ICOs: Utility Tokens, SAFT & Secondary Markets

Up until this juncture it is no secret that ICOs have been a lawless free-for-all. Development teams with little more than a few-page PDF have been raising tens of millions or more without even so much as conducting KYC. Many point out that different jurisdictions have different securities and KYC laws but in the grand scheme of things these laws are actually quite uniform. They certainly will appear pretty standardised to ICO teams that up until now have completely ignored them. The laws are suitably standardised from what I can see that it’s actually possible to sum up what a security is in the western jurisdictions I have taken a look at in one sentence: Something is a security if it is a collective investment scheme in which profit from a pooled investment results from the work of a management team that is distinct from passive investors. Within this definition there is a subset which is the case where the investment is used to speculate with investors’ money. In this case investors are granted an extra level of security that offers further rights over a standard security in a vehicle known as a ‘fund’.


The Security Question

Are tokens securities? Well that’s the question on everyone’s lips isn’t it? Last month the SEC sent a shot across the bows in describing the DAO tokens as securities. One long-time observer of relevant experience has famously long been of mind they are but others think the situation is more nuanced. Some declare that utility tokens – tokens that are required to use an app – are not securities. CoinList, the engineers of the Simple Agreement for Future Tokens (SAFT) raise the bar a little higher in declaring that a utility token is only not a security if the protocol is built prior to token issuance. I’m not a lawyer, but I’m an economist with common sense and to me the situation is not nuanced. If the investment is used to develop the app the tokens are part of and if the tokens float in value from the original investment – and all bar one I’ve seen do – they’re securities. I’ll explain why.

The crucial point here from an economics point of view is that all these tokens form part of an open source software network which, like all open source software, does not accrue profit for its creators. If these tokens were issued by a business, like many online virtual currencies are for example, they could avoid being securities (but not money services business laws) as even if a profit was accrued from their issuance it could be redeemed via the company. The company of course is itself already a security represented through shares held by investors so designating the currency as a security would be unnecessary. This is analogous to the original Howey case if one thinks about it. In that case the orange grove was the security with its own currency called oranges (lets call it ONG for lols). Like in the previous example, there was no need to treat the oranges as securities as the investors are already protected via their security in the orange grove (after a judge said so). In both cases if the currencies themselves were issued directly to investors the situation could be different. In the case of the online digital currency, if it was floating on the free market and its price was affected by the actions of company management, then I think yes they probably would be securities – I’ll develop this point later. In the case of the oranges, it should go without saying that once they fall off the tree, their value is dictated solely by the forces of supply and demand so they cannot be securities subsequent to issuance.

In the case of crypto-currency issuance, we can see that no such prior security exists for investors. When money is invested that results in the issuance of a appcoin (utility token), no profit can be accrued via the free-to-use application the currencies (are supposed to) derive their value from. It is the currency itself that is the sole vehicle investors can expect to reap rewards from their investment – at this juncture I’m assuming they wish to reap rewards. Using the definition I provided earlier, I cannot fathom how that these currencies would therefore not be deemed securities. The only way the utility token defence would stand up to scrutiny in my book would be if the invested money wasn’t used to develop and market both the application and currency. In every single case I’ve seen thus far it has been however. ICOs are thus the fundraising element of business (profit-seeking) ventures in which the only element that can be securitised is the currency. The fact that this is the case should kind of really be obvious from a cursory look at the token sales themselves (but somehow isn’t to most including many lawyers). The Filecoin ICO, to take one example, didn’t offer shares in IPFS, it offered filecoins to investors. The founders themselves are rewarded with filecoins without staking money themselves. It is hoped that these tokens will accrue value due to demand created subsequent to development and marketing of the software and accompanying tokens. Does this not look like an awfully familiar arrangement? Imagine IPFS were a business and its investors and founders were issued shares in it. I’ll say no more.

There is of course one other obvious way these tokens may not be considered securities. They would not be securities if those funding the venture were doing so to donate money to a cause they believe in, expecting to wave their money goodbye. Funnily enough, this is exactly what most of these arrangements claim to be. It is explicitly stated in almost every offering that the ownership of the token confers no rights whatsoever to investors regarding the development of the software. Under such an agreement – I’m sure a judge would annul the contract – it is technically possible that the development team could actually decline to issue tokens at all. The fact of the matter is that at the very least a large majority of ICO investors are buying tokens in order to sell them at a profit subsequent to development of an application – and a healthy dose of marketing of course. That’s the underlying unspoken investment contract here the spirit of which I’d be shocked a judge didn’t acknowledge in court if it came to pass.

There are plenty examples of evidence of this unspoken contract in the wild. Last year Ethereum suffered a consensus failure between its two main implementations Geth and Parity. This caused the price of Ethereum to take a battering. If one surveyed r/Ethereum for the subsequent few hours one would have been struck by the amount of angry posts from token holders seeking out those who were responsible for the large dent in their investment. As evidenced in the link above, those who were responsible engaged at finger pointing at each other in turn. In another example, Joey Krug, the founder of Augur has recently taken the position of Chief Investment Dude with Pantera Capital. This has led employees of a firm that has initiated a number of ‘not-a-security’ ICOs (and is now I hear in the process of launching Consensys Capital to invest in more of these schemes) to question his commitment to Augur investors even going so far as to use the word ‘fiduciary’. Oh the irony! Common sense tells me that if issuers and investors behave like management and shareholders in a business enterprise, a court will duly find they have equivalent rights and responsibilities even if we’re talking about an unconventional contract that doesn’t represent a claim over a company – the infamous quacks like a duck test. Common sense is not something one finds very often in a bubble market drunk on gains unfortunately.



The SAFT, in fairness, does involve an actual promise. This promise is to deliver tokens at a future date once the protocol is built. Oddly enough the SAFT advertises itself as a security. Now again this contract was written by lawyers, and again I’m not a lawyer, but a simple agreement for future tokens sounds a hell of a lot more like an advanced/pre-paid purchase order contract than an investment contract to me. The focus here is on the tokens themselves so I won’t labour on this question but I welcome the thoughts of any lawyer that may read this.

So after the SAFT formalises a promise to deliver tokens in the future, and investors are waiting for said tokens, their money is put to work developing the software and marketing it – which is of course what will create demand for the tokens in the future. As I said above, in practice, investors are in the business of buying and selling tokens for profit and the level of profit (or loss) an investor can expect emanates primarily from the work of the development team that programmes the software. Speculators and outside forces of course can also affect the price of the tokens but the same is true for equities. The fact the tokens float on the free market won’t give issuers and developers a free pass when one of these arrangements ends up in a court room.

This unspoken profit-seeking contract between issuer and investor is not acknowledged in any way by SAFT yet it continues long after the SAFT has been terminated. So although the CoinList folk at least make some attempt to acknowledge the existence of the state – which in the crypto-currency space is a very big deal – they get it horribly wrong in representing the SAFT as an investment contract when it looks an awful lot like a purchase order contract for tokens which represent the focus of the actual investment contract between issuer and investor. It therefore for me, merely represents the latest attempt in a long list of verbal gymnastic contracts between token issuers and investors that attempt to circumvent securities laws.

Once the tokens are delivered what rights do holders have? According to the SAFT none at all, as it was merely an agreement to deliver tokens. It would be foolish to think that if there were any impropriety in management of the project subsequent to the delivery of the tokens, such as the team neglecting to fix a bug, or if one was introduced via a protocol upgrade, that the token holders would simply lie down and accept a market crash. There would – as I have already mentioned we’ve seen in practice – be uproar and if this resulted in a court case, the judge would quickly become aware that the token holders are profit-seeking investors and that the profits were fundamentally derived from the work of the issuing/developing/managing party, i.e, the judge would become aware that the tokens are securities and that the SAFT merely represents a poor attempt at obfuscating this reality.

The only way I can see this situation becoming a little less crystal clear than I have made it out to be is if over the course of time the original issuers and developers step aside from the project and others join it and work on it for free after the initial funds have run out. If the developers then made a mistake, or acted with malice for personal gain, their fiduciary responsibilities are far from clear. I wouldn’t like to be the judge adjudicating on that one. Thus far we haven’t seen this situation as all the ‘foundations’ that have raised funds (and haven’t been hacked), are currently stacked with years of funding due to the inflated market.


Secondary Markets

Another feature of the SAFT worth noting is that only accredited investors are permitted to participate. In the US – to take a sample jurisdiction – such a restriction can grant a security issuer an exemption from registering their security with the SEC if their funding is less than $5m under Regulation D rules or under $50m under Regulation A+ rules. It is worth noting however that this restricts trading in secondary markets. This means that since Filecoin exceeded both limits under registration exemption rules, the only way it can currently be exempt from registering as a security is via rule 506 of Regulation D. The issue here would be that the tokens, by the looks of things, would be deemed ‘restricted securities’ that cannot be traded freely on secondary markets. Since the intention is to list filecoin on exchanges subsequent to the development of the protocol I believe at that stage the venture will step over the line of non-compliance with US securities laws (and everywhere else in the west too) and join the ranks of the thousands of non-compliant securities I believe are out there on non-compliant securities exchanges.



Maybe I’ve gotten everything horribly wrong. Maybe the Ethereum Foundation, Tezos, Kik, Filecoin, we-do-our-very-own-howey-test Poloniex, Kraken, Bittrex, et al are getting solid legal advice and they’re A OK. And maybe this sounds pretty arrogant coming from a layman with zero legal training but I’m pretty sure I’m not wrong. The quality of legal advice these predominantly young technologists are receiving (if they’re receiving any) is abominable and I hope this will be the saving grace of the well-intentioned ones which as far as I can see constitute the majority. Thus far the SEC has only ruled the DAO tokens were securities and has recently called two projects regarding their activities one of which yesterday announced they giving up the ghost. Maybe the regulators themselves have also been blinded by all the media hype and new paradigm jargon. Regardless, I think it is only a matter of time that the penny will drop with the powers that be that the token doesn’t have to explicitly offer some sort of profit-sharing in an enterprise in order for there to be an unspoken promise of profit. This promise being the offer of an early entry to a deflationary currency party that attracts new buyers with a shiny new open source decentralised application. That’s the real deal that’s struck here and issuers and investors alike know it. If they know it, the SEC will eventually know it too as sooner or later one of these unspoken arrangements will hit the rocks. Given there are now a few ICOs every day, and regulators’ resources are limited, I’m guessing they will go after some high profile cases to send a message but mainly focus on a cost-efficient attack on the exchanges that are the lifeblood of all these investment contracts.

If I’m right in my predictions winter is coming to the crypto-currency market and it will not see spring until it grows up and gets compliant. I’ll leave the necessary conversation regarding the compatibility of compliant securities with public blockchains for another day.