Fraudulent ICOs: How US Government Bodies Are Cracking Downbr>
Investigation and enforcement actions related to Initial Coin Offerings (ICOs) and cryptocurrencies more generally has primarily been the domain of the U.S. Securities and Exchange Commission (SEC), the U.S. Commodity Futures Trading Commission (CFTC), and the U.S. Department of Justice (DOJ).
For its part, the SEC is generally (but not exclusively) concerned with whether a digital token is a security and, if it is, whether the issuer complied with applicable securities laws, including whether the issuer either registered the security or had a valid exemption from registration.
The CFTC takes a similar approach, considering whether a token is a commodity and therefore subject to regulation and enforcement within its purview. And the DOJ focuses, although not solely, on those matters in which the conduct at issue has or appears to have a criminal component. But none of these agencies operate in a silo; there is considerable communication and cooperation among the SEC, CFTC, and DOJ, as well as other federal and state entities. And all have pursued a number of lawsuits and regulatory and enforcement actions, within their charge, aimed at ICOs.
Federal regulatory and criminal enforcement activity in this area relies primarily on the Securities Act of 1933, the Securities Exchange Act of 1934, the Commodity Exchange Act, and rules and regulations promulgated pursuant to those laws. The DOJ also relies on various federal criminal statutes, for example, those prohibiting wire fraud, unlicensed money transmitting businesses, and money laundering.
Regulation by Enforcement
The SEC took the enforcement lead in July 2017 when it issued an Investigative Report detailing its investigation of an ICO of crypto-tokens representing interests in the “DAO,” a decentralized autonomous organization, through the Ethereum blockchain. The DAO Report laid the foundation and analysis upon which future SEC arguments would be made to assert that ICOs are indeed offerings of securities.
The SEC also released a related Investor Bulletin on ICOs, and warned that some crypto “tokens” or “coins” may qualify as “securities” subject to the SEC’s jurisdiction that must be offered and exchanged in compliance with the securities laws and regulations. On the back of the DAO Report and Investor Bulletin, the SEC made clearer its view that most ICOs would in fact be treated as securities offerings and has since taken this view to the market through subsequent enforcement efforts.
Following the DAO Report, the SEC charged Maksim Zaslavskiy and two companies he ran with defrauding investors in a pair of ICOs. The SEC alleged that Zaslavskiy and his companies sold unregulated securities in the form of cryptocurrencies (REcoin and Diamond), purportedly backed by assets that did not exist. In addition, the DOJ actively pursued criminal proceedings against Zaslavisky.
On September 11, 2018, a district court rejected Mr. Zaslavskiy’s efforts to dismiss the indictment by arguing that the coins at issue are not securities and are beyond the reach of the federal securities laws. The Court concluded that the question of whether Zaslavskiy offered a security, currency, or something else should proceed to a determination by a jury.
The court also concluded that the federal securities laws are subject to flexible interpretation to serve their remedial purpose and that legal precedent provided sufficient guidance regarding what constitutes a security under the federal securities laws. Zaslavskiy recently plead guilty and his sentencing hearing is set for April 2019.
On November 8, 2018, the SEC settled its first case against an unregistered cryptocurrency exchange. Zachary Coburn, founder of EtherDelta, agreed to pay a fine in order to settle SEC allegations that EtherDelta was acting as an unregistered securities exchange.
The SEC considers ERC20 tokens to be securities because the purchasers of ERC20 tokens invested money with a reasonable expectation of profits, including through trading on the secondary markets, based on the managerial efforts of others. The SEC similarly settled two cases against digital token issuers CarrierEQ Inc. (or AirFox) and Paragon Coin Inc., marking the first time that the SEC has imposed civil penalties on companies solely for offering digital tokens in an ICO that allegedly violates the securities laws.
Meanwhile, the CFTC has continued to assert jurisdiction over virtual currencies, treating them as “commodities” under the Commodity Exchange Act. For example, in CFTC v. My Big Coin Pay, Inc., the CFTC argued, and a federal court agreed, that the digital token at issue fell within the expansive definition of “commodity” because it was a virtual currency and there is futures trading in virtual currencies.
Like the SEC, the CFTC has also targeted entities that provide ancillary services within the crypto industry. 1pool, a trading platform that allowed users to trade “Contracts for Difference” linked to gold and oil in exchange for Bitcoin, found itself as the newest target in a suit where the CFTC alleged that 1pool failed to register with the organization, and (among other things) failed to implement adequate know-your-customer and anti-money laundering protections.
As a nod to the cooperation among different agencies, in a press release detailing the 1pool complaint, the CFTC thanked the U.S. Attorney’s Office for the District of Columbia, the DOJ, and the SEC for their assistance.
State Regulation and Private Litigation
It bears noting that many states have been active in regulation and/or enforcement involving cryptocurrencies and initial coin offerings—particularly Massachusetts, New Jersey, New York, North Carolina, South Carolina, and Texas—and there is an increasing number of class actions and other litigation brought by private litigants.
With respect to the latter, many of those cases include related claims under state consumer protection statutes, in addition to federal securities laws. In many instances, the companies and individuals behind these crypto-projects or ICOs face the threat of simultaneous actions by different actors (government and private), with different motivations or mandates, in different jurisdictions.
Looking Back, Looking Ahead
We have seen little change in the way regulators have pursued ICOs over the past year. Different government agencies continue to carve out their respective jurisdiction in this space. The SEC recently confirmed that it will continue to focus on cases involving unregistered securities offerings through ICOs, and use enforcement actions and public statements, as opposed to rulemaking, to provide guidance on ICOs.
Although the SEC is responsible for many of the on-going securities fraud actions against ICOs, the CFTC has also taken the position that digital currencies fall under its regulatory umbrella. The DOJ is involved where it or the SEC or CFTC believes that criminal activity has taken place. In the absence of new laws or regulations, we are likely to see this approach continue in the near future.