this notice.

© Legal & Compliance, LLC 2018

Copy of Logo

The SEC Has Provided Guidance On Ether and Bitcoin, Sort Of

On June 14, 2018, William Hinman, the Director of the SEC Division of Corporation Finance, gave a speech at Yahoo Finance’s All Markets Summit in which he made two huge revelations for the crypto marketplace. The first is that he believes a cryptocurrency issued in a securities offering could later be purchased and sold in transactions not subject to the securities laws. The second is that Ether and Bitcoin are not currently securities. Also, for the first time, Hinman gives the marketplace guidance on how to structure a token or coin such that it might not be a security.

While this gives the marketplace much-needed guidance on the topic, a speech by an executive with the SEC has no legal force. As a result, the blogs and press responding to Mr. Hinman’s speech have been mixed. Personally, I think it is a significant advancement in the regulatory uncertainty surrounding the crypto space and a signal that more constructive guidance will soon follow. I will summarize the entire speech later in this blog, but first right to the most salient point.

Although a speech by an SEC official does not have legal weight, it does give practitioners a firm foot on which to proceed. William Hinman is the Director of the Division of Corporation Finance (“CorpFin”), whose responsibility includes reviewing and commenting on SEC filings, a topic I’ve written about before. As described in my recent blog on the subject (see HERE), when responding to SEC comments, a company may also “go up the ladder,” so to speak, in its discussion with the CorpFin review staff. Such further discussions are not discouraged or seen as an adversarial attack in any way. For instance, if the company does not understand or agree with a comment, it may first talk to the reviewer. If that does not resolve the question, they may then ask to talk to the particular person who prepared the comment or directly with the legal branch chief or accounting branch chief identified in the letter. A company may even then proceed to speak directly with the assistant director, deputy director, and then even director.

Related to Bitcoin, Director Hinman stated, “…when I look at Bitcoin today, I do not see a central third party whose efforts are a key determining factor in the enterprise. The network on which Bitcoin functions is operational and appears to have been decentralized for some time, perhaps from inception. Applying the disclosure regime of the federal securities laws to the offer and resale of Bitcoin would seem to add little value.” Similarly, related to Ether, Mr. Hinman stated, “…putting aside the fundraising that accompanied the creation of Ether, based on my understanding of the present state of Ether, the Ethereum network and its decentralized structure, current offers and sales of Ether are not securities transactions.”

As a direct result of these statements, at least 2 of our clients, with our support, have shifted how they will proceed with Regulation A offerings in which tokens are being offered, and Bitcoin and Ether expected to be accepted as a form of payment. Prior to Mr. Hinman’s comments, CorpFin issued comments to our clients, which comment letters gave an indication of the progression of the SEC’s thinking. In particular, in an earlier letter the SEC comment was in relevant part as follows:

We note that you will accept Bitcoin, Ether, Litecoin or Bitcoin Cash as payment for your common stock. Please disclose the mechanics of the transaction. For example, explain the following:

  • whether the digital assets are securities and, where you have determined they are, how you will structure each individual transaction so that you are in compliance with the federal securities laws;
  • disclose how long the company would typically hold these digital assets, some of which may be securities, before converting to U.S. dollars;
  • include risk factor disclosure discussing the impact of holding such assets and/or accepting this form of payment, including price volatility and liquidity risks as well as risks related to the fragmentation, potential for manipulation, and general lack of regulation underlying these digital asset markets; and
  • disclose how you will hold the digital assets that you may receive in this offering as payment in exchange for shares of your common stock. If you intend to act as custodian of these digital assets, some of which may be securities, please tell us whether you intend to register as a custodian with state or federal regulators and the nature of the registration.

The comment letter included many other points on cybersecurity, price volatility, risk factors and other issues not related to whether the Bitcoin or Ether were a security. In a recent comment letter for a different client, also offering tokens in a Regulation A offering and accepting Bitcoin and Ether as payment, the SEC did not issue any questions as to whether Bitcoin or Ether were a security, but did include substantially the same questions related to cybersecurity, price volatility, risk factors and other business points.

The SEC CorpFin is pragmatic in its approach and despite frustrations at times, would not allow its Division Director to make public statements and then allow its staff to issue comments or take positions that were in direct contravention to those statements. Keep in mind that SEC no-action letters technically do not set precedence or have any legal bearing outside of the parties to the letter, but are regularly relied upon by the SEC and practitioners for guidance.

Although Mr. Hinman’s speech does not have legal authority, I am confident that the SEC will not raise the issue or question whether Bitcoin or Ether are a security in current and future registration statements or Regulation A offerings, at least until there is different legal authority than exists today.… And, there could be different legal authority in the future. I attended a Regulation A conference in New York in the beginning of June, and one of the panels was related to cyrptocurrencies. In addition to attorneys in the space, the panel included Anita Bandy, Assistant Director of the SEC Division of Enforcement.  Referring to token or coin offerings, one of the panel members specifically stated that Ether is a security and Ms. Bandy did not correct him. Furthermore, at the end of the panel, I privately asked Ms. Bandy if it is her opinion that Ether is a security today. She politely refused to answer the question, letting me know that she couldn’t express an opinion on that without conferring with other SEC management.  Two days later, Mr. Hinman gave his speech.

…. But, Mr. Hinman is Director of CorpFin and Ms. Bandy is part of the Division of Enforcement.  Although I believe that the SEC divisions are communicating with each other on the very relevant and important subject of cryptocurrency, and have even issued joint statements on the subject, they are separate. Moreover, decoding Mr. Hinman’s statements further, he said, “… putting aside the fundraising that accompanied the creation of Ether…” This begs the question: What would happen if the SEC Division of Enforcement took action related to the initial fundraising and creation of Ether, and how would that impact the current status of Ether? My thought is that they are mutually exclusive.  Ether is decentralized today and will continue its own course.

The SEC Division of Enforcement could take action similar to the Munchee, Inc. case where it settled the proceeding with no civil penalty. The SEC could also issue another report on Ether similar to the Section 21(a) Report on the DAO issued a year ago in July 2017, though I don’t know what new or different information it could add to that analysis. If Ether violated the federal securities laws at its issuance, it did so in the same way as the DAO, using the SEC v. W. J. Howey Co. test. Perhaps a new report could provide more guidance as to the analysis of when a crypto reaches a point where it is decentralized enough such that it no longer meets the parameters laid out in Howey, or that might be wishful thinking on my part.

Director Hinman’s Speech “Digital Asset Transactions: When Howey Met Gary (Plastic)”

Director Hinman opens his speech with the gating question of whether a digital asset that is offered and sold as a security can, over time, become something other than a security. He then continues that in cases where the digital asset gives the holder a financial interest in an enterprise, it would remain a security.  However, in cases where the enterprise becomes decentralized or the digital asset can only be used to purchase goods or services available through a network, the purchase and sale of the digital asset would no longer have to comply with the securities laws.

Reiterating the oft-repeated view of the SEC, Hinman notes that most initial coin or token offerings are substantially similar to debt or equity offerings in that they are just another way to raise money for a business or enterprise. In particular, funds are raised with the expectation that the network or system will be built and investors will get a return on their investment. The investment is often made for the purpose of the return and not by individuals that would ever use the eventual utility of the token. The return is often through the resale of the tokens or coins in a secondary market on cryptocurrency trading platforms.

In this case, the Howey Test is easy to apply to the initial investment. The Howey Test requires an investment of money in a common enterprise with an expectation of profit derived from the efforts of others. The emphasis is not on the thing being sold but the manner in which it is sold and the expectation of a return.  Certainly, the thing being sold is not a security on its face; it is simply computer code.  But the way it is sold – as part of an investment, to non-users, by promoters to develop the enterprise – can be, and in that context most often is, a security. Furthermore, in the case of ICOs, which are high-risk by nature, the disclosure requirements of the federal securities laws are fulfilling their purpose.

The securities laws apply to both the issuance or initial sale, and the resale of securities. In the case of coins or tokens, a careful analysis must be completed to determine if the resale of the coin or token also involves the sale of a security and compliance with the securities laws. If the network on which the token or coin is to function is sufficiently decentralized such that purchasers would not reasonably expect a person or group to carry out essential managerial or entrepreneurial efforts, the assets may no longer represent an investment contract. Moreover, when the efforts of the third party are no longer a key factor for determining the enterprise’s success, material information asymmetries recede. As a network becomes truly decentralized, the ability to identify an issuer or promoter to make the requisite disclosures becomes difficult, and less meaningful, such as with Ether and Bitcoin as discussed above.

An analysis as to whether an investment contract and therefore a security is being sold must be made based on facts and circumstances at any given time.  Investment contracts can be made out of virtually any asset if it is packaged and promoted as such. Accordingly, although Bitcoin or Ether may not be a security on their own, if they were packaged as part of a fund or trust, they could be part of an investment contract that would need to comply with the federal securities laws.

Hinman provides some guidance in determining whether a particular sale involves the sale of an investment contract. The primary consideration is whether a third party, such as a person, entity, or coordinated group, drives the expectation of a return on investment. Questions to consider include:

  1. Is there a person or group that has sponsored or promoted the creation and sale of the digital asset, the efforts of whom play a significant role in the development and maintenance of the asset and its potential increase in value?
  2. Has this person or group retained a stake or other interest in the digital asset such that it would be motivated to expend efforts to cause an increase in value in the digital asset? Would purchasers reasonably believe such efforts will be undertaken and may result in a return on their investment in the digital asset?
  3. Has the promoter raised an amount of funds in excess of what may be needed to establish a functional network, and, if so, has it indicated how those funds may be used to support the value of the tokens or to increase the value of the enterprise? Does the promoter continue to expend funds from proceeds or operations to enhance the functionality and/or value of the system within which the tokens operate?
  4. Are purchasers “investing,” i.e., seeking a return? In that regard, is the instrument marketed and sold to the general public instead of to potential users of the network for a price that reasonably correlates with the market value of the good or service in the network?
  5. Does application of the Securities Act protections make sense? Is there a person or entity others are relying on that plays a key role in the profit-making of the enterprise such that disclosure of their activities and plans would be important to investors? Do informational asymmetries exist between the promoters and potential purchasers/investors in the digital asset?
  6. Do persons or entities other than the promoter exercise governance rights or meaningful influence?

Hinman then, for the first time, gives some guidance to issuers and their counsel in determining whether a particular token or coin is being structured as a security. Hinman is clear that this list of factors is not comprehensive but rather lays the groundwork for a thoughtful analysis.  Items to consider include:

  1. Is token creation commensurate with meeting the needs of users or, rather, with feeding speculation?
  2. Are independent actors setting the price or is the promoter supporting the secondary market for the asset or otherwise influencing trading?
  3. Is it clear that the primary motivation for purchasing the digital asset is for personal use or consumption, as compared to investment? Have purchasers made representations as to their consumptive, as opposed to their investment, intent? Are the tokens available in increments that correlate with a consumptive versus investment intent?
  4. Are the tokens distributed in ways to meet users’ needs? For example, can the tokens be held or transferred only in amounts that correspond to a purchaser’s expected use? Are there built-in incentives that compel using the tokens promptly on the network, such as having the tokens degrade in value over time, or can the tokens be held for extended periods for investment?
  5. Is the asset marketed and distributed to potential users or the general public?
  6. Are the assets dispersed across a diverse user base or concentrated in the hands of a few that can exert influence over the application?
  7. Is the application fully functioning or in early stages of development?

In another step towards regulatory guidance, Hinman said the SEC is prepared to provide more formal interpretive or no-action guidance about the proper characterization of a digital asset in a proposed use. As recently as 3 months ago, the SEC had indicated it was not processing no-action letters on the subject at that time. In his speech, Hinman recognizes the implication of determining something is a security, including related to broker-dealer licensing, exchange registration, fund registration, investment advisor registration requirements, custody and valuation issues.

Hinman also expressed excitement about the potential surrounding digital ledger technology, including advancements in supply chain management, intellectual property rights licensing, and stock ownership transfers. He thinks the craze behind ICOs has passed, and I agree. In particular, as he states, realizing that securities laws apply to an ICO that funds development, industry participants have started to revert back to traditional debt or equity offerings and only selling a token once the network has been established, and then only to those that need the functionality of the network and not as an investment.

There have been earlier signs that the SEC is softening and rethinking its approach to cryptocurrencies as well.   In a speech to the Medici Conference in Los Angeles on May 2, 2018, SEC Commissioner Hester M. Peirce warned against regulators stifling the innovation of blockchain by trying to label token and coins as securities and even when they are securities, being myopic on the need to fit within existing securities laws and regulations.  Like Director Hinman, Commissioner Peirce encourages communication between market participants and the SEC as everyone tries to navigate the marketplace and technology.

Further Reading on DLT/Blockchain and ICOs

For a review of the 2014 case against BTC Trading Corp. for acting as an unlicensed broker-dealer for operating a bitcoin trading platform, see HERE.

For an introduction on distributed ledger technology, including a summary of FINRA’s Report on Distributed Ledger Technology and Implication of Blockchain for the Securities Industry, see HERE.

For a discussion on the Section 21(a) Report on the DAO investigation, statements by the Divisions of Corporation Finance and Enforcement related to the investigative report and the SEC’s Investor Bulletin on ICOs, see HERE.

For a summary of SEC Chief Accountant Wesley R. Bricker’s statements on ICOs and accounting implications, see HERE.

For an update on state-distributed ledger technology and blockchain regulations, see HERE.

For a summary of the SEC and NASAA statements on ICOs and updates on enforcement proceedings as of January 2018, see HERE.

For a summary of the SEC and CFTC joint statements on cryptocurrencies, including The Wall Street Journal op-ed article and information on the International Organization of Securities Commissions statement and warning on ICOs, see HERE.

For a review of the CFTC role and position on cryptocurrencies, see HERE.

For a summary of the SEC and CFTC testimony to the United States Senate Committee on Banking Housing and Urban Affairs hearing on “Virtual Currencies: The Oversight Role of the U.S. Securities and Exchange Commission and the U.S. Commodity Futures Trading Commission,” see HERE.

To learn about SAFTs and the issues with the SAFT investment structure, see HERE.

To learn about the SEC’s position and concerns with crypto-related funds and ETFs, see HERE.

For more information on the SEC’s statements on online trading platforms for cryptocurrencies and more thoughts on the uncertainty, and need for even further guidance in this space, see HERE.

The Author

Laura Anthony, Esq.
Founding Partner
Legal & Compliance, LLC
Corporate, Securities and Going Public Attorneys
330 Clematis Street, Suite 217
West Palm Beach, FL 33401
Phone: 800-341-2684 – 561-514-0936
Fax: 561-514-0832
LAnthony@LegalAndCompliance.com
www.LegalAndCompliance.com
www.LawCast.com

Securities attorney Laura Anthony and her experienced legal team provides ongoing corporate counsel to small and mid-size private companies, OTC and exchange traded issuers as well as private companies going public on the NASDAQ, NYSE MKT or over-the-counter market, such as the OTCQB and OTCQX. For nearly two decades Legal & Compliance, LLC has served clients providing fast, personalized, cutting-edge legal service. The firm’s reputation and relationships provide invaluable resources to clients including introductions to investment bankers, broker dealers, institutional investors and other strategic alliances. The firm’s focus includes, but is not limited to, compliance with the Securities Act of 1933 offer sale and registration requirements, including private placement transactions under Regulation D and Regulation S and PIPE Transactions as well as registration statements on Forms S-1, S-8 and S-4; compliance with the reporting requirements of the Securities Exchange Act of 1934, including registration on Form 10, reporting on Forms 10-Q, 10-K and 8-K, and 14C Information and 14A Proxy Statements; Regulation A/A+ offerings; all forms of going public transactions; mergers and acquisitions including both reverse mergers and forward mergers, ; applications to and compliance with the corporate governance requirements of securities exchanges including NASDAQ and NYSE MKT; crowdfunding; corporate; and general contract and business transactions. Moreover, Ms. Anthony and her firm represents both target and acquiring companies in reverse mergers and forward mergers, including the preparation of transaction documents such as merger agreements, share exchange agreements, stock purchase agreements, asset purchase agreements and reorganization agreements. Ms. Anthony’s legal team prepares the necessary documentation and assists in completing the requirements of federal and state securities laws and SROs such as FINRA and DTC for 15c2-11 applications, corporate name changes, reverse and forward splits and changes of domicile. Ms. Anthony is also the author of SecuritiesLawBlog.com, the OTC Market’s top source for industry news, and the producer and host of LawCast.com, the securities law network. In addition to many other major metropolitan areas, the firm currently represents clients in New York, Las Vegas, Los Angeles, Miami, Boca Raton, West Palm Beach, Atlanta, Phoenix, Scottsdale, Charlotte, Cincinnati, Cleveland, Washington, D.C., Denver, Tampa, Detroit and Dallas.

Contact Legal & Compliance LLC. Technical inquiries are always encouraged.

Follow me on Facebook, LinkedIn, YouTube, Google+, Pinterest and Twitter.

Legal & Compliance, LLC makes this general information available for educational purposes only. The information is general in nature and does not constitute legal advice. Furthermore, the use of this information, and the sending or receipt of this information, does not create or constitute an attorney-client relationship between us. Therefore, your communication with us via this information in any form will not be considered as privileged or confidential.

This information is not intended to be advertising, and Legal & Compliance, LLC does not desire to represent anyone desiring representation based upon viewing this information in a jurisdiction where this information fails to comply with all laws and ethical rules of that jurisdiction. This information may only be reproduced in its entirety (without modification) for the individual reader’s personal and/or educational use and must include this notice.

© Legal & Compliance, LLC 2018

Copy of Logo

Online Platforms Trading Cryptocurrencies; Continued Uncertainty In Crypto Space

I have been writing often about the cryptocurrency marketplace and the SEC and other regulators’ statements and concerns about compliance with the federal securities laws. On July 25, 2017, the SEC issued a Section 21(a) Report on an investigation related to an initial coin offering (ICO) by the DAO, concluding that the ICO was a securities offering.  In that Report the SEC stated that securities exchanges providing for trading must register unless an exemption applies.  In its numerous statements on cryptocurrencies since then, the SEC has consistently reminded the public that exchanges that trade securities, including cryptocurrencies that are securities, must be licensed by the SEC.

The SEC has also stated that as of today, no such licensed securities cryptocurrency exchange exists.  However, a few CFTC regulated exchanges have now listed bitcoin futures products and, in doing so, engaged in lengthy conversations with the CFTC, ultimately agreeing to implement risk mitigation and oversight measures, heightened margin requirements, and added information sharing agreements with the underlying bitcoin trading platforms.

The topic of the registration of exchanges for trading cryptocurrencies is not new to regulators.  Years before the Section 21(a) DAO Report and crypto craze, on December 8, 2014, the SEC settled charges against BTC Virtual Stock Exchange and LTC-Global Virtual Stock Exchange, which traded securities using virtual currencies, bitcoin or litecoin.  According to the SEC release on the matter, “the exchanges provided account holders the ability to use bitcoin or litecoin to buy, sell, and trade securities of businesses (primarily virtual currency-related entities) listed on the exchanges’ websites.  The venues weren’t registered as broker-dealers despite soliciting the public to open accounts and trade securities.  The venues weren’t registered as stock exchanges despite enlisting issuers to offer securities for the public to buy and sell.” The exchanges charged and collected transaction-based compensation for each executed trade on the platforms.

Since the Section 21(a) DAO Report, most of the statements from the SEC and other regulators have focused on ICOs and the issuance of cryptocurrencies as opposed to focusing on the exchanges that trade cryptos.  On March 7, 2018, the SEC finally issued a public statement directed specifically to online platforms for the trading of digital assets – i.e., cryptocurrencies.  This blog will summarize that statement.  Also, at the end of this blog is a list with links to my numerous other blogs on the topic of distributed ledger technology (blockchain), cryptocurrencies and ICOs.

SEC Statement on Potentially Unlawful Online Platforms for Trading Digital Assets

Online trading platforms have become prevalent for the buying and selling of coins and tokens, including new cryptocurrencies offered in initial coin offerings (ICOs).  Many platforms bring buyers and sellers together in one place and offer investors access to automated systems that display priced orders, execute trades, and provide transaction data.  If a platform offers trading of digital assets that are securities and operates as an “exchange,” as defined by the federal securities laws, then the platform must register with the SEC as a national securities exchange or be exempt from registration.  As mentioned above, no such SEC-registered platform exists as of today.

In its statement, the SEC cautions investors that “[T]o get the protections offered by the federal securities laws and SEC oversight when trading digital assets that are securities, investors should use a platform or entity registered with the SEC, such as a national securities exchange, alternative trading system (‘ATS’), or broker-dealer.”

The SEC is concerned that online platforms have the appearance of regular licensed securities exchanges, including using the word “exchange” when they are not.  The SEC does not review the standards these “exchanges” use to pick or vet digital assets and cryptocurrencies, the trading protocols used to determine how orders interact and are executed, nor any internal controls or procedures of these platforms.  Furthermore, the SEC warns that data provided by these trading platforms, such as bid and ask prices and execution information, may lack integrity.

The SEC provides a list of questions for investors to ask when considering trading on an online platform, including:

  • Do you trade securities on this platform? If so, is the platform registered as a national securities exchange (see our link to the list below)?
  • Does the platform operate as an ATS? If so, is the ATS registered as a broker-dealer and has it filed a Form ATS with the SEC (see our link to the list below)?
  • Is there information in FINRA’s BrokerCheck ® about any individuals or firms operating the platform?
  • How does the platform select digital assets for trading?
  • Who can trade on the platform?
  • What are the trading protocols?
  • How are prices set on the platform?
  • Are platform users treated equally?
  • What are the platform’s fees?
  • How does the platform safeguard users’ trading and personally identifying information?
  • What are the platform’s protections against cybersecurity threats, such as hacking or intrusions?
  • What other services does the platform provide? Is the platform registered with the SEC for these services?
  • Does the platform hold users’ assets? If so, how are these assets safeguarded?

Registration or Exemption of an Exchange

Section 5 of the Exchange Act of 1934, as amended (“Exchange Act”) makes it unlawful for any broker, dealer, or exchange, directly or indirectly, to effect any transaction in a security, or to report any such transaction, in interstate commerce, unless the exchange is registered as a national securities exchange or is exempted from such registration.  A national securities exchange registers with the SEC under Section 6 of the Exchange Act.

Section 3(a)(1) of the Exchange Act defines an “exchange” as “any organization, association, or group of persons, whether incorporated or unincorporated, which constitutes, maintains, or provides a market place or facilities for bringing together purchasers and sellers of securities or for otherwise performing with respect to securities the functions commonly performed by a stock exchange as that term is generally understood….”  Exchange Act Rule 3b-16 further defines an exchange to mean “an organization, association, or group of persons that: (1) brings together the orders for securities of multiple buyers and sellers; and (2) uses established, non-discretionary methods (whether by providing a trading facility or by setting rules) under which such orders interact with each other, and the buyers and sellers entering such orders agree to the terms of the trade.” The SEC has also stated that “an exchange or contract market would be required to register under Section 5 of the Exchange Act if it provides direct electronic access to persons located in the U.S.”

According to the SEC website, as of today there are 21 licensed exchanges registered with the SEC.  Exchanges that trade securities futures are registered with the SEC through a notice filing under Section 6(g) of the Exchange Act.  There are 5 such registered exchanges.  There are two exchanges that the SEC has exempted from registration on the basis of limited volume transactions.

Continued Uncertainty

Although the SEC is certainly correct that an online trading platform that trades securities must be licensed by the SEC, that would not be the case if the asset being traded is not a security.  In fact, if the asset is a currency (and not a security) or a “thing” such as loyalty points, no US federal agency would regulate its trading.  The SEC only regulates the trading of securities and security-related products.  The CFTC has regulatory oversight over futures, options, and derivatives contracts on virtual currencies and has oversight to pursue claims of fraud or manipulation involving a virtual currency traded in interstate commerce.  Beyond instances of fraud or manipulation, the CFTC generally does not oversee “spot” or cash market exchanges and transactions involving virtual currencies that do not utilize margin, leverage or financing.  Rather, these “exchanges” are regulated as payment processors or money transmitters under state law.

Likewise, no federal regulator has direct jurisdiction over “exchanges” that trade loyalty points such as converting airline points to use for hotels, cars, consumer goods and services, or cash.  Online platforms such as www.points.com and www.webflyer.com operate using contractual partnerships with entities that issue loyalty points.  In fact, points.com is owned by Points International Ltd., which trades on the TSX and Nasdaq and refers to itself as “the global leader in loyalty currency management.”  Certainly, today there is a vast difference in the trading of loyalty points versus those looking to make profits in cryptocurrency trading, but there are also analogies, especially with the “currency” side.  In a recent 6-K, Points has this to say about the loyalty industry:

Year-over-year, loyalty programs continue to generate a significant source of ancillary revenue and cash flows for companies that have developed and maintain these loyalty programs. According to the Colloquy group, a leading consulting and research firm focused on the loyalty industry, the number of loyalty program memberships in the US increased from 3.3 billion in 2014 to 3.8 billion in 2016, representing an increase of 15% (source: 2017 Colloquy Loyalty Census Report, June 2017). As the number of loyalty memberships continues to increase, the level of diversification in the loyalty landscape is evolving. While the airline, hotel, specialty retail, and financial services industries continue to be dominant in loyalty programs in the US, smaller verticals, including the restaurant and drug store industries are beginning to see larger growth in their membership base. Further, newer loyalty concepts, such as large e-commerce programs, daily deals, and online travel agencies, are becoming more prevalent. As a result of this changing landscape, loyalty programs must continue to provide innovative value propositions in order to drive activity in their programs.

Companies that believe that their crypto is truly a utility with currency value may feel they have more in common with a loyalty point than a security, and regulators have yet to be able to give any level of firm ground on which to stand.

In a hearing before the House Financial Services Committee on May 16, 2018, Stephanie Avakian, co-director of the SEC Division of Enforcement, told lawmakers that the SEC will continue to look at each case involving a cryptocurrency on a facts-and-circumstances basis.  Ms. Avakian and co-director Steven Peiken both gave testimony and sat in the hot seat.  The Financial Services Committee members were pushing for more definitive input on how ICOs should be defined and regulated, without result.  The hearing became contentious, with Committee members becoming frustrated with the lack of direction and lack of certainty from the SEC as to how they define and view cryptocurrencies, other than “on a case-by-case basis” and using the same federal securities principles that already exist – a mantra that has been repeated.

However, the SEC enforcement division could rightfully feel they are being put in an unfair position with this line of questioning.  Commissioner Hester M. Peirce warned against rulemaking by enforcement in a recent speech.  Ms. Peirce has strong opinions on the subject.  She states, “[D]ue process starts with telling individuals in advance what actions constitute violations of the law.”  She continues with “[A] related issue to which I am paying attention is the degree to which our enforcement process is being used to push the bounds of our authority. Congress sets the parameters within which we may operate, and we ought not to stray outside those boundaries through, for example, overly broad interpretations of  ‘security’ or extraterritorial impositions of the law. Our canons of ethics specifically caution us against exceeding ‘the proper limits of the law’ and argue for us remaining ‘consistent with the statutory purposes expressed by the Congress.’”

In fairness, Ms. Peirce was talking in the context of enforcement as a whole.  Not once did she mention cryptocurrencies, ICOs or blockchain in that speech.  However, in light of the prevalence of the topic and many industry leaders, politicians and market participants looking to the SEC for guidance on the question of “what is a cryptocurrency” and “how should it be regulated,” I can’t help but think the SEC is looking back at Congress with the same question.

Further Reading on DLT/Blockchain and ICOs

For a review of the 2014 case against BTC Trading Corp. for acting as an unlicensed broker-dealer for operating a bitcoin trading platform, see HERE.

For an introduction on distributed ledger technology, including a summary of FINRA’s Report on Distributed Ledger Technology and Implication of Blockchain for the Securities Industry, see HERE.

For a discussion on the Section 21(a) Report on the DAO investigation, statements by the Divisions of Corporation Finance and Enforcement related to the investigative report and the SEC’s Investor Bulletin on ICOs, see HERE.

For a summary of SEC Chief Accountant Wesley R. Bricker’s statements on ICOs and accounting implications, see HERE.

For an update on state-distributed ledger technology and blockchain regulations, see HERE.

For a summary of the SEC and NASAA statements on ICOs and updates on enforcement proceedings as of January 2018, see HERE.

For a summary of the SEC and CFTC joint statements on cryptocurrencies, including The Wall Street Journal op-ed article and information on the International Organization of Securities Commissions statement and warning on ICOs, see HERE.

For a review of the CFTC role and position on cryptocurrencies, see HERE.

For a summary of the SEC and CFTC testimony to the United States Senate Committee on Banking Housing and Urban Affairs hearing on “Virtual Currencies: The Oversight Role of the U.S. Securities and Exchange Commission and the U.S. Commodity Futures Trading Commission,” see HERE.

To learn about SAFTs and the issues with the SAFT investment structure, see HERE.

To learn about the SEC’s position and concerns with crypto-related funds and ETFs, see HERE.

SEC Continues to Review, And Delay, Crypto Funds

On January 18, 2018, the SEC issued a letter to the Investment Company Institute and the Securities Industry and Financial Markets Association (SIFMA) explaining why the SEC could not approve a cryptocurrency-related exchange traded fund (ETF) or mutual fund. The letter, authored by SEC Division of Investment Management director Dalia Blass, explains the SEC’s reservations and concerns about approving a crypto-related mutual fund or ETF. The letter advised against seeking registration of funds that invest heavily in cryptocurrency-related products until the raised questions and concerns can be properly addressed.

The SEC letter comes a year after the SEC rejected a proposal by Cameron and Tyler Winklevoss, famously linked to the founding of Facebook, to create a bitcoin-tracking ETF. Since that time the SEC has privately rejected several similar requests. Many in the industry appreciate the SEC letter as it offers specific guidance and concrete issues to be addressed as the march towards the eventual approval of a crypto-related fund continues.

Since the January 18 letter, the SEC has been reviewing and conducting proceedings on a New York Stock Exchange (NYSE) proposal to list and trade five bitcoin-related ETFs. The proceedings are expected to go on for a few months. This blog will begin with an explanation of what exactly is an ETF and then address the SEC’s concerns related to the clearance of crypto-related ETFs.

What is an ETF?

Exchange traded funds or ETFs are funds that track indexes. Historically, exchange traded funds have tracked big-board indexes such as the Nasdaq 100, S&P 500 or Dow Jones; however, as ETFs have risen in popularity, there are now funds that track lesser-known indexes or specially created indexes to feed the ETF market. There are indexes based on market sectors, such as tech, healthcare, financial; foreign markets; market cap (micro-, small-, mid-, large-, and mega-cap); asset type (small-growth, large-growth, etc.); and commodities. The primary difference between an ETF and other index funds is that an ETF does not try to outperform the corresponding index, but rather tries to track and replicate the performance.

An ETF allows an investor the advantage of copying an index with a single stock trade, without the risk associated with a fund manager trying to outperform the market.  Since the fund manager is simply copying and mirroring the particular index, the management style is referred to as “passive management.”

Passive management reduces the administrative costs from an actively managed portfolio, and that savings can be passed down to the investors. A typical private hedge fund charges 2% per annum for administrative fees. That fee is reduced to 1% for mutual or registered funds. The typical fee for an ETF is less than .20% per year. Moreover, since an ETF does not trade as actively as typical funds, it has fewer capital gain events and therefore lower taxes.

An ETF trades just like a stock, with continuous trading throughout a day. ETFs are generally margin-eligible and accordingly can be sold short. Conversely, mutual funds are generally only priced once a day after market closings and are not margin-eligible.

ETFs have become increasingly popular over the years, especially with investors that are interested in market sectors, regions or asset types. It is not surprising that investors are interested in crypto-related ETFs and that fund creators are likewise trying to meet this investor demand.

SEC Position on Crypto-related Mutual Funds and ETFs

As mentioned, On January 18, 2018, the SEC Division of Investment Management issued a letter to the Investment Company Institute and the Securities Industry and Financial Markets Association (SIFMA) explaining why the SEC could not approve a cryptocurrency-related exchange traded fund (ETF) or similar investment product such as a mutual fund.

The SEC begins with its commitment to fostering innovation and the development of new types of investment products, ETFs being a primary example, but quickly continues with the assertion that multiple investor protection issues need to be resolved before a crypto-related fund could be offered.  The primary issues are valuation, liquidity, custody, arbitrage, potential manipulation and other risks.

The concerns and questions raised by the SEC will also impact future changes to exchange listing standards by the Division of Corporation Finance, the Division of Trading and Markets and the Office of the Chief Accountant. The SEC foresees needed changes to accounting, auditing and reporting requirements for crypto-related funds and ETFs.

Valuation

Mutual funds and ETFs must value their assets on each business day in order to reach a net asset value (“NAV”). NAV is used to determine fund performance, what investors pay for mutual funds and what authorized participants pay for ETFs as well as what they receive when they redeem or sell. The SEC is concerned that a fund or ETF would not have the necessary information to value a cryptocurrency as a result of their volatility, fragmentation, lack of regulation, nascent state and current trading volume (or lack thereof) in the cryptocurrency futures markets.

The SEC has requested that the industry evaluate and provide information as to how valuations would be conducted. Furthermore, the SEC has asked how funds would develop and implement policies and procedures related to crypto-related valuations to ensure that the requirements as to fair value are met. Likewise, the SEC would need satisfaction that a fund or ETF could adequately address the accounting and valuation impacts of “forks” such as when a cryptocurrency diverges into two separate currencies with different prices.

The SEC questions the policies a fund would implement to identify and determine eligibility and acceptability for newly created cryptocurrencies. The SEC has concern as to how a fund would consider the impact of market information and manipulation in the underlying cryptocurrency markets as related to the determination of the settlement price of cryptocurrency futures.

Liquidity

Investments in open-ended funds such as mutual funds and ETFs are redeemable on a daily basis and as such, the funds must maintain sufficient liquid assets to satisfy redemptions.  Rule 22e-4 promulgated under the Investment Company Act of 1940 (the “1940 Act”) requires funds to implement liquidity risk management programs. Under the rule, funds must classify their investments into one of four liquidity categories and limit their investments in illiquid securities to 15% of the fund’s assets.

The SEC is concerned with the steps a fund or ETF that invests in cryptocurrencies or crypto-related products would take to ensure that it would have sufficient liquidity to meet daily redemptions. Moreover, the SEC raises questions as to how such funds would satisfy Rule 22e-4 and in particular, how could any crypto-related investment be classified as anything other than illiquid under the rule.

The SEC specifically asks how such funds would take into account the trading history, price volatility and trading volume of cryptocurrency futures contracts, and would funds be able to conduct a meaningful market-depth analysis in light of these factors.  Similarly, given the fragmentation and volatility in the cryptocurrency markets, would these funds need to assume an unusually sizable potential daily redemption amount in light of the potential for steep market declines in the value of underlying assets.

Custody

The 1940 Act provides for certain requirements related to the custody of securities held by funds, including who may act as a custodian and when funds must verify holdings. The SEC questions how a fund or ETF could satisfy the custody requirements for cryptocurrency-related products. The SEC notes that there are currently no custodians providing fund custodial services for cryptocurrencies. Likewise, although currently all bitcoin future contracts are cash-settled, if physical settlement contracts develop, the SEC questions how a fund will custody the bitcoin to make delivery.

The SEC further questions how a fund will validate existence, exclusive ownership and software functionality of private cryptocurrency keys and other ownership records.  Another issue for cryptocurrencies is cybersecurity and the threat of hacking.  The SEC has concerns about how custodians can satisfy their requirements for the safekeeping of crypto assets.

Arbitrage for ETFs

ETFs obtain SEC orders that enable them to operate in a specialized structure that provides for both exchange trading of their shares throughout the day at market-based prices, and “creation unit” purchases and redemptions transacted at NAV by authorized participants. In order to promote fair treatment of investors, an ETF is required to have a market price that would not deviate materially from the ETF’s NAV. The SEC questions how an ETF could comply with the terms of an order considering the fragmentation, volatility and trading volume in the cryptocurrency marketplace.

The SEC would like funds to engage with market makers and authorized participants to understand the feasibility of the arbitrage for ETFs investing substantially in cryptocurrency and cryptocurrency-related products. The SEC also questions how trading halts or the shutdown of a cryptocurrency exchange would affect the market price or arbitrage.

Potential Manipulation and Other Risks

The SEC believes that the current cryptocurrency markets have substantially fewer investor protections than traditional securities markets. Moreover, the SEC, other federal regulators, and state regulators have found considerable fraud in the cryptocurrency marketplace. The SEC is concerned about how a fund would address fraud concerns in the underlying markets when offering investments in the fund to retail investors. Similarly, the SEC is concerned about the disclosure of, and ability for a retail investor to understand, the risks of an investment in a crypto-related fund.

Likewise, the SEC would like funds to engage in discussions with broker-dealers who may distribute the funds, as to how the broker-dealer will satisfy their suitability requirements. The SEC is also concerned with how an investment advisor will satisfy their fiduciary obligations when recommending a crypto-related fund.

Further Reading on DLT/Blockchain and ICOs

For an introduction on distributed ledger technology, including a summary of FINRA’s Report on Distributed Ledger Technology and Implication of Blockchain for the Securities Industry, see HERE.

For a discussion on the Section 21(a) Report on the DAO investigation, statements by the Divisions of Corporation Finance and Enforcement related to the investigative report and the SEC’s Investor Bulletin on ICOs, see HERE.

For a summary of SEC Chief Accountant Wesley R. Bricker’s statements on ICOs and accounting implications, see HERE.

For an update on state-distributed ledger technology and blockchain regulations, see HERE.

For a summary of the SEC and NASAA statements on ICOs and updates on enforcement proceedings as of January 2018, see HERE.

For a summary of the SEC and CFTC joint statements on cryptocurrencies, including The Wall Street Journal op-ed article and information on the International Organization of Securities Commissions statement and warning on ICOs, see HERE.

For a review of the CFTC role and position on cryptocurrencies, see HERE.

For a summary of the SEC and CFTC testimony to the United States Senate Committee on Banking Housing and Urban Affairs hearing on “Virtual Currencies: The Oversight Role of the U.S. Securities and Exchange Commission and the U.S. Commodity Futures Trading Commission,” see HERE.

To learn about SAFTs and the issues with the SAFT investment structure, see HERE.

What is a SAFT?

A Simple Agreement for Future Tokens (“SAFT”) is an investment contract originally designed to provide a compliant alternative to an initial coin offering (ICO).  A SAFT as used today was intended to satisfy the U.S. federal securities laws, money services and tax laws and act as an alternative to an ICO when the platform and other utilization for the cryptocurrency or token was not yet completed. The form of the SAFT is the result of a joint effort between the Cooley law firm and Protocol Lab as detailed in the white paper released on October 2, 2017 entitled “The SAFT Project: Toward a Compliant Token Sale Framework.” As discussed in this blog, the SAFT’s compliance with federal securities laws has now come into question by both the SEC and practitioners.

SAFT’s are offered and sold to accredited investors as an investment to fund the development of a business or project in a way not dissimilar to the way equity changes hands in traditional venture capital. A SAFT was developed from the oft-used simple agreement for future equity (SAFE) contract in the venture capital setting. In a SAFT sale, no coins are ever offered, sold or exchanged. Rather, money is exchanged for traditional paper documents that promise access to future product. Fundamentally, a SAFT has been relying on the premise that the future product is not in and of itself a security.

Although the SEC had been looking at ICO’s for a while, on July 25, 2017 it issued a Section 21(a) Report on an investigation related to an initial coin offering (ICO) by the DAO concluding that the ICO was a securities offering. The Section 21(a) Report established that the Howey Test is the appropriate standard for determining whether a particular token involves an investment contract and the application of the federal securities laws. SEC Chair Jay Clayton has confirmed this standard in several public statements and in testimony before the United States Senate Committee on Banking Housing and Urban Affairs (“Banking Committee”). For a review of the Howey Test, see HERE.

Following the Section 21(a) Report, in a slew of enforcement proceedings by both the SEC and state securities regulators, and in numerous public statements, it is clear that regulators have viewed most, if not all, ICO’s as involving the sale of securities. At the same time, the SAFT grew in popularity as an attempt to comply with the securities laws. The SEC’s position is based on an analysis of the current market for ICO’s and the issuance of “coins” or “tokens” for capital raising transactions and as speculative investment contracts.

SAFT users rely on the premise that a cryptocurrency which today may be an investment contract (security) can morph into a commodity (currency) or other type of digital asset. The SAFT would delay the issuance of the cryptocurrency until it has reached its future utility. Investors in a SAFT automatically receive the cryptocurrency when it is publicly distributed in an ICO. The SAFT investors generally receive the crypto at a discount to the public offering price. However, this premise is taking a direct hit lately. Although I’ll lay out more on the SAFT history and why it was thought of as a solution further in this blog, I’ll jump right to the current analysis, and why a SAFT might not provide the intended protections.

The SAFT Problem

Although everyone, including regulators, agree that the state of the law in the area of cryptocurrencies and tokens is unsettled, regulators, including both the CFTC and SEC, have increasingly taken positions that would bring cryptocurrencies within their jurisdiction. I believe regulators are reacting to overarching fraud and therefore a necessity to take action to protect investors. Without congressional rule making and definitive guidance, regulators have no choice but to make the current law fit the circumstances. In some cases that works fine, but in others it does not and I suspect continuing changes in interpretations, enforcement premises and ultimately rule making will occur.

As I’ve previously discussed, the CFTC first found that Bitcoin and other virtual currencies were properly defined as commodities in 2015. Accordingly, the CFTC has regulatory oversight over futures, options, and derivatives contracts on virtual currencies and has oversight to pursue claims of fraud or manipulation involving a virtual currency traded in interstate commerce. Beyond instances of fraud or manipulation, the CFTC generally does not oversee “spot” or cash market exchanges and transactions involving virtual currencies that do not utilize margin, leverage or financing. Rather, these “exchanges” are regulated as payment processors or money transmitters under state law. See HERE.

The SEC has also taken the stance that ICO’s involve the sale of securities, and that exchanges providing for the after-market trading of cryptocurrencies must register unless an exemption applies. The SEC is now taking it one step further, postulating that the tokens or cryptocurrencies underlying the SAFT could also be a security (and when I say “could” I mean “are”), in which case the SAFT structure is nothing more than a convertible security and fails to comply with the federal securities laws and makes it even more likely that it would result in an enforcement proceeding, or private litigation.

A SAFT is a type of pre-ICO investment with the investors automatically receiving the crypto when the company completes its public ICO. If the underlying token is a security, then the future ICO fails to comply with the federal securities laws and the original SAFT also fails to comply.

Getting ahead of this issue, many companies have structured a SAFT such that the future ICO is also labeled a security, and the SAFT investor will receive the crypto when the future ICO is registered with the SEC. However, this results in a private pre-public security sale, which in and of itself is prohibited by the securities laws.

In particular, Securities Act CD&I 139.01 provides:

Question: Where the offer and sale of convertible securities or warrants are being registered under the Securities Act, and such securities are convertible or exercisable within one year, must the underlying securities be registered at that time?

Answer: Yes. Because the securities are convertible or exercisable within one year, an offering of both the overlying security and underlying security is deemed to be taking place. If such securities are not convertible or exercisable within one year, the issuer may choose not to register the underlying securities at the time of registering the convertible securities or warrants. However, the underlying securities must be registered no later than the date such securities become convertible or exercisable by their terms, if no exemption for such conversion or exercise is available. Where securities are convertible only at the option of the issuer, the underlying securities must be registered at the time the offer and sale of the convertible securities are registered since the entire investment decision that investors will be making is at the time of purchasing the convertible securities. The security holder, by purchasing a convertible security that is convertible only at the option of the issuer, is in effect also deciding to accept the underlying security. [Aug. 14, 2009] (emphasis added)

In a Crowdfund Insider article published March 26, 2018, one practitioner (Anthony Zeoli) has had discussions with the SEC on the subject. As reported in the article, the SEC has stated that if the SAFT investor will automatically receive tokens in the future when and if the tokens are registered, without any further action on the part of the investor, then the tokens must be registered as of the date of the SAFT investment.

Of course, the future ICO or token offering could be completed in a private offering in compliance with the federal securities laws, such as using Rule 506(c) and limiting all sales to accredited investors (see HERE on Rule 506(c)). However, assuming the token or coin really is designed to create a decentralized community or to have utility value that can be widely used by the public, limiting sales to accredited investors does not meet the needs of the issuers. Moreover, even if the future offering is structured as a private securities offering, the SAFT sale disclosure documents would need to include full disclosure on the future coin or token such that the investor could make an informed investment decision at the time of the SAFT investment.

In the same article, Zeoli delves into a more nuanced issue, which is the rising difference in the meaning of a “coin” vs a “token.” A SAFT is a simple agreement for future “tokens” but is being used to pre-sell initial “coin” offerings. If a coin and a token are two very different things (as Zeoli suggests—think stock vs. LLC interest), then the underlying contract has systemic problems beyond the registration and exemption provisions of the federal securities laws and may be a misrepresentation resulting in fraud claims.

More On SAFT; Background

As mentioned, the current form of a SAFT was created by a joint effort between the Cooley law firm and Protocol Lab as detailed in the white paper released on October 2, 2017 entitled “The SAFT Project: Toward a Compliant Token Sale Framework.” The SAFT was intended to comply with the federal securities, money transmittal and tax laws. Also, as discussed, the SAFT relies on the premise that a cryptocurrency which today may be an investment contract (security) will tomorrow be a non-security digital asset satisfying the Howey Test.  The SAFT would delay the issuance of the cryptocurrency until it has reached its future utility.

The original SAFT white paper states:

The SAFT is an investment contract. A SAFT transaction contemplates an initial sale of a SAFT by developers to accredited investors. The SAFT obligates investors to immediately fund the developers. In exchange, the developers use the funds to develop genuinely functional network, with genuinely functional utility tokens, and then deliver those tokens to the investors once functional. The investors may then resell the tokens to the public, presumably for a profit, and so may the developers.

The SAFT is a security. It demands compliance with the securities laws. The resulting tokens, however, are already functional, and need not be securities under the Howey test. They are consumptive products and, as such, demand compliance with state and federal consumer protection laws.

Despite its good intentions, as of today, the model SAFT no longer works.

Further Reading on DLT/Blockchain and ICO’s

For an introduction on distributed ledger technology, including a summary of FINRA’s Report on Distributed Ledger Technology and Implication of Blockchain for the Securities Industry, see HERE.

For a discussion on the Section 21(a) Report on the DAO investigation, statements by the Divisions of Corporation Finance and Enforcement related to the investigative report and the SEC’s Investor Bulletin on ICO’s, see HERE.

For a summary of SEC Chief Accountant Wesley R. Bricker’s statements on ICO’s and accounting implications, see HERE.

For an update on state distributed ledger technology and blockchain regulations, see HERE.

For a summary of the SEC and NASAA statements on ICO’s and updates on enforcement proceedings as of January 2018, see HERE.

For a summary of the SEC and CFTC joint statements on cryptocurrencies, including The Wall Street Journal op-ed article and information on the International Organization of Securities Commissions statement and warning on ICO’s, see HERE.

For a review of the CFTC role and position on cryptocurrencies, see HERE.

For a summary of the SEC and CFTC testimony to the United States Senate Committee on Banking Housing and Urban Affairs hearing on “Virtual Currencies: The Oversight Role of the U.S. Securities and Exchange Commission and the U.S. Commodity Futures Trading Commission,” see HERE.

The Author

Laura Anthony, Esq.
Founding Partner
Legal & Compliance, LLC
Corporate, Securities and Going Public Attorneys
330 Clematis Street, Suite 217
West Palm Beach, FL 33401
Phone: 800-341-2684 – 561-514-0936
Fax: 561-514-0832
LAnthony@LegalAndCompliance.com
www.LegalAndCompliance.com
www.LawCast.com

Securities attorney Laura Anthony and her experienced legal team provides ongoing corporate counsel to small and mid-size private companies, OTC and exchange traded issuers as well as private companies going public on the NASDAQ, NYSE MKT or over-the-counter market, such as the OTCQB and OTCQX. For nearly two decades Legal & Compliance, LLC has served clients providing fast, personalized, cutting-edge legal service. The firm’s reputation and relationships provide invaluable resources to clients including introductions to investment bankers, broker dealers, institutional investors and other strategic alliances. The firm’s focus includes, but is not limited to, compliance with the Securities Act of 1933 offer sale and registration requirements, including private placement transactions under Regulation D and Regulation S and PIPE Transactions as well as registration statements on Forms S-1, S-8 and S-4; compliance with the reporting requirements of the Securities Exchange Act of 1934, including registration on Form 10, reporting on Forms 10-Q, 10-K and 8-K, and 14C Information and 14A Proxy Statements; Regulation A/A+ offerings; all forms of going public transactions; mergers and acquisitions including both reverse mergers and forward mergers, ; applications to and compliance with the corporate governance requirements of securities exchanges including NASDAQ and NYSE MKT; crowdfunding; corporate; and general contract and business transactions. Moreover, Ms. Anthony and her firm represents both target and acquiring companies in reverse mergers and forward mergers, including the preparation of transaction documents such as merger agreements, share exchange agreements, stock purchase agreements, asset purchase agreements and reorganization agreements. Ms. Anthony’s legal team prepares the necessary documentation and assists in completing the requirements of federal and state securities laws and SROs such as FINRA and DTC for 15c2-11 applications, corporate name changes, reverse and forward splits and changes of domicile. Ms. Anthony is also the author of SecuritiesLawBlog.com, the OTC Market’s top source for industry news, and the producer and host of LawCast.com, the securities law network. In addition to many other major metropolitan areas, the firm currently represents clients in New York, Las Vegas, Los Angeles, Miami, Boca Raton, West Palm Beach, Atlanta, Phoenix, Scottsdale, Charlotte, Cincinnati, Cleveland, Washington, D.C., Denver, Tampa, Detroit and Dallas.

Contact Legal & Compliance LLC. Technical inquiries are always encouraged.

Follow me on Facebook, LinkedIn, YouTube, Google+, Pinterest and Twitter.

Legal & Compliance, LLC makes this general information available for educational purposes only. The information is general in nature and does not constitute legal advice. Furthermore, the use of this information, and the sending or receipt of this information, does not create or constitute an attorney-client relationship between us. Therefore, your communication with us via this information in any form will not be considered as privileged or confidential.

This information is not intended to be advertising, and Legal & Compliance, LLC does not desire to represent anyone desiring representation based upon viewing this information in a jurisdiction where this information fails to comply with all laws and ethical rules of that jurisdiction. This information may only be reproduced in its entirety (without modification) for the individual reader’s personal and/or educational use and must include this notice.

© Legal & Compliance, LLC 2018

Copy of Logo

The SEC Has Issued New Guidance On Cybersecurity Disclosures

On February 20, 2018, the SEC issued new interpretative guidance on public company disclosures related to cybersecurity risks and incidents. In addition to addressing public company disclosures, the new guidance reminds companies of the importance of maintaining disclosure controls and procedures to address cyber-risks and incidents and reminds insiders that trading while having non-public information related to cyber-matters could violate federal insider-trading laws.

The prior SEC guidance on the topic was dated, having been issued on October 13, 2011. For a review of this prior guidance, see HERE. The new guidance is not dramatically different from the 2011 guidance.

Introduction

The topic of cybersecurity has been in the forefront in recent years, with the SEC issuing a series of statements and creating two new cyber-based enforcement initiatives targeting the protection of retail investors, including protection related to distributed ledger technology (DLT) and initial coin or cryptocurrency offerings (ICO’s). Moreover, the SEC has asked the House Committee on Financial Services to increase the SEC’s budget by $100 million to enhance the SEC’s cybersecurity efforts. See my two-part blog series, including a summary of the recent speeches and initiatives, HERE and HERE.

The SEC incorporates cybersecurity considerations in its disclosure and supervisory programs, including in the context of its review of public company disclosures, its oversight of critical market technology infrastructure, and its oversight of other regulated entities, including broker-dealers, investment advisors and investment companies. Considering rapidly changing technology and the proliferation of cybersecurity incidents affecting both private and public companies (including a hacking of the SEC’s own EDGAR system and a hacking of Equifax causing a loss of $5 billion in market cap upon disclosure), threats and risks, public companies have been anticipating a needed update on the SEC disclosure-related guidance.

SEC Commissioner Kara Stein’s statement on the new guidance is grim on the subject, pointing out that the risks and costs of cyberattacks have been growing and could result in devastating and long-lasting collateral affects. Commissioner Stein cites a Forbes article estimating that cyber-crime will cost businesses approximately $6 trillion per year on average through 2021 and an Accenture article citing a 62% increase in such costs over the last five years.

Commissioner Stein also discusses the inadequacy of the 2011 guidance in practice and her pessimism that the new guidance will properly fix the issue.  She notes that most disclosures are boilerplate and do not provide meaningful information to investors despite the large increase in the number and sophistication of, and damaged caused by, cyberattacks on public companies in recent years. Commissioner Stein includes a list of requirements that she would have liked to see in the new guidance, including, for example, a discussion of the value to investors of disclosing whether any member of a company’s board of directors has experience, education, expertise or familiarity with cybersecurity matters or risks.

I have read numerous media articles and blogs related to the disclosure of cyber-matters in SEC reports. One such blog was written by Kevin LaCroix and published in the D&O Diary. Mr. LaCroix’s blog points out that according to a September 19, 2016, Wall Street Journal article, cyber-attacks are occurring more frequently than ever but are rarely reported. The article cites a report that reviewed the filings of 9,000 public companies from 2010 to the present and found that only 95 of these companies had informed the SEC of a data breach.

As reported in a blog published by Debevoise and Plimpton, dated September 12, 2016, (thank you, thecorporatecounsel.net), a review of Fortune 100 cyber-reporting practices revealed that most disclosures are contained in the risk-factor section of regular periodic reports such as Forms 10-Q and 10-K, as opposed to interim disclosures in a Form 8-K. Moreover, only 20 incidents were reported at all in the period from January 2013 through the third quarter of 2015.

However, as Commissioner Stein notes, the SEC only has so much authority or power through guidance, as opposed to rulemaking.  Commissioner Stein strongly advocates for new rulemaking in this regard. I do not think in the current environment advocating for fewer rules, that rulemaking related to cybersecurity disclosure will be made a priority. Moreover, I would not advocate for in-depth or robust further rules.  Disclosure is based on materiality, and a company has an ongoing obligation to disclose any material information, including that which is related to cybersecurity matters. I think the SEC can question principals-based specific disclosures, and whether they are robust enough, through review and comment on public company filings.  Certainly, the SEC staff, who reviews thousands of filings, has the knowledge of a lack of cybersecurity disclosure and can comment. In fact, if the SEC wrote a few standard cybersecurity-related disclosure comments and included them in a lot of comment letters, the marketplace would respond accordingly and beef up disclosure to avoid the comments.

Although I do not generally advocate for additional rules, Commissioner Stein makes one suggestion that I would support and that is adding the disclosure of cybersecurity event to the Form 8-K filing requirements. Although the new SEC guidance does not specifically require a Form 8-K, in light of the importance of these events, it seems it would be appropriate and the guidance itself requires “timely disclosure.”  However, without a specific requirement, a company could elect to disclose via a press release and/or the filing of a Form 8-K under Item 7.01 Regulation FD disclosure. When disclosing using a press release and Regulation FD item in a Form 8-K, a company may elect for the information to be “furnished, not filed.” Section 18 of the Exchange Act imposes liability for material misstatements or omissions contained in reports and other information filed with the SEC. However, reports and other information that are “furnished” to the SEC do not impose liability under Section 18. The antifraud provisions under Rule 10b-5 would still apply to the disclosure, but the stricter Section 18 liability would not.

New Guidance on Public Company Cybersecurity Disclosures

The new guidance begins with an introduction describing the importance of cybersecurity in today’s business world, driving the point home by comparing it to the importance of electricity. Cyber-incidents can take many forms, both intentional and unintentional, and commonly include the unauthorized access of information, including personal information related to customers’ accounts or credit information, data corruption, misappropriating assets or sensitive information or causing operational disruption. Attacks use increasingly complex methods, including malware, ransomware, phishing, structured query language injections and distributed denial-of-service attacks. A cyber-attack can be in the form of unauthorized access or a blocking of authorized access.

The purpose of a cyber-attack can vary as much as the methodology used, including for financial gain such as the theft of financial assets, intellectual property or sensitive personal information on the one hand, to a vengeful or terrorist motive through business disruption on the other hand. Perpetrators may be insiders and affiliates, or third parties including cybercriminals, competitors, nation-states and “hacktivists.”

When victim to a cyber-attack or incident, a company will have direct financial and indirect negative consequences, including but not limited to:

  • Remediation costs, including liability for stolen assets, costs of repairing system damage, and incentives or other costs associated with repairing customer and business relationships;
  • Increased cybersecurity protection costs to prevent both future attacks and the potential damage caused by same. These costs include organizational changes, employee training and engaging third-party experts and consultants;
  • Lost revenues from unauthorized use of proprietary information and lost customers;
  • Litigation;
  • Increased insurance premiums;
  • Damage to the company’s competitiveness, stock price and long-term shareholder value; and
  • Reputational damage.

Whereas the 2011 disclosure guidance was conservative in its tone, trying to strike a balance between satisfying the disclosure mandates of providing material information related to risks to the investing community with a company’s need to refrain from providing disclosure that could, in and of itself, provide a road map to the very breaches a company attempts to prevent, the new guidance is more blunt in the critical need to inform investors about material cybersecurity risks and incidents when they occur.

A company’s ability to timely and properly make any required disclosure of cybersecurity risks and incidents requires the company to implement and maintain disclosure controls and procedures that provide an appropriate method of discerning the impact that such matters may have on the company and its business, financial condition, and results of operations, as well as a protocol to determine the potential materiality of such risks and incidents.

Insider Trading

It is also important that public company officers, directors and other insiders respect the importance and materiality of cybersecurity risk and incident knowledge and not trade a company’s security when in possession of non-public information related to cybersecurity matters.  In that regard, companies should include cybersecurity matters in their insider trading policies and procedures. These insider trading policies should (i) guard against trading in the period between when a company learns of a cybersecurity incident and the time it is made public; and (ii) require the timely disclosure of such non-public information.

Guidance

Public companies have many disclosure requirements, including through periodic reports on Forms 10-K, 10-Q and 8-K, through Securities Act registration statements such as on Forms S-1 and S-3 and generally through the antifraud provisions of both the Exchange Act and Securities Act, which requires a company to disclose “such further material information, if any, as may be necessary to make the required statements, in light of the circumstances under which they are made, not misleading.” The SEC considers omitted information to be material if there is a substantial likelihood that a reasonable investor would consider the information important in making an investment decision or that disclosure of the omitted information would have been viewed by the reasonable investor as having significantly altered the total mix of information available.

As with all disclosure requirements, the disclosure of cybersecurity risk and incidents requires a materiality analysis. Although there continues to be no specific disclosure requirement or rule under either Regulation S-K or S-X that addresses cybersecurity risks, attacks or other incidents, many of the disclosure rules encompass these disclosures indirectly, such as risk factors, internal control assessments, management discussion and analysis, legal proceedings, disclosure controls and procedures, corporate governance and financial statements. As mentioned, as with all other disclosure requirements, an obligation to disclose cybersecurity risks, attacks or other incidents may be triggered to make other required disclosures not misleading considering the circumstances.

A company has two levels of cybersecurity disclosure to consider. The first is its controls and procedures and corporate governance to both address cybersecurity matters themselves and to address the timely and thorough reporting of same. The second is the reporting of actual incidents.  In determining the materiality of a particular cybersecurity incident, a company should consider (i) the importance of any compromised information; (ii) the impact of an incident on company operations; (iii) the nature, extent and potential magnitude of the event; and (iv) the range of harm such incident can cause, including to reputation, financial performance, customer and vendor relationships, litigation or regulatory investigations.

Of course, the new guidance is also clear that a company would not need to disclose the depth of information that could, in and of itself, provide information necessary to breach cyber-defenses. A company would not need to disclose specific technical information about cybersecurity systems, related networks or devices or specific devices and networks that may be more susceptible to attack due to weaker systems.

The new guidance also reminds companies that they have a duty to correct prior disclosures that the company determines were untrue at the time material information was made or omitted, and to update disclosures that become inaccurate after the fact.

Like the prior guidance, the new guidance provides specific input into areas of disclosure.

Risk Factors

Obviously, where appropriate, cybersecurity risks need to be included in risk factor disclosures. The SEC guidance in this regard is very common-sense. Companies should evaluate their cybersecurity risks and take into account all available relevant information, including prior cyber-incidents and the severity and frequency of those incidents. Companies should consider the probability of an incident and the quantitative and qualitative magnitude of the risk, including potential costs and other consequences of an attack or other incident.  Consideration should be given to the potential impact of the misappropriation of assets or sensitive information, corruption of data or operational disruptions. A company should also consider the adequacy of preventative processes and plans in place should an attack occur.  Actual threatened attacks may be material and require disclosure.

As with all risk-factor disclosures, the company must adequately describe the nature of the material risks and how such risks affect the company. Likewise, generic risk factors that could apply to all companies should not be included. Risk factor disclosure may include:

  • Discussion of the company’s business operations that give rise to material cybersecurity risks and the potential costs and consequences, including industry specific risks and third-party and service-provider risks;
  • The costs associated with maintaining cybersecurity protections, including insurance coverage;
  • The probability of an occurrence and its potential magnitude;
  • Potential for reputational harm;
  • Description of past incidents, including their severity and frequency;
  • The adequacy of preventative actions taken to reduce cybersecurity risks and the associated costs, including any limits on the company’s ability to prevent or mitigate risks;
  • Existing and pending laws and regulations that may affect the companies cybersecurity requirements and the associated costs; and
  • Litigation, regulatory investigation and remediation costs associated with cybersecurity incidents.

Management Discussion and Analysis (MD&A)

In MD&A a company should consider all the same factors that it would consider in its risk factors.  A company would need to include discussion of cybersecurity risks and incidents in its MD&A if the costs or other consequences associated with one or more known incidents or the risk of potential future incidents result in a material event, trend or uncertainty that is reasonably likely to have a material effect on the company’s results of operations, liquidity or financial condition, or could impact previously reported financial statements. The discussion should include any material realized or potential reduction in revenues, loss of intellectual property, remediation efforts, maintaining insurance, increase in cybersecurity protection costs, addressing harm to reputation and litigation and regulatory investigations.  Furthermore, even if an attack did not result in direct losses, such as in the case of a failed attempted attack, but does result in other consequences, such as a material increase in cybersecurity expenses, disclosure would be appropriate.

Business Description; Legal Proceedings

Disclosure of cyber-related matters may be required in a company’s business description where they affect a company’s products, services, relationships with customers and suppliers or competitive conditions. Likewise, material litigation would need to be included in the “legal proceedings” section of a periodic report or registration statement. The litigation disclosure should include any proceedings that relate to cybersecurity issues.

Financial Statements

Cyber-matters may need to be included in a company’s financial statements prior to, during and/or after an incident. Costs to prevent cyber-incidents are generally capitalized and included on the balance sheet as an asset. GAAP provides for specific recognition, measurement and classification treatment for the payment of incentives to customers or business relations, including after a cyber-attack.  Cyber-incidents can also result in direct losses or the necessity to account for loss contingencies, including those related to warranties, direct loss of revenue, providing customers with incentives, breach of contract, product recall and replacement, indemnification or remediation. Incidents can result in loss of, and therefore accounting impairment to, goodwill, intangible assets, trademarks, patents, capitalized software and even inventory.  Financial statement disclosure may also include expenses related to investigation, breach notification, remediation and litigation, including the costs of legal and other professional service providers.

Broad Risk Oversight

A company must disclose the extent of its board of directors’ role in the risk oversight of the company, such as how the board administers its oversight function and the effect this has on the board’s leadership structure. To the extent cybersecurity risks are material to a company’s business, this discussion should include the nature of the board’s role in overseeing the management of that risk. Information should also be included on how the board engages with management on cybersecurity risk management.

Controls and Procedures

The new guidance clearly provides that companies should adopt comprehensive policies and procedures related to cybersecurity and to assess their compliance regularly, including policy/procedure compliance related to the sufficiency of disclosure controls and procedures.  Procedures must address a company’s ability to record, process, summarize and report financial and other information in SEC filings.  Additionally, any deficiency in these controls and procedures should be reported.

The SEC reminds companies that their principal executive officer and principal financial officer must make individual certifications regarding the design and effectiveness of disclosure controls and procedures. These certifications should take into account cybersecurity-related controls and procedures.

Furthermore, as discussed above, a company should have proper policies and procedures preventing officers, directors and other insiders from trading on material nonpublic information related to cybersecurity risks and incidents.

Regulation FD and Selective Disclosure

Companies may have disclosure obligations under Regulation FD related to cybersecurity matters. Under Regulation FD, “when an issuer, or person acting on its behalf, discloses material nonpublic information to certain enumerated persons it must make public disclosure of that information.” The SEC reminds companies that these requirements also relate to cybersecurity matters and that, along with all the other disclosure requirements, policies and procedures should specifically address any disclosures of material non-public information related to cybersecurity.

The 2017 SEC Government-Business Forum On Small Business Capital Formation

On November 30, 2017, the SEC held its annual Government-Business Forum on Small Business Capital Formation (the “Forum”). It will be several months until the final report with recommendations from the forum is published, but the opening remarks from SEC Chair Jay Clayton and Commissioners Kara Stein and Michael Piwowar provide ongoing and consistent guidance as to the current focus of the SEC. For a review of the recommendations by last year’s forum, see HERE.

As expected, the topics of cryptocurrency and ICO’s were front and center at the Forum. In his opening remarks at the Forum, Division of Corporation Finance Director William Hinman confirmed that the SECbelieves that ICO’s generally involve securities offerings and that the securities laws must be complied with. Hinman continued that the SEC is providing guidance through enforcement and public statements on the topic.

As with other statements and speeches, the SEC hedges by pointing out the validity of an ICO as a capital raising tool, and of course, the innovation potential of blockchain. The SEC is not trying to discourage ICO’s or blockchain innovation; they are trying to discourage ICO’s that fail to comply with securities laws, and the unfortunate, multiple frauds being perpetuated as a result of the frenzy surrounding this new technology.

Remarks by Chairman Jay Clayton

Chair Clayton is consistent with the theme he has been putting forth since taking office: The SEC is committed to helping Main Street investors. The Forum provides a key opportunity for the small-cap marketplace to have their voices heard regarding issues and desired changes to federal securities regulations and the regulatory system.

Chair Clayton reiterates the SEC’s three-part mission to (i) protect investors; (ii) maintain fair, orderly and efficient markets; and (iii) facilitate capital formation. Furthermore, although capital formation is important for all businesses, small and medium-sized businesses contribute the most to U.S. job creation, generating 62% of new jobs. Along the same lines, the SEC wants to open more investment opportunities into small businesses for Main Street investors. In that regard, Jay Clayton points out the Regulation A public offering process. As an aside, I was happy to see him recognize Regulation A as an IPO, whereas when he first took office, he seemed to view Regulation A as outside the IPO realm.

Remarks by Commissioner Michael Piwowar

Michael Piwowar’s statement was short and pointed. As anyone that follows my blog knows, I am a fan of Piwowar, agreeing with most of his views, and more so his willingness to express those views, even when contrary to other SEC chiefs or the legislature. Mr. Piwowar has been vocal about his disagreement with the pay ratio disclosure requirements mandated by the Dodd-Frank Act and uses his statement as an opportunity to reiterate that view, while pointing out that the recent interpretative guidance on the subject will help with the compliance burden. I have not written about that guidance as of yet, but my prior blog on the pay ratio rules can be read HERE.

Commissioner Piwowar also points out other SEC actions to assist with small businesses and capital formation, including the newest proposed rules to modernize and simplify disclosures (see HERE) and the SEC’s action to allow all companies to file confidential registration statements (see HERE).

Commissioner Piwowar ends his statement by promising that he will personally give careful consideration to this year’s recommendations of the Forum. I hope so, as the recommendations are always on point to assist the small-cap marketplace.

Remarks by Commissioner Kara Stein

Commissioner Stein began with the usual niceties regarding the forum and its importance for communication between regulators and the small-cap market. Adding her own perspective, Commissioner Stein points out that a lot of the SEC’s effort and rules are “designed to facilitate trust between… market participants – the small businesses seeking to raise capital, the investors who wish to support their growth, and their service providers.”  Continuing to add her own unique voice, Ms. Stein talked about the need for diversity of companies and investors and bringing capital raising (and a voice in the process) to different parts of the country.

The Senate Banking Committee’s Hearing On Cryptocurrencies

On February 6, 2018, the United States Senate Committee on Banking Housing and Urban Affairs (“Banking Committee”) held a hearing on “Virtual Currencies: The Oversight Role of the U.S. Securities and Exchange Commission and the U.S. Commodity Futures Trading Commission.” Both SEC Chairman Jay Clayton and CFTC Chairman J. Christopher Giancarlo testified and provided written testimony. The marketplace as a whole had a positive reaction to the testimony, with Bitcoin prices immediately jumping up by over $1600. This blog reviews the testimony and provides my usual commentary.

The SEC and CFTC Share Joint Regulatory Oversight

The Banking Committee hearing follows SEC and CFTC joint statements on January 19, 2018 and a joint op-ed piece in the Wall Street Journal published on January 25, 2018 (see HERE). As with other areas in capital markets, such as swaps, the SEC and CFTC have joint regulatory oversight over cryptocurrencies. Where the SEC regulates securities and securities markets, the CFTC does the same for commodities and commodity markets.

Bitcoin has been determined to be a commodity and as such, the CFTC has regulatory oversight over futures, options, and derivatives contracts on virtual currencies and has oversight to pursue claims of fraud or manipulation involving a virtual currency traded in interstate commerce. Nevertheless, the CFTC does NOT have regulatory jurisdiction over markets or platforms conducting cash or “spot” transactions in virtual currencies or other commodities or over participants on such platforms. These spot virtual currency or cash markets often self-certify or are subject to state regulatory oversight. However, the CFTC does have enforcement jurisdiction to investigate fraud and manipulation in virtual currency derivatives markets and in underlying virtual currency spot markets.

The SEC does not have jurisdiction over currencies, including true virtual currencies. However, many, if not all, token offerings have been for the purpose of raising capital and have involved speculative investment contracts, thus implicating the jurisdiction of the SEC, in the offering and secondary trading markets.

Chair Clayton repeated that “every ICO I’ve seen is a security,” and added, “[T]hose who engage in semantic gymnastics or elaborate re-structuring exercises in an effort to avoid having a coin be a security are squarely in the crosshairs of our enforcement division.” Chair Clayton is very concerned that Main Street investors are getting caught up in the hype and investing money they cannot afford to lose, without proper (if any) disclosure, and without understanding the risks.  He also reiterates previous messaging that to date no ICO has been registered with the SEC and that ICO’s are international in nature such that the SEC may not be able to recover lost funds or effectively pursue bad actors. Cybersecurity is also a big risk associated with ICO investments and the cryptocurrency market as a whole. Chair Clayton cites a study that more than 10% of total ICO proceeds, estimated at over $400 million, has been lost to hackers and cyberattacks.

It is becoming increasingly certain that the U.S. will impose a new regulatory regime over those tokens that are not a true cryptocurrency, which would likely include all tokens issued on the Ethereum blockchain for capital raising purposes. Clayton made the distinction between Bitcoin, which is decentralized, on a public Blockchain and mined or produced by the public and other “securities tokens” which are the cryptocurrencies that developed by an organization and created and issued primarily for capital formation and secondary trading.

Many tokens are being fashioned that outright and purposefully resemble equity in an enterprise as a new way to represent equity and capital ownership. Clearly this falls directly within the SEC jurisdiction, and state corporate regulatory oversight as well. Furthermore, there are instances where a token is issued in a capital-raising securities offering and later becomes a commodity, or instances where a token securities offering is bundled to include options or futures contracts, implicating both SEC and CFTC compliance requirements.

In the Banking Committee testimony, the SEC and CFTC presented a united front, confirming that they are cooperating and working together to ensure effective oversight. Both agencies have established virtual currency task forces and their respective enforcement divisions are cooperating and sharing information. Also, both agencies have launched efforts to educate the public on virtual currencies, with the CFTC publishing numerous articles and creating a dedicated “Bitcoin” webpage.

In addition to cooperating with each other, they are also cooperating and communicating with the NASAA, the Consumer Financial Protection Bureau, FinCen, the IRS, state regulators and others.

The Technology

Consistent with all statements by the regulators, both the SEC and CFTC agree that that blockchain technology is disruptive and has the potential to, and likely will, change the capital markets. Moreover, both agencies consistently reiterate their support of these changes and desire to foster innovation.  In fact, the new technology has the potential to help regulators better monitor transactions, holdings and obligations and other market activities.

Chair Giancarlo’s testimony states that “DLT is likely to have a broad and lasting impact on global financial markets in payments, banking, securities settlement, title recording, cyber security and trade reporting and analysis. When tied to virtual currencies, this technology aims to serve as a new store of value, facilitate secure payments, enable asset transfers, and power new applications.” In addition, smart contracts have the ability to value themselves in real time and report information to data repositories.

However, regulation and oversight need to be fashioned that properly address the new technology and business operations. Both agencies are engaging in discussions with industry participants at all levels. A few of the key issues that will need to be resolved include custody, liquidation, valuation, cybersecurity at all levels, governance, clearing and settlement, and anti-money laundering and know-your-customer matters.

Overall, Chair Giancarlo seemed more positive and excited about blockchain and Bitcoin, pointing out current uses including a recent transaction where 66 million tons of American soybeans were handled in a blockchain transaction to China. Chair Clayton, while likely also very enthusiastic about the technology, is currently more focused on the fraud and misuse that has consumed this space recently.

Current Regulations and Needed Change

While the agencies investigate and review needed changes to the regulatory environment, both maintain that current regulations can be relied upon to address the current state of the market. On the SEC side, Chair Clayton walked the Banking Committee through previous SEC statements and the DAO Section 21(a) report issued in July 2017. He again confirmed that the Howey Test remains the appropriate standard for determining whether a particular token involves an investment contract and the application of the federal securities laws. The current registration and exemption requirements are also appropriate for ICO offerings. An issuer can either register an offering, or rely on exemptions such as Regulation D for any capital-raising transaction, including those involving tokens.

Conversely, the current regulatory framework related to exchange traded fund products (ETF’s) needs some work before a virtual currency product could be approved. Issues remain surrounding liquidity, valuation, custody of holdings, creation, redemption and arbitrage. In that regard, in a coming blog, I will review an SEC letter dated January 18, 2018 entitled “Engaging on Fund Innovation and Cryptocurrency-related Holdings” outlining why a crypto-related ETF would not be approved at this time.  Senator Mark Warner was quick to point out that there seems to be a regulatory disconnect where an SEC governed ETF is not approved, but a CFTC-governed Bitcoin future is allowed.

The current federal broker-dealer registration requirements remain the best test to determine if an exchange or other offering participant is required to be registered and a member of FINRA. Chair Clayton repeats his warning shot to gatekeepers such as attorneys and accountants that are involved in ICO’s and the crypto marketplace as a whole. Chair Clayton expresses concern that crypto markets often look similar to regulated securities markets and even are called “exchanges”; however, “investors transacting on these trading platforms do not receive many of the market protections that they would when transacting through broker-dealers on registered exchanges or alternative trading systems (ATSs), such as best execution, prohibitions on front running, short sale restrictions, and custody and capital requirements.”

CFTC Chair Giancarlo reiterated that current regulations related to futures, options, and derivatives contracts, and the registration (or lack thereof through self-certification) of spot currency exchanges are being utilized in the virtual currency market. However, the part of the regulatory system that completely defers to state law may need change. In particular, check cashing, payment processing and money transmission services are primarily state regulated. Many of the Internet-based cryptocurrency trading platforms have registered as payment services and are not subject to direct oversight by the SEC or the CFTC, and both agencies expressed concern about this jurisdictional gap.

Giancarlo was especially critical of this state-by-state approach and suggested new federal legislation, including legislation related to data reporting, capital requirements, cybersecurity standards, measures to prevent fraud, price manipulation, anti-money laundering, and “know your customer” protections. “To be clear, the CFTC does not regulate the dozens of virtual currency trading platforms here and abroad,” Giancarlo said, clarifying that the CFTC can’t require cyber-protections, platform safeguards and other things that consumers might expect from traditional marketplaces.

Chair Clayton expressed the same concerns, especially the lack of protections for Main Street investors. Chair Clayton stated, “I think our Main Street investors look at these virtual currency platforms and assume they are regulated in the same way that a stock is regulated and, as I said, it’s far from that and I think we should address that.”

I am always an advocate of federal oversight of capital markets matters that cross state lines. A state-by-state approach is always inconsistent, expensive, and inefficient for market participants.

Both agencies are clear that regardless of the technology and nomenclature, they are and will continue to actively pursue cases of fraud and misconduct. Current regulations or questions related to needed changes do not affect this role. However, Chair Clayton did impress upon the Banking Committee that the current hiring freeze and budgetary restraints are an impediment. The SEC specifically needs more attorneys in their enforcement and trading and markets divisions.

Further Reading on DLT/Blockchain and ICO’s

For an introduction on distributed ledger technology, including a summary of FINRA’s Report on Distributed Ledger Technology and Implication of Blockchain for the Securities Industry, see HERE.

For a discussion on the Section 21(a) Report on the DAO investigation, statements by the Divisions of Corporation Finance and Enforcement related to the investigative report and the SEC’s Investor Bulletin on ICO’s, see HERE.

For a summary of SEC Chief Accountant Wesley R. Bricker’s statements on ICO’s and accounting implications, see HERE.

For an update on state distributed ledger technology and blockchain regulations, see HERE.

For a summary of the SEC and NASAA statements on ICO’s and updates on enforcement proceedings as of January 2018, see HERE.

For a summary of the SEC and CFTC joint statements on cryptocurrencies, including The Wall Street Journalop-ed article and information on the International Organization of Securities Commissions statement and warning on ICO’s, see HERE.

For a review of the CFTC role and position on cryptocurrencies, see HERE.

Inquiries of a technical nature are always encouraged. Contact us now.

The CFTC And Cryptocurrencies

The SEC and U.S. Commodity Futures Trading Commission (CFTC) have been actively policing the crypto or virtual currency space. Both regulators have filed multiple enforcement actions against companies and individuals for improper activities including fraud. On January 25, 2018, SEC Chairman Jay Clayton and CFTC Chairman J. Christopher Giancarlo published a joint op-ed piece in the Wall Street Journal on the topic.

Backing up a little, on October 17, 2017, the LabCFTC office of the CFTC published “A CFTC Primer on Virtual Currencies” in which it defines virtual currencies and outlines the uses and risks of virtual currencies and the role of the CFTC. The CFTC first found that Bitcoin and other virtual currencies are properly defined as commodities in 2015. Accordingly, the CFTC has regulatory oversight over futures, options, and derivatives contracts on virtual currencies and has oversight to pursue claims of fraud or manipulation involving a virtual currency traded in interstate commerce. Beyond instances of fraud or manipulation, the CFTC generally does not oversee “spot” or cash market exchanges and transactions involving virtual currencies that do not utilize margin, leverage or financing. Rather, these “exchanges” are regulated as payment processors or money transmitters under state law.

The role of the CFTC is substantially similar to the SEC with a mission to “foster open, transparent, competitive and financially sound markets” and to “protect market users and their funds, consumers and the public from fraud, manipulation and abusive practices related to derivatives and other products subject to the Commodity Exchange Act (CEA).” The definition of a commodity under the CEA is as broad as the definition of a security under the Securities Act of 1933, including a physical commodity such as an agricultural product, a currency or interest rate or “all services, rights and interests in which the contracts for future delivery are presently or in the future dealt in” (i.e., futures, options and derivatives contracts).

Where the SEC regulates securities and securities markets, the CFTC does the same for commodities and commodity markets. At times the jurisdiction of the two regulators overlaps, such as related to swap transactions (see HERE). Furthermore, while there are no SEC licensed securities exchanges which trade virtual currencies or any tokens, there are several commodities exchanges that trade virtual currency products such as swaps and options, including the TeraExchange, North American Derivatives Exchange and LedgerX.

The Commodity Exchange Act would prohibit the trading of a virtual currency future, option or swap on a platform or facility not licensed by the CFTC. Moreover, the National Futures Association (NFA) is now requiring member commodity pool operators (CPO’s) and commodity trading advisors (CTA’s) to immediately notify the NFA if they operate a pool or manage an account that engaged in a transaction involving a virtual currency or virtual currency derivative.

The CFTC refers to the IRS’s definition of a “virtual currency” and in particular:

A virtual currency is a digital representation of value that functions as a medium of exchange, a unit of account, and/or a store of value. In some environments it operates like real currency but it does not have legal tender status in the U.S. Virtual currency that has an equivalent value in real currency, or that acts as a substitute for real currency, is referred to as a convertible virtual currency.  Bitcoin is one example of a convertible virtual currency.

I note that neither the CFTC’s definition of Bitcoin as a commodity, nor the IRS’s definition of a virtual currency, conflicts with the SEC’s position that most cryptocurrencies and initial cryptocurrency offerings today are securities requiring compliance with the federal securities laws. The SEC’s position is based on an analysis of the current market for ICO’s and the issuance of “coins” or “tokens” for capital raising transactions and as speculative investment contracts. In fact, a cryptocurrency which today may be an investment contract (security) can morph into a commodity (currency) or other type of digital asset. For example, an offering of XYZ token for the purpose of raising capital to build a software or blockchain platform or community where XYZ token can be used as a currency would rightfully be considered a securities offering that needs to comply with the federal securities laws. However, when the XYZ token is issued and can be used as a form of currency, it would become a commodity. Furthermore, the bundling of a token securities offering to include options or futures contracts may implicate both SEC and CFTC compliance requirements.

The CFTC primer gives a little background on Bitcoin, which was created in 2008 by a person or group using the pseudonym “Satoshi Nakamoto” as an electric payment system based on cryptographic proof allowing any two parties to transact directly without the need for a trusted third party, such as a bank or credit card company. Bitcoin is partially anonymous, with individuals being identified by an alphanumeric address. Bitcoin runs on a blockchain-decentralized network of computers and uses open-source software and “miners” to validate transactions through solving complex algorithmic mathematical equations.

A virtual currency can be used as a store of value; however, virtual currencies are not a yield asset in that they do not generate dividends or interest. Virtual currencies can generally be traded with resulting capital gains or losses. The CFTC, like all regulators, points out the significant speculation and volatility risk. The CFTC reiterates the large incidents of fraud involving crypto marketplaces. Furthermore, there is a significant cybersecurity risk. If a “wallet” holding cryptosecurities is hacked, they are likely gone without a chance of recovery.

Although many virtual currencies, including Bitcoin, market themselves as a payment method, the ability to utilize Bitcoin and other virtual currencies for everyday goods and services has not yet come to fruition. In fact, the trend toward Bitcoin being a regularly accepted payment has seemed to have gone the other way, with payment processor Stripe, tech giant Microsoft and gaming platform Steam discontinuing Bitcoin support due to lengthy transaction times and increased transaction failure rates.

Further Reading on DLT/Blockchain and ICO’s

For an introduction on distributed ledger technology, including a summary of FINRA’s Report on Distributed Ledger Technology and Implication of Blockchain for the Securities Industry, see HERE.

For a discussion on the Section 21(a) Report on the DAO investigation, statements by the Divisions of Corporation Finance and Enforcement related to the investigative report and the SEC’s Investor Bulletin on ICO’s, see HERE.

For a summary of SEC Chief Accountant Wesley R. Bricker’s statements on ICO’s and accounting implications, see HERE.

For an update on state distributed ledger technology and blockchain regulations, see HERE.

For a summary of the SEC and NASAA statements on ICO’s and updates on enforcement proceedings as of January 2018, see HERE.

To read about the SEC and CFTC joint statements and the Wall Street Journal op-ed article, see HERE.

Inquiries of a technical nature are always encouraged. Contact us now.