Bloomberg Law
July 27, 2018, 1:35 PM

INSIGHT: In the Wake of the DAO Report: A Year in Review

Christopher Conniff
Christopher Conniff
Ropes & Gray LLP
Helen Gugel
Helen Gugel
Ropes & Gray

One year ago, the Securities and Exchange Commission (SEC) issued an investigative report (the “DAO Report”) asserting that digital tokens issued in the context of an initial coin offering (ICO) may be securities and therefore subject to the agency’s jurisdiction. Since July 2017, the SEC has exercised active oversight over virtual currency activity in a variety of ways, including through enforcement actions and investigations, and has provided additional guidance to market participants about the appropriate classification of digital tokens.. This articles discusses these developments, along with lessons learned and expectations regarding the SEC’s future activity in this space.

I. Overview

The SEC brought its first enforcement action in the virtual currency space in July 2013, when it filed a federal action against an operator of an alleged Ponzi scheme based on “bitcoin dominated investments.” In doing so, the SEC argued that the investments fell under the catch-all category of securities known as “investment contracts.” Pursuant to the so-called Howey test, established by the Supreme Court in S.E.C. v. W.J. Howey Co., 328 U.S. 293 (1946), an investment contract is (i) an investment of money (ii) in a common enterprise (iii) with the expectation of profits (iv) solely from the efforts of a promoter or a third party. The defendant argued that, because investors paid for the investments with bitcoins rather than money, the first prong of the test was not satisfied. The court disagreed, holding that bitcoin is a form of money and that the investments at issue were securities. Sec. & Exch. Comm’n v. Shavers, No. 4:13-CV-416 (E.D. Tex. Aug. 6, 2013), adhered to on reconsideration, No. 4:13-CV-416 (E.D. Tex. Aug. 26, 2014).

In August 2013, then-SEC Chair Mary Jo White explained that the SEC likely has jurisdiction over any “interests issued by entities owning virtual currencies or providing returns based on assets such as virtual currencies” regardless of whether or not the underlying virtual currency is itself a security. Notwithstanding the agency’s claim to such authority, however, its virtual currency enforcement activity over the next few years was primarily limited to registration failures. See, e.g., In the Matter of Voorhees; In the Matter of BTC Trading Corp.; In the Matter of Sand Hill Exchange et al. The issuance of the DAO Report in July 2017 marked a meaningful step in the SEC’s oversight of this space by inserting the agency at the forefront of the rapidly expanding ICO market, which has already raised over $13 billion in capital worldwide. A twist on initial public offerings, ICOs are a way for blockchain-based businesses to raise capital for new projects by selling digital tokens that confer some value or right to users – including, in some cases, the possibility of additional returns based on the success of the underlying project. The report focused on the Decentralized Autonomous Organization (The DAO), an unincorporated organization that offered tokens for purchase using digital currency (ETH) connected to the Ethereum blockchain. The tokens represented interests in The DAO, and its organizers would invest in projects that received a majority vote from DAO token holders. It was marketed as a “for-profit entity whose objective was to fund projects in exchange for a return on investment.” The SEC investigated The DAO in connection with the offering’s potential applicability to the federal securities laws and whether the tokens constituted securities. Drawing on the Supreme Court’s decision in Howey, it determined that the DAO tokens were, indeed, securities. The SEC also noted that the determination of whether a digital token is a security is case-specific and based on “the economic realities of the transaction.”

Until the DAO Report, ICOs largely fell into a regulatory gray zone and were subject to very little oversight. Not one ICO had been registered with the Commission at that point. The SEC’s focus on the ICO market therefore represented a seismic shift in the burgeoning industry, even as the SEC’s conclusion that “virtual coins or tokens may be securities and subject to the federal securities laws” was arguably foreshadowed by its position in Shavers and by former Chair White’s remarks a few years earlier. A security offering must be registered with the SEC unless a valid exemption applies, thereby layering additional expense, bureaucracy and regulation onto ICOs. In addition, pursuant to Section 12 of the Securities Act, investors are granted rescission rights in the event that they purchase a security that does not comply with the relevant securities laws. Accordingly, in the wake of the DAO Report, investors in ICO may bring class actions alleging that the offered digital tokens were unregistered securities.

On the same day that the SEC issued the DAO Report, it released an investor bulletin detailing its position on ICOs. On the one hand, the SEC acknowledged the legality and validity of ICOs that comply with applicable federal laws and regulations, noting that ICOs “may provide fair and lawful investment opportunities.” In this way, the SEC seemed to endorse the idea that virtual currency could be a boon for market participants and activity. On the other hand, the SEC warned that “[d]epending on the facts and circumstances of each individual ICO, the virtual coins or tokens that are offered or sold may be securities.” Together, the DAO Report and investor bulletin signaled the SEC’s cautious receptiveness to ICOs so long as they were conducted in accordance with applicable laws and regulations.

II. Enforcement Actions

A. Conduct Sounding in Fraud

In the year since the issuance of the DAO Report, the SEC has brought a number of enforcement actions targeting ICOs. Many of these cases have been brought by the Cyber Unit, an initiative announced in September 2017 to “focus the Enforcement Division’s substantial cyber-related expertise on targeting cyber-related misconduct,” including “[v]iolations involving distributed ledger technology and initial coin offerings.” Most have involved fraud and follow a familiar pattern, whereby investors are lured into participating in an ICO with deceptive claims about the nature, scope and potential of the company’s operations. Other common enticements include “a white paper with a complex yet vague explanation of the investment opportunity, promises of guaranteed returns, and a countdown clock that shows time is quickly running out on the deal of a lifetime.” As the SEC recently noted in a court filing, the offerings are effectively “old-fashioned fraud dressed in a new-fashioned label.” Br. of SEC in Supp. of U.S. in Opp’n to Def.’s Mot. to Dismiss Indictment, U.S. v. Zaslavskiy, 17-cr-00647 (E.D.N.Y., filed Mar. 19, 2018).

These cases reflect the SEC’s oft-stated interest in fighting fraud in the virtual currency market and dovetail with the agency’s focus on “main street investors.” SEC Chairman Jay Clayton has expressed concern that “[t]he rapid growth of the ‘ICO’ market, and its widespread promotion as a new investment opportunity, has provided fertile ground for bad actors to take advantage of our Main Street investors” and the Commission has issued numerous investor alerts to warn market participants of the risks associated with ICOs. Notably, the SEC and its sister agency, the Commodity Futures Trading Commission, have also issued several statements together to affirm their joint commitment to combatting fraud. In doing so, the agencies have left open the possibility of overlapping jurisdiction in certain cases.

Certain of the SEC’s fraud cases have been accompanied by parallel criminal proceedings by the DOJ. For example, the Commission and DOJ are each pursuing charges against the founders of Centra Tech, a financial services firm that allegedly raised $32 million in an ICO based on false claims regarding the company’s ability to build a suite of financial products, including (i) a debit card that could instantly convert various cryptocurrencies into dollars or other fiat currency; (ii) an online marketplace where goods could be bought and sold with cryptocurrencies; and (iii) a tool to calculate exchange rates between different cryptocurrencies. These cases suggest that law enforcement and regulatory agencies are cooperating and coordinating to ensure more effective oversight of the virtual currency space – even as they occasionally appear to have jurisdictional jousts, as suggested by the DOJ’s recent effort to intervene in and stay the SEC’s civil action against Renwick Haddow, the alleged operator of a Ponzi scheme involving virtual currency, until a disposition in the criminal case. Notice of Mot., C.A. No. 17-cv-4950, Dkt. No. 88 (S.D.N.Y., filed July 18, 2018).

Notably, these cases can also provide an opportunity to market participants to challenge the SEC’s position that digital tokens are securities in a federal forum. For example, in October 2017, while an SEC case was pending based on the same facts, the DOJ charged Maksim Zaslavskiy “with securities fraud conspiracy in connection with engaging in illegal unregistered securities offerings and fraudulent conduct and misstatements designed to deceive investors as part of two Initial Coin Offerings.” The complaint alleged that Zaslavskiy, “with the help of others working with him, allegedly sold virtual tokens or coins to investors under the pretense that the coins were backed by investments in real estate and diamonds, even though no such investments existed.” Zaslavskiy filed a motion to dismiss the criminal case on the grounds that, among other things, neither virtual currencies generally nor the digital tokens at issue constitute securities for purposes of the federal securities laws. Both the SEC and DOJ filed briefs in opposition to the motion and participated in oral argument. The court’s decision on the motion to dismiss may be influenced by a recent development in a class action against Centra Tech: in June 2018, a magistrate judge issued a report and recommendation that applied the Howey test and concluded that the digital tokens on offer were securities subject to the SEC’s jurisdiction. In any event, the decision on Zalavskiy’s motion to dismiss will have far-reaching implications regarding the SEC’s reach in the virtual currency space and may impact enforcement actions in the pipeline.

B. Utility Tokens

The SEC has brought one ICO enforcement case that appears to have no indicia of fraud. This case, against Munchee, Inc., started to answer a question that has been raised by many market participants since the DAO Report – whether the Commission would pursue enforcement actions against ICOs in circumstances where the proffered digital token has some practical or commercial purpose separate and apart from its investment potential. These so-called “utility tokens” are intended to grant access or usage rights in a service or product offered by a specific project. Because sales of useful items are generally not regulated as securities offerings, there was much speculation about whether the SEC would consider utility tokens to be outside the scope of its ICO enforcement agenda. The Commission’s pursuit of Munchee made clear that the mere fact that a digital token is presented as a utility token does not exempt it from the definition of a security, although it did not resolve the substantive issue of whether and how a utility token may fall outside the line.

Munchee sought to raise capital to fund the development of an app to post and share restaurant and food reviews. According to the white paper, once the app was built, the digital tokens issued in the ICO (Mun Tokens) would be used to make purchases in the app or at participating restaurants or to buy advertising. At the time of the offering, however, the Mun Tokens served no commercial purpose. The SEC contacted Munchee within 24 hours of the start of the offering, which the company promptly halted, and the SEC thereafter issued an order concluding that the ICO “constituted unregistered securities offers and sales.” In support of this conclusion, the SEC applied the Howey analysis and noted, among other things, that the marketing materials for the ICO (i) described how the new app would “create demand for MUN Tokens;” (ii) “likened MUN to prior ICOs and digital assets that had created profits for investors;” (iii) were “specifically marketed to people interested in those assets – and those profits – rather than to people who, for example, might have wanted MUN tokens to buy advertising or increase their ‘tier’ as a reviewer on the Munchee App;” and (iv) noted the potential creation of a secondary market for Mun Tokens. The SEC explained that “[b]ecause of these and other company activities, investors would have had a reasonable belief that their investment in tokens could generate a return on their investment.”

It was not clear from the Order whether the SEC would have reached the same conclusion – that the Mun Tokens qualified as investment contracts – if the Munchee App were fully operational and the tokens could immediately be used to buy and sell goods or services. The Order cautioned that “[e]ven if MUN tokens had a practical use at the time of the offering, it would not preclude the token from being a security” and stated that “[d]etermining whether a transaction involves a security does not turn on labelling – such as characterizing an ICO as involving a ‘utility token’ – but instead requires an assessment of ‘the economic realities underlying a transaction.’” Several months later, William Hinman, Director of the SEC’s Division of Finance, provided additional guidance to market participants regarding the Commission’s position on utility tokens. He observed that “virtually any asset[s]” can be securities “provided the investor is reasonably expecting profits from the promoter’s efforts.” In doing so, he referenced a 1985 Second Circuit case suggesting that certain representations by the seller of a product could convert the product into a security offering. See Gary Plastic v. Merrill Lynch, 756 F.2d 230 (2d Cir. 1985) (applying Howey and concluding that, although bank certificates of deposit (CDs) are generally not securities, they were in this case because “a significant portion of the customer’s investment depends on Merrill Lynch’s managerial and financial expertise” – including its promises regarding the existence of a secondary market and its continuing marketing efforts, which would impact the value of the CDs and the potential for profit). Seen in this light, even a true utility token with an immediate use case could fall within the ambit of the federal securities laws depending on the presence of investment intent and how it was marketed. Indeed, Director Hinman underscored that the Howey analysis “is not static and does not strictly inhere to the instrument.”

Consistent with the concept of Howey as a moving target, Director Hinman stated that “a digital asset offered as a security can, over time, become something other than a security.” For example, a digital token that is used to purchase goods and services within a “sufficiently decentralized” network – i.e., one “where purchasers would no longer reasonably expect a person or group to carry out essential managerial or entrepreneurial efforts” – could evolve beyond its initial classification as security. As such, Director Hinman intimated that a fully functioning utility token may fall outside of the SEC’s jurisdiction. Where, however, a so-called utility token is sold to “develop the enterprise” and does not have an immediate commercial purpose, it will most likely be a security because the efforts of the promoter and others will be the primary source of value creation for the token. Director Hinman provided a number of factors in assessing whether a digital token is offered as an investment contract and thus a security, including the role of the promoter and whether the asset is designed for investment or consumptive purposes. Importantly, he concluded that current offers and sales of Ether and Bitcoin are not securities transactions.

Overall, Director Hinman’s speech suggests a softening of the SEC’s stance towards ICOs and a path forward for digital tokens that would take them outside of the Commission’s jurisdiction. At the very least, it seems less categorical than Chairman Clayton’s previous remarks that, “by and large, the structures of initial coin offerings that I have seen involve the offer and sale of securities,” such that all unregistered ICOs were likely running afoul of the federal securities laws. Moreover, the SEC has expressed a willingness to provide market participants with case-specific guidance on these issues, thereby further reducing the regulatory risk of ICO transactions. For example, Director Hinman has stated that “[w]e stand prepared to provide more formal interpretive or no-action guidance about the proper characterization of a digital asset in a proposed use.” Incidentally, the SEC may also be preparing to issue additional guidance or bright-line rules to inform the appropriate classification of digital tokens: Valerie Szczepanik, one the Commission’s foremost virtual currency experts and a founding member of the Cyber Unit, has been named Senior Advisor for Digital Assets and Innovation, a newly created advisory position to “coordinate efforts across all SEC Divisions and Offices regarding the application of U.S. securities laws to emerging digital asset technologies and innovations, including Initial Coin Offerings and cryptocurrencies.” These developments may help shrink many of the gray areas in which market participants are currently operating and stabilize some of the volatility that flows from market uncertainty.

III. Looking Ahead

The SEC shows no signs of slowing down its ICO enforcement activity past the one year mark. And indeed, in February 2018, various media outlets reported that the Commission had issued dozens of information requests to technology firms and advisers operating in the ICO space, suggesting a potential crackdown in the future. Future enforcement actions are likely to take several different forms.

First, given the Commission’s stated concerns regarding fraud and manipulation in the virtual currency markets – and its emphasis on issues impacting retail investors – it is likely to bring more garden-variety fraud cases. These may include cases based on false and misleading statements to lure “average joe” investors or “pump-and-dump” schemes that artificially inflate the value of digital tokens. Indeed, despite noting on several occasions that “pump-and-dumps” are a priority for the Commission, and that the potential for such manipulation in the ICO market is a concern for retail investors, the SEC has not yet brought a single case on this issue and is well due to bring an example action in this area. Incidentally, the SEC’s decision to abandon the “broken windows” theory of enforcement favored by the previous Commissioner may have an impact on its future ICO enforcement prerogatives as it looks for just the right case to send an intended message to market participants.

As part of its cases against fraudulent ICOs, the SEC may look to the role of celebrity endorsements in enticing investors to participate in an offering. In November 2017, the SEC cautioned that, Section 17(b) of the Securities Act, “[t]hese endorsements may be unlawful if they do not disclose the nature, source, and amount of any compensation paid, directly or indirectly, by the company in exchange for the endorsement.” Interestingly, even though it has pending enforcement cases against multiple ICOs that utilized celebrity endorsements, including AriseBank (Evander Holyfield) and Centra Tech (DJ Khaled and Floyd Mayweather), the Commission has not yet pursued charges in this regard. However, the Commission has in the past pursued cases against individuals and companies that provided undisclosed incentive-based recommendations to promote internet securities. For example, in 1998, the SEC filed 23 enforcement actions in a single day in an “unprecedented nationwide sweep” targeting promoters who, among other things, “purported to provide unbiased opinions in their recommendations, but
failed to disclose that they had received in total more than $6.3 million and nearly two million shares of cheap insider stock and options in exchange for touting services.”

Second, the SEC is likely to bring more cases involving the unregistered offer and sale of digital tokens that the Commission considers to be securities under Howey. In light of the SEC’s guidance on the line between lawful and unlawful fundraising guidance in the DAO Report, enforcement activity and public remarks – as well as the Commission’s repeat offers to engage with market participants on a case-by-case basis – the market is effectively on notice on issues pertaining to the classification of digital tokens. As a result, the penalties for registration violations are likely to be much steeper than the cease and desist order issued in Munchee.

Moreover, there are some indications that advisers may be targeted in cases involving registration issues. Chairman Clayton has repeatedly cautioned that market professionals – including securities lawyers, accountants, underwriters, and dealers – must “do better” in carrying out their responsibilities and ensuring ICO compliance with the federal securities laws. He has specifically called out attorneys who either (i) assist their clients in structuring what are effectively securities offerings, even as the attorneys claim that they are not securities and advise their clients to proceed with compliance with the securities laws and (ii) “offer ‘it depends’ equivocal advice” on the question of whether a coin is a security “rather than counseling their clients that the product they are promoting is likely a security.” With respect to these two scenarios, Chairman Clayton has “instructed the SEC staff to be on high alert for approaches to ICOs that may be contrary to the spirit of our securities laws and the professional obligations of the U.S. securities bar.”

The SEC may also expand its enforcement activity in the virtual currency space beyond ICOs. Public companies are a likely target. For example, in April, the SEC obtained a court order freezing more than $27 million in trading proceeds from allegedly illegal distributions and sales of restricted shares of Longfin Corp. According to the Complaint, filed in federal court, the defendants sold large blocks of their restricted shares to the public while the stock price was highly elevated following the announcement of the company’s acquisition of a purported cryptocurrency business. The Commission has also exercised its authority to temporarily suspend trading in public companies against over a dozen companies that purportedly made misleading statements relating to blockchain and virtual currency issues. Separately, the SEC has also taken note of the large numbers of hedge funds investing in virtual currency and begun raising “questions concerning how funds holding substantial amounts of cryptocurrencies and related products would satisfy the requirements” of the federal securities laws, including appropriate valuation of the funds holdings and maintaining sufficiently liquid assets in order to provide daily redemptions. These “questions” may eventually give rise to enforcement actions.

Christopher Conniff is a partner in Ropes & Gray’ LLP’s litigation & enforcement practice in New York, and co-lead of the firm’s securities enforcement practice. Helen Gugel is an associate in the litigation & enforcement practice at Ropes & Gray LLP in New York.
Jessica Soricelli and Catherine Djang also contributed to this article. Jessica F. Soricelli is an associate in the litigation & enforcement practice group in the New York office of Ropes & Gray LLP. Catherine Djang is an associate in the litigation & enforcement practice group in the New York office of Ropes & Gray LLP.