Rivista della Regolazione dei MercatiE-ISSN 2284-2934
G. Giappichelli Editore

Aspettando l'Unione Europea … Il paradosso delle ICOs: una regolazione nazionale per un fenomeno globale (di Francesca Mattassoglio)

Nel nuovo ambito delle c.d. cripto-attività – che possono essere descritte come ‘assets digitali che utilizzano la crittografia e poggiano su un registro distribuito’ – le offerte iniziali di gettoni digitali (Initial Coin Offerings o ICOs) hanno attirato l’at­ten­zione delle autorità di vigilanza e dei regolatori di tutto il mondo. Durante gli ultimi due anni, molti Paesi dell’Unione Europea hanno iniziato a regolare il fenomeno, spingendo ora anche la Commissione Europea a intervenire. Tale decisione poggia sulla convinzione che le ICOs possano avere incisive peculiarità e potenzialità come modalità di finanziamento, soprattutto per le piccole e medie imprese.

In proposito, questo lavoro propone un approccio regolatorio innovativo e ad hoc per tutte le categorie di ICOs, ivi incluse le offerte di gettoni che possono essere assimilati a strumenti finanziari. Questa ricerca, infatti, poggia sull’idea che la tradizionale regolazione finanziaria non sia idonea a fronteggiare le peculiarità e i rischi connessi a questa tipologia di strumenti, né ai fini della protezione dei consumatori, né di quella degli operatori. In proposito, si pensi ad esempio alle problematiche poste dalla fase di custodia, dal ruolo del c.d. miners, dalla validazione dei nodi, etc.

Waiting for the EU … The paradoxical effect of ICOs’: a national regulation for a global phenomenon

Within the new domain of the crypto-asset – which can be described as a ‘digital asset that may depend on cryptography and exists on distributed ledger’ – initial coin offerings (ICOs) have attracted the attention of financial authorities and regulators worldwide. Over the last two years, legislative initiatives regarding this phenomenon have proliferated within the European Union member states and are now driving the European Commission to act. This action is based on the common opinion that ICOs should present remarkable peculiarities and potentialities among the alternative forms of financing for small and medium enterprises.

In this regard, this paper proposes a innovative and ad hoc regulatory approach for all ICO categories, including ones that issue tokens considered to be securities. This research is based upon the recognition that the traditional legal framework was not designed to face the specific needs and risks posed by these instruments, neither from the perspective of consumer protection nor from the view that serious operators need rules regarding, for example, the custody phase, the role of miners, validating nodes, and so on.

Articoli Correlati: crittografia - criptovalute - cripto-attività


1. Some introductory remarks - 2. The economic perspective: a summary - 3. The structure of ICOs - 4. The regulatory global “atmosphere”: the DAO approach - 4.1. The consequence of the DAO approach: the “token focus” - 5. Italy and the Consob initiative on ICOs - 6. The need for a new regulatory approach to ICOs - 6.1. The ineffectiveness of the token differentiation approach to ICO regulation - 6.2. The inefficacy of a traditional financial framework for ICOs - 7. The European Commission’s regulation proposals on crypto-assets: some brief notes - 8. The Liechtenstein Tokens law: a good solution? - 9. Waiting for the EU ... The paradoxical effect of ICOs’: a national regulation for a global phenomenon - NOTE

1. Some introductory remarks

Within the new domain of the crypto-asset – which can be described as a ‘digital asset that may depend on cryptography and exists on distributed ledger’ [1] – initial coin offerings (ICOs) have attracted the attention of financial authorities and regulators worldwide. Over the last two years, legislative initiatives regarding this phenomenon have proliferated within the European Union member states and are now driving the European Commission to act. [2] This action is based on the common opinion that ICOs should present remarkable peculiarities and potentialities [3] among the alternative forms of financing for small and medium enterprises. [4] The ICO can be seen as a novel hybrid fundraising model, like crowdfunding and venture capital, [5] which allows a public token offering based on blockchain technology [6] even if, in reality, it can assume very different forms without any exhaustive definition. [7] Before analysing such recent regulatory interventions, it is important to underline that this public “hype” on ICOs raises many concerns, especially among some members of the crypto-community who have often considered these initiatives fraudulent. [8] From their perspective, the authorities are now trying to regulate a phenomenon that has already been going on for a while but that has been dropped by crypto-markets in favour of new and more serious investment opportunities. This position is evidenced by a decrease in ICO investment volume in 2019 and the emergence of new forms of token fundraising (e.g. security token offering: STO, [9] initial convertible coin offering: ICCO, [10] simple agreement for future tokens: SAFT, [11] etc.) [12] From a broader perspective, this should be able to demonstrate how the fintech phenomenon and crypto-assets world are evolving rapidly, as is the complexity of their regulation.[13] Nevertheless, while the debate rages concerning the soundness of this opinion, jurists must face this new regulatory ICOs “ferment”. In this regard, the paper proposes an innovative and ad hoc regulatory approach for all ICO categories, including ones that issue tokens considered to be securities. [14] This view, that a special framework is needed, is based on an important premise, which is that this issue requires new rules that can appropriately face this [continua ..]

2. The economic perspective: a summary

This phenomenon was almost absent prior to 2016. At that time, there were just a few operations launched in 2017, there were about 550 operations and more than 1100 in 2018, showing a remarkable increase. The volumes in dollars are also significant, amounting to approximately $7 and $20 billion collected in 2017 and 2018. [16] To understand the reasons for such improvement and success, it is necessary to underline two important and general features of ICO: the cryptocurrency as a means of payment and a structurally simple process that is streamlined and lacks any public control mechanisms. The former is an ICO feature and cannot be ignored. Worldwide, the cryptocurrency phenomenon has been developing since 2009, with a capitalization that – despite its extreme price volatility [17] – had slowed to over $270 billion in June 2019 after reaching a peak of $850 billion at the beginning of 2018. [18] The number of cryptocurrencies has grown enormously. Today, there are several thousands of them. In this context, it is evident that a significant amount of liquidity has been accumulated by crypto-investors who are now looking for new opportunities in alternative investments forms such as ICOs, especially after the general decline in the value of cryptocurrencies in 2018. [19] From a technical point of view, ICOs have been developing in an international environment without control schemes and borders, thanks to the Ethereum protocols (i.e. the eRC20 standard and its iterations eRC223, eRC777, etc., and eRC721 for non-fungible tokens) that have permitted the creation of tokens that are widely and simply used without any entry barrier. [20] Even in terms of tokenization schemes and legal forms, these activities have been developing without rules, implying there is no emission cost and a large degree of disintermediation. [21] Based on blockchain protocols, tokenization is diffused, available at a low cost, and capable of attracting investment capital – what has been lacking is a transparent connection between tokens and the profitability of the underlying ICO projects to improve investors’ assessment capacity. Such a scheme could bring ICOs closer to the venture capital investment risk profile, with increases in the cost of transparency, liquidity, and connection with new investors’ baselines. However, it seems this would allow ICOs to be classified as an [continua ..]

3. The structure of ICOs

From a structural point of view, the ICO is usually preceded by an online publication of a white paper ,[22] which is a voluntary and non-standardized document that contains descriptions of the project, the ICO team, the offering conditions, and so on. In this regard, in the absence of regulation, the publication of a white paper has spread in practice but there remain no compulsory elements. Often, there is a pre-token issue phase with attractive conditions that is reserved for particular and expert investor categories (the so-called early adopters) that could cover the initial operational costs. Subsequently, the public offer begins through the publication of the digital purchase address. This operation may last from a few minutes to up to several weeks. [23] With regard to this point, it is remarkable that usually the most successful ICOs are also those that sell out in a moment, revealing the sector speed. After that, according to the type, the tokens can be exchanged in secondary markets managed by online platforms. In this case, blockchain technology – especially those that are permission-less, such as the eRC20 already mentioned – allows the transactions to take place without any form of intermediation and control. The Ethereum open-source platform [24] allows to manage and develop “smart contracts”, that is, computer programs based on distributed ledger technologies, the execution of which automatically constrains two or more parties on the basis of predefined effects. In accordance with these observations, it is evident that the two ICO features cited above – the use of cryptocurrency as a means of payment and the absence of controls and constraints – also represent the causes of many bad investment opportunities, bankruptcies, and, in some cases, even fraud. [25] For this reason, public authorities are now trying to find a good, balanced regulatory approach. But it is not easy to do. A regulatory hypothesis should try to maintain the strengths of this new financing channel for start-ups (or for projects connected with existing enterprises), grading only the dysfunctional elements recorded in recent experience. In this context, national regulators are trying to lay down rules for ICOs in order to provide legal guarantees for purchasers and enable ICOs to be transformed into safer investment initiatives in which the evaluation and the goodness of the underlying business [continua ..]

4. The regulatory global “atmosphere”: the DAO approach

At the global level, despite the phenomenon’s complexity and novelty, some general regulatory orientations can be identified. With the exception of a few countries that have decided to ban ICOs (China) [28] and some that have already introduced specific regulations (Switzerland, Malta ,[29] and France [30]), the majority of countries are still studying a regulatory solution. But this situation should not be misunderstood. Even in the absence of a dedicated law, ICOs are not completely free from regulation because they are actually under the control of many market regulatory authorities (i.e. the Security and Exchange Commission (SEC) in the United States and Commissione Nazionale per le Società e la Borsa, Consob ,[31] in Italy) that are creating practices that follow a common paradigm. In the United States, for example, since 2017, the Securities and Exchange Commission has been investigating whether “the DAO” [32] (an unincorporated organization created by Slock.it UG, a German corporation) violated federal securities laws. The DAO was designed with the aim of creating and holding assets through the sale of tokens to investors. These assets would be spent in order to fund selected projects. During just one month, from April 30, 2016 through to May 28, 2016, the DAO sold almost 1.15 billion tokens in exchange for 12 million Ether. As a consequence, the token holders not only received the expected earnings as a return on their investments but could also monetize their assets by re-selling the tokens on web-based platforms for secondary trading. In this case, the SEC realized that the DAO tokens were “securities” according to Section 2(a)(1) of the Securities Act and Section 3(a)(10) of the Exchange Act; in other words, these tokens entailed “investment contracts” (as an investment of money in a common enterprise with a reasonable expectation of profits to be derived from the entrepreneurial or managerial efforts of others [33]), even if the DAO was a virtual organization making use of distributed ledger technology. [34] In particular, the SEC specified that: 1) the investment of “money” “need not take the form of cash” and, as a matter of fact, the virtual currency Ether could also create an “investment” contract; 2) DAO tokens investors were reasonably expected to earn profits through that enterprise; and [continua ..]

4.1. The consequence of the DAO approach: the “token focus”

The aforementioned DAO approach is based on the idea that the regulation of ICOs must be linked to the nature of tokens. In other words, the ICO is not considered because of its structural features (blockchain technology, Bitcoin or Ether involvement, and so on), but only for its products: the tokens. The ongoing debate over the nature of digital tokens is of great topical importance. In particular, tokens can be grouped into four main archetypes: 1) currency/payment tokens ;[38] 2) investment/securities/financial tokens; 3) utility tokens ;[39] and 4) hybrid tokens. [40] This “token focus” and categorization [41] lead to an important regulatory consequence: the appeal of tokens (and their ICOs) under the laws in force, particularly for financial instruments (as in the DAO case), in accordance with the neutrality principle. However, taking into account only the ICOs’ products, the tokens, without any considerations of their structural features would create a series of regulatory distortive solutions. First of all, this approach raises the question as to what extent securities regulation (in the EU, United States, or elsewhere) is applicable to ICOs and whether issuers have to publish and register a prospectus in order to avoid criminal and civil prospectus liability. This depends on whether tokens are considered “securities” under the EU Prospectus Regulation regime [42] (focusing on the European context), because if the token could be defined as a security, the ICO falls under the financial law. [43] Moreover, a European survey conducted by ESMA has highlighted that the majority of national authorities (i.e. Malta, France, Italy, etc.) are following this example, qualifying some crypto-assets (e.g. those with profit rights attached) as transferable securities or other types of MIFID [44] financial instruments. [45] It is evident that this kind of token classification entails a lot of other important and legal impacts on the regulation of ICOs, including the trading phase. [46] But not only this. Such method should solve the regulatory problems concerning ICOs that issue securities and (eventually) e-money tokens, [47] but instead it leaves out utility and hybrid ones. Utility tokens grant access or rights to the company’s goods, services, or ecosystem, and they are not very interesting for the market. [48] For [continua ..]

5. Italy and the Consob initiative on ICOs

In Italy, Consob follows the SEC’s approach when considering the ICO and its tokens in order to identify features it shares in common with the initial public offering (IPO) in relation to financial investment. In particular, Consob considers the combination of three elements: 1) a capital outlay; 2) an expectation of financial return; and 3) a risk assumption directly connected with the capital outlay. In the case of a positive result, the activity is banned pursuant to art. 99 of Leg. Decree n. 58/1998, which imposes the prospectus requirement. [56] However, last year, Consob decided to take a step forward by launching a consultation document [57] in order to open a public debate for an ad hoc ICO regulation as it waits for a common European guideline. While analysing the proposal in detail is beyond the scope of this paper, [58] some important elements relevant to this paper’s perspective will be highlighted. First of all, it should be noted that the choice of not applying (in this case) the financial law regime to ICOs (the already mentioned discipline prospectus, MiFID2, distance placement, etc.) suggests the introduction of an ad hoc regulation framework. [59] This solution is appreciable because – in line with the approach suggested in this paper – the simple application of the traditional financial law would add significant complexity to the ICO system without providing consumers with adequate protection and a clear regulatory framework for businesses. Nevertheless, in accordance with the SEC regulatory orientation, Consob focuses (solely) on the category of hybrid tokens, in which owning elements belonging to financial products (capital investment, risk assumption, and yield expectation) does not (apparently [60]) fall under securities law. The majority of the ICOs have proposed their tokens as utilities (in accordance with the trend of “tokenizing” real objects) in order to escape from the securities legal framework. At the same time, it is evident that this approach confirms the Consob issuance that the real securities tokens must full under the securities and market regulatory framework (MiFID2, etc.). Furthermore, Consob has been induced to propose a hybrid token regulation not just for theoretical reasons but also to answer a more sensitive question regarding its functional and operational competences, especially in relation to the Bank of Italy, which [continua ..]

6. The need for a new regulatory approach to ICOs

ICO is an unregulated fundraising model based on blockchain that was introduced to satisfy specific needs, but recent research has suggested that some blockchain operators (the serious ones) are looking for a good regulatory solution that might be able to balance freedom with guarantees – a regulatory solution that, for many the reasons that will be discussed in the next paragraphs, should not be the one adopted by the SEC. In their first stage of development, ICOs have been improved without any regulation; however, some studies have recently underlined that a minimum regulatory set is necessary for the future survival of these instruments because “any uncertainty about the proposed project (lack of presence on social media, shorter white papers, issuer domiciled in a tax haven) is negatively correlated to the success of the project, whereas signals that convey the quality of the project (director has a strong professional network, size of the project team) are positively correlated”. [65]

6.1. The ineffectiveness of the token differentiation approach to ICO regulation

First of all, a regulatory approach based on the different nature of tokens presents a very serious and concrete problem: uncertainty. As is generally known, a common European understanding of financial (or payment) instruments simply does not exist. As a matter of fact, the classification of financial instruments is the responsibility of each individual national authority and in turn depends on the specific national implementation of EU law. In particular, in the course of transposing MiFID1 into their national laws, every member state has defined the term “financial instrument” differently. It is evident that this situation causes problems for both the regulation and the supervision of ICO tokens. [66] In Italy, for example, the TUF [67] makes a distinction between financial instruments and financial products. Moreover, also at the European level, there are several definitions of securities depending on the legislative framework: MIFID2, Prospectus Regulation, [68] Anti-Money Laundering Directive, [69] and so on. Consequently, it would be difficult (or quite impossible) to address the qualification of tokens following this path. Because of these doubts, a new alternative solution is needed. In particular, as we will suggest in the following, it is necessary to develop a new legal category for tokens [70] and an ad hoc regulation.

6.2. The inefficacy of a traditional financial framework for ICOs

The SEC approach suffers from other shortcomings that go beyond the legal qualification of tokens. ICOs are the result of a transaction carried out by an issuer to raise capital, and this dynamic could make them similar to the IPOs of securities. But even if ICOs and IPOs could have the same aim, they present different structural and technological features that should not be addressed by a set of common rules. ICOs request an ad hoc regulation that can balance the different interests and risks involved in order to guarantee investments and customer protections (and their fundraising capacity). In particular, MIFID2 and the Prospectus Regulation could not appropriately manage the issuance of tokens, even if they are classified as securities. As has been mentioned, “MIFID II is far from being exhaustive, also because – although effective from 3 January 2018 – it actually represents the state-of-the-art of markets, and technological evolution thereof, in the years 2011–2013, i.e. when groundwork for the MIFID II regulatory framework was carried out. In short, MIFID II represents a context quite different from the current one: crypto-assets, as we observe them today, did not exist at that time”. [71] To give some examples, the blockchain (permission-less) technology used by ICOs makes it extremely difficult to identify the issuer; it is unclear whether the company or the group of core developers initiating the token sale should be considered the issuer, or if the issuer is the blockchain-based organization itself (such as the DAO). At the same time, ICOs are carried out by new and different actors (miners, wallet services providers, custody service providers, etc.) that, in the traditional public offering system, simply do not exist. For these reasons, the Prospectus Regulation cannot offer much insight. White papers [72] usually contain “a description on how the token will be used, its benefit to holders, and how blockchain architecture will operate … the track record of the funding team”. [73] In this case, investors need information on both organizational structures (the blockchain-based vehicle and the underlying company/group) to adequately assess the quality of the investments, which are not included in the traditional financial prospectus. Moreover, the Prospectus Regulation does not impose the disclosure of ICO and blockchain organization code. [74] With regard to [continua ..]

7. The European Commission’s regulation proposals on crypto-assets: some brief notes

With the aforementioned Commission’s regulation proposals ,[78] the European authority is trying to achieve some ambitious and agreeable purposes: 1. guaranteeing the legal certainty; 2. developing (within the EU) crypto-assets markets, supporting innovation; 3. instilling consumers and investors protection; 4. ensuring financial stability. At the same time, as the first reliefs have already treated, the European intervention is driven by the urgence to face the risk of the new and global private coin, such as the famous Libra of Facebook.[79] Therefore, it is impossible to cover all the complex issues involved, for this reason, it is surely useful to mention only a few points for strengthening this paper thesis. In particular, MICA proposes a bespoke regime for utility tokens and the so-called staiblecoins,[80] in other words, the typologies which fall outside the financial and e-money regulatory frameworks. Instead, the pilot regime suggests some exceptions - to the traditional trading rules - for creating a suitable secondary market for the new security tokens category. For example, in the case of a public utility tokens’[81] offering, it introduces some minimal rules regarding the issuer legal nature,[82] “the obligation to draw up a crypto-asset white paper in accordance with Article 5 (with Annex I) and the notification of such a crypto-asset white paper to the competent authorities (Article 7) and its publication (Article 8)”. The national authorities are not empowered to pre-approval the document, but they can suspend or prohibit the offering, whether the crypto-asset at stake constitutes a financial instrument under the MIFID2. Instead, in regard to the two stablecoin sub-categories, it recommends stricter rules.[83] For instance, the issuer of asset referenced tokens has to be authorized by the national authority as well as its white paper; moreover, only credit institutions and electronic money institutions can offer to the public this kind of token. With reference to the security tokens, the European authority proposes to “create a pilot regime to allow for experimentation with the application of DLT in financial services … [that] should not be too restrictive, but at the same time cannot lead to market fragmentation or undermine important existing regulatory requirements”. In this regard, the proposal [continua ..]

8. The Liechtenstein Tokens law: a good solution?

For the purposes of this article, a very important role should be played by the Law on Token and TT Service Providers (Tokens and Service Providers Act) recently enacted by Liechtenstein. [87] For the first time, this law aims to introduce a general regime for all categories of tokens, it defines as “piece[s] of information on a TT System which: can represent claims or rights of memberships against a person, rights to property, or other absolute or relative rights; and is assigned to one or more TT Identifiers” .[88] The law intends to become the framework for all token categories without any other distinction (securities, payment, utility, hybrid, and so on). As a consequence, this system would abandon the case-by-case analysis (as imposed by the SEC approach) and create greater legal certainty for issuers because the nature of the token would no longer be in dispute. Moreover, in order to guarantee its longevity (taking into account the speed at which innovation occurs in technology), the law does not mention the blockchain concept at all. Instead, it introduces the broader notion of trustworthy technology (TT). According to the idea that these technologies change the market structure, the law identifies a series of new subjects directly involved in the ICO procedure. For example, there are entities that evoke the function of a TT identifier; [89] TT service provider; [90] token issuer; [91] token generator; [92] TT key depositary ;[93] TT token depositary ;[94] physical validator ;[95] TT protector ;[96] TT exchange service provider ;[97] TT verifying authority ;[98] TT price service provider ;[99] and TT identity service provider. [100] For all of them, specific procedures and requirements have been introduced, such as minimum capital, special internal control mechanisms, a registration and reliability regime, etc. On the other hand, the law regulates the “power of disposal” and the “right of disposal” over the token (arts 5–8); it provides a regulation for the hypothesis of acquisition in good faith (art. 9) and measures for the cancellation of tokens (art. 10). In particular, for ICOs, art. 30 introduces the concept of “basic information” that must be published before the token’s issuance and a series of exceptions (art. 31). In accordance [continua ..]

9. Waiting for the EU ... The paradoxical effect of ICOs’: a national regulation for a global phenomenon

Thanks to the previous considerations, it is now possible to appreciate the reasons why the suggested approach is based upon an ad hoc regulation [101] and to understand why tokens and ICOs – or any other future form of crypto-funding – should not be approached using traditional regulatory categories. In other words, the neutrality principle should not be applied in these cases because they intrinsically involve new features and risks posed by the new crypto paradigm created by a decentralized network without a central (and liable) authority. The situation is certainly different for permissioned tokens, which should allow the application of a more traditional regulatory regime, but as has already been argued, the majority of ICO initiatives and their tokens are born in a “distributed” playing field. This reality cannot be ignored. [102] Consequently, effective investor and consumer protection must be based on an understanding of these peculiarities; moreover, the use of traditional legal notions and frameworks could be confusing for the market. At the same time, it must be acknowledged that ICOs and their tokens are a global phenomenon that should not be regulated at the national level; instead, International or at least European regulation is required. [103] For this reason, it would be desirable an urgent European regulatory intervention. [104] In this period of uncertainty – in a still open debate – crypto-operators [105] and crypto-investors are looking for any regulatory solution that could improve their businesses and gains. Taking the wrong decision now and introducing an inappropriate regulation could generate the risk of inducing ICO issuers (if any) to getaway. On the other hand, finding the right “receipt” could represent a great outcome in order to create a crypto-friendly field that is able to capture billions of crypto-assets. [106] From this point of view – and as long as there is no common European legal framework –, this matter can be seen as producing a paradoxical effect of proposing a national regulation for a global phenomenon. The game is just beginning, but in our view, at this moment, there is only one certainty: there is a need for a “new” regulatory approach for tokens asautonomous legal category in order to ensure greater investment and consumer protection. Shortly, there should no longer be any securities or [continua ..]