Cyberspace & Securities: A Changing World

Thomas P. Gross[1]

As Bitcoin and the cryptocurrency markets continue to draw public attention, the discussion about what constitutes a security in cyberspace continues to evolve and rage outward in public and regulatory forums.  Bitcoin and cryptocurrency markets have gained the attention of the public partially due to their spectacular performance, and partially due to the emergence of new financial derivatives that have become available. However, it was the recent regulatory announcements about oversight that have brought the aforementioned instruments to the forefront of the public sphere.

Sometimes it is preferable not to ask the question than to know the answer.  On March 14, 2017, Ouisa Capital, a financial technology company, filed a petition with the Securities and Exchange Commission (SEC) to request clarification and rulemaking on SEC jurisdiction over cryptocurrencies.[2] On July 25, 2017, the SEC finally “spoke” when it issued its Report regarding its investigation of The DAO, particularly its examination of, a German corporation that operated under the Ethereum platform.  Although the SEC determined that probable violations occurred, the regulatory body opted not to initiate an enforcement action, but rather to provide the requested “guidance” by affirming that ICOs and cryptocurrencies can be securities, but the outcome depends on the facts and circumstances.[3]

That Report sent shock waves through the sector as cyberspace participants began to realize the SEC could and would start regulating their activities. However, in retrospect, the SEC did not say anything we did not already know.  In essence, the Report simply announced that if financial instruments such as coins, tokens, and other identifiers satisfy the criteria used to constitute an “investment contract” per the definition of a security, then those instruments will be deemed a security and would be subject to the registration requirements for securities.  The interesting point is that we already knew that.  There are countless examples and schemes that have been held to be securities under the Howey Test,[4] for instruments that exhibit the following characteristic: the investment of money, in a common enterprise, with a reasonable expectation of profits, to be derived from the entrepreneurial or managerial efforts of others.

In retrospect, the shock value of the SEC statement was mostly a result of the SEC confirming in a formal document what we already knew. It further stated that the exchanges where these coins are traded are national securities exchanges that could be regulated under Sections 5 and 6 of the Exchange Act and Rule 3b-16(a)—a statement arguably having even greater shock value.  Again, it is not like we did not know of these tests; it was that the SEC said “out loud” that these regulatory schemes apply to cyberspace activities.

The SEC’s statements triggered not only new concern for traders and exchanges in the United States, but also internationally as other countries that were struggling with the same issue saw the DAO Report as a catalyst to act. Subsequent to the SEC’s issuing the DAO Report, the following jurisdictions took action on this critical issue:

  • South Korea:
    • Sept. 29, 2017: The Financial Services Commission prohibits domestic companies and startup companies from participating in ICOs.[5]
    • Jan. 11, 2018: Recent reports that the government is preparing a bill that would ban cryptocurrency trading, affecting over a dozen exchanges based in S. Korea.[6]
  • China, Sept. 4, 2017:
    • China bans ICOs.[7]
  • Singapore, Monetary Authority of Singapore, Nov. 16, 2017: The Guide to Digital Token Offerings[8], states, among other things, that:
    • “Offers or issues of digital tokens may be regulated by MAS if the digital tokens are capital markets products” (Sec. 2.1) in which case the offering must comply with Prospectus Requirements or be exempt from registration under a small offer, private placement, institutional investors or accredited investor exemption. Sec. 2.5 and 2.6
    • Operating a primary platform in Singapore for digital tokens may require a capital markets services license. Sec. 2.9
    • Advisors must have a financial advisors license. Sec. 2.10
  • Russia, Oct. 21, 2017: Putin issues 5 new orders to oversee cryptocurrencies, ICOs and mining activities.[9]

Arguably, the most shocking step taken by Putin in Russia was not merely his approval of the regulation of cryptocurrencies, exchanges and ICOs, but his requirement demanding that miners register with the Russian government simply to engage in mining activities.  No other country has called for regulation of the mining activity, and this initiative signifies the importance the Russian government attributes to this sort of activity, which translated means–the process by which transactions are verified.  Although it may be difficult, if not impossible, to regulate the blockchain due to its decentralized and immutability characteristics, regulating the mining function may be as close as centralized authorities can get to regulation.  At the time of this writing, China reportedly has gone a step further than Russia, taking the draconian step of ordering its provincial governments to shut down all mining operations, a decision that could encourage those activities to move offshore to Iceland, Canada and elsewhere.[10]

Meanwhile, entrepreneurs and issuers of new ICOs struggle to cope with the shifting regulatory environment.  To its credit, the SEC, despite its announcement that and its tokens are securities seems to have adopted a “light handed” approach to regulatory enforcement.  Shifting its attention from’s probable violations to situations involving corrupt and fraudulent intent, or egregious conduct, the SEC seems to be promoting a “sandbox” environment for those attempting to comply but pushing the bounds of innovation.  Even in its Munchee Order, published on December 11, 2017, the SEC emphasized the egregious conduct and promises that were made in promoting the ICO, and its false statement that Munchee’s White Paper included legal analysis that the offering did not pose significant risk of implicating the securities laws.[11]

In the Dec.11, 2017, Statement on Cryptocurrencies and Initial Coin Offerings, the SEC Chairman confirmed that to this date “no initial coin offerings have been registered with the SEC,”, and that the “SEC also has not yet approved for listing and trading any exchange-traded products such as ETFs holding cryptocurrencies or other assets related to cryptocurrencies.”[12] However, cyberspace is now aware, in no uncertain terms, that it is being watched by the newly created SEC Cyber Unit as well as other regulatory agencies.[13]

Nevertheless, the cyber community continues its efforts to avoid regulation or minimize oversight.  One approach is to issue the ICO in a country that is friendly to ICOs, i.e., in jurisdictions where ICOs are not regulated or are lightly regulated and then seek to comply with the laws of other countries that have stricter regulations.  For the U.S., the easiest means to avoid registration is to qualify for exemption under Regulation D, limiting sales to accredited investors, based on information that is gathered when the account is opened.

Alternatively, if the ICO is issued in the U.S., it is theoretically not difficult to circumvent the classification of a security under the “investment contract” paradigm and the Howey test as long as the instrument is structured to void one of the criteria in Howey; thereby, the coin/token would not be considered a security (at least under the “investment contract” test).  Unfortunately, avoiding the test is easier to theorize than to implement in practice for the simple reason that both the SEC and the courts have made clear that “form over substance” will not void regulation.

The [Howey] test “permits the fulfillment of the statutory purpose of compelling full and fair disclosure relative to the issuance of ‘the many types of instruments that in our commercial world fall within the ordinary concept of a security.’” Id. In analyzing whether something is a security, “form should be disregarded for substance,” Tcherepnin v. Knight, 389 U.S. 332, 336 (1967), “and the emphasis should be on economic realities underlying a transaction, and not on the name appended thereto.” United Housing Found., 421 U.S. at 849.

See Report of Investigation Pursuant To Section 21(a) Of The Securities Exchange Act of 1934: The DAO, Exchange Act Rel. No. 81207 (July 25, 2017),  See also In re Muchee Inc., Securities Act Release No. 10445, (Dec. 11, 2017),

Another argument de jour to avoid regulation is to focus on “usage.”  The securities in Howey had no use—they were investment contracts–pieces of paper with promises, and the investor had no use for those contracts other than to wait for the promised payout.  However, many new coins/tokens, unlike Bitcoin, are part of an infrastructure that will be built with the funds raised from the ICO.  The coins/tokens are expected not only to have value in that infrastructure, but also to grow in value as the infrastructure is built and increases its operations. For instance, MUNs from the Munchee Order, the recently announced KODAKCoin,[14] the Basic Attention Token (BAT), Tezos (a self-amending cryptographic ledger), and DENT (a global exchange for mobile data).

Does “usage” of the token distinguish it from the investment contracts that were determined to be securities in Howey?  For this argument to make sense, it seems that one must first conclude that the token is a security under the Howey criteria, but then the token is exempt because it has usage.  This must be the argument because why argue usage if the token is not a security under Howey?  Time will tell whether advocates of this new exemption will succeed, but the argument illustrates the creative thought invested in avoiding regulation while also raising the question whether the definition of security, or appropriate exemptions, should be rethought for purposes of cyberspace.

Although many noteworthy individuals such as Jamie Dimon, Warren Buffet, and others have publicly criticized the cryptocurrency world as a bubble, a scam or a mirage, the fact remains that no one knows how all this will shake out.  There is no question that these platforms have been, and are being used, to some extent for fraudulent schemes and illegal activity.  On the other hand, many of these coins show promise and value for building a new infrastructure for money transfers, facilitating international transactions including letters of credit, and simply for storing and transferring value as an alternative to gold.

But even under this legitimate scenario, at least one prediction calls for threats to financial stability if financial market infrastructures such as stock exchanges “enter this business.” When asked about the rising value of Bitcoin posing a risk to financial stability, Mr. Zeitung from the ECB said:

“. . . what concerns me the most, is when financial market infrastructures such as stock exchanges enter this business.  That poses a major threat to financial stability.”

See Interview with Borsen Zeitung, Member of the Executive Board of the European Central Bank, Press Release, Dec. 29, 2017,

It is more probable than not that these coins and the blockchain on which they are built will find a niche in our global infrastructure, under the assumption that governments and their regulators give this technology and the philosophies on which they are built a chance to evolve.  History has shown that efforts to stifle innovation and creativity, especially when it has global implications, fail in the long run.


[1] Mr. Gross is an international transactional and regulatory attorney in Washington, DC and an Adjunct Professor at The George Washington University Graduate School of Business where he teaches International Business Transactions & Finance.

[2] See Ouisa Capital, Petition Requesting Clarification and Rulemaking on SEC jurisdiction over Cryptocurrencies (Mar. 13, 2017),

[3] See Report of Investigation Pursuant To Section 21(a) Of The Securities Exchange Act of 1934: The DAO, Exch. Act Release No. 81207 (July 25, 2017),

[4] See Sec. & Exch. Comm’n v. W.J. Howey Co., 328 U.S. 293 (1946).

[5] Kim Minha, Joint TF for virtual currency-related institutions, FIN. SERVICES COMM’N (S. Kor.), (Sept. 29, 2017), (Statement in Korean).

[6] Cynthia Kim & Dahee Kim, South Korea plans to ban cryptocurrency trading, rattles market, Thompson Reuters, (Jan. 11, 2018),

[7] See China Ins. Regulatory Comm’n on the Prevention of Fin. of Tokens Issued Fin. Risks (China), Ins. Regulatory Announcement No. 21, (Sept. 4, 2017),

[8] Monetary Authority of Singapore, A Guide to Digital Token Offerings, (Nov. 16, 2017),

[9] See Office of the President of Russia, List of Instructions for the Meeting on the Use of Digital Technologies in the Fin. Sphere, (Oct. 21, 2017),

[10] See Gabriel Wildau, China Moves to Shutter Bitcoin Mines, Financial Times, (Jan. 09, 2018),

[11] See In re Muchee Inc., Sec. Act Release No. 10445, (Dec. 11, 2017),

[12] See Report of Investigation Pursuant To Section 21(a) Of The Securities Exchange Act of 1934: The DAO, Exchange Act Release No. 81207 (July 25, 2017),

[13]  See SEC Announces Enforcement Initiatives to Combat Cyber-Based Threats and Protect Retail Investors and Protect Retail Investors, Sec. & Exch. Comm’n Press Release, (Sept. 25, 2017),

[14] See Kodak,  KODAK and WENN Digital Partner to Launch Major Blockchain Initiative and Cryptocurrency, KODAK ONE Press Release, (Jan. 09, 2018),

Print Friendly, PDF & Email