Overview of the ICO Legal Landscape
What is an ICO?
ICO stands for Initial Coin Offering, aka ’’token sale’’ or a ’’token launch’’, and it is a new way of financing used by blockchain startups to raise funds for their business. For instance, if a project initiator wants to raise money through ICO, that would issue a certain number of a token or a coin, and sell a certain of the whole supply to the investors in order for them to receive Bitcoin, Ethereum or other.
In comparison to equity or venture investment, ICO has certain advantages. ICO makes possible for the companies to collect a lot of money in the beginning stages of the project in a short period of time, and it goes around certain obstacles that occur in traditional fundraising. It is also open to general public, meaning that anyone around the globe can be a part of the token sale without being subject to the ’’accredited investor’’ or ’’sophisticated investor’’ requirement.
ICO enables companies to raise money for their projects by selling the token or coin sale to IPO, which stands for Initial Public Offering. IPO is a process by which the stocks of a private company is offered to the public.
Coin vs. Token
A lot of people who are newbies to the cryptocurrency world may have a hard time distinguishing the token from a coin. And even though they are quite similar, they are two different things. A Coin is a unit of value operating on a blockchain that has its own protocol. For instance, Bitcoin has an independent blockchain where all of the Bitcoin transactions can be recorded. The functionality of a coin has its limits. The coin can be used only for dominating value for exchange of goods or services within its own blockchain. Token, on the other hand, is hosted on top of an existing blockchain that has a certain rules commanding the token functionality. So anyone that comes across the platform for the first time can create a new token without any heavy lifting. For example, in order for you to issue a new token on Bitcoin, you should just download the wallet and adjust a few elements, such as the supply, the token name, and the token symbol. The use of tokens is much wider than the use of coins, as tokens represent assets like products and rights.
But the thing to be on the lookout for is that not all coins and tokens carry the elements and functions of actual money. Even Bitcoin, which is a first decentralized digital currency, can’t be used as a money substitution everywhere due to its price fluctuation and the unpredictability.
Best Countries for ICOs from a Legal Standpoint
ICO is becoming more and more popular due to the fact that it provides an easier access to investor’s funds for entrepreneurs who had difficulty launching their businesses through traditional fundraisings, like IPO.
And of course, as it is the case with any easy access, there is room for fraudulent activity, so it does not come as a surprise that people, and also countries have mixed opinions when it comes to embracing the ICO.
In this article, we countdown the most favorable countries for ICOs.
The U.S. is a very important participant when it comes to cryptocurrency and blockchain, having the most projects from the last 18 months, which adds up to 16% of all global ICO projects.
But the U.S. is struggling with ICOs because of its SEC’s definition of what a newly created cryptocurrency might be classified as.
The SEC released that DAO tokens that were issued in 2016 were securities. This put a great number of ICO projects as securities and left them under the inspection of the regulator.
However, this does not leave the U.S. left out of the ICO and blockchain world, but it has simply made it a little harder to flourish in it, mainly because the state and federal law have divided.
As being known as one of the most ’’stable’’ countries when it comes to the economy in the world, Switzerland is the second most favorable country for initiating ICOs. It had 9 successful ICOs, which makes up 16,9%.
Johann Gevers, the founder of Monetas, created Crypto Valley, which was modeled after Silicone Valley, in order to make it a global center for any crypto technology. What this ensured was interactions with various stakeholders, and attracted some great startups, while providing a support in their operations by cultivating this ecosystem which contained expert service providers.
All of this was the beginning of the Crypto Valley Association:
“An independent, government-supported association established to take full advantage of Switzerland’s strengths to build the world’s leading blockchain and cryptographic technologies ecosystem”
And even though this British Overseas Territory isn’t even a country, its ground sure do make a certain ’’crypto heaven’’, making it our number 3 in the countdown. The Cayman’s have a stable and legal platform, like Switzerland, and it is home to many offshore companies. Many of those companies represent institutional clients that would rather have vigorous regulations than operating in a vaguely regulated environment.
These strong regulations and legal ethics make The Cayman’s one of the most desirable and trustworthy places in the world to cultivate ICO.
And even though there is a case of ambivalence in its crypto ecosystem, it seems that the authorities are just taking their time for making sure that the supervision for all the blockchain founders is properly set instead of them trying to postpone the implementation of structure in an effort to attract a lot of entrepreneurs.
However, those with really well-structured roadmaps will be the ones with the most success because of The Cayman’s strong regulations and legal ethics, not in spite of them.
These are the countries to stay away from with your ICO
Bitcoin represents the world’s first cryptocurrency, and also the first apolitical type of money ever. Its nodes are distributed across the globe, but however, it is still forbidden in 107 of 251 countries or regions. Analyzing it a little closer, a great deal of these countries are Muslim, and since it goes against their religion, these countries banned Bitcoin.
For instance, Bangladesh has the only known case where the authorities have hunted down individuals for the use of Bitcoin. Basically, Bitcoin being illegal in most of these countries is just a formality.
However, all evidence points to Bitcoin being used almost everywhere.
But whether the countries are Muslim or not, the nations’ central banks just don’t want any competition.
“In Macedonia, the legal means for payment in cash and non-cash payment operations is the denar,” said Governor of the National Bank of Macedonia, Dimitar Bogov.
Use of altcoins as payment in Macedonia may incur imprisonment, instead of the customary fines.
What these countries should realize is that these efforts and policies are in vain. And even though it can be restricted, it isn’t possible to fully shut down Bitcoin. Since internet technology will always be one step ahead of the government.
Also, Bitcoin is not as ’’set in stone’’ as regular money is, as it is constantly evolving and changing. So creating new obstacles for Bitcoin, only makes the Bitcoin better adapt in avoiding them.
So let’s look at this: the first countries who accepted the Internet became a great support for companies such as Microsoft, Apple, Facebook, etc… And on the other hand, the countries that haven’t welcomed the Internet have been trying to catch up ever since.
So banning Bitcoin in these countries with the not-so-great economy, is just handicapping them in the future. Poor countries like Bangladesh and Afghanistan are just hurting their own economy even more by banning Bitcoin.
However, wealthy nations like Switzerland, Singapore, and Japan are already sailing with the cryptocurrency ship. They are even making themselves places for ’’cryptocurrency heaven’’ in order to attract more and more blockchain companies.
In conclusion, Bitcoin is responsible for bringing innovation, an influx of capital that results in more tax revenue, and bringing a better standard of living. So, like the Internet before, mankind can’t ban innovation. It always had, and will always have a mind of its own, so banning Bitcoin just makes its wings spread out a little slower, but it can’t stop it from flying altogether.
ICOs are banned for all businesses and individuals by order of the People’s Bank of China. Chinese ICOs that have completed their funding cycles have been requested to refund any altcoins raised. The PBoC has indicated it will investigate any company or individual found to be in violation of its ruling. The trading of altcoins is also being targeted. Officially, individuals are still allowed to hold altcoins.
Altcoins are currently banned in Ecuador. This is because Ecuador is developing a national altcoin that would hopefully take the nation off of dependency on the American dollar.
In direct response to India ’s position, the State Bank of Pakistan banned altcoins to all organizations and institutions. However, the ban will not be enforced judicially.
Algeria banned the use of virtual currencies on December 28, 2017. Per Algerian Law, “The purchase, sale, use, and holding of so-called virtual currency are prohibited. Virtual currency is that used by internet users via the web. It is characterized by the absence of physical support such as coins, notes, payments by cheque or credit card. Any breach of this provision is punishable in accordance with the laws and regulations in force.”
Bitcoin has been introduced to the country as a payment conduit. In November 2017, the government warned that the use of altcoins violates exchange rules for the Office des Changes and that the use of such devices could be used for illicit purposes.
Crypto Regulations Worldwide - May 2018.
This report is focused on cryptocurrency regulation imposed by international governmental agencies as it stands in May 2018, at press time.
Since the USA is the key player in the cryptocurrency world, any changes that it might bring has a huge effect on the rest of the crypto world.
But as it stands, for now, no country has yet founded some ’’set in stone’’ laws and regulations, as they vary. And this depends whether tokens are considered a utility or a security. This, of course, makes the difference whether investors should participate in the token sale or not.
And what about foreign policy? President Donald Trump surprised everyone when he called for a ban on all stateside purchases of the new Venezuelan cryptocurrency ‘Petro’. But not even this statement can rain on the industry’s parade, as the US Congress decided to include the cryptocurrencies in its Annual Economic Report.
When China decided to ban cryptocurrencies back in September 2017, the crypto world was in the state of shock. The industry was worried that the ban would have a harmful effect globally, but the market held its own nevertheless.
And against all odds, the blockchain technology remains quite popular in China. So would that implement that China is having second thoughts on the ban? There is no certain answer to this question, so we will just have to stay tuned.
The question on everyone’s mind is whether the Japanese government will finally welcome and legalize ICOs. And having in mind that the cryptocurrencies are gaining more and more popularity in Japan, it looks like Japan is ready for innovation. In the terms of tokenization, of course.
Southe Korea can’t make up its mind as it went from favorable legalization in the summer to more rigid regulations by Christmas. And everybody’s been holding their breath for what’s in store.
Fair Trade Commission of South Korea has a new mission: to prevent as much fraudulent behavior as possible. And right after US and Japan in trading numbers, South Korea has a great influence on the crypto market, so when it comes to regulation, we should keep an eye on it.
The EU has been looking into bringing certain measures for regulating the crypto market, and Bitcoin has a fair chance to be legitimized. EUs jurisdiction is requiring that cryptocurrency goes through the same KYC process as all the banks do.
We should keep in mind, that the EU has forbidden Estonia to make their own cryptocurrency, in 2017, and that a few EU states have imposed more rigid supervision of crypto derivatives. No one can tell with great precision where the EU will go when it comes to further legislation, but different countries from the EU are having their opinions regarding the crypto-regulation.
The announcement of a UK Cryptocurrency Task Force disclosed that the Bank of England is taking cryptocurrency a bit more seriously than before, as it looked that the regulatory body will collapse. The Minister for Finance stated that he wishes to fight any signs of anarchy and illegal activities.
The volumes of crypto trading in India dropped down, due to ever-increasing crack down on exchanges. There were two exchanges that stopped working before these strong measures were enforced.
And the biggest shock that followed was when India’s Central Bank, RBI, announced that they will no longer provide services to anyone that has anything to do with the crypto world. But a lot of people are not taking this without a fight, as traders are dealing with this through means like the crypto-to-crypto trade.
For a while now, the cryptocurrency in Australia hasn’t undergone a rigid regulation, but with the on-growing popularity of crypto-trading, AUSTRAC is updating their AML laws in order for digital currencies to be taken more seriously.
Tha newest Aussie regulations indicate far more rigid norms for exchanges that operate in the crypto world.
Turkey has been against Bitcoin initially, in February this year Turkey’s Deputy Prime Minister Mehmet Simsek stated that they will be launching their own currency. And even though cryptocurrency is legal in Turkey, there will be
a need for a more precise legal framework in the future.
And even though crypto regulations in South Africa are pretty vague, taxation laws apply. There is a definite need for more regulation of crypto, but at this moment the South African Reserve Bank whitepaper from 2014 still apply. A self-regulatory organization has been initiated by the SARB, so this means that the South Africa may start using the distributed ledger technologies in their banks some time soon.
From May 2018 to now, there is no precise way to predict in which way these regulations will go, on a national or global level. There is no one perfect way in which the regulatory body will operate, in the sense that it benefits all the countries alltoghether. There isn’t only one answer, all of the countries are still figuring out which regulatory law works the best for them.
International governments are still trying to tackle the full potential that the blockchain technology brings. Currently, the biggest question is whether those regulations could be handled on a national scale, or should it be expanded to a global level?
Complete list of ICO Lawyers
How to Legally Launch an ICO in the United States
With almost $2 billion raised around the world just this year, ICOs are changing the game for capital raised by startups. The problem with startups is that the SEC cleared that in some instances, ICOs are considered as securities, that need to be in order with the SEC rules, and unless they pass the Howey Test, they will be considered as such. But only a handful of ICOs actually passes it.
So the question on everyone’s mind is whether you can create an ICO that complies with U.S. SEC rules? This is possible, but you will need to use Regulation A+ for that.
Regulation A+ is a good partner for ICO’s:
- Reg A+ allows investors worldwide to participate – providing very democratic access to capital.
- ICOs use a White Paper to describe their offering. On the other hand, the Reg A+ uses the Offering Circular, which is far more specific and detailed.
- Reg A+ allows capital raises of up to $50 million per year, enough to cover the needs of many ICOs.
- Broad marketing to investors is allowed in Reg A+, which suits ICOs.
- Reg A+ requires AML checks for all investors as part of the validation of investors and background checks on the principals of offering companies.
- Reg A+ allows offering companies to test-market their offering in an informal manner called “testing the waters.” ICOs can use this process to gauge interest, and while it is not a replacement for the “pre-invest with discount” phase that ICOs use, there is enough potential here to make it worth considering.
- Reg A+ provides for liquidity for resale of investments purchased by the Reg A+ investors, just as ICOs do. Note that there are restrictions here for Reg A+ that I will explain later.
- The ways in which a Reg A+ offering is put together matter greatly in generating a successful outcome and many of the success factors are similar to those for ICOs.
All in all, Regulation A+ paves the way for an ICO to be compliant with the SEC rules, and in addition to that, it allows the ICO to provide many ods the engaging aspects that made it so popular in the first place.
But the proper use of Smart Contacts and the Token Software is crucial. These two elements need to be programmed in the manner which allows the tokens to automatically limit themselves to transactions that cling onto specifics, which are defined in their certain Reg A+ offering.
The majority of Reg A+ offerings are created using Tier 2, which is reporting obligations post offering of profit or loss, and reporting of revenue on a six-month basis, with an audit which happens every year. Great alterations to the business must be reported as well. These obligations are a downside of Reg A+ Tier 2.
Tier 1 has a limit of $20 million a year, and therefore the reporting obligations are less complex. Material changes to the business should and must be reported and there is no annual audit required.
But the thing to be on the lookout for, and the common mistakes entrepreneurs are making these days are:
- Denial about their ICO being a securities offering, despite the SEC ruling. One of the first mistakes that the entrepreneurs are making is believing that if they are launching an ICO with a tradeable token, the rules from the security laws don’t apply to them.
- Hoping to retrofit a Reg A+ offering to an ICO that’s going live to investors in a few week’s time. This is impossible, as the process of filling to have a Reg A+ takes at least two months and even more.
- Strap-on tokens. A company that isn’t, by its nature, an ICO, will not become it, by simply adding a token. The token must add real value and it must potentially make the network grow. So, a company that is not an ICO, will not attract investors due to the fact that its token is irrelevant and it doesn’t have strong effects on the network growth.
ICO Compliance Checklist - the Basics
The General Data Protection Regulation (GDPR) applies from 25 May 2018 across all European Union markets. And even though the U.K wants to leave the EU, this applies to it as well. Even if your business is not in the EU, you should comply to the regulation of the EU if you are collecting, using, or sharing any personal data of the EU citizens.
These points are focusing on the necessary steps your business needs to take in order for it to be compliant with the GDPR.
Carry out an information audit
An information audit helps you find the elements that are potential compliance problems under the GDPR. What matters is to know what data you are collecting, storing or processing and to determine:
- why you are processing it
- how did you get it
- what is the purpose of processing
- how long do you plan to keep it
- how secure is it
- who you share it with, or might share it with, and how
Determine the legal basis for processing personal data
The first step for your processing to be lawful under the GDPR is identifying a legal basis before processing personal data. Legal basis is usually categorized as ’’conditions for processing’’, but under the GDPR, it should be carrying greater practical implications, because of their effect on individuals’ rights.
There is six legal basis for processing data under the GDPR, including:
- consent of the individual
- contractual necessity
- compliance with legal obligations
- vital interests of the data subjects
- public interest
- legitimate interests
Review your use of consent
The GDPR has references to both ‘consent’ and ‘explicit consent’. Both forms of consent under GDPR have to be:
- freely given
- an unambiguous indication of the individual’s wishes
Privacy notices and policies
The privacy information must be clear. Your policies should be obvious to everyone and easy to get to. Your privacy notices should contain:
- the legal basis for processing the data
- data retention periods
- rights of individuals to complain about the manner in which you handle their data
- whether data will be subject to automated decision-making
Under the GDPR, there are more rights for individuals. Your procedures and systems should comply with the rights under the GDPR, and they should include:
- subject access right (SAR)
- right to have inaccuracies corrected
- right to have information erased
- right to prevent direct marketing
- right to prevent automated decision-making and profiling
- right to data portability
New rules and timescales for SAR
Rules have changed under the GDPR, and usually, you can’t charge for processing with subject access requests, if you don’t explain that the cost will be immoderate. And since May 2018, that request needs to be responded within a month, instead of the 40 days, as it was previously allowed.
And in addition to this, you might want to ensure extra info to the people who are making those requests, like data retention period and the correction of the incorrect data.
Rules regarding children’s personal data
You should put systems in place which are verifying individuals’ age if you are a company which collects data on children. The most important thing is, you can’t legally collect it, without a parent’s or a guardian’s consent.
Data security breaches
One of the most important roles the GDPR has is to report any breach of data to the ICO. Such breaches could end in discriminatory actions or damage to reputation, or even financial loss, identity theft, etc., and you should immediately notify the ICO, should this be the case.
’’Privacy by design’’ and privacy impact assessments
You should have clear policies in place, in order for you to ensure your meeting of the required data under the GDPR. Monitoring, reviewing and assessing your data processing procedures, as well as minimizing data processing and retention of data, but also building in data protection safeguards, including regular staff training should all be components that will help you meet those standards. In addition to this, the privacy impact assessment will help you identify and lower the privacy risks when it comes to your projects.
The GDPR wants certain organizations to appoint a DPO (Data Protection Officer). Especially those organizations that monitor individuals on a larger scale. The DPO can be designated to a single or multiple companies, depending on their structure and size.