Regulation by Selective Enforcement: The SEC and Initial Coin Offerings

James J. Park is Professor of Law and Howard H. Park is a JD Candidate at the UCLA School of Law. This post is based on their recent paper, forthcoming in the Washington Journal of Law and Policy.

Critics of the SEC have claimed that at times it has engaged in “Regulation by Enforcement,” where it makes law through enforcement actions rather than by developing and passing clear rules. This argument has periodically surfaced with respect to some of the most important issues addressed by the SEC over the decades—insider trading, questionable foreign payments by public companies, and securities fraud.

The SEC has recently been faced with a new challenge, the sudden explosion of initial coin offerings (ICOs), which have raised billions of dollars through the sale of digital tokens. Over the last several years, promoters have routinely distributed investments to investors through ICOs without filing the registration statements typically required for the sale of securities to the public. Blockchain technology facilitated the ability of entrepreneurs to easily sell tokens to numerous investors, who receive a secure digital record of their purchase.

Even when a token is clearly an investment, the SEC only has jurisdiction to regulate it if it is a security. Before ICOs, the definition of a security was periodically defined on a case-by-case basis in litigation involving investments backed by unusual assets such as pay phones or chinchillas. In these cases, courts typically ask whether an investment is a security under the Supreme Court’s Howey test. If it is an investment contract under that doctrine, it is a security subject to SEC disclosure and anti-fraud requirements. If it is not, securities law does not provide the SEC a basis for regulating the transaction.

In addressing when an ICO sells a security, the SEC had little choice but to proceed through Regulation by Enforcement. The Howey test is deliberately vague and reflects the broad definition of “security” passed by Congress. There is no simple rule or formula that can easily resolve close cases. On the other hand, aggressively penalizing the pioneers developing the latest transformative technology would risk sparking criticism that SEC regulation squelches valuable entrepreneurship.

The SEC thus proceeded through what this article calls “Regulation by Selective Enforcement.” Rather than bringing many enforcement cases seeking penalties (as it could have, given the sheer number of noncompliant ICOs), the SEC has brought only a handful of carefully chosen significant actions. The SEC initially did not seek sanctions in ICO cases, giving the industry time to adjust, and perhaps increasing the chance that early cases would settle rather than be litigated over a lengthy period. Over time, the SEC built a foundation of legal guidance applying Howey to specific cases with little court intervention.

Regulation by Selective Enforcement was possible in part because the SEC is not the only enforcer of the securities laws. Private parties, for example, have powerful remedies when they purchase an unregistered token that turns out to be a security. They have the right to rescind the transaction under Section 12 of the Securities Act of 1933 if it does not fall within an exemption to the registration requirement. Because security purchasers can enforce the securities laws, the SEC can devote its limited enforcement resources to the most important cases while allowing most investors to exercise self-help. In addition, state securities regulators independently brought many cases targeting ICOs, protecting investors without the resources to bring a suit.

The SEC’s Regulation by Selective Enforcement strategy has been successful in establishing the agency’s authority over ICOs—and has done so with limited involvement of the courts. The SEC has moved decisively with these cases, considering their complexity and its reputation for taking years to resolve enforcement matters. At the same time, it has been thoughtful in applying the law to a new setting. The SEC’s various enforcement releases have effectively communicated basic parameters to the industry with respect to when ICO tokens are securities.

On the other hand, a danger of Regulation by Selective Enforcement is that it can create the illusion that the major legal issues have been resolved, when there is still a great deal of uncertainty as to when a token is a security. The SEC’s settlement releases only represent the agency’s view that a particular token was a security. Some of the SEC’s most important ICO cases have turned on fine distinctions. Slightly different facts could merit different results. Yet the SEC has acted at times as if the issue of when a token is a security has been so clearly resolved that subsequent violations deserve significant sanction. Such a position is troubling.

Another danger is that by only bringing cases against more recent ICOs, the SEC risks conferring monopoly power to early movers. The ICO of Ether, the token associated with the Ethereum smart contracts platform, at least initially was the sale of a security, but the SEC has taken the position that Ether is no longer a security. Ethereum thus has a significant advantage over newer smart contract platforms that will have to comply with SEC regulation.

The challenge of responding to ICOs illustrates the difficulty of regulating innovation. For the most part, the SEC has effectively applied old legal standards to a new problem. Though it should be congratulated for its work, the SEC should not assume that its Regulation by Selective Enforcement program has completely resolved the legal issue of when a token is a security.

The complete paper is available for download here.

Both comments and trackbacks are currently closed.