by Carla Reyes

Token sales may be subject to a number of complex regulatory regimes in the United States, at both federal and state levels. Increasing that complexity is very little uniformity across states; token sale operators must develop a 50-state compliance strategy. At the federal level, at least four separate regulatory offices have jurisdiction over different aspects of token sales; and the treatment of token sales under each regime continues to emerge. In this
section, we overview the law in its current implementation. We expect ongoing enforcement activity from the various regulators to refine the law as it applies to token sales.

Regulatory framework

This section discusses five substantive areas of US law—securities regulation, commodities regulation, money services business laws, consumer protection laws, and regulations overseen by the Office of Foreign Asset Control—that apply to token sales in the United States. Where appropriate, we examine both federal and state law.

The Securities Act of 1933 and the Securities Exchange Act of 1934

The Securities Act of 1933 and the Securities Exchange Act of 1934 Section 5 of the Securities Act of 1933 (the “Securities Act”) requires that all securities offered for sale be registered with the SEC unless an exemption applies. Further, it requires “that the issuer disclose a variety of information to investors in connection with the registration
requirement.”

The Securities Exchange Act of 1934 (the “Exchange Act”) imposes ongoing disclosure requirements. Further, both it and the Securities Act prohibit issuers from defrauding the public and impose liability for any misstatement or omission of material facts. These antifraud provisions are particularly broad. The registration, disclosure, and antifraud provisions apply only to the sale of instruments that qualify as a security. The analysis of tokens under US securities law thus begins with the definition of the term security.

Section 2(a)(1) of the Securities Act and Section 3(a)(10) of the Exchange Act generally define security as any note, stock, bond, debenture, evidence of indebtedness, certificate of interest, or participation in any profit-sharing agreement, transferable share, investment contract, or instrument “commonly known as a security.” On its face, this definition is quite broad. In particular, the catch-all term investment contract could apply to any number ofnstruments. Thus, the US Supreme Court uses the Howey test to consider the statutory definition of security as applied to “unusual instruments not easily characterized as securities.”

Legal academics predicted that courts and regulators would use the Howey test to determine whether a token constituted a security. In July 2017, the SEC confirmed as much by releasing a report in which it used the Howey test to determine that a blockchain-based token qualified as a security and required registration under Section 5 of
the Securities Act.

Under the Howey test, an instrument is an investment contract and qualifies as a security if: (1) “individuals were led to invest money, (2) “in a common enterprise,” (3) “with the expectation that they would earn a profit,” (4) “solely through the efforts of the promoter or of someone other than themselves.”

The Howey test is highly fact dependent and highly flexible, as determined in SEC v. C.M. Joiner Leasing Corp:

The reach of the [Securities] Act does not stop with the obvious and commonplace. Novel, uncommon, or irregular devices, whatever they appear to be, are also reached if it be proved as a matter of fact that they were widely offered or dealt in under terms or courses of dealing, which established their character in commerce as “investment contracts.”

In the context of token sales, the first two prongs of the Howey test are commonly satisfied. To purchase a token, the purchaser invests money or something else of value that substitutes for money, (e.g., cryptocurrency). Similarly, many token sales will satisfy the “common enterprise” element of the test, since the price received for a token on resale is linked to the results of other token holders. Therefore, many commentators believe that the last two elements of the Howey test are critical in the analysis of whether a token sale constitutes the sale of a security. Both of these elements— the “expectation of profits” and “solely from the efforts of others” elements—are intensely fact-dependent, meaning that the outcome for any given token sale may vary.

Recent SEC enforcement action bears out the fact dependence of the inquiry under the Howey test, and suggests that, for now at least, the SEC may be strongly preoccupied with its antifraud and investor-protection mandate. For example, when the SEC froze the assets of PlexCorps and RECoin in December 2017, the related press releases indicated that the presence of false promises of a 13-fold return on investment and false statements about the entity and staff operating the business weighed heavily in the enforcement decision.

Similarly, in the enforcement order against Munchee, the SEC found that those purchasing Munchee “MUN” tokens would have reasonably expected to profit from Munchee’s efforts to increase their value, because Munchee made statements in its token sale launch materials regarding how “MUN tokens would increase in value, and the ability for MUN token holders to trade MUN tokens on secondary markets.”

Leading commentators in the United States have debated how to structure a token sale adequately so that the token does not constitute a security under the Howey test. In a white paper coauthored with Protocol Labs, the law firm Cooley LLP introduced the idea of a simple agreement for future tokens (SAFT). The paper’s authors proposed a token sale structure in which token issuers first sell a SAFT to accredited investors.

Under the SAFT, the investors must immediately fund the token issuers, and the issuers must use those funds “to develop a genuinely functional network, with genuinely functional utility tokens, and then deliver those tokens to the investors once functional.” The idea is that, although the SAFT is clearly a security that requires compliance with the registration, disclosure, and antifraud provisions of US securities laws, the utility tokens generated and sold after the SAFT are not.

State blue-sky laws

Every state maintains its own securities laws, known as “blue-sky laws” that generally work to protect investors from fraud. Like their federal counterparts, the state blue-sky laws typically require registration of a sale of securities to the public unless an exemption
applies. Although most of the attention on the application of securities laws to token sales in the United States has been at the federal level, the State of Texas recently reminded everyone that token issuers should also consider state blue-sky laws.

On 4 January 2018, the Texas Securities Commissioner issued an emergency cease-and-desist order for BitConnect to stop offering any securities for sale in Texas until BitConnect registered with the Texas Securities Commissioner or received an exemption under
the Texas Securities Act.The Texas Securities Commissioner determined that BitConnect coins and investments in a BitConnect lending program each represented a security under the Texas Securities Act, and as such, BitConnect should have registered in Texas prior to selling such instruments to residents of Texas through its website. The order also concluded that BitConnect failed to disclose material information related to its operations, the experience of its software developers, the riskiness associated with virtual currencies and investments in virtual currency-related business models, and the source of funds that it would use to pay investors the promised interest rate.

The Texas order reminds us that token issuers may be subject to state securities laws and that state regulators have many of the same concerns as their federal counterparts, including registration, adequate disclosure, and prevention of false and misleading public
statements. Furthermore, since BitConnect was a British company with no physical US presence, the Texas order reminds token issuers of the long-arm approach of most US state and federal regulators to jurisdiction.

Commodities law

In 2015, the Commodity Futures Trading Commission (CFTC) determined that virtual currencies, including decentralized virtual currencies, fall within the definition of commodities and may therefore fall within the ambit of the CFTC’s regulatory oversight. 36 In particular, “the CFTC has regulatory oversight over futures, options, and derivatives contracts on virtual currencies or if there is fraud or manipulation involving a virtual currency traded in interstate commerce.” More specifically with regard to token sales :

The CFTC has exclusive jurisdiction over the marketplace for “retail commodity transactions,” arrangement that Section 2(c)(2)(D) of the [Commodities Exchange Act (the CEA)] describes as any agreement, contract, or transaction that is offered or entered into by a party: on a leveraged or margined basis, or financed by the offeror, the counterparty, or a person acting in concert with the offeror or counterparty on a similar basis; and to or with persons who do not qualify as either an eligible contract participant (ECP) or an eligible commercial entity (ECE).

Thus, the CFTC regulates any virtual currency transactions conducted on a margined, leveraged, or financed basis as retail commodity transactions, unless an exception applies—if, for example, the contract of sale involved the leveraged, margined, or financed
purchase or sale of a commodity that resulted in actual delivery within 28 days. The CFTC issued a proposed interpretation of the term “actual delivery” in that exception on 15 December 2017. According to Perkins Coie, actual delivery of a virtual currency would
require that:

  1. There be a record on the relevant public distributed ledger
    network or blockchain of the transfer of the entire quantity of
    the virtual currency to the purchaser’s blockchain wallet
  2. The purchaser be able to freely use the virtual currency (both
    within and away from any particular platform)
  3. Neither the counterparty seller nor the platform retains any
    interest in or control over the transferred virtual currency
  4. The counterparty seller has transferred title to the purchaser,
    which may be reflected by linking the purchaser with proof
    of ownership of the wallet into which the virtual currency is
    transferred.

The implications are that any transactions documented on
intermediate, centralized, or internal exchange ledgers would not be
considered actual delivery, and so the underlying transactions would
be regulated as retail commodity transactions. 42 If adopted, the
proposed interpretation may have an impact on token sales.

Money services business laws

Regulation under the Federal Bank Secrecy Act

The Financial Crimes Enforcement Network of the US Department of the Treasury (FinCEN) enforces the Bank Secrecy Act (BSA) and its implementing regulations. The BSA and its regulations “subject financial institutions and money services businesses (MSBs) to a wide range of anti-money laundering obligations,” including registration, filing suspicious activity and currency transaction reports, and collecting and maintaining customer information and transaction records. MSBs include those entities that provide money transmission services.

In March 2013, FinCEN issued guidance (“virtual currency guidance”) on the application of the provisions of the BSA and its regulations governing money transmission to “convertible virtual currencies,” including decentralized virtual currencies. 44 It concluded that, when an administrator or exchanger of convertible virtual currency “transmit[s] decentralized virtual currency or legal tender from one user to another, or from one location to another,” such entities are money transmitters subject to the BSA and its regulations.

Under this virtual currency guidance, an administrator of a convertible virtual currency is the entity that has the power to issue (put into circulation) and withdraw (remove from circulation) a convertible virtual currency. 46 If an administrator of a convertible virtual currency allows transfers of value between persons or from one location to another, the administrator is, according to the guidance, engaging in regulated money transmission activity.

The guidance also considers entities to be exchangers of virtual currency and, therefore, money transmitters subject to BSA regulations when they accept real currency in exchange for virtual currency and when they resell or anonymize the sale of virtual currency by acting as an intermediary between the user and an administrator.

An entity can also qualify as an exchanger and money transmitter if the entity accepts decentralized virtual currency from one person or location and transmits it to another person or location as part of the acceptance and transfer of currency, funds, or other valuable substitute for currency. Under this interpretation of BSA regulations, the words “or location” indicate that, even if a transfer of legal tender is between two bank accounts belonging to the same person or if a transfer of virtual currency is between two wallets belonging to the same person, that transfer nonetheless constitutes money transmission, and as such is governed by BSA regulations.

In a token sale, the token seller typically accepts virtual currency from one person (the purchaser) and transmits a token back to that same person. That the exchange involves only one person does not eliminate the possibility that the exchange could be regulated as money transmission under BSA regulations. Rather, whether the exchange constitutes money transmission may depend upon the design and implementation of the token sale. The more control the token seller retains over the token after its initial sale, the greater the risk that FinCEN will view the exchange as money transmission.

Regulation under state money transmitter laws

Most states also regulate the sale of virtual currency—potentially including tokens—as money transmission, the sale of stored value, or the sale of payment instruments. Each state maintains a different statute, with different definitions of money transmission, stored
value, and payment instruments. We did not compile a 50-state catalog of statutes for this report.

However, like the federal money transmission regulatory counterpart, analysis under the state statutes is highly fact-dependent; some token sales may conceivably constitute money transmission under the laws of one or more states. At least some state regulators are watching the ICO landscape carefully and issuing warnings to investors to “go beyond the headlines and hype to understand the risks associated with investments in cryptocurrencies.”

Consumer protection laws

Federal Trade Commission Act Section 5

Section 5(a) of the Federal Trade Commission (FTC) Act prohibits  “unfair or deceptive acts or practices in or affecting commerce.” This prohibition extends to “such acts or practices involving foreign commerce that cause or are likely to cause reasonably foreseeable injury within the United States or involve material conduct occurring within the United States.” Unfair practices include activity that is “likely to cause substantial injury to consumers which is not reasonably avoidable by consumers themselves and not outweighed by countervailing benefits to consumers or to competition.” These prohibitions extend to endorsements of products by influential persons.

On 19 April 2017, the FTC issued letters to more than 90 influencers and marketers, warning them that they are required to “conspicuously disclose their relationships to brands when promoting or endorsing products through social media.” Although the FTC
warning referred generically to any type of product endorsement, we see no reason to exclude token sale endorsements. In fact, when the SEC later issued a warning under its own antifraud statutory provisions, the SEC made clear that token sale endorsements absolutely fell within the ambit of potential regulation. The FTC has both civil and criminal enforcement authority.

State unfair and deceptive trade practices acts

Like the FTC, states also enforce their own unfair and deceptive trade practices acts to protect consumers from false, misleading, or deceptive misstatements or omissions of material facts in commercial transactions. Token sellers must be careful with the statements
made in their white papers and in the promotion of their token sales. Misstatements or omissions of material facts under such circumstances could trigger enforcement actions by state attorneys general or private civil lawsuits.

Office of Foreign Asset Control Regulations

The Office of Foreign Asset Control (OFAC) of the US Department of the Treasury administers regulations intended to enforce economic and trade sanctions against specific countries and persons. These OFAC regulations generally prohibit all US citizens and legal permanent residents regardless of their physical location, all companies organized in the United States, all foreign branches of US companies, and any person or entity located in the United States from conducting, being involved in, or in any way facilitating a transaction with certain specially designated persons and persons and entities located in or connected to sanctioned countries. A token issuer who comes within the list of covered persons in one or more ways must be mindful of these OFAC regulatory obligations.