The European Securities and Markets Authority (ESMA) has issued two Statements on Initial Coin Offerings (ICOs) that have been since relayed by national european authorities. One statement is related to risks for investors and the other refers to the rules applicable to firms involved in ICOs. ESMA has observed a rapid growth in ICOs globally and in Europe and is concerned that investors may be unaware of the high risks that they are taking when investing in ICOs. Additionally, ESMA is concerned that firms involved in ICOs may conduct their activities without complying with relevant applicable EU legislation.

ESMA Statement for investors:

In this statement directed to potential investors in tokens and ICOs, ESMA presents an extensive list of risks they might be exposed to:

  • Depending on how they are structured, ICOs may fall outside of the scope of EU laws and regulations, in which case investors cannot benefit from the protection that these laws and regulations provide.

  • ICOs may be used for fraudulent or illicit activities, such as money laundering. Moreover several recent ICOs have been identified as frauds themselves

  • There is high risk for investors of losing all of their invested capital, especially considering the early development phase of most projects.

  • There are few or no redeem options for investors in some projects, given the limited number of trading places and the low volume of exchange.

  • Investors might run the risk of losing all of their invested capital as ICOs are very risky and highly speculative investments. ICOs are often subject to extreme price volatility and investors may not be able to redeem their tokens for a prolonged period. Besides, these markets are often subject to price manipulation and related fraudulent activities such as misinformation and insider trading.

  • The information that is made available to investors is, in most cases, unaudited, incomplete, unbalanced or even misleading (e.g. emphasis on the potential benefits but not the risks).

  • There may be flaws in the code used to create, transfer or store the coins or tokens ( as several hacks or errors resulting in financial loses have shown)

  • More generally, the underlying blockchain technology may not function quickly and securely.

ESMA statement for firms:

In this statement, ESMA explains that while some ICOs might not be regulated, firms involved in ICOs may still conduct regulated investment activities, such as placing, dealing in or advising on financial instruments, managing or marketing collective investment schemes or involvment in offering transferable securities to the public. In all of these cases, they will need to comply with the relevant legislation, including for example:

  • Prospectus Regulation (EU 2017/1129): Coins or tokens could fall within the definition of a transferable security and thus necessitate the publication of a prospectus subject to approval by national authorities.

  • Markets in Financial Instruments Directive MiFID II (2014/65/EU) : If coins or tokens qualify as a financial instrument, advising and services activities such as placing, dealing in or advising on financial instruments would require the application of MiFID rules in terms of conduct of business and transparency requirements. The recent update MIFID II and its regulation MIFIR increase reporting obligations and organisational rules.

  • Alternative Investment Fund Managers Directive AIFM (2011/61/EU) : ICOs may qualify as alternative investment funds, to the extent that they are raising capital with a view to investing with a defined investment policy. Therefore capital operational and organisational rules, as well transparency requirements might apply.

  • Fourth Anti-Money Laundering Directive AMLD4 (2015/849) : The Directive requires firms to carry out due diligence on customers and to have in place appropriate record-keeping and other internal procedures. Firms have an obligation to report any suspicious activity and to co-operate with any investigations by relevant public authorities.

ESMA stresses that firms involved in ICOs should give careful consideration as to whether their activities constitute regulated activities. Any failure to comply with the applicable rules will constitute a breach.