Knowing what the tokens offered really are, and how regulators will treat them, is key to managing investments in digital assets. As regulators in the USA and Hong Kong increasingly turn their attention to STOs, it’s worth taking a look at how different tokens operate and how they’re being offered to the public. Getting solid legal advice is a great idea, but this article isn’t about that. Instead, we’re going to explore and debunk some common misconceptions about tokens. Hopefully that will help to clarify the debate!
First things first: what’s a token?
A token is a token. On its own, it doesn’t mean anything at all; it’s just a medium where meaning can be written, like the sum of money on a check. The check itself has no value or meaning, it’s just a vehicle for the promise to pay.
Without getting too legalistic, it’s the function of the token, the meaning ascribed to it by the issuing entity, that counts. And without getting too technical, we can essentially divide tokens into three major categories, based on what they represent and how they behave on their native blockchains. Those categories are: (crypto)currencies, utilities, and securities.
It’s the fact that some tokens are securities that has the SFC and other regulatory bodies paying the whole space such close attention. But not all tokens are securities. Let’s look at these categories in a little more detail.
First, a very short walk through how you figure out if something’s a security. The Howey test
The basic test used in the US is the Howey test; other common law jurisdictions use something similar. The Howey test, based on the Supreme Court’s finding in Securities and Exchange Commission v. W. J. Howey Co., May 1946, tells you that something is a security if it:
- Is an investment of money
- Involves an expectation of profit from the investment
- The investment of money is in a common enterprise
- Profit is expected to come from the efforts of a promoter or third party
Anything that ‘passes’ the Howey test is probably a security.
Back to our tokens.
Is that token a cryptocurrency?
Cryptocurrency tokens are tokens whose purpose is to act as a medium of exchange. The most famous example is Bitcoin, but there are a ton of others. Most more or less get how these work; some cryptographic proof — proof of work, of stake, of time, or some other consensus tool — underpins the agreement of their validity; perception, scarcity and fungibility determine their value.
Some cryptocurrencies are so-called stablecoins, whose value is pegged to that of another asset; this may be gold, silver, real estate, diamonds, or a fiat currency like the dollar. Stablecoins have the unique attribute that the issuer typically maintains sufficient reserves to maintain their pegging status and market confidence.
Stablecoins don’t pass the Howey test, because there’s no expected profit — they’re just a medium of exchange.
Is it a utility?
A utility token is a little like coupons at an arcade, or a metro card; they’re a kind of ‘internal currency’ that allows the participants of a blockchain to exchange information, CPU time and so forth.
If you’ve ever played Pachinko, this kind of internal token will be familiar to you. But if you haven’t, you’ve surely encountered things that behaved like utility tokens in everyday life, off the blockchain.
Think of a modern high-security mixed-use skyscraper; two or three thousand people may work in the building’s office space, perhaps another five hundred in its retail spaces, another thousand may live there. To manage the skyscraper’s populations, the management issues plastic passcards that accord and deny access to appropriate elevators, floors, rooms and corridors depending on where in the building you live and work.
Take that plastic card, digitize it and put it on a blockchain and it’s a utility token: it has a specific purpose and defined scope, and may have intrinsic value.
It’s worth remembering that there’s nothing to prevent a secondary market trading in utility tokens; there’s a secondary trade in music festival and sports event tickets, for instance, and many utility tokens are traded on exchanges. What defines them isn’t how they’re used, but what they’re for.
Therefore, if a company is selling utility tokens, they are really pre-selling utility: access to the benefits of goods and services. That might be access to their product or some other economic utility.
Whatever it is, the tokens must fail the Howey test in order to be truly utilities, meaning very few tokens are truly utility tokens. Many are instead securities, though even their issuers may not realize this.
Perhaps that token is a tokenized security
Tokenized securities, otherwise security tokens, fall under the securities regulators’ purview, passing the Howey test and being fully an investment contract rather than a currency or a utility. Most commonly they’re issued on the Ethereum blockchain as ERC-20 tokens.
The crucial issue, which is causing a lot of people serious headaches right now, is this: just because it is a token, doesn’t mean it’s not a security. It’s the meaning of the token, not its form, that counts; a security is an investment contract. That contract can be a digital token, a written paper contract, a title deed or a whiskey receipt: “it’s the economic substance of the transaction [that] always determines the legal analysis, not the labels,” as SEC Division of Corporate Finance Director William Hinman explains.
This matters, because there are a lot of firms out there giving advice to startups and other businesses about how to run an ICO. And they might be great at that, but they often don’t have the financial knowledge to recognize when they’re proposing that their client sell an unregistered security — which can net you fines and jail time.
One reason that we’d always recommend getting legal advice from experts, not just blockchain advice, is that the law around securities can be complex. The definition of a security aside, how the law applies to you depends somewhat on what you do with your securities. For instance, a lot of securities law revolves around solicitation. It’s perfectly legal to create unregistered security tokens; it’s when you solicit the public to buy them that you run afoul of the law. Your blockchain isn’t illegal, in other words, but your ICO might be.
In an age where business is expected to be international, it’s also vital to remember that securities licenses are anything but. A license to sell securities in Malta is no license to solicit in Hong Kong or Singapore; only local regulators can assign those.
Tokens come into being when they’re issued. One way this can happen is through the programmatic rules of a decentralized ledger, as Bitcoins are created through mining. Another is to mine the tokens through smart contracts on a compatible blockchain, such as Ethereum.
This is essentially what happened during the ICO boom: the emergence of the ERC-20 standard allowed anybody with a basic set of programming skills to issue tokens. Entrepreneurial individuals and companies took full advantage, creating tokens and selling them to willing buyers. Created out of thin air and sold on the basis of potential future value, many belonged to failed or fraudulent projects and remained valueless permanently. In many cases, tokens that were really securities were mis sold as utility tokens.
When a company offers utility tokens to the public, they’re essentially preselling services. In most jurisdictions, preselling services and products isn’t the same as selling a security; you’re buying the right to use a good or service, not the chance to make a profit, so securities law doesn’t generally apply and regulators don’t get involved.
This applies to genuine utility tokens, which are relatively few; something’s being named a utility token is no guarantee that it isn’t really a security, a decision that regulators will make based on the economic content rather than the form of the transaction.
Although the utility presale model may sound ideal, it does come with some risks attached, particularly when carried out by issuers and platform operators with little experience. Depending on the jurisdiction where the issuer is incorporated, there are also various implications for taxation and accounting requirements. In Singapore, to give one example, such tokens would be taxed as goods and services, and companies that presell services also need to consider profits taxes.
On the other hand, when tokenized securities are offered through a public offering, that is termed an ‘STO’ — a Security Token Offering. Soliciting the public to participate in an STO or buy securitized tokens is a regulated activity in most jurisdictions, including Hong Kong. The recent announcements from Hong Kong’s SFC have clarified this.
Carrying out an STO without proper licensing from the relevant, local regulatory authority is illegal. Remember it’s the solicitation, not the token creation, that matters. In some countries, there are exceptions to this rule that allow companies to solicit professional investors, which is the approach Hong Kong’s regulators seem to be reaching towards. Again, remember that licensing is local.
The most recent form of initial offering is an IEO — an Initial Exchange Offering. You could argue that when an exchange gets involved in the promotion and sale of tokens, they’re essentially acting as brokers/dealers, which is also a regulated activity in many jurisdictions. What’s certain is that it’s uncharted territory, and only time will tell what attitude the regulatory authorities will eventually take to it and whether it will provide enhanced protection to market participants.
The short, short version of this overview is: substance over form. Whatever it’s called, if it behaves like a security, securities regulators worldwide will treat it as one, basing their cases on claims made by issuers and promoters on social media, blogs and videos and at conferences rather than on the official description of an offering.