DAOs and Securities Regulation

  • Analysis
  • September 30, 2016
Lior Zysman, a crypto legal advisor to Wings.ai and a legal contributor to Smith+Crown, considers how projects might avoid having their DAO tokens regulated as securities.

So you want to make a DAO (Decentralized Autonomous Organization) but you’re worried your DAO tokens may be considered an investment contract–triggering all the requirements associated with securities.

The disclosure, registration, limitations, liabilities that comes along with it could be complex, burdensome, and even risky. Entrepreneurs have to follow the law or risk legal exposure. Unregistered offerings of “securities” is illegal and punishable.

Determining whether something is a security is not as straightforward as some might think. For example, the US courts determined that selling a right in a citrus field constitutes an “investment contract.” This seminal case, SEC v. W. J. Howey Co., laid out a four-pronged test to see if something is a security or not (the Howey test): a transaction whereby someone (1) invests his money in (2) a common enterprise and is led to (3) expect profits (4) solely from the efforts of the promoter or a third party.[1]

This framework has not been tested in court in the context of cryptocurrencies (yet) but if a if DAO crowdsale constitutes an unregistered offering, launching a DAO would become more expensive, extensive, and full of broad fiduciary duties and liability risk.

However, the things that the regulation is trying to solve, are sometimes addressed inherently in a DAO’s structure. Moreover, the underlying technology is different than the traditional system of securities we have today. The goal of the SEC is to achieve a fair and stable market, but as we going to demonstrate, in the crypto-economy, regulators need to consider a different approach.

The clearest example is the reporting requirement of company’s financials: flows of funds are recorded real-time on an open blockchain. Reporting requirements for securities were designed for traditional accounting systems (two entries with a human auditor), not a triple-entry system with cryptographic proofs. The new JOBS Act Title 3, which opens investment in startups to individuals, requires startups to publish financials once a year; in contrast, blockchain accounting guarantees DAOs and their investors financial reporting all year long.

The Act also requires businesses to publish a business plan once a year. In contrast, DAOs operate by transparent open-source code that any machine on a distributed computation network can run. The funds the DAO directs are also published on the blockchain, and the by-laws themselves that determines the relationship between the DAO participants are embedded in the code. The execution of those bylaws and the DAO’s accounting don’t depend on familiar figures, like the CEO or an auditor, although the status of humans on the edges of the network or curators has never been debated in case law and might be replaced using formal verification methods. Given all this, investor expectations, a big concern for lawmakers and regulators, are being met directly by the DAOs code, perhaps for the first time in corporate history.

The SEC tries to prevent asymmetric information between the issuer of a security and investors by having these reporting requirements. As we can see, with DAOs all of the relevant information exists online whether on github or on the blockchain explorer. That might raise the question of whether “modern reporting requirements” of paper filings are out of date to begin with. Millennials are used to getting (even official) information online through social networks–to decide where to eat (yelp), where to sleep (airbnb) and if their taxi driver is good for the job (uber). SEC’s prospectus requirement when issuing a security is pre-structured document, long and full of capital letters. Perhaps Bitcointalk.org announcements and SlackReddit discussions might be more intuitive and informative for a younger audience to understand investor rights.

Overall these changes might actually improve market practices, perhaps even achieve perfect competition, when prices approach the marginal cost of production. The SEC’s ban on general solicitation of securities might be outdated in the internetinformation era, and the discrimination in deal access between high-net-worth investors and others (accreditednon-accredited investors) classifies our society in ways that only expand the rich-poor gap.

Adding the facts that DAOs are jurisdiction-less and that ‘miners’, ‘nodes’ and ‘curators’ don’t have a place in the current legal system, makes the SEC’s job to force a square peg into a round hole. A new regulation is needed, one that fits the new technology and better supports entrepreneurs in the digital age.

Ticket to a fair, sweat equity and current regulation alternatives

When users are buying tokens to use rather than to invest, it makes the token more of a consumer product: “when a purchaser is motivated by a desire to use or consume the item purchased . . . the securities laws do not apply.” [2] Buying Ether to compute on the network for example, or any other anti-spam mechanism, makes digital assets more of a consumer product, protected by consumer laws rather than securities laws. Albert Wagner, a partner in USV, compared a blockchain token to a ticket to a fair.

The court stated that “in the instances where the instrument is novel, they will always disregard the form of a transaction and instead focus on the economic reality of the transaction.” (emphasis mine), and DAOs that share revenues with holders and allow them to vote makes the “economic reality” look more and more confusing.

Exhaustible tokens are easier to distinguish as products. The token acts as proof it was consumed, while non-exhaustible token may be considered memberships or subscriptions. Some models, like Steem.it even involve different kinds of tokens, but crowdselling one with no rights, and using it to purchase another, can still be seen as one integrated security offering.

But do revenue-sharing protocols make economic sense at all–other than as a crowdsales incentive? Let’s take a look at the economic implications.

If Ethereum, for example would pay each holder “dividends” (maybe by splitting the block reward between miners and token holders), then spending gas to execute a smart contract would rob the original holder of associated rights to those dividends. Organizations normally re-invest profits for future growth (maybe until they are close to a monopoly, such as Apple), so perhaps the same logic could work in crypto-economics, where a portion of revenues goes to a bounty fund.

Another approach for DAOs to avoid securities offering regulation is to allocate revenue sharing according to user actions (as opposed to passive holding, that is, just owning the token). The Howey test requires the “effort of others”, and DAOs, which could be seen as some sort of partnership, are “member-managed” (as opposed to “manager-managed”), thus might not be considered securities.  This makes the token more like “sweat equity” than an investment vehicle and the transaction more like remuneration/compensation than investment. Comakery.com is an example of such a model: people contribute to projects and earn tokens, that can recieve portion of the project’s revenue, i.e. employee stock options. This model is also a chance to improve wealth distribution–instead of venture capitalists writing all the checks and earning the rewards, a greater percentage of revenues would go to real contributors.

The Howey test requires the “effort of others”, and DAOs, which could be seen as some sort of partnership, are “member-managed” (as opposed to “manager-managed”), thus might not be considered securities.

Another claim might be applicable to tokens which bear similarity to Promissory Notes, a short-term debt obligation that can be collateralized. Although the term “note” is specifically included in the statutory definition of a security, courts haven’t been bound to it if the ‘note’ bears a “family resemblance” (Reves v. Ernst & Young) to a list of instruments, such as notes secured by a mortgage on a home. For that reason structuring revenue-sharing tokens without any voting rights might makes things look less like a traditional security (and less like a DAO), but might still be considered an investment contract.

If a note is not on the list, then the test looks at things like investor expectations, the note’s tradability, and also the presence of an alternative regulatory regime. If the last exists, it significantly reduces risk and might render regulation under the Securities Act unnecessary. Courts determined for example that financial products covered by ERISA (Employee Retirement and Income Security Act) are indeed sufficiently protected.

Should the blockchain ecosystem also have an alternative regime, or more interestingly –   could the community build a new technology-based one itself? Vitalik Buterin already proposed decentralized courts and the Ethereum Foundation was in fact the ‘regulatory agency’ that dealt with TheDAO hack. Maybe the SEC’s role could be privatized to protocol foundations using decentralized courts technology, or to white hat hacker groups looking for insider trading activity for bounties. This might be similar to how financial-industry players formed a self-regulatory agency like Financial Industry Regulatory Authority (FINRA) or a watchdog like the Electronic Frontier Foundation (EFF). It might even be more effective, considering SEC enforcement results.

Enforceability — this is not a drill (just an experiment)

Enforceability is still questionable: by which jurisdiction should a court prosecute a jurisdiction-less entity? Kim Dot Com is an early example of the complications. How will enforcement agencies find globally scattered developers, miners, and nodes, who contribute to a decentralized experiment for the benefit of our society?

Regulators’ enforcement priorities are sometimes unclear . It is puzzling that the SEC did not publish a clear opinion on the TheDAO’s tokens sale to US citizens. It could be that DAOsrevenue-sharing tokens still don’t affect market stability or harm everyday investors, who still don’t know how to buy blockchain assets. The chair of the US Commodity Futures Trading Commission (CFTC) chair mentioned the technology still has to mature before regulating it (although CTFC forced the Bitfinex exchange to change their security configuration, possibly opening a vulnerability for the hackers to use.  All that is left now, is to hope the SEC wouldn’t repeat the same mistakes with DAOs…

Challenges going forward: compliance + innovation

Crypto tokens and securities both represent rights in a value-transfer system, with the ability to transfer value within this system. However, currently crypto tokens are essentially a bearer instrument — rights attached to its holder in due course, rather than registered instruments for verification and recordkeeping. It is a technological achievement, allowing issuers and investors to cut out middlemen, but it’s also a big headache for KYC and AML compliance.

Bearer shares now are mostly obsolete. In 2007, Wyoming and Nevada abolished bearer shares, ending their status as the last two U.S. states to permit their use, and even the British Virgin Islands–the most popular offshore jurisdiction–disabled it.

Crowdsales (and the world) are in trouble if ISIS uses tokens to launder funds. This example is why KYC and AML protocols have become so important in the cryptocurrency industry. Some are already tackling this onchain (MIT and Peter Todd may have offered a solution) and others propose that KYC could be done when exchanging tokens to fiat. Perhaps a lighter approach of KYC is more suitable here. KYC compliance isn’t required to post on Reddit, so the same logic might apply to the unfolding use cases of Internet of Value. Collecting less data on users while monitoring suspicious addresses is a challenge that needs to be addressed.

Another compliance hurdle is identifying users for collecting tax payments. Blockchain networks might need to explore revenue-sharing schemes for collective non-profit causes, to smooth the transition from government responsibility of citizens to blockchains.

Applying traditional regulation to the decentralization concept could limit the financial innovation a crypto token can offer. As discussed above such a token is unlike a traditional security: it has utility in applications and networks, it’s open and trustless, and its (sort of) immutable. Overall, it’s a better version of a ledger.

Disrupt with DAOs, but be responsible

It’s exciting to see how DAOs can disrupt finance and revolutionize how markets work in the process. TheDAO was unified “hive mind” VCcrowdfunding experiment, that could have leveled the playing field in venture financing, currently done almost entirely by large investors such as endowment funds. More disruptive experiments could change everything we know about finance: a unified global pension fund, a global p2p insurance scheme, or governance via decentralized futarchy (gnosis, wings.ai).

DAOs might still be theoretical and introduce new risks (TheDAO was hacked and wasn’t even fully autonomous), but securities regulation are also sometimes old and odd. As Bitcoin disrupted our definition of coin (not being exclusively issued by government), the next step for the blockchain economy is to disrupt securities and financial markets with innovative concepts that leads to real value.

Finally, here are some practical tips to entrepreneurs who plan a DAO crowdsale – remember to communicate and be fully transparent in the process, don’t over promise with the product’s goals, and don’t promise ROI. Clarify that it is an experiment. Be a diligent fiduciary of funds, and don’t act in negligence to your duties as such.

And of course, consult a lawyer…

Note: This article has been modified from its original version. Lior Zysman is a crypto legal advisor to Wings.ai and a legal contributor to Smith+Crown. He is a practicing lawyer in Israel but is not admitted in the US.


  1. SEC v. W. J. Howey Co.
  2. United Housing Foundation, Inc. v Foreman