close
Latest News

Security and Regulation: Shaping the Uncertain Future of ICOs

ICOs

Intro
By the end of 2017, $4 billion worth of investment capital had been raised by Blockchain start-ups and growth companies through Initial Coin Offerings (ICOs). To put that into context, $4 billion amount to twice the value of the total investment Blockchain projects have attracted from Venture Capital. Given that Blockchain projects have arguably taken poll position ahead of machine learning, AI and big data as the hot tech investment area VCs are hunting for opportunities in, that is quite some achievement.

What is an ICO?
Cryptocurrencies such as Bitcoin are ‘currency’ cryptocurrencies and intended as an alternative to fiat currencies such as pound sterling, euros or the dollar. However, the majority of cryptocurrencies are ‘utility’ cryptocurrencies. They are not intended to be used to pay for general goods or services but only for the use of a particular Blockchain platform. For example, Ethereum, the second largest cryptocurrency by market capitalisation, is a Blockchain platform for the creation of smart contracts and decentralised applications (DApps).

Its native cryptocurrency, ether, is used to pay for the use of the platform, either in creating a smart contract or DApp, or using one built on the Ethereum infrastructure. The value of ether is, therefore, largely based on how many people are using Blockchain applications built on the Ethereum platform.

DApps, built on Ethereum or one of the other Blockchain platforms that offer a similar service, such as NEO, can also issue their own cryptocurrency tokens that users will pay in to subsequently use the application. These are a little like a digital version of the tokens you buy at an amusement arcade and have to spend to play on the pool or air hockey table. In an ICO, the company behind a Blockchain platform, or application built on a platform such as Ethereum, pre-issues these cryptocurrency tokens to investors, usually in exchange for a more established cryptocurrency such as Ethereum or Bitcoin.

The concept is that, like equity issued by a company to raise investment capital, the funds will be reinvested into the Blockchain start-up’s growth. This will lead to an increase in the exchange value of the cryptocurrency tokens issued during the ICO as more people using the DApp or platform will increase demand for the tokens.

An ICO can be defined as somewhere between an IPO and a crowdfunding campaign for Blockchain initiatives. An investor in a traditional IPO receives stock exchange-listed equity in the company, with attached shareholder rights such as voting. In the case of an ICO, however, the investor receives cryptocurrency exchange-listed units, or tokens, of the brand new cryptocurrency attached to the Blockchain project. No ownership stake or other rights come with these tokens. The investor’s upside comes if the Blockchain project proves to be successful and there is, therefore, demand for the attached cryptocurrency units users must pay with to use it.

The similarity to a crowdfunding investment is the fact that, unlike in the case of an IPO, ICO companies are not subject to strict regulatory requirement on the information provided to investors. A company launching an IPO must subject itself to third party auditing of its finances, company operations, board of directors and more. A start-up crowdfunding also presents information on its finances and company structure etc., but there is no reliable third party audit. The onus is on the prospective investors to conduct their own due diligence.

The Danger Lurking in ICOs
It is this lack of regulation around ICOs that has led many financial regulators, watchdogs and governments around the world to issue public warnings on investing in them. The boom in public interest around cryptocurrencies has been described as an investment ‘bubble’, with many financially naïve members of the public investing on a ‘fear of missing out’ principle. This has spilled over into the ICO space, to a large extent explaining the astronomical $4 billion investment figure highlighted at the outset of this article.

The danger around ICOs is threefold. Firstly, many of the members of the public being convinced to invest in ICOs lack the background to be able to make an informed decision on whether there is true value in the Blockchain project or if the valuation placed by the ICO is reasonable. Even companies crowdfunding traditionally are not allowed to market the investment to anyone. Investors must declare themselves sophisticated or high net worth investors and able to appreciate the risk involved in such an investment. They must also be able to tolerate the loss of the invested sum if the start-up is not successful, as most are not. ICOs, taking advantage of a lack of clear regulation around their new format, have been marketing themselves to the general public.

Secondly, some of the ICOs that have been marketed have proven to be outright scams. Millions have been raised through ICOs with those behind them simply disappearing and the Blockchain project never taking place. A slightly less extreme version of this is the lack of regulation meaning part of the funds raised go towards the project and the rest into the pockets of those behind it. Because cryptocurrency units are generally bought and sold largely anonymously, it is very hard to control embezzlement within an ICO.

And thirdly, hackers are targeting ICOs to such an extent that a recent report on the industry by Entrepreneur of the Year organisation, estimated as much as 10% of ICO funds are stolen through hacking attacks. This also often exposes the personal data of investors.

There is no doubt that there are also strengths inherent in ICOs and, under the right circumstances, they can be an efficient way for Blockchain start-ups to raise investment funds. Respected VCs have invested in ICOs, such as that of Filecoin, that both Sequoia Capital and Union Square Ventures, both respected Silicon Valley Venture Capital brands, participated in. However, there is growing awareness that if ICOs are to become an established mechanism to raise investment, and not lose public trust entirely, the Wild West environment they are currently operating in cannot go on.

Government Warnings on ICO Investment
Several international governments and government-controlled financial watchdogs have already independently issued public warnings cautioning against their citizens investing in ICOs. In September of last year (2017), the UK’s FCA issued a statement on ICOs directed both at members of the public and companies issuing ICOs. Risks involved in ICO investments were listed as:

  • Unregulated space
  • No investor protection.
  • Price volatility
  • Potential for fraud
  • Inadequate documentation
  • Early stage projects

The FCA statement further warned ICO issuers that they would face prosecution should it be interpreted that their UK-based activities fall under the remit of the regulatory regime:

“Businesses involved in an ICO should carefully consider if their activities could mean they are arranging, dealing or advising on regulated financial investments. Each promoter needs to consider whether their activities amount to regulated activities under the relevant law. In addition, digital currency exchanges that facilitate the exchange of certain tokens should consider if they need to be authorised by the FCA to be able to deliver their services”.

Comparable warning statements have also been issued in, though not only, the USA, Canada, Russia, Singapore and Hong Kong. Facebook also moved to ban all marketing of ICOs being run via the social media giant’s advertisement platform.

Regulatory Developments
A recent EY (Entrepreneur of the Year) report covering regulation addresses some of the difficulties regulators face in their fledgling approach to how to deal with ICOs, as well as developments that have already taken place.
The two main approaches to date being taken by regulators that have moved to address ICOs have been:

  • An outright ban
  • Regulation in accordance with token nature

China and South Korea are the two countries which have, as of early 2018, brought into force an outright ban on ICOs. Those attempting to regulate ICOs based on the financial regulator’s interpretation of token nature have struggled with defining individual tokens as either property, shares or securities, right to claim or currency.

There have already regularly been discrepancies between how different regulators interpret the same tokens. In the current environment of regulatory flux, some stakeholders in the ICO market have moved to establish their own voluntary rules and regulatory framework. Examples of this approach include the Simple Agreement for Future Tokens (SAFT) in the USA, the Russian Association of Blockchain and Cryptocurrency and the ICO Code of Conduct and ICO Governance Foundation in Switzerland.

These initiatives combine setting standards for ICO transparency, such as subsequent documentation of how funds are spent, with seeking to find ICO structures that are compatible with existing regulatory frameworks.
Security

The security issues surrounding ICOs that lead to the worrying figure of 10% of total funds being lost to hacker attacks are highlighted by the EY report as:

  • Hackers are attracted by the rush, absence of a centralized authority, Blockchain transaction irreversibility and information chaos.
  • Project founders focus on attracting investors and security is often not prioritized.
  • Both projects and investors are exposed to attacks.
  • Phishing is the most widely used hacking tool during an ICO.
  • Loss of reputation for ICOs subject to hacker attacks
  • Investors personal data also compromised in attacks

Proposed measures to combat security issues are: ICOs doing more to ensure cyber security measures are in place to bolster defences against hackers and educating ICO investors on how to avoid phishing and other attacks targeting their personal data.

Conclusion: ICOs Hold Promise if the ‘Wild West’ Can be Cleaned Up

Despite the regulatory and security issues facing the nascent ICO market, it is still believed to hold significant promise if they can be suitably resolved. Switzerland’s financial regulator, the Swiss Financial Market Supervisory Authority (FINMA), has been arguably the most pro-active national regulator in its approach to ICOs. The Central European state has this month (February ’18) issued guidelines on how FINMA intends to approach ICO regulation. A key component to these guidelines is an outline on how ICO tokens will be categorised in term of the financial regulator’s jurisdiction and Money Laundering laws.

Companies behind ICOs suitably demonstrating why their project is inherently suited to Blockchain technology, and therefore an ICO rather an alternative vehicle to raise investment funds, is another future development the EY report highlights as crucial.

It can be expected that other national regulators that don’t intend to take the approach of an outright ban on ICOs will follow FINMA’s lead in coming months. As is the case in IPOs, ICO issuers and the cryptocurrency exchanges tokens are subsequently traded on, meeting statutory regulatory requirements around cyber security is also clearly necessary. If this issue is not tackled it will be of potentially fatal damage to the future of ICOs.

The future success of ICOs as an investment vehicle for Blockchain projects rests upon a combination of regulators reaching a suitable framework to house them over the coming months and years and the ICO industry itself self-regulating on transparency and cyber security standards.

Risk Warning:

Please remember that financial investments may rise or fall and past performance does not guarantee future performance in respect of income or capital growth; you may not get back the amount you invested.

There is no obligation to purchase anything but, if you decide to do so, you are strongly advised to consult a professional adviser before making any investment decisions.

Paul

The author Paul