First SEC Enforcement Action Against Unregistered Digital Token Exchange

Until yesterday, the enforcement actions of the U.S. Securities and Exchange Commission (SEC) in the digital token (aka cryptocurrency) space have primarily focused on the primary issuances of tokens. However, on November 8, 2018, the SEC announced in an order (the “Order”)[1] that it had settled charges against Zachary Coburn, the founder of the digital token exchange EtherDelta, marking the first time that the SEC has brought an enforcement action against an online digital token platform for operating as an unregistered national securities exchange.

Background

According to the Order, EtherDelta operated as an online platform that allowed buyers and sellers to trade ERC-20 tokens[2] — a type of digital token on the Ethereum blockchain frequently used in initial coin offerings (“ICOs”) — in a secondary market. To facilitate this trading, EtherDelta used a combination of (i) an order book, (ii) a website “with a user-friendly interface . . . and resembles online securities trading platforms” that displayed orders (including the token symbol, size, and price), and (iii) a smart contract running on the Ethereum blockchain.[3] During the relevant period, the platform was open to any user with an Ethereum wallet address and holding ERC-20 tokens available for trading on the platform.[4] The platform also facilitated the trading of any ERC-20 token, regardless of the token’s status as a security under federal securities laws.[5]

In July 2017, the SEC issued its landmark DAO Report, in which the SEC warned that “any entity or person engaging in the activities of an exchange must register as a national securities exchange or operate pursuant to an exemption from such registration.”[6] Despite that warning, from July 17, 2016 to December 15, 2017 (when Mr. Coburn ceded control of EtherDelta), more than 3.6 million buy and sell orders were traded on the EtherDelta platform, of which approximately 92% (3.3 million) were traded during the period following the DAO Report.[7]

To resolve the proceeding, Mr. Coburn agreed to pay disgorgement of $300,000 and a fine of $75,000. The Order noted that, in deciding to approve the terms set forth in the Order, the SEC considered both “remedial acts promptly undertaken by [Mr. Coburn]” and “cooperation afforded the Commission staff,” which efforts “facilitated the staff’s investigation involving an emerging technology.”[8]

Key Takeaways from the Order

There are a few key takeaways from the Order:

• First, the SEC found that EtherDelta satisfied the criteria of Exchange Act Rule 3b-16(a) and was not excluded under Rule 3b-16(b).[9] To reach this conclusion, the SEC first determined that at least some of the tokens traded on EtherDelta were securities based on the test outlined in SEC v. W.J. Howey Co.[10] In its analysis, the SEC stated that purchasers of tokens on EtherDelta invested money with a reasonable expectation of profits, including through the increased value of their investments in secondary trading, based on the managerial efforts of others.[11]
• Second, the SEC highlighted that a decentralized platform operating without a central database does not exempt a platform from exchange regulations. While the Order could be read to suggest that launching a smart contract that operates as an exchange is sufficient to fall within the scope of exchange regulations, the SEC did cite in its recitation of the facts that, during the relevant period, Mr. Coburn not only deployed the smart contract, but also exercised sole administrative control over the smart contract and operated a user-friendly, outward-facing interface for transacting through the smart contract, which resembled online securities trading platforms. [12]
• Third, the investigation indicates that, although many digital token exchange platforms have operated since the DAO Report without registration as a national securities exchange or under an exemption from such registration, the SEC is watching blockchain-enabled secondary trading platforms for digital tokens and other digital assets. Companies operating a secondary trading platform for digital assets should consider the various implications of running such a platform. The fact that the SEC has now provided guidance on multiple occasions—first, in the DAO Report and now in the Order—regarding the need to register such platforms as securities exchanges or else qualify for an exemption suggests that operators who continue to operate such platforms in violation of the law will face greater scrutiny and potentially harsher consequences.

Compliance Considerations

For platforms that permit the trading of digital assets, the Order highlights the importance, emphasized prominently in the DAO Report, of operating in compliance with the federal securities laws. One path to compliance for token-trading platforms that wish to continue to provide exchange-like functionality for U.S. persons would be to operate as an alternative trading system (“ATS”). Such platforms would need to, among other things, (i) register as a broker-dealer with the SEC, (ii) become a member of the Financial Industry Regulatory Authority, (iii) notify the SEC of its intention to operate as an ATS at least 20 days before operating, and (iv) maintain compliance with ongoing obligations as an ATS.

In addition to federal securities laws, digital asset exchanges should also comply with the Bank Secrecy Act and state money transmission laws, which prevent money laundering, fraud, and terrorist financing. Finally, such exchanges should also carefully evaluate the need to comply with the Commodity Exchange Act and the Commodity Futures Trading Commission’s regulations.

Conclusion

Prior to today’s settlement, the SEC’s enforcement actions had focused on the primary issuances of digital tokens, largely for fraud in connection with unregistered sales of securities.[13] Today’s settlement paves the way for future enforcement actions against platforms and other marketplaces that facilitate secondary sales of tokens.

[1] See Order Instituting Cease-and-Desist Proceedings Pursuant to Section 21(c) of the Securities Exchange Act of 1934: In the Matter of Zachary Coburn, Release No. 84553 (Nov. 8, 2018), available at https://www.sec.gov/litigation/admin/2018/34-84553.pdf.

[2] As noted in the Order:
“ERC20 refers to a specific Ethereum token issuing protocol, formally adopted by the Ethereum network in September 2017, and used on the Ethereum Blockchain. (ERC stands for Ethereum Request for Comments and 20 is the unique identification used to distinguish this coding standard from other standards.) The ERC20 token standard, created in November 2015, ‘allows any token on Ethereum to be re-used by other applications: from wallets to decentralized exchanges’ and ‘provides basic functionality to transfer tokens, as well as allow tokens to be approved so they can be spent by another on-chain third party.’” (internal citations omitted)

[3] See Order at 3-7.

[4] See id. at 5.

[5] For general background on the treatment of tokens as securities under federal securities laws, see, e.g., Morrison & Foerster Client Alert, Howey Got Here: SEC Issues Guidance on Token Offerings (July 26, 2017), available at https://www.mofo.com/resources/publications/170726-howey-got-here-sec-token-offerings.html.

[6] See Report of Investigation Pursuant to Section 21(a) of the Securities Exchange Act of 1934: The DAO (July 25, 2017), available at https://www.sec.gov/litigation/investreport/34-81207.pdf (the “DAO Report”).

[7] Order at 2.

[8] Id. at 10.

[9] 17 C.F.R. §§ 240.3b-16(a)-(b).

[10] SEC v. W.J. Howey Co., 328 U.S. 293, 301 (1946).

[11] Order at 9.

[12] Id.

[13] See generally U.S. Securities and Exchange Commission, Annual Report: Division of Enforcement (Nov. 2, 2018), available at https://www.sec.gov/files/enforcement-annual-report-2018.pdf, at 7 (noting that the Division has pursued cases involving fraud, failure to comply with the registration requirements of the federal securities laws, and failure to register as a broker-dealer).

A special thanks to corporate associates Mara Goodman, Dylan Naughton, and Lee Nisson for their contributions to this client alert.