Compliance check: why do you need a Bad Actor report?

Companies seeking innovative funding options beyond traditional bank loans or venture capital investments. Regulation A (RegA+), Regulation Crowdfunding (RegCF), and Rule 506c of Regulation D present viable alternatives. 

In this context, while navigating the offering, and compliance with SEC is paramount. One of the most important requirements is the exclusion of “Bad Actors”, a measure to safeguard all the parties involved in the process of raising capital.

Who are Bad Actors?

In the context of securities offerings, “Bad Actors” are individuals or entities with a history of fraudulent activity, particularly involving securities. This can include:

  • Individuals with past convictions for securities fraud.
  • Companies that issued misleading financial statements.
  • Individuals sanctioned by regulatory bodies for financial misconduct.

In other words, those who fall under this disqualification include the company issuing the securities, its officers, directors, significant shareholders, and individuals compensated by the company to solicit or promote the offering.

Also worth mentioning that the criteria for designating someone as a “Bad Actor” encompass eight types of disqualifying events, such as civil and criminal judgments, orders from state and federal administrative bodies, and directives from regulatory authorities. 

How to Avoid Disqualification: “Reasonable Care” and Bad Actor Reports

The SEC offers a “reasonable care” exception to disqualification. This means companies can still raise capital under Regulation A or crowdfunding if they can demonstrate they took reasonable steps to identify and exclude Bad Actors.

There’s no central database for “Bad Actors,” so conducting a thorough “factual inquiry” is crucial. Bad Actor reports from reputable third-party services can significantly help with this process. These reports compile information on individuals and entities, identifying potential disqualifying events based on available data sources.

Examples of Legal Implications of Non-Compliance

The SEC takes violations of Bad Actor disqualification rules seriously. Failing to comply can lead to significant legal and financial repercussions for your company. In severe cases, the SEC might bring criminal charges against those involved.

Understanding these potential consequences highlights the importance of prioritizing compliance practices.

  • Civil and Criminal Penalties: Non-compliance can lead to civil penalties, such as fines or sanctions, and in severe cases, criminal charges. These penalties are designed to deter violations and promote adherence to securities laws.
  • Suspension or Revocation of Securities Registration: If your company is found non-compliant, it could face the suspension or revocation of its registration to issue securities. This would halt any ongoing fundraising activities and could severely impact future capital-raising capabilities.
  • Loss of Exemption Privileges: Companies failing to screen for Bad Actors may lose their exemption status under regulations like Rule 506 of Regulation D, Regulation Crowdfunding, or Regulation A. Losing this status can complicate future efforts to raise capital without the extensive requirements of a full SEC registration.
  • Legal Actions from Investors: Investors may pursue legal action if they suffer losses due to the company’s involvement with Bad Actors. Such lawsuits can be costly and damage the company’s reputation.
  • Reputational Damage: Beyond financial and legal repercussions, the presence of Bad Actors can tarnish a company’s reputation, making it difficult to attract future investors or business partners. Maintaining a clean compliance record is crucial for preserving trust and credibility in the market.
  • Restrictive Orders: The SEC may issue cease-and-desist orders or other restrictive actions, limiting the company’s operations in the securities market. These orders could restrict certain business practices or the issuance of securities.
  • Disclosure Obligations: If disqualifying events occur, companies may be required to make extensive disclosures in their offering materials, which could deter investor interest and affect the overall success of the offering.

The knowledge of these implications helps emphasize the necessity of conducting thorough due diligence and implementing effective compliance measures to protect your company from potential legal challenges and to maintain its good standing in the financial market.

Proactive Measures for Compliance

Avoiding Bad Actor disqualification necessitates a proactive approach:

  1. Thorough Background Checks: Prior to any offering, conduct comprehensive background checks on all involved parties, including officers, directors, and major shareholders. Identifying any past disqualifying events is essential for maintaining eligibility for exemptions.
  2. Utilize Professional Services: Engage reputable firms like CrowdCheck to conduct in-depth investigations and provide detailed reports on covered persons. These reports offer insights into any potential disqualifications, helping companies demonstrate compliance with SEC and FINRA standards.
  3. Exercise Reasonable Care: Implement robust procedures for factual inquiries into the backgrounds of all participants. By demonstrating a commitment to due diligence, companies can establish a defense of “reasonable care” in the event of unforeseen disqualifications.
  4. Ongoing Monitoring: Regularly review and update compliance protocols to adapt to evolving regulatory requirements.  Stay informed about changes in SEC, FINRA regulations, and industry best practices to ensure ongoing adherence to standards.

By adopting proactive measures, companies can mitigate the risk of Bad Actor disqualification and uphold investor confidence in their offerings.


Conclusion: Emphasizing Due Diligence in Investments

Innovative funding options like Regulation A (RegA+) and RegCF crowdfunding offer promising opportunities for startups and small businesses to raise capital. However, these avenues come with inherent risks, necessitating careful attention to compliance and investor protection.

A proactive approach to identifying and excluding Bad Actors is essential for companies seeking to raise capital. By conducting thorough due diligence, utilizing third-party services, and maintaining transparency, companies can mitigate risks and instill confidence in investors, ultimately fostering a thriving and trustworthy investment ecosystem.


Disclaimer: This article is for informational purposes only and is not intended as financial advice.

Accredited investor definition and SEC Review

In this special article written by Laura Anthony from Securities Law Blog, we’ll learn more about recent matters regarding accredited investor definition and SEC Review.

Keep reading and discover more about this fundamental topic in the financial markets, especially when you’re looking to raise capital.

On December 15, 2023, the SEC issued a staff report on the accredited investor definition.  The report comes three years after the most recent amendments to the accredited investor definition (see HERE).

The Dodd-Frank Wall Street Reform and Consumer Protection Act (“Dodd-Frank”) requires the SEC to review the accredited investor definition, as relates to natural persons, at least once every four years to determine whether the definition should be modified or adjusted.  The last two reports can be read HERE and HERE.

The current report focuses on the composition of the accredited investor demographic, including since the last definition amendments; the extent to which accredited investors have the financial sophistication, ability to sustain the risk of loss of investment, and access to information that have traditionally been associated with an ability to fend for themselves; and accredited investor participation in exempt offerings.

I’ve included the complete current accredited investor definition at the end of this post.


All offers and sales of securities must either be registered with the SEC under the Securities Act or be subject to an available exemption from registration. The ultimate purpose of registration is to provide investors and potential investors with full and fair disclosure to make an informed investment decision. The SEC does not pass on the merits of a particular deal or business model, only its disclosure. In setting up the registration and exemption requirements, Congress and the SEC recognize that not all investors need public registration protection and not all situations have a practical need for registration.

However, exempted offerings carry additional risks in that the level of required investor disclosure is much less than in a registered offering, the SEC does not review the offering documents, and there is no federal ongoing disclosure or reporting requirements.  The premise of allowing offering exemptions to accredited investors is that such investors are able to fend for themselves and, accordingly, do not need the protections afforded by the registration requirements under the Securities Act because they have access to the kind of information which registration would disclose (SEC v. Ralston Purina Co.).

Diving deeper: Definition of an accredited investor

The definition of an accredited investor has become a central component of exempt offerings, including Rules 506(b) and 506(c) of Regulation D.  Qualifying as an accredited investor allows an investor to participate in exempt offerings including offerings by private and public companies, certain hedge funds, private equity funds and venture capital funds.  Further accredited investors are not bound by the investor limitations set forth in Regulation Crowdfunding or Regulation A, and investors in a Regulation Crowdfunding offering are free to sell to accredited investors without complying with the one-year prohibition on resales.

The concept of “accredited investor” is not limited to exempt offerings but permeates the state and federal securities laws in general.  For instance, a company is required to register under Section 12(g) if as of the last day of its fiscal year the number of its record security holders is either 2,000 or greater worldwide, or 500 persons who are not accredited investors or greater worldwide.  Accordingly, companies must differentiate between record holders who are accredited investors and nonaccredited investors.  For more on Section 12(g) registration see HERE.

Most state securities statutes contain a definition of an accredited investor that either tracks the federal definition, or in some cases, contains higher thresholds for institutional investors ($10 million as opposed to $5 million).  Some states use the accredited investor definition to determine whether investment advisers to certain private funds are required to be registered. FINRA also uses the definition to determine the private placement document filing requirements for placement agents.

Accredited Investor Pool

The SEC has no real source of information on the number of natural persons that are accredited investors but rather must rely on assumptions and general information provided by, for example, the Federal Reserve Board’s Survey of Consumer Finances.  However, the SEC estimates that approximately 18.5% of U.S. households qualify as accredited investors based on income standards.   The SEC estimates that the number of accredited investors has grown steadily, attributing some of this growth to the fact that the definition has never been adjusted for inflation.  According to the SEC report, if the natural person accredited investor thresholds were adjusted to reflect inflation since their initial adoption through 2022 using CPI-U, the net worth threshold would increase from $1 million to $3,037,840, the individual income threshold would increase from $200,000 to $607,568, and the joint income threshold would increase from $300,000 to $911,352, which is s significant jump from the current definition.

The SEC also points out that its estimate does not include the indeterminate additional number of people that would qualify as accredited based on holding qualified professional licenses or being knowledgeable employees at private funds.  Same for the number of individuals that may qualify as a director, executive officer, or general partner of the issuer.

The SEC report delves into the composition of assets for most U.S. households concluding that a disproportionate amount of assets are held in retirements savings accounts and plans that are directed or controlled by individuals, who “may lack experience in building a portfolio that appropriately allocates risk and ongoing management of investments, including preparing for the illiquid nature of private company investments.”  Although the SEC admits there is limited information available to assess the financial sophistication of accredited investors, it still leans towards concluding, they are not sophisticated or protected.

The SEC points to this as a reason to question the continued utility of the current financial thresholds. I flat-out disagree.  Without side-by-side evidence of retirement losses, investors suffering from poor decision-making, investors suing for private investment losses, regulatory actions related to inappropriate private offerings involving retirement accounts, or any other reasonable metrics supporting the alleged inability of U.S. households to make their own investment decisions with their own money, I find this discussion lacking in evidentiary support.

Accredited Investor Participation in the Exempt Offering Market

The SEC has no proper methodology to estimate the participation of natural person accredited investors in the exempt offering market.  However, they do estimate that approximately $3.7 trillion of new capital was raised in exempt offerings in 2022.  Although clearly the vast majority of the investors are accredited, the breakdown between natural persons and institutions or entities is unknown.  The SEC spends several pages espousing statistics based on Form D filings but, as they indicate, many issuers do not file a Form D and even when they do, it may be at the beginning of an offering and contain no information about the offering results or investor composition.


Although the SEC report’s introduction explains that it will examine accredited investor demographics and investment habits, in actuality the SEC has no reliable or aggregated sources of information from which to obtain these facts.  Although I summarize some of the findings, the conclusion is that all information is a best guess and estimate.  With such a lack of information, the SEC chooses to err on the conservative side seemingly leaning towards suggesting raising the financial thresholds.  Laura has a different perspective, disagreeing with this approach.

In general, she considers that the report offered little useful information.

Current Definition of Accredited Investor

Accredited investor shall mean any person who comes within any of the following categories, or who the issuer reasonably believes comes within any of the following categories, at the time of the sale of the securities to that person:

(i) Any bank as defined in section 3(a)(2) of the Act, or any savings and loan association or other institution as defined in section 3(a)(5)(A) of the Act whether acting in its individual or fiduciary capacity; any broker or dealer registered pursuant to section 15 of the Securities Exchange Act of 1934; any investment adviser registered pursuant to section 203 of the Investment Advisers Act of 1940 or registered pursuant to the laws of a state; any investment adviser relying on the exemption from registering with the Commission under section 203(l) or (m) of the Investment Advisers Act of 1940; any insurance company as defined in section 2(a)(13) of the Act; any investment company registered under the Investment Company Act of 1940 or a business development company as defined in section 2(a)(48) of that act; any Small Business Investment Company licensed by the U.S. Small Business Administration under section 301(c) or (d) of the Small Business Investment Act of 1958; any Rural Business Investment Company as defined in section 384A of the Consolidated Farm and Rural Development Act; any plan established and maintained by a state, its political subdivisions, or any agency or instrumentality of a state or its political subdivisions, for the benefit of its employees, if such plan has total assets in excess of $5,000,000; any employee benefit plan within the meaning of the Employee Retirement Income Security Act of 1974 if the investment decision is made by a plan fiduciary, as defined in section 3(21) of such act, which is either a bank, savings and loan association, insurance company, or registered investment adviser, or if the employee benefit plan has total assets in excess of $5,000,000 or, if a self-directed plan, with investment decisions made solely by persons that are accredited investors;

(2) Any private business development company as defined in section 202(a)(22) of the Investment Advisers Act of 1940;

(3) Any organization described in section 501(c)(3) of the Internal Revenue Code, corporation, Massachusetts or similar business trust, partnership, or limited liability company, not formed for the specific purpose of acquiring the securities offered, with total assets in excess of $5,000,000;

(4) Any director, executive officer, or general partner of the issuer of the securities being offered or sold, or any director, executive officer, or general partner of a general partner of that issuer;

(5) Any natural person whose individual net worth, or joint net worth with that person’s spouse or spousal equivalent, exceeds $1,000,000 excluding such person’s primary residence (both on the asset and liability side except that indebtedness in excess of the fair market value of the primary residence shall be included as a liability);

(6) Any natural person who had an individual income in excess of $200,000 in each of the two most recent years or joint income with that person’s spouse or spousal equivalent in excess of $300,000 in each of those years and has a reasonable expectation of reaching the same income level in the current year;

(7) Any trust, with total assets in excess of $5,000,000, not formed for the specific purpose of acquiring the securities offered, whose purchase is directed by a sophisticated person as described in § 230.506(b)(2)(ii);

(8) Any entity in which all of the equity owners are accredited investors;

(9) Any entity, of a type not listed in paragraph (a)(1), (2), (3), (7), or (8), not formed for the specific purpose of acquiring the securities offered, owning investments in excess of $5,000,000;

(10) Any natural person holding in good standing one or more professional certifications or designations or credentials from an accredited educational institution that the SEC has designated as qualifying an individual for accredited investor status. Under this category the SEC designated persons holding the following licenses: (i) Series 7; (ii) Series 82; and (iii) Series 65.

(11) Any natural person who is a “knowledgeable employee,” as defined in rule 3c–5(a)(4) under the Investment Company Act of 1940, of the issuer of the securities being offered or sold where the issuer would be an investment company, as defined in section 3 of such act, but for the exclusion provided by either section 3(c)(1) or section 3(c)(7) of such act;

(12) Any “family office,” as defined in rule 202(a)(11)(G)–1 under the Investment Advisers Act of 1940:

(i) With assets under management in excess of $5,000,000,

              (ii) That is not formed for the specific purpose of acquiring the securities offered, and

             (iii) Whose prospective investment is directed by a person who has such knowledge and experience in financial and business matters that such family office is capable of evaluating the merits and risks of the prospective investment; and

(13) Any “family client,” as defined in rule 202(a)(11)(G)–1 under the Investment Advisers Act of 1940 , of a family office meeting the requirements in paragraph (a)(12) of this section and whose prospective investment in the issuer is directed by such family office pursuant to paragraph (a)(12)(iii).


* Disclaimer: The data presented in this article is based on the information available at the time of the publication. For updated data and specific questions, reach professional help.

Charter of Trust

Trust, Commitment, and Code of Conduct

This is the Trust Charter describing our commitment to Trust and the Code of Conduct of the Kore group of companies that includes KoreConx, KoreTransfer, and KoreChain.

We believe that TRUST is the cornerstone of any successful business relationship. Our co-founders build this into the DNA of our company.  As we celebrate our 7th year at KoreConX, we are dedicated to upholding the highest ethical standards and fostering an ecosystem of partners who share our commitment to integrity, security, and the responsible handling of information. This business charter outlines our principles of Trust, Commitment, and Code of Conduct, which guide our operations and interactions with clients, partners, and stakeholders. 

The KoreConX Seal of Trust

  • KoreConX will never take a commission, kickback, or revenue share from any of our KorePartners we have integrations with
  • KoreConX will never sell contact information or transaction data
  • KoreConX will never share or disclose individual data to anyone except to those parties who are responsible for working on transactions, following up with investors, performing their fiduciary duties, or performing their regulatory duties
  • KoreConX will never send marketing messages for investments
  • KoreConX will never contact investors in a manner that violates Trust or without the knowledge and consent of the company in which the investors are shareholders

The KoreConX Commitment to Value

  • KoreConX will provide and continually enhance value-added analytics
  • KoreConX will work with its KorePartners to continually reduce business process inefficiencies
  • KoreConX will be relentlessly focused on regulatory compliance and the safety of investors


  • Privacy Commitment: We pledge to safeguard our clients’ information with the utmost diligence. We will never use or disclose client information in a manner that compromises privacy, security, or business ethics.
  • Data Security: Our company will implement robust data security measures to protect client data from unauthorized access, breaches, or misuse.
  • Transparency: We will maintain transparency with our clients regarding how their information is collected, used, and shared, and we will comply with all applicable data protection laws and regulations.
  • Non-Disclosure: We commit to respecting client confidentiality and will not share sensitive information without explicit consent or legal requirements.


  • Ethical Conduct: Our company is committed to conducting business with the highest standards of ethics, honesty, and integrity. We will not engage in any fraudulent, deceptive, or illegal practices.
  • Continuous Improvement: We will continuously improve our infrastructure, processes, and services to provide a safe, efficient, and innovative environment for our clients and partners.
  • Compliance: We will adhere to all applicable laws, regulations, and industry standards relevant to our business operations, including but not limited to financial transactions, data protection, and environmental regulations.
  • Client Satisfaction: We are dedicated to meeting and exceeding client expectations by delivering high-quality services, prompt responses, and personalized support.
  • Compliance & Safety: We will not compromise regulatory compliance and safety to convenience or expediency.

Code of Conduct

  • Partnerships: We have established partnerships with firms and individuals who share our commitment to Trust, ethics, and security. Our KorePartners must adhere to similar principles in their interactions with us and our clients.
  • Fair Competition: We believe in fair competition and will not engage in anticompetitive practices or unfair business tactics. Our partners must also compete fairly in their respective markets.
  • Anti-Corruption: We are resolutely against bribery, corruption, and unethical influence in business. Our company and partners shall not offer, solicit, or accept bribes or engage in any form of corrupt practices.
  • Environmental Responsibility: We acknowledge our responsibility to the environment and will take measures to reduce our environmental footprint. Our partners are encouraged to adopt environmentally responsible practices.
  • Inclusivity: We promote diversity, equity, and inclusivity within our company and encourage our partners to do the same. Discrimination, harassment, or bias in any form will not be tolerated.
  • Conflict Resolution: We are committed to resolving disputes and conflicts promptly, fairly, and through peaceful means. We will seek amicable solutions to disagreements with clients, partners, or stakeholders.
  • Seeking Synergies: We favor win-win and synergystic solutions and partnerships even with parties who believe they are our competitors. Our goal is to remain a technology infrastructure company, and we are open to collaborating with other parties and helping them maintain their brand.

KoreConX aims to create a business environment that is built on trust, commitment to ethical operations, and a shared code of conduct. We invite all our clients, partners, and stakeholders to join us in maintaining and upholding these principles, creating a thriving ecosystem where mutual respect, transparency, and trust are at the core of every interaction.


Learn more about the origins of our charter of trust. 

How often do I need to hold an AGM?

Every year, Warren Buffet hosts the Berkshire Hathaway Annual Shareholders Meeting. This meeting is an Annual General Meeting (AGM), widely viewed with many people in attendance. The reason for this is that it is often more than the typical AGM, which we will detail below, as Buffet often talks about more than just Berkshire Hathaway. This year, on Saturday, May 1st in Los Angeles, Buffet was joined by, as Yahoo Finance reported, “Vice Chairman Charlie Munger and both shared their unscripted views on Berkshire Hathaway, the markets, the economy, corporate governance, and a lot more.”


This example is only one of what an AGM can be. First, these meetings are required by regulations imposed by the Securities and Exchange Commission (SEC). An AGM, as the name suggests, is a meeting held every year for shareholders. This is the time for a company’s board of directors to present information to the shareholders and a chance for shareholders to exercise their right to vote, given to them by owning a share, after hearing the vision and direction of the company.


Some specific requirements are defined by each state in which a public or private company is incorporated, however, they follow a general set of what should happen at each. This variance comes from the company’s articles of incorporation, bylaws, and state requirements. The typical AGM breaks down as follows: 


  • Reading and approval of the minutes of the previous meeting 
  • Financial statements
  • Ratification of the director’s actions
  • Election of the board of directors
  • Concerns and questions from Shareholders


While shareholders are the focus of this meeting, they are not always available for the meeting. For this reason, they can vote by proxy via an online avenue or by mail. In addition, the SEC requires public companies to make meeting information available online for shareholders, so that they can be informed of their votes. Meeting information is also submitted to the SEC for regulatory compliance and sets the specific date and time for the meeting. These reporting requirements are a means to provide transparency for shareholders and the accountability of company management. 


The question of how often to hold an annual general meeting is every year. More specifically, from Cornell Law:


“An annual meeting of the shareholders of the subsidiary holding company for the election of directors and for the transaction of any other business of the subsidiary holding company shall be held annually within 150 days after the end of the subsidiary holding company’s fiscal year.”


Shareholders will also need to be notified a minimum of 20 days and a maximum of 50 days before the event. Outside of this yearly meeting for shareholders, if there is an action that the company needs shareholder votes for and cannot wait for the next annual meeting, they can call an Extraordinary General Meeting. EGMs are meant for urgent matters that cannot wait.

Using RegCF to Raise Money for a Non-US Business

To use Reg CF (aka Title III Crowdfunding), an issuer must be “organized under, and subject to, the laws of a State or territory of the United States or the District of Columbia.” That means a Spanish entity cannot issue securities using Reg CF. But it doesn’t mean a Spanish business can’t use Reg CF.

First, here’s how not to do it.

A Spanish entity wants to raise money using Reg CF. Reading the regulation, the Spanish entity forms a shell Delaware corporation. All other things being equal, as an entity “organized under, and subject to, the laws of a State or territory of the United States,” the Delaware corporation is allowed to raise capital using Reg CF. But all other things are not equal. If the Delaware corporation is a shell, with no assets or business, then (i) no funding portal should allow the securities of the Delaware corporation to be listed, and (ii) even if a funding portal did allow the securities to be listed, nobody in her right mind would buy them.

Here are two structures that work:

  • The Spanish business could move its entire business and all its assets into a Delaware corporation. Even with no assets, employees, or business in the U.S., the Delaware corporation could raise capital using Reg CF, giving investors an interest in the entire business.
  • Suppose the Spanish company is in the business of developing, owning, and operating health clubs. Today all its locations are in Spain but it sees an opportunity in the U.S. The Spanish entity creates a Delaware corporation to develop, own, and operate health clubs in the U.S. The Delaware corporation could raise capital using Reg CF, giving investors an interest in the U.S. business only.

NOTE:  Those familiar with Regulation A may be excused for feeling confused. An issuer may raise capital using Regulation A only if the issuer is managed in the U.S. or Canada. For reasons that are above my pay grade, the rules for Reg CF and the rules for Regulation A are just different.


This blog was written by Mark Roderick of Lex Nova Law, a KorePartner. The article was originally published on Mark’s blog, The Crowdfunding Attorney.

What is KYP?

Previously, we have talked about KYC or Know Your Client. KYC is a rule from the non-profit Financial Industry Regulatory Authority (FINRA), created in the United States in 2007, in response to the growing fears of economic collapse that could come from underregulated securities firms. One part of the FINRA rule set created in 2012 is KYC (Rule 2090). Another is Rule 2111 (Suitability). It is important to mention both of these rules, as the topic for today, KYP, or Know Your Product, directly relates to them in their effort to protect investors. 


The KYC rule dictates that in the event of opening or maintaining an account for an investor, a broker-dealer is required to verify the investor’s identity by matching the provided material from the investor to government records. This aids the government in fighting money laundering and other financial crimes, as a broker-dealer must also review their finances for evidence of these types of crime. It also allows potential customers to evaluate broker-dealers as FINRA tracks the brokers in good standing with their organization. Finally, with suitability, a broker-dealer must use reasonable effort to understand the risk tolerance and facts about a potential customer’s financial position. This means understanding the types of products and plans an investor is comfortable making, as people of different ages and levels of wealth have different plans for their money. For instance, younger adults typically have a higher risk tolerance as they have a longer-term time horizon to work with their money. On the other end, older adults have lower risk tolerance. There is no one type of investing that works for every person, as each person has a different set of circumstances dependent on their life experiences. 


Where KYP comes in is a further step past just KYC and suitability. You may know the client their investment preferences, but if you do not understand the product you are investing in for your client, that information is essentially useless. Under KYP, a broker-dealer, “must understand the structure and features of each investment product they recommend. This includes costs, risks, and eligibility requirements. The KYP requirement applies to both the firm and the individual.


KYP expands on the suitability requirement from FINRA by requiring a full understanding of each investment so that it fits an investor and their specific risk tolerance more effectively. This involves:


  • The risk level of the investment, meaning its liquidity, “price volatility, default risk, and exposure to counterparty risk” 
  • Any costs associated with fees or embedded costs
  • The financial history and reputation of the issuer or parties involved
  • Any legal and regulatory framework that applies


Just as it is important to know your client and understand what types of investments are suitable for regulatory and business purposes, it is important to understand the products you recommend. 

What is the Difference Between Fiduciary Responsibility and Regulatory Requirement?

By definition, a fiduciary is a person or an organization who holds a legal or ethical relationship of trust with another person or organization. Typically, this has to do with the responsibility or duty in a financial sense. As an adjective, it gets defined by the Oxford dictionary as “involving trust, especially with regard to the relationship between a trustee and a beneficiary.” The word gets most commonly used when stating that a company has a fiduciary duty to its shareholders. In practice, this means that the company has an ethical and legal responsibility to act in the best interest of its investors. For example, the company and its executives need to protect a shareholder’s financial investment in that company and is an example of a duty of loyalty. Included also is a duty of care, which indicates that a fiduciary will not back away from their responsibility.


Fiduciary duties do not just relate to the financial sector. For example, a lawyer has a fiduciary duty to their client to act in their best interest, but we will focus on the financial sector. Fiduciary responsibility in finance is a relationship between two non-governmental entities. In contrast, a regulatory requirement is a rule that a government or government-related organization imposes and enforces onto an organization.


Many governmental organizations impose regulations on the financial sector, like the Office of the Comptroller of the Currency or the Federal Reserve Board. The governmental-related organizations are the Financial Industry Regulatory Authority (FINRA) and Securities and Exchange Commission (SEC). We have previously discussed the regulations passed by both FINRA and the SEC in preceding blogs, which detail those processes well.


Both fiduciary responsibility and regulatory requirements can result in legal action if there is a breach in conduct, but the actors and stage are different. With fiduciary responsibility, the beneficiary of the fiduciary duty would file suit against the trustee in civil court who knowingly or unknowingly failed in their duty. This is a relationship between non-governmental actors, so in this case, a person litigating against an organization or vice versa.


On the other side, regulatory requirement gets dictated by a government entity like the SEC or OCC suing a company or individual for failing to comply with the law. This suit would land in criminal court, with punitive fines, damage to their reputation, and sanctioning. For example, in California, you need to be a registered broker-dealer for a Regulation A+ offering. If you decide as a company to ignore this law, the state regulator can, and will, require you to return all money raised, and you can get barred from raising money in the state. You will get labeled as a bad actor, which will damage the reputation of your business.


While fiduciary duty and regulatory requirements are different in terms of the responsibilities, actors, and negative consequences involved when failing to comply, they are critical to follow and maintain.

Why are Background Checks Important?

Money laundering is a global issue, with the United Nations estimating that between $800 billion and $2 Trillion are laundered each year, with 90% of this estimation remaining undetected. Money laundering is the act of taking money obtained through illegal activities and then introducing it into the system to legitimize or clean it and then make use of it. Originally, and most often, this was applied to the actions of organized crime but has expanded to included tax evasion or false accounting. 


The United States has multiple laws to prevent this type of activity and reclaim the illegitimate assets from criminals aiming to circumvent the system. Many of these laws directly affect the financial institutions of the nation. American banking and investment businesses need to follow compliance regulations that help in the effort to combat money laundering, including FINRA’s (Financial Industry Regulatory Authority) Rule 2090 (KYC or Know Your Client). The Know Your Client rule was introduced by FINRA to require broker-dealers to use reasonable effort to verify the identity of customers (or any other account owners) and assess their risk level. Part of this goal is to add transparency to the financial institutions in America, especially following the 2007-2008 financial crisis, and incorporate Anti-Money Laundering (or AML) compliance into the structure of our institutions.


AML and KYC are extensions of the Bank Secrecy Act and the CDD (Customer Due Diligence) Rule. The act, created in 1970, aims, as the Financial Crimes Enforcement Network states, “to improve financial transparency and prevent criminals and terrorists from misusing companies to disguise their illicit activities and launder their ill-gotten gains.” So, through the Know Your Client rule, broker-dealers must evaluate the information provided by a potential customer and verify their identity against government documents and assess the risk level they pose towards financial crime. 


This activity is a check for any indication of money laundering or terrorism financing. Part of this is a background check or a customer screening, checks beyond their identity. Using the customer’s identity, financial institutes check against various lists, like sanction lists, watch lists, and PEP lists to evaluate if the customer may be engaging in illegal activities. 


Background checks get followed by continuous monitoring, allowing broker-dealers to better spot irregularities in the transactions. For instance, in the event of large cash transactions, those typically over $10,000. Amount exceeding this amount must be reported and monitored. All to say that many governments and non-government institutions require compliance to defend against this issue that gets taken very seriously. Throughout 2020, there were several institutions fined for violating AML related compliance. Kyckr compiled these together and found that: 


  • Twenty-eight financial institutions were issued fines for AML-related violations.
  • Regulators from 14 countries issued AML-related fines.
  • Fines totaled roughly $3.2 billion USD.


Failing to follow the laws and maintain compliance can have serious consequences for financial institutions. Ensuring that you do the proper level of due diligence, follow the Know Your Client rule, and perform a background check can protect your business. 


What is KYC?

In 2007, the SEC approved the founding of the non-profit Financial Industry Regulatory Authority (FINRA). FINRA was created in the wake of a failing economy to consolidate the regulation of securities firms operating in the United States. The authority’s responsibilities include “rule writing, firm examination, enforcement, arbitration, and mediation functions, plus all functions previously overseen solely by NASD, including market regulation under contract for NASDAQ, the American Stock Exchange, the International Securities Exchange, and the Chicago Climate Exchange.”

The mission is to safeguard the investing public against fraud and bad practices. To fulfill this mission, FINRA added two rules in 2012: Rule 2090 (KYC or Know Your Client) and Rule 2111 (Suitability). 

KYC works in conjunction with suitability to protect both the client and the broker-dealer and help maintain fair dealings between the parties. The Know Your Client rule is a regulatory requirement for those responsible for opening and maintaining new accounts. This rule requires broker-dealers to access the client’s finances, verify their identity, and use reasonable effort to understand the risk tolerance and facts about their financial position. 

KYC is an important rule as it governs the relationship between customer and broker-dealer and safeguards the proceedings. At the heart of this rule is the process that verifies the customer’s identity (or any other account owners) and assesses their risk level. Part of FINRA’s goal is to eliminate financial crime, which means that when a broker is accessing a potential customer, they are looking for evidence of money laundering or similar crimes. This process goes both ways as FINRA allows a customer to verify the identity of brokers in good standing with the organization.

KYC also goes hand-in-hand with the Anti-Money Laundering (AML) rule, which seeks to identify suspicious behavior, outlined under FINRA rule 3310. Crimes such as terrorist financing, market manipulation, and securities fraud are illegal acts that KYC, AML, and other rules aim to prevent.

Another part of the Know Your Client rule is the requirement of a broker-dealer to use reasonable effort to understand a client’s risk tolerance, investment knowledge, and financial position. For example, accredited investors can make Regulation CF and A+ investments without facing restrictions, while the everyday investor is limited based on their net worth and income. 

When making recommendations for a client, a broker-dealer must comply with Rule 2111, the suitability rule, which means that they must have reasonable grounds for this suggestion based on a review of the client’s financial situation.

Compliance with these rules is maintained by following policies and best practices that govern risk management, customer acceptance, and transaction monitoring. Due diligence is done to know a client needs to be recorded, retained, and maintained so that broker-dealers can continuously monitor for suspicious or illegal activity. In 2020, FINRA processed 79.7 billion market events every day and imposed $57 million in fines. 

What is RegTech?

In the wake of the 2008 economic crisis and the subsequent recession that followed, there was a push to create new regulations to govern financial institutions in the United States. With these regulations came requirements that businesses had to follow to be compliant with the new laws. What followed the new regulations was a rise in companies offering services to help companies manage compliance easily and efficiently, both in time and cost. This is the purpose and application of RegTech.

RegTech, or Regulatory Technology, is more specifically the use of technology to manage regulatory processes within the financial industry. The goal of companies that offer RegTech is to use cloud computing, machine learning, and big data to drive automation and lift a majority of the burden of complicated compliance requirements of the compliance teams in businesses, to reduce human error, and accomplish difficult tasks more efficiently. As regulations become more robust and regulators are demanding more transparency in the forms of auditability, traceability, and automation, a company that is required to comply with a lot of regulations cannot easily subsist without some form of RegTech to help them avoid the risk of sanctions.

RegTech services help to compile large amounts of data in secured and compliant ways, as well as comb that data for risks to the organization. While these services affect the budget of a company, it is arguably canceled out by the amount of time and energy saved by simplifying the complex processes. 

For example, let’s say a bank was previously doing all of their regulation audits manually, scanning the compliance law and solving what pertains to them, what they need to do, and how they need to do it to be compliant. While they could feasibly do this, it will take a considerable amount of time if the compliance officer tasked with this job is not a master of the laws pertaining to their enterprise. Then, following that long process, the bank will need to show the reporting, who did the reporting, when it was pulled, and keep the information secured. 

This type of manual process is solved by RegTech. Not only will your data be secured, but it will also be accessible and timestamped, so you can demonstrate who complied, how they complied, and when they complied by logging all of the actions a user takes and creating a trail.

This is one example of how RegTech helps in a compliance situation, but it is also used by regulators to help reduce the time it takes to investigate compliance issues. While these are the more well-known aspects of RegTech, it also helps in many more categories within the financial sector, such as:

  1. Reporting
  2. Anti-money Laundering 
  3. Compliance
  4. Governance
  5. Risk Management
  6. Management and Control 
  7. Transaction Monitoring

As the financial industry continues to rely more and more on data and technology, RegTech will continue to grow to keep up with the demand for more applications from companies and regulators alike. 

Meet the KorePartners: Louis Bevilacqua of Bevilacqua PLLC

With the recent launch of the KoreConX all-in-one RegA+ platform, KoreConX is happy to feature the partners that contribute to the ecosystem. 


For the past 25 years, Louis Bevilacqua has served as a corporate and securities lawyer. After spending the majority of his time at large, international law firms, Louis discovered his passion for “representing entrepreneurs and helping them accomplish their goals.” Noticing that it was often more difficult to help small or microcap companies, Louis began his firm to eliminate the prohibitive costs typically associated with large law firms. 


Utilizing technology to allow lawyers to work virtually, Bevilacqua’s savings are passed onto its clients. Now, small companies can access the same top-tier resources that previously only large ones may have been able to afford. “Since most of our attorneys, like me, have decades of experience at big firms, we know how deals are supposed to be done and can provide excellent representation at lower price points,” Louis said. 


Not only is Bevilacqua’s team comprised of experienced lawyers, but many are also entrepreneurs. Understanding first-hand the challenges that small companies face, they are experienced problem solvers that are both flexible and proactive. Also, Louis says that “we also have a vast network of contacts with investors, broker-dealers, transfer agents, Edgar printers, audit firms and other service providers in the industry and can easily make the right referrals to anyone that the company needs.”


Through the JOBS Act and RegA+, investors have access to investments that they may not have had previously. Since the SEC requires substantial disclosure for RegA+ offerings, investors are provided more detailed disclosures than other private offerings. Companies also benefit from the lower costs associated with RegA+. Since it is more flexible and cheaper than a traditional IPO, the cost is not prohibitive. One of the primary reasons that Louis supports the regulations is that it “helps facilitate the raising of capital for smaller issuers, who always need capital and do not have as many avenues to obtain it.”


However, Louis also thinks that the resale market could be improved. Currently, companies looking to allow their shares to be traded “must identify a market maker willing to file a 211 application with FINRA”, which can be a difficult process. Making this process easier will allow more people to trade the shares purchased through a RegA+ offering. Additionally, for investors to deposit the shares they’ve purchased into a brokerage account, they typically must incur the fees associated, as the brokerage is generally required to perform their due diligence. 


For companies looking to raise money through RegA+, Bevilacqua provides clients with the legal services they need for a successful offering. Whether they need help “testing the waters,” filing the offering statement, drafting shareholder agreements, etc., Louis and his team provide expert guidance. Also, “ having a platform like KoreConX that brings all the components necessary to accomplish a Reg A offering in one easy to use platform is a fantastic tool to help us help entrepreneurs raise capital.” 

What is the Role of a Corporate Secretary?

A Corporate Secretary is a required position set forth by state corporation laws and is part of the ‘check and balance’ on board members and offers the board advice and support. While providing the company with advice on the state laws, they are also tasked with ensuring that board members maintain their fiduciary duties to shareholders. 


One way they do this is by accurately recording and maintaining the minutes for the board meetings they usually set up. Corporate secretaries are responsible for ensuring that an adequate number of board meetings are held and that scheduling coincides with the availability of board members. They are required to comply with meeting notices and often are responsible for other logistical arrangements. This is just one of the basic tenets of the position and typically remains a constant between companies. 


Corporate secretaries are essentially a compliance officer for board members, serving as a liaison between the board, officers, and shareholders while maintaining documents that are required to keep the board and company in compliance with regulations. They also direct the activities related to the annual meeting of shareholders and share transfers. As a note, while the corporate secretary does not need to be a lawyer, they need to have sufficient knowledge of corporate and securities law to ensure compliance, so a background in law can be helpful. They should also be as well-versed in the company’s business, understanding it thoroughly to be an effective corporate secretary.


Even though the role of the corporate secretary is dynamic and complex, varying slightly between companies, the basic function of the position can be boiled down to being responsible for providing support to the board, officers, and shareholders on business matters and the laws that apply to them. Whether it is setting up, facilitating, or creating the agenda of a board or annual shareholders meeting, a corporate secretary is an essential and mandatory part of a company’s structure in the modern world of business. 

Reg CF Investment Vehicles: What Are They Good For?

In its recent rulemaking, the SEC added new Rule 3a-9 under the Investment Company Act to allow for the use of “crowdfunding vehicles” for Reg CF investments. It is important to recognize that crowdfunding vehicles are quite limited, and not at all similar to the special purpose vehicles (“SPVs”) used to aggregate accredited investors in angel or venture capital funding rounds.

In that type of SPV, there is often a lead investor or manager who may act on behalf of the investors in the SPV. Those persons could be exempt reporting advisers under the Investment Advisers Act, or even fully registered investment advisers. In this way, SPVs create real separation between the investors and the underlying issuer, with some person or entity acting as an intermediary when making decisions or providing information to investors.

For crowdfunding vehicles, on the other hand, the SEC requires that investors receive the same economic exposure, voting power, ability to assert claims under law, and receive the same disclosures as if they invested directly in the issuer itself. In particular, a crowdfunding vehicle:

  1. Is organized and operated for the sole purpose of directly acquiring, holding, and disposing of securities issued by a single Reg CF issuer;
  2. Does not borrow money and uses the proceeds from the sale of its securities solely to purchase a single class of securities of a single Reg CF issuer;
  3. Issues only one class of securities in one or more offerings under Reg CF in which the crowdfunding vehicle and the Reg CF issuer are deemed to be co-issuers;
  4. Receives a written undertaking from the Reg CF issuer to fund or reimburse the expenses associated with its formation, operation, or winding up, receives no other compensation, and any compensation paid to any person operating the vehicle is paid solely by the Reg CF issuer;
  5. Maintains the same fiscal year-end as the crowdfunding issuer;
  6. Maintains a one-to-one relationship between the number, denomination, type and rights of Reg CF issuer securities it owns and the number, denomination, type and rights of its securities outstanding;
  7. Seeks instructions from the holders of its securities with regard to:
    1. The voting of the Reg CF issuer securities it holds and votes the crowdfunding issuer securities only in accordance with such instructions; and
    2. Participating in tender or exchange offers or similar transactions conducted by the Reg CF issuer and participates in such transactions only in accordance with such instructions;
  8. Receives, from the Reg CF issuer, all disclosures and other information required under Reg CF and the crowdfunding vehicle promptly provides such disclosures and other information to the investors and potential investors in the crowdfunding vehicle’s securities and to the relevant intermediary; and
  9. Provides to each investor the right to direct the crowdfunding vehicle to assert the rights under State and Federal law that the investor would have if he or she had invested directly in the Reg CF issuer and provides to each investor any information that it receives from the Reg CF issuer as a shareholder of record of the crowdfunding issuer.

The result is that no lead investor or manager can be used, and investors will have the same rights and responsibilities as if they invested in the issuer directly.

The biggest practical effect is that Reg CF investors will appear on one line on the issuer’s cap table (addressing the “messy cap table” issue), and that line will represent the full number of beneficial owners, who each must still be notified by the issuer in the event of any decisions requiring investor action. The issuer could hire an administrator to handle communications with the investors in the crowdfunding vehicle, but there was nothing preventing an issuer from doing that previously.

However, by only existing as one line on the issuer’s cap table, and confirmed in its rulemaking, crowdfunding vehicles will count as one “holder of record” for the purposes of Section 12(g) of the Securities Exchange Act. This is the provision that says that a company has to register with the SEC and become fully-reporting when it reaches a specified asset and number-of-shareholder threshold. Up to now, crowdfunding companies have relied on a conditional exemption from Section 12(g) but some companies have worried about what will happen when they no longer comply with those conditions.

The SEC further opined that with these changes, it is possible that issuers will provide greater voting rights than has been common in Reg CF offerings. I am not sure that will be the case, as use of crowdfunding vehicles will not simplify obtaining votes for any necessary corporate consents unless the rights of investors are curtailed by the use of drag-alongs or similar provisions.

Setting up a crowdfunding vehicle will require documentation tailored to follow the terms of the securities being sold in the crowdfunding offering, and arranging for administrative tasks such as issuance of K-1s to the investors.  CrowdCheck is available to talk through the implications of using crowdfunding vehicles and whether it makes sense for your Reg CF offering.

The SEC proposes expanding the “accredited investor” definition

The SEC has proposed amending the definition of “accredited investors.” Accredited investors are currently defined as (huge generalization here) people who have net worth of $1 million (excluding principal residence) or income of $200,000 ($300,000 with spouse) or entities that have assets of $5 million. Here’s the full definition.

The whole point of the accreditation definition was that it was it was supposed to be a way to determine whether someone was able to “fend for themself” in making investment decisions, such that they didn’t need the protection that SEC registration provides. Those people may invest in private placements. The thinking at the time the definition was adopted was that a financial standard served as a proxy for determining whether an investor could hire a professional adviser. Financial standards have never been a particularly good proxy for investment sophistication, though, and some people who are clearly sophisticated but not rich yet have been excluded from being able to invest in the private markets.

The proposal would:

  • Extend the definition of accredited investor to natural persons (humans) who hold certain certifications or licenses, such as the FINRA Series 7 or 65 or who are “knowledgeable employees” of hedge funds;
  • Extend the definition of accredited investors to entities that are registered investment advisers, rural business investment companies, LLCs (who honestly we all assumed were already included), family offices, and other entities meeting an investments-owned test;
  • Do some “housekeeping” to allow “spousal equivalents” to be treated as spouses and tweak some other definitions; and
  • Create a process whereby other people or entities could be added to the definition by means of a clear process without additional rulemaking.

We are generally in favor of these proposals. However, we worry that the more attractive the SEC makes the private markets, the more that people of modest means will be excluded from the wealth engine that is the American economy. We also believe that the concerns raised about the integrity of the private markets by the two dissenting Commissioners, here and here, should be taken seriously. The real solution to all of this is to make the SEC registration process more attractive, and better-scaled to early-stage companies.

In the meantime, read the proposals and the comments, and make up your own minds. The comment period ends 60 days after publication in the Federal Register, which hasn’t happened yet.

What is Reg A plus versus Reg A?

The simple answer is that today, Regulation A (Reg A) and Regulation A+ (Reg A+) are the exact same law. There is no difference, and the two terms may be used interchangeably.

Some confusion stems from the two similar terms, and there is much misleading information about this online. I’ve even spoken at events where I’ve heard other lawyers claim the two laws are different. They are not.

Historically, there was no Reg A+, there was only Reg A. Regulation A was an infrequently used law that allowed a company to raise up to $5,000,000 from the general public, but with the company still having to go state-by-state to get Blue Sky law approval for their offering.  This expensive and time-consuming process of dealing with review of an offering by 50+ state regulators made Regulation A far too expensive and time-consuming for most issuers to only be allowed to raise $5,000.000. 

 In 2012, the Jumpstart Our Business Startups Act (JOBS Act) became law, and Title IV of that act amended Regulation A in many ways, most notably (a) doing away with the state by state blue sky law requirement and (b) raising the limit from $5,000,000 to $20,000,000 or $50,000,000, depending on which “tier” of the law is used. Congress took a virtually worthless law, and turned it into an excellent and company friendly law that has allowed many companies since to raise millions.

Interestingly, since in 2012 when the law went into effect, and even since 2015 when the SEC passed its rules allowing the law to actually be used, the law is still officially called Regulation A. But, both the SEC, and commentators also started simultaneously calling the law “Regulation A+” or “Reg A+” to note that it was a supercharged version of the old Regulation A law.

Finally, to get super-lawyer-nerdy here, the official name of the law is Regulation A – Conditional Small Issues Exemption, and is part of the Securities Act of 1933, found at 17 CFR §§ 230.251 – 230.300-230.346.

What are investor limits on investment size of both?

As noted in my other blog article, these is no difference between Regulation A (Reg A) and Regulation A+ (Reg A+). They are the exact same law.  The two terms may be used interchangeably. Therefore, investor limits on investment size are the same for either term.

However, there are investor limits on how much an investor may invest in Regulation A. These limits depend on which “tier” of the law is being used.

Tier 1 of Regulation A allows a company to raise up to $20,000,000, but the company must go through Blue Sky law compliance in every state in which it plans to offer its securities. There are no limitations on whether someone can invest, or how much someone can invest, in a Tier 1 offering. 

As a side note, Tier 1 offerings tend to be limited to one state, or a small number of states, because of the added cost of Blue Sky compliance. The SEC does not limit the amount of investment, but states may have limitations in their securities laws, so an analysis of each state’s securities laws is necessary if doing a Tier 1 offering.

Tier 2 of Regulation A allows a company to raise up to $50,000,000, and the company does not have to go through Blue Sky law compliance in any state in which it plans to offer its securities. However, there are limitations on how much someone can invest, in a Tier 2 offering if the offering is not going to be listed on a national securities exchange when it is qualified by the SEC.  If the Tier 2 offering is going to be listed on such an exchange, there are no investor limitations.

For a Tier 2 offering that is not going to be listed on a national exchange, individual investors are limited in how much they can invest to no more than 10% of the greater of the person’s (alone or together with a spouse) annual income or net worth (excluding the value of the person’s primary residence and any loans secured by the residence (up to the value of the residence).

There are no limitations on how much an accredited investor can invest in either a Tier 1 or a Tier 2 Regulation A offering.

Reg A+ Webinar: Q&A Part I

The content on this webinar and associated blogs are provided for general information purposes only and does not constitute legal or other professional advice or an opinion of any kind.

During our last Regulation A+ webinar with Sara Hanks and Darren Marble, we received dozens of questions about the topic.

As promised, we have answered each one of these questions and we are publishing the results here. To make things simple, we are diving it in Part I (Sara Hanks answers) and Part II (Darren Marble answers).

If you haven’t watched the webinar or want a recap, you can access the full version here.

Reg A+ Webinar – Q&A Part I

  • Is there a specific exemption that can be used in Canada along with Reg A to sell in Canada?

You need to check with Canadian counsel. Canada does not generally have federal securities laws as we do in the U.S., and you have to find an exemption from the Canadian equivalent of registration in each Canadian province you want to sell in. Some provinces have crowdfunding-type exemptions (not Ontario) and most have some type of exemption for sales to accredited investors.

  • If a company decides not to list on an exchange, can they have a bulletin board on their own website where their own shareholders can buy and sell their shares to others?

Under limited circumstances, yes. Any kind of “matching platform” will need to follow existing no-action letters that specify the circumstances in which a company operating some kind of introduction service for buyers and sellers will be deemed not to be a broker-dealer. You need to make sure the service does not amount to acting as a broker or an “alternative trading system” (ATS). In very general terms, the more sophisticated and automated a matching platform gets, the more it is likely to be deemed to be an ATS.

  • I am quarterbacking a Reg CF offering, they have a product that used to exist and want to bring it back. What are the top two questions I should be asking?

Do you still have the intellectual property rights to the product? And if a different/earlier company sold the product before, is that company a “predecessor” under the accounting rules?

  • Do you need to complete the offering before filing Form 211 for a listing?

In general, we have found that the market maker for a company that is going to be listed or quoted on OTC (a minority of Reg As) want to be able to confirm that all the existing shareholders were acquired in legit offerings before it files the 211, which would mean you would need the Reg A offering to be closed, but it may depend on the market maker.

  • I understand that there is a Blue Sky nuance if you do not use a BD, is this correct?

Yes. If you don’t use a broker, there are some states that won’t let you offer (Nebraska) or require the issuer to file as an “issuer-dealer.” More details here.

  • Sara and Darren have mentioned real estate, etc. in terms of companies best suited for Reg A offering, are there any Blockchain/DLT based startups that have successfully gone through the process yet?

Not yet; perhaps coming soon.

  • Can you comment, in general, on the Blockstack filing?

I’ll wait till I see the correspondence between the lawyers and the SEC (published when the offering qualifies) before I comment on the implications of this offering.

The second part of the Q&A will be published next week. If you want to read more from Sara Hanks, you can visit the CrowdCheck Blog. We highly recommend it. You can also contact Sara and her team here.

Lessons To Be Learned From The SEC’s Recent Penalties for ICO Companies

The Securities and Exchange Commission recently brought their regulatory hammer down on several ICO-related companies. After months of public statements from officials and rumors of numerous subpoenas and investigations, the SEC sent a strong and undeniable message to companies that have held unregulated initial coin offerings, and to those who are considering it.

Don’t do it.

There are lessons to be learned from these recent regulatory actions. These lessons confirm what I have been preaching in my securities law practice to all of the coin/token/crypto companies I have been talking to or representing: Follow the existing securities laws to raise capital selling tokens or be prepared to suffer some extreme consequences. In this article, I will dig into the story of Carrier EQ, also known as AirFox, whose story is a perfect illustration of the dangers a company faces when they hold an ICO without following securities laws.

I am going to get into a lot of specific facts because what AirFox did is so common in the ICO world, so we can all learn from their mistakes. I will also explain in layman’s’ terms what happened to AirFox as the SEC reviewed their offering, in an effort to provide a “heads-up” to companies that still believe they can get away with holding an ICO in the United States without going through the SEC. It appears that AirFox did not receive very good advice in their ICO, and despite all the recent warnings and negative publicity, I still have ICO companies contacting me wanting to use these same methods (“But I’m selling a utility token!”) that got AirFox in trouble.

Two things are obvious after this SEC enforcement action:

  1. You cannot call what you are selling a “utility token” and have securities laws magically not apply to your offering (see Lesson 7 below), and
  2. Unless you can definitively prove what you are selling is not a security, you need to follow securities laws in your offering.

The AirFox ICO

AirFox is a U.S. company that sells mobile technology that allows prepaid mobile phone customers to earn free or discounted airtime or data by interacting with ads on their smartphones. From August to October 2017,[1]AirFox offered and sold blockchain-issued digital tokens called AirTokens in an ICO where the company raised about $15 million to create a new international business and ecosystem. AirFox told potential ICO investors that the new ecosystem would include the same functionality of AirFox’s existing U.S. business (allowing prepaid mobile users to earn airtime or data by interacting with ads) and would also add new features such as the ability to transfer AirTokens between users, peer-to-peer lending, credit scoring, and eventually using AirTokens to buy and sell goods and services other than mobile data. In the ICO, AirFox stated that AirTokens would potentially increase in value as a result of AirFox’s efforts, and that AirFox would provide investors with liquidity by making AirTokens tradeable in secondary markets.

Any advisor who even has a basic understanding of securities law would look at this and say “Hey, AirFox, you are selling securities. You are selling tokens to the general public, that you are alluding to an increase in value, to finance a new business.” Apparently, AirFox’s “crypto advisors”[2] and lawyers (if they had any) did not bother to Google “what is a security?”[3]

The SEC Penalties

On November 16, 2018, the SEC instituted “cease and-desist proceedings” against AirFox. This means, in laymen’s terms, that the SEC told AirFox to “Stop Breaking The Law!” because the SEC is about to come in, and effectively shut their company down with penalties. As a result, AirFox reached a settlement with the SEC so they could have some hope of continuing in business. The settlement requires AirFox to:

· Pay a $250,000 fine,

· Inform each person that purchased AirTokens of their right to get their money back if they still own the tokens or if they can show they sold them for a loss,

· Issue and post a press release on the company’s website notifying the public of the SEC’s order, containing a link to the order, and containing a link to a “Claim Form” for investors to get their money back,

· File the appropriate paperwork with the SEC to register the AirTokens as a class of securities — this means the AirFox now must follow all securities regulations and ongoing reporting requirements as to these tokens — an extremely expensive requirement, and

· Deal with a lot of other ongoing reporting requirements related to these penalties to keep the SEC informed.

In essence, the SEC made AirFox pay a large fine, forced them to return up to $15 million back to investors, publicly admit on online and in the press that they broke the law, and be subject to a ton of time-consuming and expensive paperwork (disclosing information like audited financial records that investors typically need to decide if a stock is a good investment ).

How many companies that held an unregistered ICO could financially stay viable with the imposition of such penalties? My suspicion is that there are very few.

What do we learn from the AirFox settlement?

1. The SEC is going to follow the Howey test[4] at least as a baseline to determine if a token sold in an ICO is a security. AirTokens were “securities” under the Howey test because people buying the tokens would have had a reasonable expectation of obtaining a future profit based upon AirFox’s efforts, including AirFox revising its app, creating an ecosystem, and adding new functionality using the proceeds from the sale of AirTokens.

Lesson: If your token offering cannot pass muster with a well-known 76-year old Supreme Court ruling, you are selling securities.

2. If you sell tokens that are securities, you have to either (a) register the securities with the SEC or (b) qualify for one of the well-known exemptions from registration such as Regulation D or Regulation A when you sell the tokens. In other words, follow existing securities laws. AirFox, like many ICO companies, did neither of these things, which is illegal.

Lesson: This isn’t rocket science. Either file an S-1 and register your token offering or be sure you qualify under one of the exemptions from registration (like Regulation A) before you sell any tokens to anyone.

3. The SEC is going to read your “white paper”[5] and review everything[6]related to your token offering. With AirFox, the SEC specifically noted that “in September 2017, AirFox explained to prospective investors in a blog post that the ‘AirFox browser is still considered ‘beta’ quality and will continue to be improved over the coming months as we execute on the AirToken plan.’” This blog post helped the SEC satisfy one of the Howey prongs of what constitutes a security: Money from the token sale was being used in a common enterprise for the company raising capital to build their business.

Lesson: Follow securities laws in all offering documents, marketing materials, media interviews, and everything whatsoever associated with the token offering.

4. AirFox’s white paper informed investors that 50% of the proceeds of the offering would be used for engineering and research and development expenses. In AirFox’s whitepaper, the company proposed a potential timeline of development milestones which covered from August 2017 through the second quarter of 2018.[7] Again, the company’s own documentation showed they were selling securities under Howey, by explaining that the company was going to use the funds from the token sale to fulfill their business plan.

Lesson: If you are using the funds from the token offering to build your business, follow your business plan, or build your ecosystem the tokens will be uses in, you are probably selling securities.

5. In its ICO, AirFox raised approximately $15 million by selling 1.06 billion AirTokens to more than 2,500 investors. The number of investors is important: A company selling securities is required to register their equity securities under “Rule 12(g)”[8] if the class of securities was held of record by more than 2,000 persons and more than 500 of those persons were not accredited investors. In other words, if you sell securities to 2,001 total investors, or 501 non-accredited investors, you have to be registered with the SEC.[9] With more than 2,500 investors, AirFox would be subject to these expensive registration requirements, if their tokens were considered to be securities.

Lesson: Watch the number of investors in your offering. Even when you are selling tokens that are clearly securities, you must pay attention to the rules surrounding how many investors you are allowed based on the laws applicable to your offering.

6. AirTokens were available for purchase by individuals in the United States and worldwide through websites controlled by AirFox. The company is based in the United States. The websites selling the tokens in the U.S. were controlled by the company. This all subjected AirFox to the jurisdiction of the SEC.

Lesson: If your company does business in the U.S., or wants to touch the U.S. investor market, you need to follow U.S. securities laws. If you are not a U.S. company[10], and do not sell or market at all to U.S. investors, most of this article may not apply to you at all.

7. The terms of AirFox’s the ICO required purchasers to agree that they were “buying AirTokens for their utility as a medium of exchange for mobile airtime, and not as an investment or a security.” In other words, AirFox assumed they could agree with their token purchasers that they were selling a “utility token” and not a security. It doesn’t work that way. Calling something a “utility token” and saying it “is not a security” is meaningless to the SEC. As the SEC notes “at the time of the ICO, this functionality was not available. Rather, the AirFox App was a prototype that only enabled users to earn and redeem loyalty points, which could be exchanged for mobile airtime. According to the company, the prototype was “really just for the ICO and just for investment purposes so people know . . . how it’s going to work” and “[did not] have any real users” at the time of the ICO. Despite the reference to AirTokens as a medium of exchange, at the time of the ICO, investors purchased AirTokens based upon anticipation that the value of the tokens would rise through AirFox’s future managerial and entrepreneurial efforts.”

This quotation from the SEC is important for two reasons:

· It makes it clear that the AirTokens violate the Howey test. Investors purchased AirTokens anticipating that the value of the tokens would rise through AirFox’s future managerial and entrepreneurial efforts. That is, almost literally, the definition of a security contract from Howey — someone investing in a company where the company’s efforts will increase the value of the investment.

· More importantly, the SEC seems to have cracked the door open a little. The SEC specifically set out several reasons why the AirTokens are securities and not “utility tokens” …but what if those reasons did not exist? What if this ICO had taken place later, and the following facts had been in existence:

(a) At the time of the ICO, the tokens’ functionality was available,

(b) The app was a not a prototype but was fully functional,

(c) The app had real users at the time of the ICO,

(d) The tokens were being used onlyas a medium of exchange at the time of the ICO, and

(e) Purchasers of the tokens had no anticipation that the value of the tokens would rise through the company’s future managerial and entrepreneurial efforts, because the tokens were not allowed to be traded on an exchange or otherwise.

While the marketplace for such tokens would not likely yield nearly $15 million in purchasers like in AirFox’s ICO, it seems that the SEC mightentertain characterizing tokens in the scenario[11] above as not being subject to securities laws.

Lesson: You can’t call what you are selling a “utility token” and have securities laws magically not apply to you. What you call your tokens is irrelevant to the SEC’s legal analysis.

8. AirFox’s whitepaper described an ecosystem to be created by the company where AirTokens would serve as a medium of exchange and that the company would maintain the value of AirTokens by purchasing mobile data and other goods and services with fiat currency that could be then purchased by holders of AirTokens and that the company would buy and sell AirTokens as needed to facilitate the purchase and sale of goods and services with AirTokens. In other words, the investors in the tokens would, again, be relying on the future efforts of AirFox, clearly one of the Howey prongs that make the AirTokens clearly securities under the law.

Lesson: If you are relying on the future efforts of the company selling the tokens to give the tokens value, the tokens have failed one portion of the Howey test.

9. Prior to the ICO, AirFox communicated to prospective investors that it planned to list the tokens on token exchanges to ensure secondary market trading. Obviously, liquidity in any investment is a huge part of the investment decision by a purchaser, and AirFox made it clear (a very common trait in unregulated ICOs) that their tokens would be traded on crypto exchanges, so buyers could sell them and potentially make a profit. This satisfies the “investment” arm of the Howey test. If investors have a reasonable expectation of profit from being the tokens, the tokens are very likely securities.

In fact, in the middle of the ICO, AirFox announced that it was reducing the token supply from 150 billion to 1.5 billion without changing the anticipated market cap “to alleviate concerns raised by many current and potential token holders and token exchanges who prefer each individual token to be worth more.”

Imagine a tradition initial public offering of stock, where the IPO company suddenly changed the number of shares of stock available but kept the valuation of the company the same. “Hey, those shares you first-in buyers got for $20 are now worth $2000 each because we decided to sell 1/100thof the number of shares.” This kind of market manipulation would likely end of with a few people in federal prison.

Lesson 1: If you tell purchasers of your token that the tokens are going to be traded and that you are going to do things to make the tokens more valuable for these investors, you are selling securities, without any question.

Lesson 2: Changing the material terms of a securities offering in the middle of it = bad idea.

10. The SEC noted the following interesting bit of information. Following the ICO, AirFox attempted to list AirTokens on a major digital token trading platform, and answered an application question that asked, “Why would the value increase over time?” AirFox’s response was “As time lapses the features and utility of AirToken will go up as we continue to build the platform. As of today, the people are able to download our browser to earn and purchase AirTokens to redeem mobile data and airtime across 500 wireless carriers. Over the next two years, the utility of the token will expand and therefore, more people across the world will need to have AirTokens in their possession to participate on our platform and ecosystem.”

Lesson: The SEC reads and reviews everything, including interactions a company has with third-party companies.

11. AirFox offered and sold AirTokens in a general solicitation to potential investors. This means AirFox advertised the ICO to the general public and solicited investments from anyone willing to send them money. In the securities world, general solicitation is limited to certain types of securities under certain exemptions, and allowing any investor to purchase securities, regardless of their accredited status, is not allowed in most cases.

Lesson: If you are going to advertise your token offering (and how else would you get the word out and find investors?) you need to follow securities laws and regulations related to general solicitation.

12. Through a “bounty” campaign, AirFox provided “free” AirTokens to people (crypto advisors) who helped the company’s marketing efforts. AirFox entered into an agreement with a crypto advisor who had previously led similar ICO promotions by other companies. This crypto advisor received a percentage of the AirTokens issued in the ICO in exchange for his services, recruited other people to translate AirFox’s whitepaper into multiple languages and to tout AirTokens in their own internet message board posts, articles, YouTube videos, and social media posts. More than 400 individuals promoted the AirToken initial coin offering as part of the bounty campaign. These individuals also received AirTokens in exchange for their services.

While the SEC did not specifically address this point in their ruling, I would not be surprised to see some regulatory or legal investigation undertaken against these crypto advisors. Depending on several factors that there is not enough publicly available information to know for certain, it is possible these crypto advisors may have conducted illegal broker-dealer activities subject to various regulations. The advertising and marketing of securities is highly regulated and based upon the representations made by those who were paid “bounties” by AirFox, it is also possible that some of these individuals did not follow existing laws and regulations as to how such advertising should be conducted.

Lesson: Follow all securities laws and regulations related to marketing, and only deal with advisors who understand and follow securities laws. When interviewing advisors, ask them about their experience in token offerings that were done in compliance with SEC regulations, not their experience with unregulated ICOs.

13. AirFox aimed its marketing efforts for the ICO at digital token investors rather than the anticipated users of AirTokens.

· AirFox promoted the offering in forums aimed at people investing in Bitcoin and other digital assets, that attract viewers in the United States even though the AirFox App was not intended to be used by individuals in the United States.

· AirFox’s principals were interviewed by individuals focused on digital token investing.

· In a blog post, AirFox wrote that an AirToken presale was directed at “sophisticated crypto investors, angel investors and early backers” of the AirToken project and in a pre-sale, prior to the public offering, AirFox made AirTokens available to early investors at a discount.

AirFox made no effort to market the ICO to the anticipated users of AirFox tokens — individuals with prepaid phones in developing countries. Instead, AirFox marketed the ICO to investors who “viewed AirTokens as a speculative, tradeable investment vehicle that might appreciate based on AirFox’s managerial and entrepreneurial efforts.”

Lesson: If you are going to claim you are selling “utility tokens” in an offering, you should sell those tokens to the ultimate users of the tokens. If you do not, you are likely selling securities to speculating investors, and your argument of selling “utility tokens” falls apart very quickly.

Conclusion (The Final Lesson)

I’ve been talking to (and in some cases, actually representing) token and crypto companies ever since the DAO decision when the floodgates opened to companies realizing that the only safe way in the U.S. to issue a digital asset, token or coin is to follow securities laws. It’s not that hard. Every mistake AirFox made was avoidable, and everything they did to violate well-established securities laws could have been avoided if they had received good advice. Selling investments to U.S. citizens is one of the most highly regulated industries in the world. To think a company can avoid following these well-established laws and regulations just because of a new technology, and because “everyone else is doing it,” is ridiculous.

Can I start openly selling cocaine online to anyone who wants to buy it because I keep the records of the sales on a distributed ledger and track each kilo on a blockchain? No, and nobody would be so stupid to try.[12]

This is not that difficult. The final lesson is: If you want to sell tokens without following securities laws to the U.S. market, you need to be 100% certain they are not securities, and that is going to be very difficult to do in most cases. If you and your advisors are not 100% certain that what you plan to sell is not a securitiy, get advice from reputable securities counsel before you do anything.

Once more thing: if you find yourself creating arguments to get around parts of the Howey Test rather than being able to definitively prove your tokens do not fit the Howey definition of a security, then the SEC is most likely going to disagree with you, and deem your tokens to be securities.

[1]It is important to note these dates. One month before the AirFox ICO, in July 2017, the SEC announced that it viewed the tokens offered by The DAO, an ICO that raised more than $150 million in 2016, as securities. This ruling was widely reported and sent shockwaves through the “unregulated” ICO industry. It would be hard to imagine that those advising AirFox were not aware of the DAO ruling when they started their ICO one month later.

[2]Some “crypto advisors” are persons (nearly always without a law degree) who advertise that they have “helped companies raise millions” in other ICOs (none of which followed U.S. securities laws). They often have influence in the ICO community and on ICO review websites where, in many cases, the review of an unregistered ICO is based on how much money you pay the website.

[3]Or, their advisors Googled it, read the Howey test, and decided “Let’s make like an ostrich and ignore the obvious.” Advisors to ICO companies should not take the attitude of “but everyone else is doing it and raising millions of dollars so it must be okay” or, my favorite, “there are no rules for ICOs, these are unregulated!”

[4]SEC v. W. J. Howey Co., 328 U.S. 293 (1946). The “Howey Test” is the U.S. Supreme Court’s definition of what a security is and has been the law for 76 years. In a nutshell, the four-part Howey Test determines that a transaction represents an investment contract if a person (a) invests his money (b) in a common enterprise and is (c) led to expect profits (d) solely from the efforts of the promoter or a third party.

[5]A “white paper” in the ICO world is a document that explains the business and the offering. In most cases, these documents are heavy on technical language regarding the tokens and blockchain but offer little to no guidance on the financial health of the business and rarely disclose all the risks of investing in the offering. In many cases, these “white papers” are not even close to what a securities lawyer would draft for any securities offering. But, many ICO companies apparently are advised to believe their white paper, with its page of legal disclaimers copied from other white papers found online, will magically protect them from any securities laws repercussions.

[6]The SEC will look at a company’s white paper, any other offering documents, websites, social media, media interviews, and any other online or offline matter related to the offering. If it is publicly available, the SEC is going to review it. Even if it is not publicly available, the SEC may subpoena it. In the AirFox case, the SEC noted that AirFox talked about prospects for development of the AirToken ecosystem on blogs, social media, online videos, and online forums and even gave a specific example of quotes from AirFox’s principals making claims in a YouTube video.

[7]These are typical White Paper 101 inclusions in an ICO. A breakdown of what the funds will be used for (which is actually a normal part of a securities law compliant offering document) and a timeline. While there is nothing wrong with these disclosures, the problem is that these white papers rarely discuss the risks involved with the offering, and almost never disclose anything about the financial condition of the company — staples of a compliant securities offering.

[8]17 CFR 240.12g-1

[9]There are notable exceptions to this rule under certain exemptions from registration, including under Regulation A, as amended in the JOBS Act.

[10]Without getting too technical, if you are a New York City based company, with offices and employees in Manhattan, who sets up a shell company in the Virgin Islands that has no office or employees and you run that company out of New York, you are not being clever and avoiding the fact that the SEC is probably still going to consider you a U.S. company. All you have done is sent up a red flag.

[11]There are other factors to consider, as Howey is just part of the analysis as to whether something is, or is not, a security. But, for illustrative purposes, this section of the SEC’s analysis is very helpful for companies considering a token sale, because it illustrates a potential path to a token not being subject to securities laws, and the possible ability in very narrow circumstances to sell a token outside of securities laws.

[12]Okay, someone might be dumb enough to try. Never underestimate the stupidity of some people. The TV show America’s Dumbest Criminals filled three years of episodes with people who might have tried this. For the record, if a stupid criminal tries this, and says it was my idea, please remember that they are, as noted, a stupid criminal and do not believe them.

Disclaimer (because I am wearing my lawyer hat): Kendall Almerico is a securities lawyer who represents companies raising capital in JOBS Act offerings (Regulation A in particular) and companies that want to sell tokenized securities in a compliant manner through a security token offering. This article does not contain legal advice and should not be relied upon bu anyone for legal advice. It is simply the opinions of Kendall Almerico interpreting certain matters that were recently in the news. Do not rely on this article for legal advice as every situation is different. In all cases, consult your own attorney or advisors.

There, I said it.

The Three Fallacies of Smart Contracts

Smart contracts have become popular due to the extensibility of the Ethereum blockchain beyond its main foundation as a cryptocurrency platform, where it competes with Bitcoin. The phrase ‘smart contract’ caught on in the popular imagination. After all, contracts are important mechanisms for transacting business, and what better than to make our contracts smart with computers and artificial intelligence.

Unfortunately, the glib phrase ‘smart contracts’ hides the ugly truth, which consists of three fallacies:

  1. Smart contracts are smart
  2. Smart contracts are contracts
  3. Smart contracts are comprehensible

Smart contracts are approximately dumb

There’s nothing smart about smart contracts. Perhaps ‘smart’ is a matter of definition, so let me rephrase. If a simple “Hello, World!” program is considered smart, then so is a smart contract ‘smart.’ Maybe we can raise the bar one notch. Let us consider a simple program that, when you access it, determines the time of day (wherever the server on which the program runs or perhaps the browser from which a user invokes it). The code in the program implements the following logic:

If Time >= 6:00 am AND Time < 11:30 am THEN say “Hello, good morning!”

If Time >= 11:30 am AND Time < 3:00 pm THEN say “Hello, good afternoon!”

If Time >= 2:00 pm AND Time < 9:00 pm THEN say “Hello, good evening!”

If Time >= 9:00 pm AND Time <= 12:00 am THEN say “Good night, sleep well!”

If Time > 12:00 am AND Time < 6:00 am THEN say “Hi, you are up late – or did you get up early?”

The above are examples of what is called an IFTTT or “If This Then That” code. This is a bit more intelligent, but just barely. However, this is not necessarily smart enough in the financial world. The ERC-20 and its derivatives in the Ethereum world would have, one hopes, a bit more complicated IFTTT ‘rules’. For example, the protocol has a function that checks to see if the sender of the cryptocurrency actually has the amount in their account. This check is obviously important and a ‘smart’ thing to do. But, this type of check is performed by your bank when you use your bank’s debit card or credit card. However, banks don’t call their cards ‘smart cards’, even though there is more intelligence built into card processing than we give credit for.

In the age of artificial intelligence and machine learning, calling the above types of simple functionality ‘smart’ is an insult to the definition of ‘smart’. Even the earliest examples of AI software of the 60s were smarter. So, calling these ‘smart contracts’ smart is a throwback to prehistoric days of software engineering.

Incidentally, the moniker “IFTTT” is a bit of intellectual plagiaristic packaging passing off as a recent innovation. In reality, IFTTT has been around ever since the very first days of computing. All programmers know this, as well as it’s cousin, IFTTTE, which is “If This Then That Else.” Enough of this remarketing of old and well-known programming constructs.

Smart contracts are not contracts

Technologists who drool over smart contracts are obviously unfamiliar with what constitutes a contract. A loose definition of ‘contract’ may be fine for most casual applications, but for the financial world, the definition has to be legal and enforceable. Legally enforceable contracts have certain specific characteristics without which they don’t stand a chance of being defensible or enforceable. These characteristics include offer and acceptance, competence, unforced, mutual consideration, legal intent, and enforceable.

Transactions involving cryptocurrency or security tokens do not automatically become contracts because the transactions may violate one or more of the above provisions.

  1. Offer and Acceptance: One of the parties must make an offer; the other must accept it. The offer and acceptance are subject to the other requirements of contracts. For example, if someone comes up to your car when you are stopped at a red light, polishes your windshield without your consent, and demands payment, it does not obligate you, legally or morally, to pay; there was no offer of a service and you did not consent to the polishing of your windshield.
  2. Competence: Both parties must be of sound mind and competent to enter into a contractual relationship. For example, those who are mentally incompetent (in the legal sense) and minors may not enter into contracts. This assumes that the identity of the parties is known to each other and each party – or perhaps an intermediary – can assess competence. This may not be true in a decentralized crypto world.
  3. Unforced: Both parties must have entered into the contract of their own free will and knowledge. This may not be true in the crypto world where cryptocurrency can be stolen, forced at gunpoint, or mistakenly sent to another party. In all cases, the sender (or victim) has no recourse or recovery.
  4. Due mutual consideration: All parties to the contract must receive something in return in this exchange; transactions cannot be one-sided (gifts are not contracts, by definition, but otherwise perfectly legal). In a crypto world, there may not be clarity about exactly what this due consideration is and if it was mutual.
  5. Moral and legal intent: A contract to kill someone or commit an immoral act is null and void. A payment for such an action is illegal and does not constitute a contract. Obviously, this may not be easy to detect in a crypto world.
  6. Enforceable: The performance of the terms of the contract must be enforceable and observable. None of this may be true in the crypto world, because in a decentralized system with no governance, no auditing, and indeed no identity, who could observe and who could enforce?

Smart contracts are incomprehensible

In general, people find regular contracts impenetrable, especially the fine print clauses. The article “Does Anyone Read the Fine Print? Consumer Attention to Standard Form Contracts” (by Yannis Bakos, Florencia Marotta-Wurgler, and David R. Trossen) generally concludes, unsurprisingly, that very few people do so.

In those rare cases when people read contracts, they may not actually understand them fully. Contrary to popular feeling, legal contracts are not obtuse by deliberate intention. If anything, they are as incredibly precise (or at least, strive to be) as possible without the use of mathematics. Despite the attempt at precision, there is still room for miscommunication and misunderstanding, whether that is due to the inexperience of the legal counsel (rare), the inexperience of the participants (very often), or the lack of clarity of the underlying regulation (probably rather common). When the application of the law is unclear in complicated cases, the courts resort to case law. All this points to the difficulty of understanding legal contracts. If that is not persuasive enough, consider that just about in all lawsuits both parties have previously signed contracts that were drafted and reviewed by experienced lawyers on both sides, yet one of the participants had to resort to a lawsuit.

In the case of smart contracts, the primary representation of the so-called contract is not the legal document but the computer program. Even simple transactions, when implemented in code, are very difficult to understand. Computer programmers are notorious for being poor documenters (or for their writing skills in general). What is less well-known is that programmers are deeply reluctant to read other programmers’ code because code is generally impenetrable, even when that code has been written by the same programmer who is reviewing it after a lapse of time.

Lay participants of contracts, such as investors and issuers, are asked to read the code in order to infer the underlying legal provisions! This is several steps removed from the requirement to read the actual legal document itself. Every step in the process has enormous potential for misrepresentation, misinterpretation, information loss, and outright incomprehensibility.

Indeed, the research data shows that many ICOs have “backdoor centralization”, but in the most negative sense of the term (unlike responsibly governed centralization), including pump-and-dump, insider trading, no expression in code of promises made on the website or whitepaper, unauthorized and unadvertised rights of modifiability, and so on. See “New Research Finds Backdoor ‘Centralized Control’ In Many ICOs” for a good summary.

You may think that the situation with smart contracts cannot be direr. But wait, it gets worse! In a 104-page study, “Coin-Operated Capitalism,” by the University of Pennsylvania Law School, “If ICO investors  were scrutinizing smart contract code before buying into an ICO, we would expect to see (all else [being] equal) higher capital raises by teams that faithfully coded supply and vesting protections, and also disclosed their modification powers. We find no evidence of that effect in our sample.

What this means is that ICO investors are either the dumb money (generally, the uninformed retail investors), highly speculative and risk-tolerant (hopefully in amounts small enough not to matter, or those with intense fear-of-missing-out), or outright criminal in nature with deeper motives. Obviously, this is a general conclusion and does not implicate the legitimate investors who may have invested in ICOs for diversification (though the use of the word ‘invest’ or ‘diversification’ in connection with ICOs is highly suspect).

As far as ICOs go, none of this should paint all ICOs with the same broad brush. But it does call into question the underlying architectural philosophy of smart contracts in general. Smart contracts should be designed by lawyers because smart contracts are primarily contracts. Only when contracts are truly legal contracts can technologists then strive to make them more or less automated and intelligent. All this automation should be wrapped into governance, risk, audit, and manual review functions precisely because even the smartest contracts cannot anticipate all scenarios in the real world.

Now, that’s smart!

Difference between Crypto and Security Token

Is there a difference between cryptocurrency and a security token?

The answer is yes, there is a big difference. And it is time we get these right so the thick fog around this topic can begin to clear up. It is very important to understand how each of them is very different from each other.

You probably read or hear these two words every day and in most cases in the wrong context. Before we get into the difference lets make one thing clear.

Crypto or Cryptocurrency is an alternate (i.e., non-fiat) CURRENCY

All over the web, there are many discussions, blogs, articles, and tweets on using blockchain. Of course, many of them follow to the extraordinary words “Crypto”, or “Cryptocurrency” and “Security Token”.

I am amazed by the number of people who use these two words interchangeably, yet they are so different as stated above. Let’s have a look at each one in more detail.

What is Crytpo or Cryptocurrency?
Wikipedia has a clear definition: “A cryptocurrency (or crypto currency) is a digital asset designed to work as a medium of exchange that uses strong cryptography to secure financial transactions, control the creation of additional units, and verify the transfer of assets.”

Crypto or Cryptocurrency is just a currency. Other examples of currency are Dollars, Euros, Pesos, etc. These currencies are traded worldwide by currency traders. Nowadays we have the introduction of digital currencies such as Bitcoin, Ethereum, Litecoin, etc. Wikipedia has put together a list of these digital currencies.

Currencies are regulated by a securities commission or foreign exchange agencies. The rules around who can purchase currency and trade them are very simple. In most cases, it is required to be 18 years or older. ID Verification, AML (Anti Money Laundering), and some basic KYC (Know Your Customer) will be done. Not more than this is required to purchase a currency.

For trading, the platforms will need to be registered with commissions and/or regulators in their country to legally operate the exchange. This financial regulator is regulating the currency, transfer, and trading business.

What is Security Token?
In 2017 we saw the emergence of companies issuing tokens to raise capital. In countries such as USA and Canada, regulators have been very clear on this form of capital raising.

When a company offers a token from their company for an investor to invest in, the goal is for the token to trade and gain in value. Security agencies, including the SEC in the USA and the CSA in Canada, have made it clear that when companies are conducting a token offering in which the token has the ability to trade and gain in value, it must be issued as a security token.

Security Token is a tokenized security that is issued by a company. The security represents an equity position in the company. In order to issue the security, the company must comply with regulations as to how it can market the offering, who it can attract to invest in their company, reporting requirements, trading restrictions, and custodianship (Transfer Agent) requirements.

For a company to issue a security token it must:

  • Determine what jurisdiction (countries) it wants to attract investors from
  • Determine what exemption to use to offer their security token to investors (accredited or non-accredited investors)
  • Determine trading restrictions per jurisdiction and exemption
  • Determine reporting requirements per jurisdiction and exemption
  • Determine Transfer Agent requirements per jurisdiction and exemption
  • Determine if Broker Dealer is required per jurisdiction
  • Determine what regulated ATS Secondary Market is available for trading

As you can see it’s clear how different these two are from each other and there should be no confusion going forward.

Here is how the two can come together and be used in the proper context. You can use cryptocurrency to invest in a security token offering by a company. But that can only happen as long as the company has agreed to accept this form of digital currency, the investor meets regulatory requirements, the company can offer their securities in the country (Jurisdiction) of residence of the investor, and if the company is using a broker-dealer, the dealer is also prepared to accept that form of payment.

KoreSummit – an opportunity to learn about what is a fully compliant Security Token

Security Token – and all the technology and buzzwords that go with it – is not an easy topic. Search these terms online, and you can get lost in a labyrinth of links, manuals and definitive guides. Above all, you will find many experts that will guarantee this is the next big thing and they know all about it.

The complexity surrounding the security tokens is second only to the importance it carries in the financial world. It can indeed be the next big thing. If companies get the foundation and development of security tokens right, this has the potential to bring down the market as we know today.

Which only adds more pressure to get to the right information. Take, for instance, the thousands of ICO that emerged with the blockchain phenomena. Thousand of investors thought they were well informed and ended up victims of scams.

If you want to invest in the blockchain, by buying security tokens or offering it through your own company, you better listen to experts. That is why events such as the KoreSummit, in which renowned professionals share their insights with the public, are so important.

No wonder this is an invite-only event. This is exclusive information that you may not get elsewhere. All aspects around the new KoreToken protocol, including the KoreChain, Hyperledger Fabric, and Security Tokens will be discussed with the public.

Usually, you would pay a significant fee to access this type of information. But the KoreSummit is for free, in the same spirit of the KoreConX platform.

You can apply for the event here, and our team will review your application.

Hope we can meet there.