Initial coin offerings (ICOs) have generated headlines, good and bad, in mainstream media for the past year. Now a new term appears more and more: the security token offering (STO). Here’s what you need to know when it comes to STO vs. ICO.
Regardless of the token offerings you choose to invest in, there are going to be risks you need to understand. This article only provides high-level information to jumpstart your research. Before making an investment decision, you should discuss your plans with a professional financial advisor.
Initial Coin Offerings
With all the drama of the past year, it’s easy to forget that ICOs are not that new — at least in crypto years. The first ICO was not orchestrated by Silicon Valley VCs or Wall Street investment bankers. It was more of an accident.
Software developer J.R. Willett had an idea that the Bitcoin network could be a “protocol layer” or platform for other cryptocurrencies. Eventually, Ethereum would prove how right Willett was, but nobody in 2012 paid much attention. Tired of trying to get people to adopt his approach, Willett decided in 2013 to launch his Mastercoin protocol on the Bitcoin network.
“Basically the reason I did the first ICO is that I just wanted to prove that it would actually work,” Willett told Forbes’ Laura Shin last year.
Willett announced posted his Mastercoin white paper to Scribed at the end of July 2013. In that document, Willett acknowledged that the Mastercoin protocol wasn’t finished, and outlined a fundraising campaign to pay for the development.
“Anyone sending bitcoins to the Exodus Address before August 31st, 2013 is recognized by the protocol as owning 100x that number of MasterCoins.”
When the campaign closed, people had poured about 5,000 bitcoin into the campaign and made Mastercoin worth half a million dollars. But not for long. Writing in Bitcoin Magazine a few months later, Vitalik Buterin said that the value of Mastercoin’s tokens had already increased ten-fold relative to bitcoin and twenty-fold relative to the US dollar.
From Mastercoin to the Moon
Other projects followed Mastercoin’s fundraising model, such as Buterin’s own Ethereum project, which raised $18 million in 2014. Two years later, 64 ICOs raised more than $100 million.
Even in early 2017, few people had any idea what was about to happen. In a May 2017 interview with TechCrunch, investment banker and blockchain advocate Stan Miroshnik forecasted that the market was “on track to see more than $210 million raised by the end of June.”
The 371 initial coin offerings tracked by CoinSchedule raised more than $6 billion in 2017. Despite the sell-offs in cryptocurrency markets, CoinSchedule reports that nearly 800 ICOs have raised more than $20 billion in the first nine months of 2018.
Where ICOs went wrong
With so much money flooding into the ICO markets last year, long-standing problems became much more prominent. Unethical practices, incompetent project teams and outright scams further tarnished the cryptocurrency in the eyes of people outside the community.
Private sales let insiders and wealthy investors buy tokens before the ICO, usually at a discount and often in secret. Taiwanese crypto exchange Cobinhood sparked outrage for secret sweetheart deals. Industry insiders like Ian Balina received 150% bonuses on the tokens they bought during the pre-sale. Bonuses for participants in the public ICO started at only 20% and quickly declined over time.
Many ICO projects are little more than neat ideas, which creates other problems. If the project team doesn’t have the talent to deliver, then a chorus of voices call out “scam” in every internet forum. There may not be anything actually illegal going on. However, a lack of transparency and stumbling crypto prices do not foster trust.
And then there are the outright scams. A lot of inexperienced people jumped into the crypto market in 2017. Not knowing how to tell good projects from bad, they fell victim to con artists. A Satis Group report estimated that 78% of the ICOs in 2017 were scams. The three largest of these stole more than $1 billion from their victims.
When tokens are really securities
The biggest looming threat to the ICO business comes from government regulators. The fiat world has a long-established system of regulations governing the sale of shares in organizations. Designed to protect investors from the very abuses ICO investors have suffered, securities regulations might apply to the crypto-offerings.
In the United States, a 70-year old decision by the Supreme Court established the Howey Test which determines whether something is a security:
“The test is whether the scheme involves an investment of money in a common enterprise with profits to come solely from the efforts of others. If that test be satisfied, it is immaterial whether the enterprise is speculative or non-speculative or whether there is a sale of property with or without intrinsic value.”
Other regulators around the world apply a similar test to determine whether something is a security.
What could make a token a security? One sign is if it acts just like a share in IBM. If simply holding the token lets you vote on how the organization operates, it could be a security. If holding the token earns you dividends or bonuses, it could be a security. It there’s no underlying product and the only reason for holding it is the hope of rising prices on the exchanges, then it could be a security.
“I believe every ICO I’ve seen is a security,” was the chilling testimony SEC Chairman Jim Clayton gave to the US Congress.
What happens if a token issued by an ICO, whether through intent or incompetence, turns out to be a security? SEC co-director Stephanie Avakian addressed this in a recent speech. She cited several examples of “non-fraud enforcement actions” over the past year in which the people in charge of ICOs had to refund their investors’ money.
The decentralized nature of many ICOs, however, means no single person or company is “in charge.” That doesn’t mean the SEC and other regulators can’t find people to charge. “We are also looking beyond the issuers of ICOs,” Avakian explained.
You can check out the SEC enforcement actions page for the latest cases against ICO violators.
Are all tokens securities?
Even the SEC would answer “no” to that question. Cryptocurrencies like Bitcoin are payment systems — even if speculators trade them for profit. Ownership of bitcoins does not give you ownership of anything else.
Ethereum’s coins, on the other hand, serve as “utility tokens” that enable the distributed application platform. Yet again, owning ether does not give you a share in a larger organization.
Over the years, ICO projects often tried to avoid the securities label by calling their coins “utility tokens.” Depending on the competence of their legal advisors, that may actually be true.
Writing in CoinDesk, blockchain consultant and author Michael J. Casey described how the world’s regulators are starting to come to terms with token offerings. Most importantly, regulators are beginning to define what it takes to exempt tokens from regulation.
Security Token Offerings
Not every ICO project is keen to avoid the security label. Some in the crypto community see so-called security tokens as the best way to bring respectability — and investors’ money — to the market. The new buzz phrase floating through the crypto industry is the Security Token Offering.
For many in the crypto industry, the term ICO has become too tainted by the excesses of last year’s market. “ICOs have gotten a bad name,” CrowdfundX CEO Darren Marble told Nulltx. “It has negative connotations and is synonymous with scams. Six months ago, a “compliant ICO” sounded right, but now we need a new term moving away from ICO, which people associate with scams.”
An STO uses the framework of securities regulation to restore credibility to token offerings — at least in the eyes of regulators and the big money investors. Jumping through the hoops required to become a legitimate security requires teams of lawyers, negotiations with regulators, and a lot of paperwork.
In discussing his work on the Kodak ICO with Nulltx, Marble explained that the SEC “slowed down the deal to prioritize investor protection, compliance, and transparency. Unfortunately, that was perceived by some in the media as a red flag.”
Venture capitalist Alon Goren told CrowdfundInsider that an STO “is beneficial because although the process is ugly, it is well defined and well travelled. There is a roadmap that can be followed that ensures legal compliance.”
Securities in the United States
At the federal level, American securities regulation dates back to the Securities Act of 1933, which requires organizations to provide investors financial and “other significant information” about the securities being sold. The law also prohibits fraud or deceptive practices in the process of selling those securities. The American system also gives each State the authority to regulate securities, making the process even more complicated.
When registering a security, companies must file documents that become public via the SEC’s EDGAR database. An audit from outside accounts must be included in the filing so investors can get an objective analysis of the condition of the company’s business. In addition, the filed documents must convey information “essential” to investors, including descriptions of:
- The company’s business and properties.
- The security being sold.
- The management team.
If an STO follows the same process as an initial public offering (IPO), the project team must also publish a prospectus. This is a much more detailed document than a typical crypto project white paper.
The SEC will evaluate the filing and the prospectus to make sure the company has complied with the Commission’s requirements. The back-and-forth between the SEC and the company’s lawyers, accountants and consultants makes the process long, arduous and expensive.
Once a company has gone public in an IPO, the SEC requires it to file quarterly and annual financial reports. Again, these financial reports have long-established patterns that the company must follow, so more lawyers and accountants.
Exemptions to the rules
Unless there’s a good reason, any organization issuing a security in the US must register with the SEC. Sometimes, though, an organization will have one of those good reasons. Section 4(a)(2) of the Securities Act provides an exemption for “transaction by an issuer not involving a public offering.”
That definition is a little too generic for anyone to work with, so the SEC developed several rules that define what “not involving a public offering” means. Those rules often limit who can buy the security or how much the organization can raise. Here are a few of the important rules for token offerings:
Regulation D, Rule 506(b) – An unlimited number of accredited investors and as many as 35 “sophisticated” investors can invest in the company. The information the company discloses only needs to be “generally the same” as for a fully registered company. However, the company cannot advertise or otherwise promote the offering to a general audience.
Regulation D, Rule 506(c) – An unlimited number of accredited investors can buy the shares, but the company must take “reasonable steps” to verify their identities and financial qualifications to be accredited.
Regulation D, Rule 504 – The company can only raise up to $5 million within a 12-month period.
Regulation A – Small businesses and startups can claim this exemption for offerings of up to $20 million (Tier 1) or up to $50 million (Tier 2). The SEC may cap how much people can spend on a Tier 2 offering when they are not accredited investors.
Securities in Europe
The details of securities regulation in Europe are different, but the high-level approach is similar to the United States. Regulations ensure investors receive the information they need and protects investors from fraud. Full-blown IPOs involve audits and disclosures. Exemptions are available, but come with restrictions.
The European Union has written prospectus directives and regulations defining what a prospectus must disclose to investors and provides exemptions for small companies. The actual implementation of European securities regulations, however, are not uniform across countries. Each member state has the flexibility to implement the EU directives as they see fit.
Lithuania unveiled guidelines for ICOs recently. They define the differences between token, payment and securities-based offerings as well as the regulations each must follow. In the announcement, Lithuanian finance minister Vilius Šapoka said that the “ICO market has not been regulated yet. It has huge potential but there are risks, that we must manage.”
Earlier in the year, Lithuanian startup DESICO announced that it would become the “world’s first security ICO platform.”
Elsewhere in Europe, the traditionally fiat-focused financial industry is beginning to support crypto tokens as securities. Germany’s Boerse Stuttgart Group, for example, plans to support token offerings. Switzerland’s SIX Exchange announced that it would launch its own trading system for tokenized securities.
The Future of ICOs and STOs
Regulators, the financial industry, and many in the crypto industry are slowly circling towards a common understanding of what a blockchain-based security should look like. Security-based tokens will become formal elements of the financial system. At the same time, non-security tokens will comply with strict definitions set by the regulators.
In the end, it will be investors who benefit. The wild ride of the past few years, as exciting as it was, is coming to an end. It won’t be long before security tokens are part of everyone’s retirement plans.