In September 2017, the Securities and Exchange Commission launched a Cyber Unit, which was created in order to target cyber-related misconduct, including:

  • Market manipulation schemes involving false information spread through electronic and social media.
  • Hacking to obtain material nonpublic information.
  • Violations involving distributed ledger technology and initial coin offerings.
  • Misconduct perpetrated using the dark web.
  • Intrusions into retail brokerage accounts.
  • Cyber-related threats to trading platforms and other critical market infrastructure. 

Per Stephanie Avakian, the Co-Director of the SEC’s Enforcement Division, the Cyber Unit will enhance the SEC’s ability to, “detect and investigate cyber threats through increasing expertise in an area of critical national importance.”

What is an initial coin offering?

An initial coin offering (“ICO”) is a method utilized by blockchain-based projects to raise capital, allowing investors to own part of the project through a digital token or coin. Investors can purchase these tokens with either a traditional fiat currency or a digital currency. In simpler terms, think of an ICO as the blockchain version of crowdfunding. The idea is that when the product or service being offered is completed, investors can use their tokens to access the service.

Millions of dollars are raised in literally seconds as investors race to get in early on the next big tech startups. In 2017, there were 235 ICOs totaling $3,700,682,293.

Can the SEC regulate ICOs?

Per the SEC, some initial token sellers may lead buyers of the virtual coins to anticipate a return on their investment. As such, some virtual coins being offered through ICOs may meet the definition of a security, and thus would be subject to federal securities law. The Howey Test is a test created by the United States Supreme Court for determining whether certain transactions qualify as investment contracts. Under the Howey Test, a transaction is an investment contract if:

  • It is an investment of money.
  • There is an expectation of profits from the investment.
  • The investment of money is in a common enterprise.
  • Any profit comes from efforts of a promoter or third party.

Based on the above, it appears that many ICOs may meet the definition of a security, because investors are purchasing the tokens with the expectation that they will increase in value, much in the way that an investor would purchase a traditional stock. According to analysis performed by database operator Token Report, of the 65 biggest ICOs as measured by market value, nearly 75% of those were found to have a medium to high probability of being regulated as a security by the SEC. Many investors are participating in ICOs not for the possibility of gaining access to a product or service, but to hold as a speculative investment.

In December 2017, SEC Chairman Jay Clayton stated that in regard to cryptocurrencies and ICO markets, “[T]here is substantially less investor protection than in our traditional securities markets, with correspondingly greater opportunities for fraud and manipulation.” China and South Korea have banned ICOs until they can establish better policies for regulation.

ICO frauds – why the SEC is concerned

The ICO market is largely unregulated. Because of this, fraudsters can create an ICO as a way to defraud unsophisticated investors, and because the ICO market is unregulated, it can be difficult for a fraud victim to recoup their investments.

In July 2017, CoinDash, which describes itself as a social-trading platform, was hacked during the company’s ICO, and more than $7 million in investor funds were sent to a fraudulent address provided by the hacker. CoinDash indicated that it would still provide tokens to people who sent funds to the fraudulent address prior to the CoinDash site being closed down, however, any transactions subsequent to site shutdown would not be compensated.  

In November 2017, a cryptocurrency start-up called Confido, which billed itself as a smart contract start-up, raised $375,000 through an ICO and then disappeared. The social media profiles of both the company and its founders were all deleted.

Also in November 2017, a class action lawsuit was filed against the organizers of cybercurrency technology project Tezos, which raised $232 million to issue a cryptocurrency that, according to the lawsuit, did not yet exist in order to fund the development of a transaction system that had no clear date of completion. The lawsuit alleges that material facts surrounding the development of the project were withheld from investors.

SEC Intervention

Once the SEC established its Cyber Unit in September 2017, it began intervening in ICOs.

  • In October 2017, the SEC filed fraud charges against the creator of two “stock-like” ICOs called REcoin and DRC because neither had any actual operations and the SEC determined that the digital tokens that were being sold did not really exist.
  • In December 2017, the SEC obtained an emergency order to halt the PlexCorps ICO, which had already raised $15 million. The ICO claimed that the investments would yield a 1,354 percent profit in less than 29 days. The SEC’s complaint, the first filed by the Cyber Unit, charges PlexCorps founders with violating the anti-fraud provisions of the United States federal securities laws.
  • In December 2017, the SEC forced Munchee Inc. to halt its ICO and refund investor proceeds because the company enticed investors by stating that the tokens would increase in value – because of this, the SEC determined that the token was a security, and that Munchee had not properly registered with the SEC.

The SEC has issued several investor alerts surrounding cryptocurrencies and ICOs. In a July 2017 Investor Alert, the SEC highlighted the following warning signs when considering an ICO investment:

  • Guaranteed high investment returns;
  • Unsolicited offers;
  • Sounds too good to be true;
  • Pressure to buy right now;
  • Unlicensed sellers; and
  • No net worth or income requirements.

Because the popularity of cryptocurrencies and blockchain projects have skyrocketed in the last few months, less savvy investors are looking to get involved in order to get in on the profits, but because the average investor may not understand the nature of this field, they are thus more susceptible to fraud. The SEC advises any potential ICO investors to carefully read any materials provided about the offering in order to understand the true nature of the investment.