On Gary Gensler, and Registration and Disclosure

DISCLAIMER: This article does not, and is not intended to, constitute legal advice. And how could it? It contains little by way of advice. It is merely the author’s own analysis written in his personal capacity and not in his capacity as a lawyer.

Securities and Exchange Commission (SEC) Chair Gary Gensler has recently made a number of public statements, criticizing the crypto industry for failing to adhere to securities laws. This refrain is not new. For a long time, Gensler has argued that the vast majority of tokens are securities; that the SEC has issued sufficient guidance on what qualifies a token as a security; and that enforcement actions will follow those who fall short of strict compliance with existing regulations. In Gensler’s view, nothing about crypto warrants special treatment.

When Gensler speaks about compliance, he is referring to registration and disclosure. At its core, a security is the right to a share of the future profits of a business. Under the 1933 Securities Act, businesses looking to raise money by offering securities for sale must register with the SEC and disclose information about the business, its management, and the security. Ongoing disclosures under the 1934 Securities Exchange Act then keep investors abreast of a security’s post-sale performance. The point of registration is to reduce information asymmetry between issuer and purchaser. From Gensler’s perspective, registration and disclosure will help crypto investors sort between those tokens they think will flourish and those they think will flounder.

Yet make no mistake, Gensler’s public remarks are misleading. Under existing regulations, the overwhelming majority of crypto projects will never register their tokens. Instead, those with the resources to do so will seek qualifying exemptions, and those without will face an uncertain future. Gensler comments should be viewed with skepticism. His advocated means and preferred end do not tie.

The overwhelming majority of projects will never register.

For any business, crypto or not, registration is a costly and risky process. Drafting, marketing, and approving offering documents and prospectuses is no small undertaking, and the Exchange Act’s ongoing reporting requirements consume substantial resources in the years that follow. There is also legal exposure associated with material misstatements and omissions; a non-zero risk of lawsuits sounding in fraud; and no guarantee that the SEC will, in the end, approve the offering.

For crypto, these costs are particularly acute. The product in crypto is, after all, code. There is therefore a risk of an unintentional divergence between the code and its English-language description, which increases the risk of liability for misstatements and omissions. And the volatility of crypto markets makes the possibility of a fraud action more likely, regardless of a project’s management. Registration is also a drawn-out process. Crypto is a fast-paced industry that builds in public; the risk of losing first-mover advantage is very real.

Because of these costs, only the bluest of the blue crypto projects will ever register their tokens. Most simply cannot afford to pay for a law firm and other expensive intermediaries to help shepherd them through the process. And even if they could, they could never hope to raise sufficient money from the offering to make the expense of registration worthwhile, let alone the legal risks. So even if their tokens are securities, as Gensler assumes, these projects will never register. The majority will continue to operate without doing so and face possible SEC enforcement, which, if brought, will likely kill their venture.

Well-resourced projects will rely on private placements.

What about the bluest of the blue: will they register? Most likely not. Because of the costs and risks, no business will register needlessly. And this presents a problem in crypto, where the regulatory question du jour is what qualifies a token as a security (and therefore subject to securities laws and SEC scrutiny) rather than, say, a commodity.

The root of this problem is the infamous Howey test. There, the United States Supreme Court interpreted the term “investment contract” as used in the Securities Act to mean any “contract, transaction or scheme whereby a person invests his money in a common enterprise and is led to expect profits solely from the efforts of the promoter or a third party.” SEC v. W.J. Howey Co., 328 U.S. 293 (1946). The Howey test is indeterminate and capacious. Relying on Howey, the SEC has brought all manner of projects under its jurisdiction. It is also the hook on which the SEC claims the authority to regulate crypto.

Although Gensler argues that the SEC has issued sufficient guidance on the application of Howey to tokens, this is not true. The SEC has never identified facts and circumstances which are common among security and non-security tokens. And it has inconsistently applied Howey, leading lawyers to theorize why, for example, XRP is an alleged security while ETH is not (although POS ETH may be).

This isn’t an academic dispute; it has had real world consequences. Just look at Coinbase, which recently fought back against the SEC’s allegation in a lawsuit (to which Coinbase is not a party) that the exchange lists security tokens. Coinbase made it clear that it assesses tokens against Howey and does not list securities. And Coinbase claims to have been transparent with the SEC about its methods to ward off just this type of allegation. But here we are. This dispute is emblematic of the disconnect between Gensler’s position and the legal reality facing practitioners, even those as sophisticated as Coinbase.

Because of this uncertainty, well-resourced crypto projects will look to avoid registering their tokens if there is any chance that they could be classified as a commodity. But unlike lesser-resourced projects, rather than risk facing SEC enforcement, they will seek shelter from registration in comparatively light-touch regulatory regimes known as qualifying exemptions—in particular, Regulation D.

Private sales under Regulation D have long offered an alternative to registration for those with access to accredited (i.e., sufficiently wealthy) investors. It is seg-reg light. There is no registration and, in general, no disclosures. The main cost is verifying that purchasers are indeed accredited. And in contrast to the public markets, which are predominantly policed by disclosure, the private markets are only policed by fraud, leading to significantly less legal exposure. Regulation D thus permits projects with sufficient connections to avoid the costs and risks of registration, while still complying with securities law (and thereby providing a safe harbor from SEC enforcement).

Depending on a project’s long-term plan, reliance on Regulation D may be especially appealing. This is because a token may start out resembling a Howey security—centralized and functionless—but the project may plan to develop it into something more akin to a commodity—decentralized and consumptive. And here, the SEC has indicated that a token can indeed start out as a security but mature into a commodity, a view that is congruent with Howey—when a sufficiently decentralized token is used as a consumptive good, a person may no longer invest in it with the expectation to profit solely from the efforts of a specific group of others.

Projects in this category will almost always opt for Regulation D over registration, if at all possible. Otherwise, the project would not only have to pay for the costs of registration, it would also have to continuously review the status of its post-sale token to assess whether it remained a security—and therefore subject to on-going disclosures—or whether it had become a commodity—and thus free from that burden. This internal review process would be its own significant compliance cost. And there is always the risk that the SEC would disagree with a project’s Howey analysis and bring an enforcement action. 

Given all this, crypto projects will continue to shun registration. Those with sufficient resources will look to Regulation D and those without will risk it and face closure. In fact, this dynamic has already been playing out ever since the SEC released 2017’s The DAO Report, where the agency first indicated its intent to regulate crypto. Projects have increasingly turned to Regulation D, if at all possible; they certainly aren’t registering in droves. If anything, this is leading to a market with less public information, and only highlights the need for more guidance and tailored regulation. How long is the SEC going to continue down a path that has thus far proved fruitless?

Of course, Gensler knows this, making his public position disingenuous. He is nudging economically advantaged projects towards qualifying exemptions, and shutting out the economically disenfranchised altogether. The SEC can do better than to continue to follow an approach that seems to benefit few but harm many.

@HallamStanton