Tell it to the judge: Examining the legalities of tokenization in Switzerland and the US

by Tom Lyons.

Note: After this post was published, MME posted videos of highlights from the talk. They can be viewed here.

It was a remarkably hot evening for Switzerland, but the topic at the latest Crypto Valley Forum Meetup, held on June 19 in Zug, seemed hotter.

Under the headline “Tokenizing: Swiss and US Legal Perspectives on Token Generating Events“, the Meetup drew a capacity crowd of around 150 to hear a panel of Swiss and US lawyers discuss the legal aspects of token generating events (TGEs), more commonly – and, according to the lawyers, rather incorrectly – known as initial coin offerings (ICOs) (see box below).

The high level of interest among members of the Swiss crypto community was understandable.

For one, while TGEs have quickly established themselves as a powerful way to fund nascent projects, the market exists in a regulatory grey zone. Issuers face a great deal of uncertainty regarding what, if any, financial, tax and other laws may apply, and from which jurisdictions.

For another, with representatives from Zug-based MME Legal and US-based Debevoise & Plimpton, the panel arguably contained experts from two of the leading authorities in the world on TGEs.

Over 90 minutes the seven panelists covered a lot of ground. Below we present some of the highlights.

How security is it?

One key question for TGEs, particularly in the US, is whether or not they are subject to securities laws. Opinions run the gamut. According to Debevoise, which recently published a detailed paper on the subject, the answer depends on the nature of the token.

If it represents an underlying asset that has the properties of a physical object then it is likely not a security. If it is rather like a share in a company, then it likely would be one.

Similarly, if the token provides holders a passive return on their investment – in other words, if it pays them without them having to do any work – it is likely a security under US law too. This only applies to primary markets, however. Making money because the value of a token rises on a secondary market does not by itself make that token a security.

In Switzerland, according to MME, the situation is more black and white. As long as the token is not directly linked to a debt or share, it need not be classified as a security and is therefore not subject to Swiss securities laws.

But, as the Swiss law firm was quick to point out, that doesn’t mean holders of TGEs based in Switzerland don’t have to consider the law in other jurisdictions. Anyone selling tokens to US persons, regardless from where, is subject to applicable US laws for instance. This counts for pre-sales and secondary trading via exchanges too. MME recommended that anyone considering a TGE conduct a thorough jurisdictional due diligence ahead of time to avoid any surprises.

Who are you?

Another key legal issue facing TGEs is the applicability of financial surveillance and consumer protection regulations, for example anti-money laundering (AML) or investor suitability laws.

At the moment, TGEs are not explicitly subject to such regulation, though this may be changing. Japan for example has been introducing additional listing requirements for token launches. As more institutional and retail investors become interested in cryptotokens, we can expect more such rules.

While a certain degree of regulation would be welcome, MME said the community needs to work hard to educate regulators to ensure that regulation is prudent.

One important contribution the community could make in this regard would be developing its own token classification scheme. To this end MME is working on the  concept of a blockchain cryptoproperty (BCP). A comprehensive, well-thought out classification of BCPs by the industry could provide clarity for regulators, resulting – hopefully – in more appropriate rules.

Forget me nots

Another potentially sticky area for TGEs and blockchain projects in general is data protection laws.

As the expert from Debevoise’s Frankfurt office explained, with the new General Data Protection Regulation (GDPR) in Europe, which comes into effect in early 2018, individuals will gain far more control over their personal data than they have now.

Among other things this will include a right to know how their data is being used, and a right to be “forgotten” by having their data removed from a platform. The regulation applies to any entity, no matter where it is located, that deals with the personal data of citizens of the EU (as well as Switzerland, which is enacting similar rules).

This could cause headaches for blockchain projects in which personal data goes on chain. Because blockchains are immutable, for instance, data can’t easily be erased.

The panel recommended that new blockchain projects keep data protection in mind when designing their platforms. Investors should also do a data protection compliance due diligence before they invest in a specific project.

QnA

In the Q&A that followed the panel, there was lots of interest in the details.

One entrepreneur wanted to know if it was possible in the US to get a ruling ahead of a TGE on whether a specific token would be classified as a security. According to Debevoise, this is possible in theory, but difficult in practice. An alternative is to get an opinion from a lawyer that explains in detail why the project thinks its token is or is not a security and have that on hand should the regulator come knocking.

Those projects that want to avoid any potential US regulatory compliance obligations can hold a TGE that does not sell to US persons. This too however is easier to do in theory than in practice. To show good faith in the attempt, the holder of the TGE can among other things block US IP addresses during the sale, as some token launches are doing.

Projects need to also be very aware of tax issues. Organizations like DAOs can be considered partnerships making members, as well as the organization, potentially liable for taxes, including VAT.