Based in New York City, Katherine is an early-stage investor at Notation Capital. Her interests are in crypto, tech, law, and other areas of her life that she finds interesting.

Digesting the SEC’s most recent framework and no-action letter for crypto & digital assets

Digesting the SEC’s most recent framework and no-action letter for crypto & digital assets

After years (!) of waiting*, the SEC finally released an official statement titled “Framework for ‘Investment Contract’ Analysis of Digital Assets”, which seeks  to provide a framework for analyzing whether a digital asset is offered and sold as an investment contract, and, therefore, is a security. I would also be remiss if I didn’t note that the release of this framework was timed along with the first ever no-action letter issued by the agency to a token sale for a digital asset.

(*okay, I’m being dramatic here. The first SEC action happened in summer of 2017 re: the DAO. So it’d been almost two years, but honestly, it feels like two decades)

Before I jump into the deep-dive analysis, let me say this: of course this is huge news. For so long, the attitude from regulators towards digital assets and crypto have been a mixture of both dismissive skepticism and hostility. And to be honest, after the wild ICO craze in 2017, I don’t blame them. Bitcoin’s reputation precedes itself— from its rather obscure inception back in 2008 to Silk Road, the platform that popularized it— and yet in the last decade, bitcoin has also spawned an important and vibrant ecosystem. 

[Some (really important) reminders: I am not an attorney, this isn’t legal advice, so please (!!) go talk to a ~real~ and reputable lawyer if you have any questions.]

🔎 Analysis + Breaking down the documents

If this is your first time reading about this, I think the best way to prime yourself might be to skim some real-time thoughts I wrote in a twitter thread while going through the documents.

Long story short, we had a no-action letter, and a digital asset framework. 

  1. No-Action letter 📧

Bear with me as I repeat a little background here. The facts of this particular situation goes like this: TKJ is a small air carrier/operator and owns like 2-3 jets. They launched their own internal token platform to facilitate transactions between the user, brokers (of the flights), and carriers. They also have their own wallets, and each user has to sign a separate user agreement prior to buying these tokens. Each $1 equated to a token on that platform. 

This is basically a small airplane carrier that offered a membership program to its members but made it fancy by adding smart contracts and putting it on the blockchain.

It makes about as much sense as a Long Island Tea company rebranding its name to be “Long Blockchain”. (I wish I were joking, but I’m 100% serious; also, no, that strategy did not pan out well). They argued to the SEC that the agency should not recommend any enforcement actions since those tokens are not securities. 

The SEC agreed that those ’tokens’ are not securities, using the following factors— and I will include my own commentary in brackets after each one:

  • TKJ will not use any funds from Token sales to develop the TKJ Platform, Network, or App, and each of these will be fully developed and operational at the time any Tokens are sold

    [Translation + Commentary : you cannot fundraise via a token sale in order to develop your network/platform/app! This is the murkiest part for me and I seriously cannot understand this. I understand the reasoning on its face, but this is like you’re telling me that if United were to sell me some miles to add to my account, they cannot then use that profit to develop their United app? like what?? Let’s seriously consider what this even means, and how you’d even track and allocate that sort of funding. Even if you’re going to argue with me and say that United was a pre-existing company prior to selling me their miles, try applying that logic to Kik’s token sale. It just makes zero sense.]

  • the Tokens will be immediately usable for their intended functionality (purchasing air charter services) at the time they are sold;

    [Translation + Commentary: immediately usable tokens at the time of sale would mean no pre-sales of tokens.]

  • TKJ will restrict transfers of Tokens to TKJ Wallets only, and not to wallets external to the Platform;

    [Translation + Commentary: I think this is the more problematic part of it. I sort of understand why this factor was laid out— because the thinking goes, if you cannot transfer your token out of the platform, then you can’t trade it on other markets. Well, people are always going to find a way to trade their assets. I’m pretty sure there was a black market for crypto-kitties, which are actual NFTs! (!!), in 2017.]

  • TKJ will sell Tokens at a price of one USD per Token throughout the life of the Program, and each Token will represent a TKJ obligation to supply air charter services at a value of one USD per Token;

    [Translation + Commentary: I almost don’t want to comment on this tbh. This is no different from my Sephora points ($1 = one point towards my beauty account, which I can then use to redeem various beauty products) , which are as uninteresting in a securities context as this issue is. What’s next, putting my Sephora beauty points on the blockchain too???] 

  •  If TKJ offers to repurchase Tokens, it will only do so at a discount to the face value of the Tokens (one USD per Token) that the holder seeks to resell to TKJ, unless a court within the United States orders TKJ to liquidate the Tokens; and

    [Translation + Commentary: I know this is to prevent speculative trading, but uh hello I thought that the whole point of making these points = $1 is to make it = $1]

  • The Token is marketed in a manner that emphasizes the functionality of the Token, and not the potential for the increase in the market value of the Token. 

    [Translation + Commentary: well, this is obvious. Don’t shill your token moon-ing or lambo-ing, ie don’t try to convince tour token buyers they’re all gonna get ‘fuck-you’ rich by buying into your tokens. Get outta here with that!]

In my opinion, the no-action letter is woefully inadequate to address questions for a lot of token projects, because it's just the SEC saying 'well we aren't going to enforce action since you sold USD- pegged loyalty points for your small air carrier company to your members’, which honestly is so obvious I’m almost mad for having spent my brain cells analyzing this. Sorry guys, I wanted more out of this as well. 

🖼 2. Digital Asset Framework 

**deep breath**  ready?

The  SEC’s digital asset framework was written mostly by Director Hinman (made famous by his 'ether may not be a security' speech last summer) and Valerie Szczepanik (she heads up the SEC's digital asset division).

I know that a lot of these findings ‘aren’t a surprise’ to securities law lawyers (or even just those who have paid attention to what's been coming out of the SEC in the past two years),  but this is still important. I will also assume that you all are familiar with the Howey Test, but if not— refresh your memory here

Otherwise, the Howey Test came out of the 1946 Supreme Court case SEC v. W.J. Howey Co., which laid out a three-prong test for judging whether or not something can be classified as a security: “an investment contract for purposes of the Securities Act means a contract, transaction or scheme whereby a person [1] invests his money in [2] a common enterprise and [3] is led to expect profits solely from the efforts of the promoter or a third party.” Basically, the Howey Test is a test you actually want to fail if you don’t want to be considered to be a security.

The opening pages of the framework is a general reminder of the Howey Test, and also a reminder that— hey!! not everything has to be on the blockchain!! (Probably the only thing that I would emphatically agree with on this entire document). 

Screen Shot 2019-04-03 at 11.19.00 AM.png

In the framework, the SEC thinks that the first two prongs are pretty much assumed to be satisfied. Not much discussion dedicated here. Funny note though: part B here in the above screenshot of the framework basically says— courts have said this one thing, but actually we are just gonna go ahead and ignore this sort of analysis and just assume it to be true. Guys, this really won’t work in an actual legal argument, but ok

The third prong of the Howey test (Reasonable Expectation of Profits Derived from Efforts of Others) is the more complicating factor in this entire framework. I know, my brain is melting too.

There’s too much to summarize, but here are some of the important points: first is this broad definition of an ‘active participant’, which is the ‘efforts of others’ in that third prong of the test. To quote the SEC, ‘when a promoter, sponsor, or other third party (or affiliated group of third parties) (each, an “Active Participant” or “AP”) provides essential managerial efforts that affect the success of the enterprise, and investors reasonably expect to derive profit from those efforts, then this prong of the test is met.’

Off the bat, there are some serious issues with this AP classification. 

According to the framework, APs are those who created a market for the price of the digital assets (ie limiting supply through buybacks, burning), or plays a lead or central role in deciding governance issues, code updates, etc. APs are those responsible for the development, improvement (or enhancement), operation, or promotion of the network. APs determine who will receive funding, deploy funds, or make business level decisions. APs ‘play a leading role in the validation or confirmation of transactions on the network, or in some other way having responsibility for the ongoing security of the network’. AP retains a stake or interest in the digital asset. The AP distributes the digital asset as compensation to management.

The list goes on.

These AP definitions are a ming-boggling clusterfuck of anyone and everyone who is a stakeholder in a network. Core team may be implicated. Founders turned individual contributors may be implicated. Miners may be implicated. Core devs may be implicated. Delegates may be implicated.

Don’t get me wrong: I think decentralization is important too, but this is dangerously broad and can seriously damage a number of ecosystems (nuances differ depending on the protocol/ the ecosystem, and I don’t want to name them here). 

Another interesting point in the framework is this question: "In evaluating whether a digital asset previously sold as a security should be reevaluated at the time of later offers or sales, there would be additional considerations as they relate to the “reasonable expectation of profits”. 

I actually read this as super interesting, because it seems to say basically that a digital asset that was previously sold as a security…could be subject to re-evaluation.

Of course, there are a lot of factors that would impact this set of consideration, like whether holders are able to use the digital asset for its intended functionality, or whether any economic benefit that may be derived from appreciation in the value of the digital asset is incidental to obtaining the right to use it for its intended functionality.

To be honest, I don’t really know what or when the revaluation process would start, what would trigger it, and what it even would mean. We have no answer on that. And…per Ari, I am reading tea leaves here. 

There are some other factors that would be interesting in this analysis, but I will stop here. My brain has stopped churning at this point, and already, we have more questions than answers.

I seriously would recommend you to read the framework, or at least the following pages: page 9, which details the factors that would make something less likely to be a security; page 6 + 7 for characteristics that would make token holders ‘expect profits’, and page 3 + 4 +5 for all of the AP activities. 

🤔 Some concluding thoughts...

The framework that the SEC released today is something that the crypto industry has long waited for. We’ve seen frameworks being developed by crypto companies themselves— mostly crypto exchanges like Coinbase and the like—to assess the likelihood of a digital asset being  a security, but no official framework to work off of. 

So getting this sort of guidance fro the SEC, even if unofficial and not legally binding— is helpful. I think there were some aspects to the guidance that were helpful in the sense that it really pulled together a lot of the reasoning and opinions that the SEC has said publicly in their enforcement actions (especially around promotional and marketing efforts), and it also shows that the SEC is at least open to a network being totally ‘decentralized’ to the point where it would be unlikely to be classified as a security as under the Howey Test.

Unfortunately, there are still so many questions left unanswered and i suspect will leave both startups as well as legal practitioners with immense headaches. For example- the framework gives a broad “active participant’ definition when analyzing under the third prong of the Howey Test. Taken liberally, that definition could really impact and even hinder the process in which a token project/start-up can decentralize itself. 

The other unanswered question that continues to remain for ICO projects is this: what are the options for projects that did ICOs in the past, who actually have a roadmap for decentralizing and can argue for some utility function in their token? I could go on with the list of difficult issues to grapple with. 

The TLDR of the guidance and no-action letter is this: while the SEC (and other agencies!) are clearly being thoughtful around what sort of direction or guidance to give, there is unfortunately still a lot of nuance and questions that remain unanswered. 

In the best light, startups now have a list of questions to ask themselves when thinking about their roadmap and an idea of the risks they might incur by continuing to adhere to token sales as a fundraising model. 

In the worst light, the answers to those questions are so limiting and restrictive (including the criteria as set forth in the no-action letter) that it ultimately leaves little room for continued innovation.


📚 P.S. Extra credit reading:

Diverse perspectives are important. CoinCenter wrote their analysis here. Other lawyers have chimed in here (Marco Santori), here (Patrick Berarducci), here (Drew Hinkes), here (Lewis Cohen), and here (Preston Byrne).

Remember again that this blog post (and the tweets / articles linked above) is not legal advice. You are welcome to cite my writing as long as you give me credit (and let me know by tagging me!) and if you’d like to get in touch, find me here

Thank you for making it til the end. If you found this to be helpful + would like to thank me for my time, please share it.

🧧 I also accept Bitcoin + Eth donations at the following addresses:

Bitcoin: 1G1PrpWe2dgT9TK9Xvmc7Fgcp2qB7cjXcx

Eth: 0x6Ce1e6113Ad420B913C39eB3E2FdDa469f0FcAe3

If QRs code are more your thing, I have them here: 





I appreciate you.

[Annotated] FinCEN's comprehensive guide to crypto regulations

[Annotated] FinCEN's comprehensive guide to crypto regulations

The SEC is re-considering its Custody Rule: What it means for crypto + digital assets

The SEC is re-considering its Custody Rule: What it means for crypto + digital assets