“Security Tokens” – A Developing Concept


“Security Tokens” – A Developing Concept

Part 2 of the “Smartblock Law Guide to Security Tokens, OTC Trades, Prospectus Exemptions, and Registration”

Securities Blog - Part 2.jpg

I. Introduction

A token is simply data, existing in the larger context of a digital ledger.

However, as recently stated by SEC Director William Hinman, the way tokens are sold most often triggers securities laws, because the sale evidences an “investment contract”.

Recent developments in Canada and the U.S. have helped to define the scope of the “investment contract” test in the blockchain context.

This article assumes general knowledge of the “investment contract” test that triggers securities laws. For a general primer on this test, see our previous article, “The Law of ICOs/ITOs: Simplified”.


II. CSA confirmation that substance broadly trumps form

The Canadian regulators have stated that they will broadly consider substance over form when determining whether a token amounts to a security, in the context of distributions and registration requirements (see CSA Staff Notice 46-307; CSA Staff Notice 46-308; Pacific Coast Coin Exchange v. OSC, [1978] 2 SCR 112).

On June 11, 2018, the CSA released its Staff Notice 46-308, which provides numerous helpful examples of when a token is a security under the “investment contract” test in Canada.

We have distilled this notice into the following core principles of security tokens:

  • the objective of investor protection is an important consideration in determining whether a token is a security;

  • a token can be a security notwithstanding its utility. The economic realities of the token offering as a whole will be considered, with a focus on substance over form. Token features, on their own, are not decisive;

  • even freely distributed tokens could be securities, if the overall token distribution is “part of an overall sale of an ancillary or secondary product or service”; and

  • the SAFT (discussed below) will not necessarily result in a token that is not a security.


III. SEC clarification of tokens and “investment contract”

a. Clarity and consequences

Shortly before the CSA released its Staff Notice 46-308 (mentioned above), the SEC’s Chairman Clayton stated that a cryptocurrency operating as a replacement of sovereign currency is not a security.

Soon thereafter, SEC Director William Hinman stated that if a given crypto-asset had become “sufficiently decentralized”, there may no longer be any enterprise receiving investment.

The result is that the crypto-asset would not pass the investment contract test, and would therefore not be a security. Bitcoin and Ethereum were provided as examples of tokens that were no longer securities.

These statements are not law “in the books”, so to speak, and at least one is officially a personal opinion (see W. Hinman’s June 14, 2018 speech at fn 1).

However, given the ranks of the two staff members within the SEC, both statements provide de facto insight into the SEC’s policy direction for blockchain-related activities in otherwise uncertain territory.

For practical purposes, therefore, it makes sense to treat the statements as if they were made on behalf of the SEC as “soft law”.

We expect that the statements will ultimately be expressed in some form as federal law in the U.S., and prompt Canadian regulators to follow suit.

Until then, as a consequence of the persuasive force of the SEC, many blockchain platforms are clearly non-compliant with securities law in Canada right now.

In particular, for cryptocurrency exchanges, custodial wallets, and any other businesses dealing in security tokens, the window to cautiously exploit the legal “grey zone” that previously existed has closed, or is about to close.

As a result, ICOs / ITOs will need to be strategically re-evaluated according to available prospectus exemptions (see Part 4).

Moreover, dealer/advisor registration, and possibly also an application to become an exchange, must now be seriously considered (see Part 5).


b. New questions

Notwithstanding the recently provided clarity, the above SEC statements prompt the following questions:

  1. at what point does a given cryptocurrency “replace” a sovereign currency?

  2. at what point does a given token become “sufficiently decentralized”?

  3. when a token—which originated as a security—replaces a sovereign currency or becomes sufficiently decentralized, do investors lose their rights in securities law?

Numerous cases before the courts of various U.S. jurisdictions may answer these questions before any regulator does.

These cases are expected to address whether particular cryptocurrencies are securities, further to allegations involving the unregistered offer and sale of securities. (See, for example: SEC v. Arisebank et. al., 3-18CV-186; Hodges et. al. v. Monkey Capital et. al, 9-17CV-81370; Coffey et. al v. Ripple Labs Inc. et al, CGC-18-566271; and Vladi Zakinov et. al v. Ripple Labs Inc. et al, 18-CIV-02845.)

If these cases have different results—which is entirely foreseeable—the U.S. Supreme Court may need to provide a more definite test for when a token is a security.



The Simple Agreement for Future Tokens (“SAFT”) envisions that investors purchase the right to own tokens produced on a future date.

At the time of token distribution, the SAFT contemplates that the investors’ security (the SAFT) will convert into a non-security (the token).

The SAFT therefore has two primary features. It is:

  1. a “security contract” designed to secure a prospectus-exempt investment today,

  2. in exchange for the delivery of “non-security tokens” tomorrow.

The conversion of the SAFT from a security, into tokens that are not securities, rests on a feature of the “investment contract” analysis which supposedly changes at the point of conversion.

As covered in our prior article, “The Law of ICOs/ITOs: Simplified”, the investment contract test involves:

  • an investment of money;

  • in a common enterprise;

  • with profits;

  • to come significantly from the efforts of others.

The question of the SAFT’s viability focuses mostly on the last prong of this test.

Assuming the other requirements are met, there is an investment contract when profits “come significantly from the efforts of others”.

Likewise, there is no investment contract when profits do not “come significantly from the efforts of others”.

The important question is therefore: when do profits no longer “come significantly from the efforts of others”?

As argued in the SAFT whitepaper, when a “functional network” exists, the tokens are “consumptive products”.

At this point, profits are considered to come less “significantly from the efforts of others”, and more from market forces.

The last prong of the test, the SAFT whitepaper argues, fails if a functional network exists at the time of token distribution. The tokens are thereby distributed as non-securities.

However, regulators have not accepted this reasoning generally.

The CSA has definitively stated that a SAFT will not, simply by its use, result in a non-security (see CSA Staff Notice 46-308).

The SEC has taken the same position albeit with less strict wording (see W. Hinman’s June 14, 2018 speech at fn 15).

Moreover, the SEC has provided a higher standard than “functional network” for the failure of the last prong of the “investment contract” test. The SEC’s key standard is “sufficient decentralization” of the network.

A blockchain venture is considered to have reached sufficient decentralization when it no longer requires “essential managerial or entrepreneurial efforts”.

The investment contract test is argued to fail at this point, resulting in non-security tokens like Ethereum.

We expect that the first Canadian blockchain case which considers the last prong of the investment contract test will discuss the dissent in Pacific Coast Coin Exchange v. OSC, [1978] 2 S.C.R. 112.

The dissent considered the effect of market forces on the “efforts of others”. It is therefore material to whether the last prong of the investment contract test will fail in the presence of a “functional network”, or the higher standard of “sufficient decentralization”.


V. Further complexities

a. Token classification in general

Even if the “investment contract” test fails for any given token, that token could still be a security in Canada on other grounds.

In the securities legislation of virtually all Canadian provinces and territories, the definition of “security” includes a document that evidences a property right (for example, OSA, s.1(1) “security” (b)).

Depending on the publicity of the ledger and the body of blockchain addresses, a given blockchain could potentially be such a “document” on the basis of the following:


b. Regulatory oversight of the SAFT

In Canada, there is persistent uncertainty as to “whether or not derivatives are ‘securities,’ or should be treated as such, for the purposes of regulation” (see R.A. Libbey, “Getting Our Act Together: …”, (2010) 19 Dal. J.L.S. 30, 2010 CanLIIDocs 38 at 44-45).

On this basis, regulation of the SAFT in Canada is a complex issue ab initio, because the SAFT has characteristics of both a “security” and a “derivative”.

Consider that the SAFT could potentially be a security in Ontario on the basis of:

Alternatively, the SAFT could potentially be a derivative on the basis of being a “forward contract”. (See OSA, s.1(1) “derivative”; OSC Rule 91-504, s.1.1 “OTC derivative” and “forward contract”.)


VI. Conclusion

The question of whether your token is subject to securities laws is fact-specific.

We can help determine if your fundraising operations or business model should be restructured, or tweaked, to minimize the force of applicable Canadian securities regulations.

Further to this end, we invite you to consider our service offering for “ICOs / ITOs and digital asset dealing / advising”.


The saga of “security tokens” continues, with crypto asset guidance recently provided by the FCA (the U.K. securities regulator).

The FCA has divided token use between:

  1. medium of exchange (without being money or legal tender);

  2. securities (i.e. investment); and

  3. utility.

As a preliminary observation, the FCA does not regulate utility tokens except if they are electronically stored "real money" provided on credit, e.g. certain stablecoins.

A token is a security upon meeting criteria similar to that provided by the Ontario Securities Commission in 2018 (inclusive of its comments on airdrops).

Two notable observations:

  1. The SEC's "sufficient decentralization" test is not determinative of whether a token is a security! and

  2. Exchange tokens and utility tokens are not necessarily securities tokens, even when held for speculative investment!

The above is open to consultation feedback until April 5, 2019.


The SEC’s Commissioner Peirce provided some further regulatory clarity in her February 8, 2019 speech, “Regulation: A View from Inside the Machine“.

The following important points were made to set the stage:

  • Tokens can only be securities in the context of the “investment contract” test.

“When the tokens are not being sold as investment contracts, ... they are not securities at all. Tokens sold for use in a functioning network, rather than as investment contracts, fall outside the definition of securities.”

  • She confirmed Director Hinman’s prior articulation of the “sufficient decentralization” test (discussed above).

“...Once ‘a network becomes truly decentralized, the ability to identify an issuer or promoter to make the requisite disclosure becomes less meaningful’ and offers and sales of tokens are no longer subject to the securities laws.”

  • “Utility tokens” can be securities.

“The Division of Corporation Finance ... will look to the nature of a token sale to determine whether a securities offering has occurred, and not just at the qualities of the token itself.”

Thereafter, Commissioner Peirce provided some refreshingly new insights on the SEC’s regulatory approach to ICOs:

  • She lamented negative consequences of the “investment contract” test when applied to legitimate blockchain projects.

After noting that Basis announced a shutdown due to compliance difficulties, she stated: “… my antennae will go up when apparently legitimate projects cannot proceed because our securities laws make them unworkable.”

  • She suggested that blockchain operations can still occur legitimately in an ambiguous regulatory environment.

“Ambiguity [in securities law] is not all bad, of course. We might be able to draw clearer lines once we see more blockchain projects mature. Delay in drawing clear lines may actually allow more freedom for the technology to come into its own.”

  • She acknowledged that ICO-related consumer disclosures may occur organically, without the need for a regulator’s heavy hand.

“[E]ven in the absence of government directives, the informationally advantaged party may not need the government to tell it to make disclosures. The market itself sends this message; disclosure is a way to signal quality, something you want to do when you are trying to convince someone to buy your product. After an initial period of unbridled enthusiasm over ICOs, cooler heads seem to be thinking about ways to assess ICOs—to separate the wheat from the chaff.”

These statements effectively encourage the pairing of technological innovation, with semi-conservative legal prudence.


The U.K. Financial Conduct Authority released its "final guidance" on crypto assets today.

Exchange tokens, which are "primarily used as a means of exchange", are OUTSIDE the regulatory perimeter. (2.2-2.3; Appendix 1, 38-47)

Utility tokens, which "provide ... access to a current or prospective product or service and often grant rights similar to pre-payment vouchers", are also OUTSIDE the regulatory perimeter. (2.21; Appendix 1, 48-50)

However, certain utility tokens can also be "e-money tokens", which are IN the regulatory perimeter. (2.22, 3.11; Appendix 1, 69-74)

One legal issue requiring further guidance is the distinction between "exchange token" and "utility token", which is important if the utility token is also an e-money token. (2.25)

Another persistent issue is whether a given token is a "utility token" or a "security token" (i.e. unregulated vs. regulated). (2.25 response)

For example, the applicable category for a given stablecoin is a case-specific determination. (3.10, 3.12 response; Appendix 1, 51-56, 74)

Note that airdropped tokens can still be securities. (Appendix 2, 6). This position is consistent with the Canadian view re "free tokens" (CSA Staff Notice 46-308), and is potentially consistent with the U.S. view (Tomahawk case [Aug 14, 2018]).


ICOs may soon make a comeback.

Block.One recently settled with the SEC and effectively succeeded with its ICO. The settlement has permitted Block.One's EOS network to fluorish at a significant discount.

Recall that Block.One sold an ERC-20 token during its ICO, which was later swapped for an EOS token when the network went live.

The SEC considered the ERC-20 tokens—which are no longer in circulation—to be securities. Meanwhile, the SEC failed to even mention the EOS tokens, which are still in circulation.

Furthermore, while the ICO raised several billion dollars worth of digital assets globally, the SEC and Block.One settled for a mere $24 million.

The low Block.One settlement, and the SEC’s apparent decision to not disrupt the EOS network, are consistent with the SEC's two no-action letters from earlier this year (Turnkey Jet and PoQ). They signal the SEC's reluctance to discourage innovation, consistent with Commissioner Pierce’s statement on February 8, 2019.

However, the low Block.One settlement also suggests some truth to Commissioner Peirce’s remarks on April 8, 2019, about the SEC developing “secret law” for token sales. Indeed, the settlement outcome is difficult to reconcile with the SEC Chairman’s recent remarks, on September 19, 2019, that Bitcoin is not ready for trading on major exchanges until it is better regulated.

If Bitcoin is unfit for mainstream secondary trading, why was there no mention of the EOS token in the Block.One settlement?

Also, is the SEC now more lenient with respect to SAFTs? Recall that SAFTs purport to sell a right of future ownership over tokens produced in the future, on the assumption that the future tokens will not be subject to securities regulation. The mechanism is similar to the swap of initial Block.One ERC-20 tokens (scrutinized by the SEC), for EOS tokens (ignored by the SEC).

Despite the perpetual legal uncertainty, at least one thing appears to be clear. The Block.One settlement has reopened the door to token sales.


The copyright and disclaimer contained in the footer of the Smartblock Law Professional Corporation website applies to this article.