Web3 Token Issuance Compliance Guide

Advanced5/30/2024, 1:33:39 AM
"How to Legally and Compliantly Issue Tokens is the top priority for Web3 projects to clarify, but this is by no means the end. Achieving decentralization for the project is the ultimate goal. Decentralization not only brings about the next positive development for the project but also provides more compliance space. Therefore, from the perspective of Web3 legal practitioners and a series of articles from a16z on decentralization and token issuance, this article will explain why decentralization should be achieved, why decentralization brings compliance space, and provide some compliance strategies, aiming to provide a preliminary compliance framework for Web3 project token issuance."

The ultimate goal of most Web3 projects is to issue their own tokens, especially during bull markets in the crypto space when token prices surge and FOMO sentiment spreads. In this pursuit of “freedom,” the road is rough, with alarms from the unknown dark forest, harsh ambushes from enforcers, and even the threat of imprisonment at any moment.

How to legally and compliantly issue tokens is of paramount importance for Web3 projects to clarify, but this is far from the end. Achieving decentralization for the project is the ultimate goal. Decentralization not only brings about the next positive development for the project but also provides more compliance space.

Therefore, this article, from the perspective of Web3 legal practitioners and a series of articles from a16z on decentralization and token issuance, explains why decentralization should be achieved, why decentralization brings compliance space, and provides some compliance strategies, aiming to provide a preliminary compliance framework for Web3 project token issuance.

1. Why Should We Achieve Decentralization?

The Internet of Web1 was once considered the greatest tool for liberation until Web2 platforms gradually transformed the Internet into an instrument of centralization. The relationship between network participants and platforms shifted from cooperation to competition, and collective consensus online became the singular consensus of Internet platforms. The once digital utopia turned into a digital prison until the dawn of decentralized encrypted networks emerged.

As a result, the term “decentralization” has been imbued with too many antidote-like meanings, whether it’s the non-violent resistance proposed in “Cypherpunks” to resist government surveillance and censorship, the order consensus achieved by programmers through “Code is Law,” or the advocacy of network liberalism political principles. However, these are not the main reasons why decentralization is so important for Web3 projects.

(A Cypherpunk’s Manifesto)

Cryptographic networks are decentralized networks built on top of the internet. They use consensus mechanisms like blockchain to maintain and update network states (collective consensus in Web3 vs. singular consensus on Web2 platforms). Additionally, they use cryptocurrencies to incentivize shared ownership, co-creation, and co-building among consensus participants and other network ecosystem participants (non-profit and non-ownership in Web1 vs. incentives and ownership for Web3 network participants).

Decentralization is a key feature of cryptographic networks. It shifts power from closed and controlled corporate organizations on Web2 internet platforms to open and permissionless networks. Truly decentralized cryptographic networks resemble public goods rather than proprietary technologies, requiring strict authorization for use.

This paradigm shift towards openness and decentralization has the potential to rebuild the internet by promoting competition, safeguarding freedom, protecting privacy, and providing fair incentives. It can attract global network participants to collaborate and exponentially grow the network ecosystem under appropriate conditions. This consistent consensus is one of the main reasons why cryptocurrencies like Bitcoin and Ethereum continue to thrive despite skepticism.

In essence, decentralization means that cryptographic networks return data ownership, governance rights, and other rights that should belong to network participants back to individuals, enabling them to work towards a collective, common goal—the development of the network ecosystem and the enhancement of token utility.

2. Decentralization Brings Compliance Space

Decentralization not only enables projects to foster collective consensus, facilitate global collaboration, and drive ecosystem development but also provides more space for projects at the legal compliance level. We’ll explore how decentralization provides compliance space for Web3 projects by examining the starting point of SEC regulation on token issuance and comparing decentralized ICOs with centralized IPOs.

2.1 SEC Regulatory Starting Point

Undoubtedly, the biggest “enemy” of the crypto industry is the U.S. Securities and Exchange Commission (SEC). The SEC views almost all tokens as “securities” and believes they should be registered under U.S. securities laws. Since the explosion of Initial Coin Offerings (ICOs) in 2017, tens of thousands of projects sought to raise funds based on promises of significant technological breakthroughs (including Ethereum), but few projects actually delivered on those promises.

The SEC attempts to apply securities laws to this straightforward fundraising activity because ICOs typically meet all the conditions of the Howey Test, a legal test used to determine whether a transaction qualifies as an investment contract. The Howey Test considers a transaction an investment contract if it involves an investment of money in a common enterprise with an expectation of profits primarily from the efforts of others.

The simplest case is token financing in the primary market (i.e., the issuer publicly sells tokens to investors), which is classified as securities issuance. In SEC v.s. Ripple’s case regarding the private sale round in the primary market, financing targeted at institutional investors (Institutional Sales) can also fall under SEC’s classification of securities, meeting the criteria of: (1) investment of money; (2) common enterprise, where Ripple utilizes investors’ funds for its network operation, and investors’ expected profits are closely tied to Ripple’s efforts; (3) expectation of profits primarily from the efforts of others, meaning investors expect to profit from Ripple’s efforts, including interest, income, and the increased value of the investment.

In fact, Ripple also informs investors through public promotion that investing in its XRP token may yield future profits or that the value of XRP is linked to Ripple’s efforts.

Interpreting the SEC v. Ripple case to further clarify regulatory uncertainties.

Despite this stance, the fundamental goal of both the SEC and network participants is to eliminate information asymmetry and create a fair, transparent competitive environment. The responsibility of Web3 network participants is to demonstrate that the methods of cryptographic networks are feasible and can meet regulatory requirements. For example, through decentralization, they can create a fair competitive environment for a wider range of participants (developers, investors, users, etc.), use publicly transparent ledgers, eliminate single central control, and reduce reliance on management teams.

2.2 Centralized IPO vs. Decentralized ICO

Let’s first compare a simple centralized project’s Initial Public Offering (IPO) and a decentralized project’s Initial Coin Offering (ICO), and then explore how cryptographic networks can meet regulatory requirements.

The essence of an IPO is to publicly issue a small portion of equity to raise funds, benefiting a small group of company shareholders. In the case of Coinbase’s IPO, as shown in the diagram, the founding team and investors hold at least 70% of the shares, and the fluctuations in stock prices have no direct impact on users who trade on Coinbase throughout the day. In practical terms, users who contribute to Coinbase’s performance by trading all day receive no direct benefits from Coinbase.

The essence of an ICO token issuance is to publicly distribute the vast majority of tokens (whether through fundraising or airdrops, among other forms) to decentralize control within the entire community rather than concentrating it in the hands of the management team, thereby promoting decentralization and ecosystem development. In ICOs like Uniswap’s, the development team and investors retain only a small portion of the tokens, with the remaining 60% used for Uniswap’s ecosystem development and governance. In practical terms, participants can earn token rewards for providing liquidity, participating in trades, contributing to ecosystem development, receiving grants, and so on.

Clarifying the essence of token issuance is crucial for achieving decentralization in Web3 projects; otherwise, projects may fall into the trap of a “pump and dump” logic, hindering long-term development.

2.3 Decentralization Creates Compliance Space

From the perspective of decentralized token issuance, applying the Howey Test by the SEC becomes more challenging: (1) Investment of money—token airdrops or other means do not involve monetary investment; (2) Efforts of a management team—truly decentralized projects do not rely on the efforts of a management team; (3) Expectation of profits—secondary market investors may not necessarily rely on the efforts of a management team to profit.

Furthermore, decentralization also achieves one of the SEC’s objectives—information disclosure. When control is distributed throughout the community rather than concentrated in the hands of a management team, information can reach everyone fairly.

In a speech in June 2018, SEC official William Hinman introduced the concept of “Sufficient Decentralization,” stating, “If the network on which the token or coin is to function is sufficiently decentralized—where purchasers would no longer reasonably expect a person or group to carry out essential managerial or entrepreneurial efforts—the assets may not represent an investment contract.” Based on this logic, Hinman concluded that Ethereum does not qualify as a security because its network is sufficiently decentralized.

Thus, decentralization is crucial for U.S. regulatory compliance.


(Variant Fund, Sufficient Decentralization, A Playbook for web3 Builders and Lawyers)

3. Compliance Guidelines for Token Issuance

3.1 The degree of centralization determines the size of a project’s compliance risk. Despite decentralization providing compliance space for projects, the SEC released an updated “Framework for Digital Assets” in April 2019 and continues to expand its jurisdiction over crypto assets through regulation by enforcement, as seen in cases involving Coinbase, Binance, Ripple, and Uniswap.

To mitigate SEC-related troubles, Web3 projects must operate within the guidance provided by the SEC to create more compliance space. Similarly, in any jurisdiction, Web3 projects need legal opinions from law firms before conducting Initial Exchange Offerings (IEOs) to avoid being classified as securities by local securities laws.

Thus, the compliance risk a project faces depends on its level of decentralization. Fully decentralized assets like Bitcoin are the only cryptographic assets exempt from SEC regulation, while Ethereum’s decentralization is still under scrutiny. According to Miles Jennings, the head of policy, legal, and compliance at a16z, decentralization is the only path for projects to eliminate risks addressed by securities laws. It serves as the North Star guiding project, as other strategies are merely temporary measures.

However, achieving full decentralization may take time, and most Web3 projects undergo a gradual decentralization process.

3.2 Exclude any U.S. Factors

Since most projects lack full decentralization during token issuance, there is a theoretical possibility of their tokens being classified as securities by the SEC. To avoid U.S. regulation, particularly by the SEC, projects must exclude any U.S. factors, ensuring U.S. regulators have no jurisdiction.

This exclusion approach also applies to Chinese jurisdictions. Thus, until compliance capabilities improve, projects should avoid U.S. factors, such as U.S. public participation or U.S. investors, during fundraising stages, token generation events (TGEs), or secondary market trading.

Feasible approaches include:

A. Early Airdrop Incentive Stage: Geo-blocking or VPN blocking U.S. users from participating in airdrops, token incentives, and most importantly, token sales.

B. Private Sale Stage: If tokens are privately issued to U.S. investors or employees, projects can still operate under SEC Regulation S exemptions.

C. Public Offering Listing Trading: Issuing tokens through entities outside the U.S. and opting out of IEO listings on U.S.-based cryptocurrency exchanges like Coinbase, Gemini, and Kraken.

In practice, most offshore foundations (e.g., Cayman, BVI, Singapore) become the issuing entities, governance rights are decentralized among non-profit foundations, and there are no shareholders, conflicts of interest, or profit motives. Essentially, if a project does not offer its tokens to Americans, even if it’s not fully decentralized, the risk of SEC enforcement is significantly reduced. Thus, projects should avoid any token sales targeting U.S. factors for fundraising purposes.

3.3 Operational Restrictions

While the strategies mentioned above can mitigate regulatory issues to some extent (e.g., excluding U.S. factors), Web3 projects face additional restrictions due to their global market focus and online operations. Hence, they must adhere to certain limitations in daily operations, especially when discussing token values (e.g., on social channels like Discord, Twitter, Telegram, text, or email), to avoid regulatory traps. These activities include:

  1. Protocol Development

  2. Business Expansion

  3. Marketing Curation

  4. Intellectual Property

  5. Governance Decisions

3.3.1 Decentralized Transition of Project Identities

(Variant Fund, Sufficient Decentralization, A Playbook for web3 Builders and Lawyers)

Before and after token issuance, Web3 projects entering the decentralization phase should avoid several scenarios:

A. Before initiating public sales, discussions or references to the token’s value, including potential airdrops, token allocation, or token economics, should be avoided. This includes instances where the SEC halted Telegram’s token issuance.

B. Discussions about token price or potential appreciation expectations should be avoided at all times, refraining from presenting the token as an investment opportunity. This includes mentioning any mechanisms, such as token “burning,” aimed at token price targets or stability, and commitments to continue funding project development and success with private capital.

C. After token issuance, when the project enters the decentralization phase, the positioning of the founding or management team (including founders, development companies, foundations, and DAOs) should be clarified.

Web3 projects should use “initial development team” instead of the former “core development team” or “primary development team,” and “core contributors/contributors” instead of individual company titles. Members of foundations and DAOs should define themselves as non-profit contributors fostering protocol/DApp/DAO development.

At this point, Web3 projects are prone to centralized language, even if they are extremely decentralized. This occurs when they’re accustomed to discussing achievements, milestones, and other releases in the first person. Pitfalls in self-positioning include:

  • Avoid implying ownership or control of the protocol/DApp/DAO (e.g., “As the CEO of the protocol…,” “Today, we opened feature X of the protocol…”).
  • Refrain from committing or guaranteeing ongoing work on the protocol/DApp/DAO and avoid overstating the importance of ongoing work to the ecosystem.
  • Avoid emphasizing efforts to promote or achieve greater decentralization.
  • Provide separate speaking rights for the project’s DAO or foundation to avoid confusion. A better approach is to differentiate between the project’s development company Labs and subsequent foundation Foundation (e.g., Ondo Finance’s official account vs. Ondo Foundation, Uniswap Labs vs. Uniswap DAO) or directly separate them from the protocol’s name.
  • Ultimately, all communications should reflect the principle of decentralization, especially in public forums. Communication should be open and aimed at preventing significant information asymmetry among individuals or groups.

The transition of identities is particularly important, as words can have consequences, and it’s crucial to understand that you’re no longer the powerful CEO.

3.3.2 Public Information Channels

In addition to the matters Web3 projects need to pay attention to in their daily operations, they should also disclose project progress and operations to the public as much as possible, which is precisely what the SEC requires in terms of disclosure. For example, simple and practical public communication methods, such as public Notion pages, Discord channels, governance proposal voting forums, weekly summary meetings, etc., are needed.

In decentralized crypto networks, where project code is open-source, the key to success for decentralized projects lies in execution, not in holding “secrets.” Keeping “confidential information” undisclosed would be unfair to investors and could exacerbate the security attributes of tokens.

3.3.3 Token Lock-Up Period

Additionally, Miles Jennings mentioned the need to extend token lock-up periods consistently, at least for one year from the date of token issuance. The lack of a one-year lock-up period has been successfully exploited by the SEC, literally preventing Web3 projects from token issuance. This approach can help mitigate the aforementioned legal compliance risks, reduce downward pressure on token prices due to token dumps, and demonstrate confidence in the project’s long-term viability.

Once decentralized, neither individuals nor companies are spokespersons for the project. The project’s ecosystem is its own, independent, and unique ecosystem.

4. Examples of Decentralized Projects

However, it’s challenging to establish a standard defining complete decentralization in the market. Nonetheless, we can still draw guidance from the decentralized paths of some relatively compliant projects in Europe and the United States.

Uniswap, as the most successful decentralized exchange, has a growth trajectory worth emulating, especially considering its involvement in the sensitive cryptocurrency trading business amidst the opaque regulatory landscape of the United States. Additionally, compliance for Fintech companies is of utmost importance.

We have outlined the compliance path of Uniswap Labs after separating from the protocol. This path provides a regulatory-friendly decentralized model for Web3 projects. The purpose of such separation is twofold: on one hand, it facilitates progressive decentralization, and on the other hand, it allows for more leeway in regulatory compliance.

A. Decentralized Non-Security Tokens

The Uniswap protocol operates autonomously on-chain, governed by the Uniswap DAO, achieving decentralization. The governance token UNI serves as its governance token. This model avoids the SEC’s securities classification and has led to favorable court rulings.

B. DAO Legal Structure with Limited Liability

Uniswap DAO establishes the Uniswap Foundation as a legal entity, serving as the legal wrapper for the DAO. This not only ensures limited liability for DAO members but also facilitates interaction with the Web2 world, expanding its influence.

C. Independent Operations of Labs for Flexible Front-end Development

The Uniswap Labs team, previously responsible for developing and maintaining the protocol, operates as a separate legal entity. It transitions to being the primary contributors to the protocol, freeing itself from protocol constraints. Additionally, it can construct and maintain front-end products by calling backend protocols, ensuring sustainability, as seen in the previous introduction of a fee model for the Uniswap DApp.

D. Regulatory Application Rather Than Protocol

Following a16z’s regulatory principles, decentralized on-chain protocols are merely code and are challenging to regulate. However, front-end applications developed by Labs can fully comply with regulatory requirements. This enables the team and the product itself to mitigate potential regulatory risks. Similar to any app, front-end applications can incorporate KYC/AML/CTF verification as per regulatory demands, delist tokens flagged by regulators, and apply for licensing qualifications.

Although on April 10, 2024, Uniswap Labs received a Wells Notice from the SEC, informing them of potential regulatory enforcement actions, it primarily pertains to the nature of its cryptocurrency trading business rather than non-compliance with the decentralized legal structure.

5. Regulatory Obstacles in Chinese Jurisdictions

The compliance strategies outlined above are a summary of the experiences of some top projects, especially those operating in jurisdictions relatively open to cryptocurrencies like the United States. However, in jurisdictions like China, where all cryptocurrency activities are prohibited, token issuance inevitably comes with significant risks.

In essence, the nature of regulation in both jurisdictions is similar. Imagine operating in a gray area where a project earns shining profits through ambiguous means, only to be noticed by authorities with enforcement powers. The United States prioritizes the rule of law and would likely employ legal means to address such situations, while China’s more stringent approach reflects a zero-tolerance stance.

Therefore, it’s crucial to avoid any actions that could potentially attract enforcement attention in either jurisdiction.

Web3 Practitioners’ Guide to Conscience and Legal Compliance—Be sure to protect yourself outside

5.1 Criminal Risks in Token Issuance Processes

It is well-known that decentralization is a prominent feature of the Web3 industry. However, the entities operating behind decentralized projects and the ultimate controllers of on-chain addresses are always individuals subject to legal regulation and constraints. Therefore, project teams must strive to avoid crossing legal red lines in token issuance processes. During token fundraising, project teams often attract users by offering high returns. They promote projects through public channels like Twitter and Telegram and collaborate with ground teams offline to attract indiscriminate crowds for project promotion. This fundraising model easily constitutes the crime of illegal absorption of public deposits.

Web3 project founding teams may amass enormous assets through token issuance in a short period. Due to a lack of necessary regulation and transparent financial management, undisclosed fund handling can lead to misuse of funds by project parties. For instance, core team members may use raised funds for personal purposes, such as purchasing luxury items or engaging in speculative trading, ultimately resulting in misappropriation of funds intended for ecosystem development, thereby constituting the crime of fundraising fraud.

In addition to the above, during the promotion and marketing process of tokens, collaborations with ground teams and Key Opinion Leaders (KOLs) to promote the purchase of project hardware devices or cloud computing power, with rewards for user referrals and hierarchical commissions, can easily constitute the crime of organizing and leading pyramid schemes.

Reference: Examining the Criminal Risks Possibly Encountered by Token Issuing Projects Through the “Xirtam Incident”

5.2 Beware of Opportunistic Law Enforcement’s Harm to Web3 Projects

Currently, in some remote areas, local government financial pressures are immense. As a result, there is serious opportunistic law enforcement towards Web3 projects. Technology companies collaborate with public security agencies to identify and investigate core members of domestic projects, such as project executives and those with access to private keys. They forcibly transfer the tokens or other cryptocurrencies held by the individuals involved to addresses controlled by law enforcement agencies for disposal and liquidation.

Normally, confiscated income should be remitted to the national treasury. However, in judicial practice, a minority of local financial authorities allocate a portion or all of the confiscated income as case handling expenses, returning it to the law enforcement agencies. This poses a threat to the business model of Web3 projects.

During such law enforcement activities, investigations into core project members by regulatory authorities on grounds of involvement in cases will inevitably cause panic and insecurity among project community members. Furthermore, the disposal and liquidation of project tokens in the secondary market by law enforcement agencies can lead to drastic fluctuations in token prices. Following investigations by law enforcement agencies, regardless of whether the project is ultimately found to have engaged in illegal activities, it will be difficult for the project to continue operating. Ultimately, developers, loyal users, and investors in the community will bear the brunt of these consequences.

Therefore, for Web3 projects, in the face of the potential harm caused to investors and ecosystem participants by opportunistic law enforcement, it is necessary to arrange for core project members responsible for products and technology, as well as multi-signatory managers of project addresses, to operate overseas. Employing multi-signature management for project financial addresses can mitigate single-point risks and ensure the security of user assets.

6. Writing at the End

The framework provided above offers a preliminary compliance approach for Web3 projects to issue tokens. However, different projects will have varying compliance requirements to consider, such as data compliance for DePIN and DeAI projects, financial compliance for RWA and payment projects, and so on. It’s important to consult your own legal counsel before finalizing any project plans. Remember, “Not Your Lawyer, Do Your Own Research.”

This framework aims to help Web3 projects explore token economics, and ecosystem development, and drive decentralization with confidence, without assuming undue risks associated with token ownership. However, not all projects will fit this framework perfectly. Achieving decentralization takes time, and compliance efforts come with their own costs. Project teams must carefully craft their strategies for decentralized operations.

Statement:

  1. This article is reproduced from [Web3小律], the copyright belongs to the original author [Will 阿望&Chris 初焱], if you have any objection to the reprint, please contact Gate Learn Team, the team will handle it as soon as possible according to relevant procedures.

  2. Disclaimer: The views and opinions expressed in this article represent only the author’s personal views and do not constitute any investment advice.

  3. Other language versions of the article are translated by the Gate Learn team and are not mentioned in Gate.io), the translated article may not be reproduced, distributed or plagiarized.

Web3 Token Issuance Compliance Guide

Advanced5/30/2024, 1:33:39 AM
"How to Legally and Compliantly Issue Tokens is the top priority for Web3 projects to clarify, but this is by no means the end. Achieving decentralization for the project is the ultimate goal. Decentralization not only brings about the next positive development for the project but also provides more compliance space. Therefore, from the perspective of Web3 legal practitioners and a series of articles from a16z on decentralization and token issuance, this article will explain why decentralization should be achieved, why decentralization brings compliance space, and provide some compliance strategies, aiming to provide a preliminary compliance framework for Web3 project token issuance."

The ultimate goal of most Web3 projects is to issue their own tokens, especially during bull markets in the crypto space when token prices surge and FOMO sentiment spreads. In this pursuit of “freedom,” the road is rough, with alarms from the unknown dark forest, harsh ambushes from enforcers, and even the threat of imprisonment at any moment.

How to legally and compliantly issue tokens is of paramount importance for Web3 projects to clarify, but this is far from the end. Achieving decentralization for the project is the ultimate goal. Decentralization not only brings about the next positive development for the project but also provides more compliance space.

Therefore, this article, from the perspective of Web3 legal practitioners and a series of articles from a16z on decentralization and token issuance, explains why decentralization should be achieved, why decentralization brings compliance space, and provides some compliance strategies, aiming to provide a preliminary compliance framework for Web3 project token issuance.

1. Why Should We Achieve Decentralization?

The Internet of Web1 was once considered the greatest tool for liberation until Web2 platforms gradually transformed the Internet into an instrument of centralization. The relationship between network participants and platforms shifted from cooperation to competition, and collective consensus online became the singular consensus of Internet platforms. The once digital utopia turned into a digital prison until the dawn of decentralized encrypted networks emerged.

As a result, the term “decentralization” has been imbued with too many antidote-like meanings, whether it’s the non-violent resistance proposed in “Cypherpunks” to resist government surveillance and censorship, the order consensus achieved by programmers through “Code is Law,” or the advocacy of network liberalism political principles. However, these are not the main reasons why decentralization is so important for Web3 projects.

(A Cypherpunk’s Manifesto)

Cryptographic networks are decentralized networks built on top of the internet. They use consensus mechanisms like blockchain to maintain and update network states (collective consensus in Web3 vs. singular consensus on Web2 platforms). Additionally, they use cryptocurrencies to incentivize shared ownership, co-creation, and co-building among consensus participants and other network ecosystem participants (non-profit and non-ownership in Web1 vs. incentives and ownership for Web3 network participants).

Decentralization is a key feature of cryptographic networks. It shifts power from closed and controlled corporate organizations on Web2 internet platforms to open and permissionless networks. Truly decentralized cryptographic networks resemble public goods rather than proprietary technologies, requiring strict authorization for use.

This paradigm shift towards openness and decentralization has the potential to rebuild the internet by promoting competition, safeguarding freedom, protecting privacy, and providing fair incentives. It can attract global network participants to collaborate and exponentially grow the network ecosystem under appropriate conditions. This consistent consensus is one of the main reasons why cryptocurrencies like Bitcoin and Ethereum continue to thrive despite skepticism.

In essence, decentralization means that cryptographic networks return data ownership, governance rights, and other rights that should belong to network participants back to individuals, enabling them to work towards a collective, common goal—the development of the network ecosystem and the enhancement of token utility.

2. Decentralization Brings Compliance Space

Decentralization not only enables projects to foster collective consensus, facilitate global collaboration, and drive ecosystem development but also provides more space for projects at the legal compliance level. We’ll explore how decentralization provides compliance space for Web3 projects by examining the starting point of SEC regulation on token issuance and comparing decentralized ICOs with centralized IPOs.

2.1 SEC Regulatory Starting Point

Undoubtedly, the biggest “enemy” of the crypto industry is the U.S. Securities and Exchange Commission (SEC). The SEC views almost all tokens as “securities” and believes they should be registered under U.S. securities laws. Since the explosion of Initial Coin Offerings (ICOs) in 2017, tens of thousands of projects sought to raise funds based on promises of significant technological breakthroughs (including Ethereum), but few projects actually delivered on those promises.

The SEC attempts to apply securities laws to this straightforward fundraising activity because ICOs typically meet all the conditions of the Howey Test, a legal test used to determine whether a transaction qualifies as an investment contract. The Howey Test considers a transaction an investment contract if it involves an investment of money in a common enterprise with an expectation of profits primarily from the efforts of others.

The simplest case is token financing in the primary market (i.e., the issuer publicly sells tokens to investors), which is classified as securities issuance. In SEC v.s. Ripple’s case regarding the private sale round in the primary market, financing targeted at institutional investors (Institutional Sales) can also fall under SEC’s classification of securities, meeting the criteria of: (1) investment of money; (2) common enterprise, where Ripple utilizes investors’ funds for its network operation, and investors’ expected profits are closely tied to Ripple’s efforts; (3) expectation of profits primarily from the efforts of others, meaning investors expect to profit from Ripple’s efforts, including interest, income, and the increased value of the investment.

In fact, Ripple also informs investors through public promotion that investing in its XRP token may yield future profits or that the value of XRP is linked to Ripple’s efforts.

Interpreting the SEC v. Ripple case to further clarify regulatory uncertainties.

Despite this stance, the fundamental goal of both the SEC and network participants is to eliminate information asymmetry and create a fair, transparent competitive environment. The responsibility of Web3 network participants is to demonstrate that the methods of cryptographic networks are feasible and can meet regulatory requirements. For example, through decentralization, they can create a fair competitive environment for a wider range of participants (developers, investors, users, etc.), use publicly transparent ledgers, eliminate single central control, and reduce reliance on management teams.

2.2 Centralized IPO vs. Decentralized ICO

Let’s first compare a simple centralized project’s Initial Public Offering (IPO) and a decentralized project’s Initial Coin Offering (ICO), and then explore how cryptographic networks can meet regulatory requirements.

The essence of an IPO is to publicly issue a small portion of equity to raise funds, benefiting a small group of company shareholders. In the case of Coinbase’s IPO, as shown in the diagram, the founding team and investors hold at least 70% of the shares, and the fluctuations in stock prices have no direct impact on users who trade on Coinbase throughout the day. In practical terms, users who contribute to Coinbase’s performance by trading all day receive no direct benefits from Coinbase.

The essence of an ICO token issuance is to publicly distribute the vast majority of tokens (whether through fundraising or airdrops, among other forms) to decentralize control within the entire community rather than concentrating it in the hands of the management team, thereby promoting decentralization and ecosystem development. In ICOs like Uniswap’s, the development team and investors retain only a small portion of the tokens, with the remaining 60% used for Uniswap’s ecosystem development and governance. In practical terms, participants can earn token rewards for providing liquidity, participating in trades, contributing to ecosystem development, receiving grants, and so on.

Clarifying the essence of token issuance is crucial for achieving decentralization in Web3 projects; otherwise, projects may fall into the trap of a “pump and dump” logic, hindering long-term development.

2.3 Decentralization Creates Compliance Space

From the perspective of decentralized token issuance, applying the Howey Test by the SEC becomes more challenging: (1) Investment of money—token airdrops or other means do not involve monetary investment; (2) Efforts of a management team—truly decentralized projects do not rely on the efforts of a management team; (3) Expectation of profits—secondary market investors may not necessarily rely on the efforts of a management team to profit.

Furthermore, decentralization also achieves one of the SEC’s objectives—information disclosure. When control is distributed throughout the community rather than concentrated in the hands of a management team, information can reach everyone fairly.

In a speech in June 2018, SEC official William Hinman introduced the concept of “Sufficient Decentralization,” stating, “If the network on which the token or coin is to function is sufficiently decentralized—where purchasers would no longer reasonably expect a person or group to carry out essential managerial or entrepreneurial efforts—the assets may not represent an investment contract.” Based on this logic, Hinman concluded that Ethereum does not qualify as a security because its network is sufficiently decentralized.

Thus, decentralization is crucial for U.S. regulatory compliance.


(Variant Fund, Sufficient Decentralization, A Playbook for web3 Builders and Lawyers)

3. Compliance Guidelines for Token Issuance

3.1 The degree of centralization determines the size of a project’s compliance risk. Despite decentralization providing compliance space for projects, the SEC released an updated “Framework for Digital Assets” in April 2019 and continues to expand its jurisdiction over crypto assets through regulation by enforcement, as seen in cases involving Coinbase, Binance, Ripple, and Uniswap.

To mitigate SEC-related troubles, Web3 projects must operate within the guidance provided by the SEC to create more compliance space. Similarly, in any jurisdiction, Web3 projects need legal opinions from law firms before conducting Initial Exchange Offerings (IEOs) to avoid being classified as securities by local securities laws.

Thus, the compliance risk a project faces depends on its level of decentralization. Fully decentralized assets like Bitcoin are the only cryptographic assets exempt from SEC regulation, while Ethereum’s decentralization is still under scrutiny. According to Miles Jennings, the head of policy, legal, and compliance at a16z, decentralization is the only path for projects to eliminate risks addressed by securities laws. It serves as the North Star guiding project, as other strategies are merely temporary measures.

However, achieving full decentralization may take time, and most Web3 projects undergo a gradual decentralization process.

3.2 Exclude any U.S. Factors

Since most projects lack full decentralization during token issuance, there is a theoretical possibility of their tokens being classified as securities by the SEC. To avoid U.S. regulation, particularly by the SEC, projects must exclude any U.S. factors, ensuring U.S. regulators have no jurisdiction.

This exclusion approach also applies to Chinese jurisdictions. Thus, until compliance capabilities improve, projects should avoid U.S. factors, such as U.S. public participation or U.S. investors, during fundraising stages, token generation events (TGEs), or secondary market trading.

Feasible approaches include:

A. Early Airdrop Incentive Stage: Geo-blocking or VPN blocking U.S. users from participating in airdrops, token incentives, and most importantly, token sales.

B. Private Sale Stage: If tokens are privately issued to U.S. investors or employees, projects can still operate under SEC Regulation S exemptions.

C. Public Offering Listing Trading: Issuing tokens through entities outside the U.S. and opting out of IEO listings on U.S.-based cryptocurrency exchanges like Coinbase, Gemini, and Kraken.

In practice, most offshore foundations (e.g., Cayman, BVI, Singapore) become the issuing entities, governance rights are decentralized among non-profit foundations, and there are no shareholders, conflicts of interest, or profit motives. Essentially, if a project does not offer its tokens to Americans, even if it’s not fully decentralized, the risk of SEC enforcement is significantly reduced. Thus, projects should avoid any token sales targeting U.S. factors for fundraising purposes.

3.3 Operational Restrictions

While the strategies mentioned above can mitigate regulatory issues to some extent (e.g., excluding U.S. factors), Web3 projects face additional restrictions due to their global market focus and online operations. Hence, they must adhere to certain limitations in daily operations, especially when discussing token values (e.g., on social channels like Discord, Twitter, Telegram, text, or email), to avoid regulatory traps. These activities include:

  1. Protocol Development

  2. Business Expansion

  3. Marketing Curation

  4. Intellectual Property

  5. Governance Decisions

3.3.1 Decentralized Transition of Project Identities

(Variant Fund, Sufficient Decentralization, A Playbook for web3 Builders and Lawyers)

Before and after token issuance, Web3 projects entering the decentralization phase should avoid several scenarios:

A. Before initiating public sales, discussions or references to the token’s value, including potential airdrops, token allocation, or token economics, should be avoided. This includes instances where the SEC halted Telegram’s token issuance.

B. Discussions about token price or potential appreciation expectations should be avoided at all times, refraining from presenting the token as an investment opportunity. This includes mentioning any mechanisms, such as token “burning,” aimed at token price targets or stability, and commitments to continue funding project development and success with private capital.

C. After token issuance, when the project enters the decentralization phase, the positioning of the founding or management team (including founders, development companies, foundations, and DAOs) should be clarified.

Web3 projects should use “initial development team” instead of the former “core development team” or “primary development team,” and “core contributors/contributors” instead of individual company titles. Members of foundations and DAOs should define themselves as non-profit contributors fostering protocol/DApp/DAO development.

At this point, Web3 projects are prone to centralized language, even if they are extremely decentralized. This occurs when they’re accustomed to discussing achievements, milestones, and other releases in the first person. Pitfalls in self-positioning include:

  • Avoid implying ownership or control of the protocol/DApp/DAO (e.g., “As the CEO of the protocol…,” “Today, we opened feature X of the protocol…”).
  • Refrain from committing or guaranteeing ongoing work on the protocol/DApp/DAO and avoid overstating the importance of ongoing work to the ecosystem.
  • Avoid emphasizing efforts to promote or achieve greater decentralization.
  • Provide separate speaking rights for the project’s DAO or foundation to avoid confusion. A better approach is to differentiate between the project’s development company Labs and subsequent foundation Foundation (e.g., Ondo Finance’s official account vs. Ondo Foundation, Uniswap Labs vs. Uniswap DAO) or directly separate them from the protocol’s name.
  • Ultimately, all communications should reflect the principle of decentralization, especially in public forums. Communication should be open and aimed at preventing significant information asymmetry among individuals or groups.

The transition of identities is particularly important, as words can have consequences, and it’s crucial to understand that you’re no longer the powerful CEO.

3.3.2 Public Information Channels

In addition to the matters Web3 projects need to pay attention to in their daily operations, they should also disclose project progress and operations to the public as much as possible, which is precisely what the SEC requires in terms of disclosure. For example, simple and practical public communication methods, such as public Notion pages, Discord channels, governance proposal voting forums, weekly summary meetings, etc., are needed.

In decentralized crypto networks, where project code is open-source, the key to success for decentralized projects lies in execution, not in holding “secrets.” Keeping “confidential information” undisclosed would be unfair to investors and could exacerbate the security attributes of tokens.

3.3.3 Token Lock-Up Period

Additionally, Miles Jennings mentioned the need to extend token lock-up periods consistently, at least for one year from the date of token issuance. The lack of a one-year lock-up period has been successfully exploited by the SEC, literally preventing Web3 projects from token issuance. This approach can help mitigate the aforementioned legal compliance risks, reduce downward pressure on token prices due to token dumps, and demonstrate confidence in the project’s long-term viability.

Once decentralized, neither individuals nor companies are spokespersons for the project. The project’s ecosystem is its own, independent, and unique ecosystem.

4. Examples of Decentralized Projects

However, it’s challenging to establish a standard defining complete decentralization in the market. Nonetheless, we can still draw guidance from the decentralized paths of some relatively compliant projects in Europe and the United States.

Uniswap, as the most successful decentralized exchange, has a growth trajectory worth emulating, especially considering its involvement in the sensitive cryptocurrency trading business amidst the opaque regulatory landscape of the United States. Additionally, compliance for Fintech companies is of utmost importance.

We have outlined the compliance path of Uniswap Labs after separating from the protocol. This path provides a regulatory-friendly decentralized model for Web3 projects. The purpose of such separation is twofold: on one hand, it facilitates progressive decentralization, and on the other hand, it allows for more leeway in regulatory compliance.

A. Decentralized Non-Security Tokens

The Uniswap protocol operates autonomously on-chain, governed by the Uniswap DAO, achieving decentralization. The governance token UNI serves as its governance token. This model avoids the SEC’s securities classification and has led to favorable court rulings.

B. DAO Legal Structure with Limited Liability

Uniswap DAO establishes the Uniswap Foundation as a legal entity, serving as the legal wrapper for the DAO. This not only ensures limited liability for DAO members but also facilitates interaction with the Web2 world, expanding its influence.

C. Independent Operations of Labs for Flexible Front-end Development

The Uniswap Labs team, previously responsible for developing and maintaining the protocol, operates as a separate legal entity. It transitions to being the primary contributors to the protocol, freeing itself from protocol constraints. Additionally, it can construct and maintain front-end products by calling backend protocols, ensuring sustainability, as seen in the previous introduction of a fee model for the Uniswap DApp.

D. Regulatory Application Rather Than Protocol

Following a16z’s regulatory principles, decentralized on-chain protocols are merely code and are challenging to regulate. However, front-end applications developed by Labs can fully comply with regulatory requirements. This enables the team and the product itself to mitigate potential regulatory risks. Similar to any app, front-end applications can incorporate KYC/AML/CTF verification as per regulatory demands, delist tokens flagged by regulators, and apply for licensing qualifications.

Although on April 10, 2024, Uniswap Labs received a Wells Notice from the SEC, informing them of potential regulatory enforcement actions, it primarily pertains to the nature of its cryptocurrency trading business rather than non-compliance with the decentralized legal structure.

5. Regulatory Obstacles in Chinese Jurisdictions

The compliance strategies outlined above are a summary of the experiences of some top projects, especially those operating in jurisdictions relatively open to cryptocurrencies like the United States. However, in jurisdictions like China, where all cryptocurrency activities are prohibited, token issuance inevitably comes with significant risks.

In essence, the nature of regulation in both jurisdictions is similar. Imagine operating in a gray area where a project earns shining profits through ambiguous means, only to be noticed by authorities with enforcement powers. The United States prioritizes the rule of law and would likely employ legal means to address such situations, while China’s more stringent approach reflects a zero-tolerance stance.

Therefore, it’s crucial to avoid any actions that could potentially attract enforcement attention in either jurisdiction.

Web3 Practitioners’ Guide to Conscience and Legal Compliance—Be sure to protect yourself outside

5.1 Criminal Risks in Token Issuance Processes

It is well-known that decentralization is a prominent feature of the Web3 industry. However, the entities operating behind decentralized projects and the ultimate controllers of on-chain addresses are always individuals subject to legal regulation and constraints. Therefore, project teams must strive to avoid crossing legal red lines in token issuance processes. During token fundraising, project teams often attract users by offering high returns. They promote projects through public channels like Twitter and Telegram and collaborate with ground teams offline to attract indiscriminate crowds for project promotion. This fundraising model easily constitutes the crime of illegal absorption of public deposits.

Web3 project founding teams may amass enormous assets through token issuance in a short period. Due to a lack of necessary regulation and transparent financial management, undisclosed fund handling can lead to misuse of funds by project parties. For instance, core team members may use raised funds for personal purposes, such as purchasing luxury items or engaging in speculative trading, ultimately resulting in misappropriation of funds intended for ecosystem development, thereby constituting the crime of fundraising fraud.

In addition to the above, during the promotion and marketing process of tokens, collaborations with ground teams and Key Opinion Leaders (KOLs) to promote the purchase of project hardware devices or cloud computing power, with rewards for user referrals and hierarchical commissions, can easily constitute the crime of organizing and leading pyramid schemes.

Reference: Examining the Criminal Risks Possibly Encountered by Token Issuing Projects Through the “Xirtam Incident”

5.2 Beware of Opportunistic Law Enforcement’s Harm to Web3 Projects

Currently, in some remote areas, local government financial pressures are immense. As a result, there is serious opportunistic law enforcement towards Web3 projects. Technology companies collaborate with public security agencies to identify and investigate core members of domestic projects, such as project executives and those with access to private keys. They forcibly transfer the tokens or other cryptocurrencies held by the individuals involved to addresses controlled by law enforcement agencies for disposal and liquidation.

Normally, confiscated income should be remitted to the national treasury. However, in judicial practice, a minority of local financial authorities allocate a portion or all of the confiscated income as case handling expenses, returning it to the law enforcement agencies. This poses a threat to the business model of Web3 projects.

During such law enforcement activities, investigations into core project members by regulatory authorities on grounds of involvement in cases will inevitably cause panic and insecurity among project community members. Furthermore, the disposal and liquidation of project tokens in the secondary market by law enforcement agencies can lead to drastic fluctuations in token prices. Following investigations by law enforcement agencies, regardless of whether the project is ultimately found to have engaged in illegal activities, it will be difficult for the project to continue operating. Ultimately, developers, loyal users, and investors in the community will bear the brunt of these consequences.

Therefore, for Web3 projects, in the face of the potential harm caused to investors and ecosystem participants by opportunistic law enforcement, it is necessary to arrange for core project members responsible for products and technology, as well as multi-signatory managers of project addresses, to operate overseas. Employing multi-signature management for project financial addresses can mitigate single-point risks and ensure the security of user assets.

6. Writing at the End

The framework provided above offers a preliminary compliance approach for Web3 projects to issue tokens. However, different projects will have varying compliance requirements to consider, such as data compliance for DePIN and DeAI projects, financial compliance for RWA and payment projects, and so on. It’s important to consult your own legal counsel before finalizing any project plans. Remember, “Not Your Lawyer, Do Your Own Research.”

This framework aims to help Web3 projects explore token economics, and ecosystem development, and drive decentralization with confidence, without assuming undue risks associated with token ownership. However, not all projects will fit this framework perfectly. Achieving decentralization takes time, and compliance efforts come with their own costs. Project teams must carefully craft their strategies for decentralized operations.

Statement:

  1. This article is reproduced from [Web3小律], the copyright belongs to the original author [Will 阿望&Chris 初焱], if you have any objection to the reprint, please contact Gate Learn Team, the team will handle it as soon as possible according to relevant procedures.

  2. Disclaimer: The views and opinions expressed in this article represent only the author’s personal views and do not constitute any investment advice.

  3. Other language versions of the article are translated by the Gate Learn team and are not mentioned in Gate.io), the translated article may not be reproduced, distributed or plagiarized.

Start Now
Sign up and get a
$100
Voucher!