On November 16, 2017, U.S. Securities and Exchange Commission (SEC) Chairman Jay Clayton announced in a symposium on cybersecurity and financial crimes that the SEC would start taking enforcement action against coin offering issuers who fail to register with the SEC.

As cryptocurrencies, like Bitcoin, have become increasingly popular, startup companies have turned to a method known as an initial coin offering (“ICO”) to raise capital. Law 360 explains, “ICOs are used by the creators of blockchain-based structures to raise funds, usually for projects. . . . Instead of stock, investors receive tokens that can either be traded in the secondary market or used within the blockchain project.” This method closely resembles an initial public offering, but the key difference is that ICOs have largely been able to avoid federal regulations. These offerings have flown under the radar, at least up until now, because the technology is still in its early stages.

This unregulated method of raising capital creates the potential for significant fraud and abuse. As such, the SEC intends to regulate the practice, so much so that the Securities and Exchange Commission decided to form a Cyber Unit earlier this year. According to the SEC, the Cyber Unit will focus on targeting cyber-related misconduct, such as:

  • Market manipulation schemes involving false information spread through electronic and social media;
  • Hacking to obtain material nonpublic information;
  • Violations involving distributed ledger technology and initial coin offerings;
  • Misconduct perpetrated using the dark web;
  • Intrusions into retail brokerage accounts; and
  • Cyber-related threats to trading platforms and other critical market infrastructure

The creation of a Cyber Unit within the SEC is a clear indicator that the SEC will regulate cryptocurrency more heavily. As Chairman Clayton noted, “I think that now we have given the market a sufficient warning where we can move from level-setting the field to enforcing it.”

ICOs are not just in the crosshairs of American regulators, rather European regulators have also raised significant concerns about the practice. In fact, earlier this November, the European Securities and Markets Authority (ESMA) issued a statement warning firms involved in ICOs that they need to “comply with relevant legislation” and that “[a]ny failure to comply with the applicable rules will constitute a breach.”

Given the increasingly burdensome regulatory environment surrounding initial coin offerings and cryptocurrency, startups and other companies utilizing ICOs would be well advised to seek legal counsel so as to comply with all federal laws and or SEC regulations.