Why Cryptoassets Are Not Securities
Also published in the Harvard Law School Forum on Corporate Governance and the The International Journal of Blockchain Law.
FTX’s collapse reiterates the need for comprehensive U.S. regulation of crypto markets. This regulation must have a solid legal foundation, a key pillar of which is a workable framework to distinguish cryptoassets  that are securities from those that are not. A new paper provides this framework, by showing why fungible cryptoassets are not themselves securities under existing U.S. federal securities laws. But also why ICOs and similar token sales should be regulated as securities offerings.
In 2014 the sponsors of the Ethereum Network sold 60 million ether tokens to fund the development of the network, which launched a year later. Because of similarities with a traditional common stock IPO, the ether “initial coin offering,” or ICO, raised a fundamental question: are cryptoassets securities under U.S. federal securities laws? The answer to this question, which we have been debating ever since, determines not only whether and how cryptoassets can be sold to the public but also whether we must hold and trade them under the existing rules and market structure developed over the past 80 years for securities.
The Securities and Exchange Commission’s primary theory on whether a cryptoasset is a security appears to be based upon whether the blockchain project associated with a cryptoasset is, at any point in time, “sufficiently decentralized.” If so, the cryptoasset is not a security. This theory was first proposed by the SEC staff in 2018 to address ICOs, which were then all the rage, and was followed by more detailed staff guidance in 2019. But the theory has not aged well. It is impractical—if not impossible—to apply to today’s real life blockchain projects. It is not supported by existing judicial precedent, including the now crypto-famous Howey Supreme Court case.  And it has resulted in market distortions that harm both market participants and long-term innovation in the crypto industry.
An intriguing new paper, The Ineluctable Modality of Securities Law: Why Fungible Crypto Assets Are Not Securities,  points us to the right path. The paper analyzes the relevant caselaw and concludes there is scant legal basis to treat fungible cryptoassets as securities, and it sets out analytical approach that is far more satisfying. The paper separates capital raising transactions by blockchain project sponsors or other insiders in which a cryptoasset may be sold—which are typically securities transactions—from the treatment of the cryptoasset, which is not a security. This analytical framework addresses the now apparent challenges created by the SEC staff’s approach and appropriately focuses the SEC’s regulatory jurisdiction on capital raising transactions.
The paper’s approach is the right one and should be taken on both by the US Congress as it considers legislation to regulate the crypto industry and by courts as they consider high-stakes cases that hinge on the securities law treatment cryptoassets. Doing so will avoid the flaws of the SEC’s well-intended but flawed current approach. And, together with legislative initiatives to regulate crypto markets and intermediaries, it will better protect market participants and more responsibly support innovation.
The SEC’s Decentralize-and-Morph Approach
In the wake of the 2014 ether ICO and the following ICO boom,  the SEC staff provided the crypto industry with an analytical framework meant to clarify when and whether a cryptoasset is a security. First set out in a 2018 speech by SEC Corporation Finance Division Director William Hinman, and then described in more detail in 2019 staff guidance,  the core idea is that where a blockchain project is sufficiently decentralized, the cryptoasset associated with the project will not be or represent an “investment contract” under the so-called Howey test, named after a 1946 Supreme Court case. And therefore the cryptoasset would not be a security.
Under the 2019 SEC staff guidance, the decentralization level of a project is to be determined based upon fifty or so factors that involve characteristics both intrinsic and extrinsic to the project. These factors range widely and include, for example, whether so-called “active participants,” which can include a “promoter, sponsor, or other third party,” from time to time have a role in developing, marketing, improving or operating the blockchain project; whether an active participant “owns or controls ownership of intellectual property rights of the network or digital asset, directly or indirectly;” and whether the cryptoasset “is transferable or traded on or through a secondary market or platform, or is expected to be in the future.”
These factors are meant to be evaluated at a particular point in time. Accordingly, the decentralization level of a blockchain project could, and indeed would be expected to, change over time. As a result, a cryptoasset could start its life as a security—for example when it is first sold to investors by the project’s sponsors—and then, at some point later, it could morph into a non-security as the project becomes sufficiently decentralized. This very morphing was, according to Mr. Hinman, what had happened in the case of ether and the Ethereum Network, which had achieved the Holy Grail of sufficient decentralization at some unspecified time sometime between the network’s launch in 2015 and the time of his speech in 2018. (Mr. Hinman did not reveal when.)
Classifying cryptocurrencies based on project decentralization was a deft bureaucratic solution to a practical problem. It helpfully provided some reassurance that the two largest cryptocurrencies, bitcoin and ether, were not—or at least were no longer—securities. Under the opposite view, the initial sales of these assets to the public could have violated registration and disclosure requirements for public securities offerings. And intermediaries, such as cryptocurrency exchanges and dealers as well as early investors in the tokens, could have been engaged in illegal unregistered securities exchange, brokerage, dealing or underwriting activities. Given the billions of dollars of value transacted in these two tokens, the SEC staff’s approach avoided catastrophic consequences for holders of these cryptoassets and for firms providing services and building on the related blockchains.
But in practice, outside of Bitcoin, Ethereum, and a few other blockchain projects, it has been almost impossible to apply the SEC staff guidance in a way that provides agreed-on and repeatable answers. Market participants are expected to analyze a cryptoasset and its underlying project under many vague factors, some of which are based upon information not publicly available. The analysis is unwieldy at best and impossible at worst, particularly without guidance on which factors might outweigh others and with little clarification through rules or substantive litigation. Adding further complexity, market participants are expected to evaluate the relevant facts and circumstances about a cryptoassets on an ongoing basis, as a cryptoasset that achieved non-security status at one point could, nevertheless, revert to security status if the project’s ecosystem becomes less decentralized.
For blockchain project sponsors, the expectations created by the SEC staff’s guidance have distorted economic incentives in unhelpful ways. Blockchain projects often plan on token issuances in early stages of their development, both to jumpstart network effects and to meet investor expectations. Project sponsors then quickly find themselves in a race to decentralize—not based on the economic or practical characteristics of the project or its underlying technology, but instead based on the presumed need to address some number of the SEC’s decentralization factors. The decentralization of a blockchain project often is a critically important goal. But the imperative to decentralize to achieve a particular regulatory outcome is a distraction that promotes short-term tactics—sometimes disparagingly been referred to as “decentralization theater”—at the expense of longer-term strategy. Ultimately, this incentive is detrimental to value creation and innovation in the crypto industry.
The decentralize-and-morph theory seems to confound even the regulator who coined it. The SEC has deployed the theory inconsistently and sometimes confusingly in the enforcement context. In some instances, the SEC describes the cryptoasset as a security. In others, the SEC describes the cryptoasset as embodying or representing a security. And in yet others, the cryptoasset is described as being part of a securities transaction, whether or not the cryptoasset is itself a security. This inconsistency suggests the need for a better approach.
Separating the Investment Contract from the Cryptoasset
With the benefit of a few years of experience, it is clear that SEC’s decentralize-and-morph theory is flawed. But then how should we think about the fundamental question of whether fungible cryptoassets are securities?
The Ineluctable Modality paper shows us how, by starting with the basics and discussing key federal appellate decisions applying the Howey test. The paper persuasively shows why ICOs and other capital raising transactions—which may well involve securities offerings—are distinct from the subject cryptoassets themselves. This intuitive step makes room for an analytical approach grounded in existing law that yields better incentives for crypto market participants and a path to better investor protection.
A capital-raising transaction where a blockchain project sponsor (or other insider) sells a cryptoasset to finance development of the project likely involves an investment contract and thus a security. Investors purchasing from the project sponsor would be participating in an “investment scheme” with an understanding of how sale proceeds were going to be used by the sponsor to increase the value of the cryptoassets sold. This would be the case whether or not the project is decentralized at the time of the transaction. But the cryptoasset sold under the investment contract is never a security—no more than were the citrus groves in Howey. Instead, the contract or arrangement under which the project sponsor or insider sold the cryptoasset, whether or not its terms are written in a single document, is the investment contract.
Of course, even after the initial sale, a cryptoasset can again be sold in an investment contract transaction—for example, as part of a distribution by an insider or large holder who received tokens under the initial investment contract. And other types of arrangements involving promises and commitments by a project sponsor or insider and token purchasers can constitute investment contracts under a traditional Howey analysis. But that does not mean the cryptoasset itself ever is, becomes, or later stops being a security, as “morphing” would imply. Accordingly, absent the promises, claims and inducements made by a project sponsor to a buyer that are the hallmark of an investment contract, third-party trading of cryptoassets anonymously on crypto exchanges would not be securities transactions.
Applying this approach to the ether ICO yields the correct result. A court would likely have found the initial sale of ether by project sponsors to the public in 2014 to be a securities transaction and subject to the registration and disclosure requirements of the Securities Act of 1933. But subsequent anonymous trading of ether, which is not a security, on cryptocurrency exchanges or in peer-to-peer transfers among third parties should not involve securities transactions. This is similar to the end result contemplated by Mr. Hinman in his 2018 speech, but without the need for market participants to constantly assess whether, when and how the Ethereum Network later became decentralized enough for ether to morph into a non-security.
The paper’s approach does not require new and confusing legal theories. It avoids the impracticalities of an asset changing its status as a security over time based upon extrinsic or nonpublic events, which would require market participants to constantly reassess the regulatory status of a cryptoasset based upon factors they may not be able to ascertain. It would appropriately capture capital-raising activities by blockchain project insiders, even where a blockchain is arguably decentralized. It also appropriately allocates regulatory responsibility for those capital raising activities to the SEC while avoiding subjecting all dealings in cryptoassets to laws that were not designed to regulate commercial activities not involving securities.
This does not mean that marketplace transactions in cryptoassets cannot or should not be regulated. FTX’s demise is yet another demonstration of why they should be. Instead, it means only that secondary market trading in cryptoassets should not be regulated by existing securities laws. Instead, regulatory gaps should be closed by new law. The authors of the paper call for Congress to address these gaps through legislation to give the Commodity Futures Trading Commission with authority to regulate crypto markets and intermediaries operating in them. Indeed, several bills contemplating this type of regulation have been introduced in Congress this past year.
In the meanwhile, courts and litigants working through the fundamental question of a cryptoasset’s status under the securities laws should take note of this paper and the briefs arguing to apply the approach. The appeal of demystifying the legal classification of cryptoassets without new and muddled theories is clear. It provides a more elegant outcome for many of the pending cases that hinge on whether a cryptoasset transaction involved an investment contract by treating fundraising activities appropriately—as being subject to federal securities laws—without harming cryptoasset markets and investor value.
1 In this article, the term “cryptoasset” to means fungible digital assets that are natively created, recorded, and transferred through blockchain technology, but excludes cryptoassets that are specifically designed to be securities, such as tokenized versions of equity or debt securities.
2 William Hinman, “Digital Asset Transactions: When Howey Met Gary (Plastic)” Hinman speech available at https://www.sec.gov/news/speech/speech-hinman-061418.
3 SEC v. W.J. Howey Co., 328 U.S. 293 (1946). The factors set out by the court in this case for determining when a given contract, transaction or scheme would be an investment contract for purposes of federal securities law has become known as the “Howey test.”
4 Cohen, Lewis R., Strong, Gregory, Lewin, Freeman & Chen, Sara, The Ineluctable Modality of Securities Law: Why Fungible Crypto Assets are Not Securities available at https://dlxlaw.com/wp-content/uploads/2022/11/The-Ineluctable-Modality-of-Securities-Law-%E2%80%93-DLx-Law-Discussion-Draft-Nov.-10-2022.pdf (discussion draft).
5 See, e.g., Lyandres, Palazzo, Rabetti, initial Coin Offering (ICO) Success and Post-ICO Performance, available at https://pubsonline.informs.org/doi/abs/10.1287/mnsc.2022.4312.
6 Securities and Exchange Commission, Framework for “Investment Contract” Analysis of Digital Assets, available at https://www.sec.gov/files/dlt-framework.pdf
8 SEC vs Ripple, https://www.sec.gov/litigation/complaints/2020/comp-pr2020-338.pdf at 1 (“From at least 2013 through the present, Defendants sold over 14.6 billion units of a digital asset security called ‘XRP,’” …)
9 SEC vs Ripple, https://www.crypto-law.us/wp-content/uploads/2021/05/SEC_Memorandum-of-Law_Opposing-Motion-to-Intervene-050321.pdf at 24 (“The XRP traded, even in the secondary market, is the embodiment of those facts, circumstances, promises, and expectations, and today represents that investment contract.”)
10 SEC vs Ripple https://www.crypto-law.us/wp-content/uploads/2021/05/SEC_Memorandum-of-Law_Opposing-Motion-to-Intervene-050321.pdf at 25 (“. . . most assets sold as part of an investment contract in fact do have some use (though the SEC disputes that XRP has any use) . . ..”