In July 2017, the SEC announced that it viewed the tokens offered by The DAO, an ICO that raised more than $150 million in 2016, as securities. Then, at a Senate hearing in February, SEC Chairman Jay Clayton said, “I believe every ICO I’ve seen is a security.”

William Hinman, the SEC’s director of corporation finance, provided further clarity in June at Yahoo Finance’s All Markets Summit when he said ether does not appear to be a security, but suggested that most ICOs are securities offerings, and that, “calling the transaction an initial coin offering, or ‘ICO,’ or a sale of a ‘token,’ will not take it out of the purview of the U.S. securities laws.”

Any U.S. company offering a security must register its offering with the SEC, or qualify for an exemption. Amid the ICO boom, virtually none have registered a security offering. Thus, they must meet an exemption. The SEC exemptions include selling only to investors outside the U.S., or selling only to accredited investors, which are individuals with income higher than $200,000 in each of the past two years or a minimum net worth of $1 million.

Ensuring that investors are fully accredited requires, as the SEC spells out plainly, “reviewing documentation, such as W-2s, tax returns, bank and brokerage statements, credit reports and the like.” In other words, it involves a lot more than just checking a box.

Many companies that thought they did properly limit their ICO to accredited investors are now finding out that in the eyes of the SEC, they didn’t.

Robert Cohen, chief of the cyber unit in the SEC’s enforcement division, likens it to a spectrum. When the SEC calls up a company that did an ICO and asks how the company limited its ICO to certain investors, “Some companies tell us the name of the law firm that advised them, explain the know-your-customer procedures they followed, and show us an investor list that is limited to accredited investors,” he says. “At the other end of the spectrum, some point to a website statement about limiting the ICO to some investors, and possibly checkboxes, and that’s it.”

‘The law was pretty clear’

Some of the people particularly surprised to be in trouble are those who did their ICO as a SAFT, a designation that was intended specifically to be more compliant with securities law.

But some onlookers have little sympathy. Cardozo Law School professor Aaron Wright, who co-authored a paper that questioned the legality of the SAFT model, says, “There could have been other ways they could have structured it, like selling a digital good to people who actually wanted to use it, instead of predominately to speculative investors. They could have talked to the SEC first. I think the law was pretty clear that if you sell something to an investor, it’s likely a security—folks just wanted to engage in token sales, so they just kind of flouted it.”

In December 2017, the SEC shut down the $15 million ICO of a startup called Munchee and forced the company to refund the buyers. Munchee had advertised that its token would go up in value; promises of financial returns are a red flag for the SEC.

In January 2018 the SEC shut down the ICO of AriseBank, which had raised $600 million of a $1 billion goal, for falsely stating it had bought an FDIC-insured bank. In April 2018 the SEC shut down the $32 million ICO of Centra, which had been promoted by boxer Floyd Mayweather and rapper DJ Khaled, for using “misleading marketing” and “paid celebrities” to make false claims. Last month, the SEC charged TokenLot, which called itself an “ICO Superstore,” with being an unregistered broker-dealer, and charged Crypto Asset Management (CAM) with false marketing and being an unregistered investment company.

Those are just some examples that the SEC announced publicly.

Behind closed doors, many more negotiations are underway. The SEC has gotten dozens of ICOs to refund buyers and pay a fine, simply by reaching out and asking questions.

When the SEC reaches out to companies that did an ICO, it is usually through the company’s law firm. The SEC requests a vast trove of documents related to the ICO. Yahoo Finance and Decrypt have obtained communication that the law firm Cooley, which represented many ICOs, sent to one client after an SEC subpoena. The attorney letter warns, “The SEC is likely examining whether [client] should be considered a security under the U.S. federal securities laws… For the purposes of this preservation hold, ‘document’ is defined very broadly.”

Such language is leading many companies to refund their ICOs rather than attempt a legal fight. As one source at a company that got subpoenaed says, “The last thing we want is a press release they put out with only our name on it.”

Refunding tokens

The Fan-Controlled Football League (FCFL), the first ICO to be listed on the mainstream crowdfunding platform Indiegogo (through a partnership with MicroVentures), is one example. FCFL raised $5.2 million last year. In August of this year, MicroVentures quietly returned the money to the initial buyers.

There’s just one problem with refunding. If an ICO gathered the proper information on its buyers, and hadn’t yet launched its token, returning the money is doable. But for ICOs that have launched their token, refunding is not so simple.

“It’s not even really possible,” says Jony Levin, CEO of Chainalysis. “In a lot of cases people bought tokens in ICOs through exchange accounts at places like Kraken. So you can’t just send tokens back to the address you got them from, because that’s an exchange address. If ICOs are made to refund buyers, it will have to be similar to the Mt. Gox case: you make a public announcement and people have to prove they were a contributor.”

As a way to pacify the SEC, some ICOs are attempting to convert their utility token to a security token. Iconomi, which raised more than $10 million in an ICO, is one example. In a blog post this month, Iconomi wrote that its token holders, “will be able to exchange their ICN tokens for tokenized shares in a joint-stock company presented as eICN tokens. This new structure brings legal clarity for all stakeholders.”

Filecoin, Blockstack, Props, Origin, and TrustToken, the five ICOs that have listed on the platform CoinList, all sold only to accredited investors, and none have launched their actual token yet. A source close to Blockstack says the company sees its token as a utility, but out of caution, chose to treat it like a security and comply with all the relevant securities laws.

‘Right now it feels like a massive canyon’

All of this SEC action may sound like very bad news for ICOs, but many in the industry have a more optimistic take: regulatory clarity will bring growth. In addition, more and more companies considering a token sale are now reaching out to the SEC proactively.

“I do think that businesses on the up-and-up can navigate through it, and that in just two or three years we’ll have clarity, and we’ll look back on this time as a speed bump,” says the CEO of a well-known tech company who has closely watched the ICO space. “Of course, if you’re a company that is dealing with an SEC subpoena, right now it doesn’t feel like a speed bump, right now it feels like a massive canyon.”

The lingering lack of clarity has driven a group of crypto companies, led by Ripple, to hire D.C. lobbyists to push Congress on behalf of the industry.

From the SEC’s perspective, there is no lack of clarity. The sniff tests are the same as they have been for decades. The SEC is applying the same securities laws to ICOs that it always applies.

“Everybody’s holding their breath for the SEC to create some kind of coin rule, and they’re not going to,” says a securities attorney at one high-profile Silicon Valley firm. “They’re applying the same laws, the same statutes, the same rules, to stocks and bonds and everything else.”

In other words, there’s even a lack of clarity around whether there is a lack of regulatory clarity.

This story is a collaboration between Yahoo Finance and Decrypt, with additional reporting by Josh Quittner.

—

Daniel Roberts covers bitcoin and blockchain at Yahoo Finance. Follow him on Twitter at @readDanwrite.

Read more:

SEC attorney: What cannabis stocks and crypto have in common

Half of ICOs fail — and ICO funding is way up anyway

Coinbase exec: ‘Adding more assets is a very big priority for us’

Chain CEO: Public and private blockchains will soon converge

Warren Buffett on buying bitcoin: ‘That is not investing’