Many readers may have noted SEC Jay Clayton’s January 22, 2018 speech about his agency’s scrutiny of cryptocurrencies, as well as the January 24, 2018 opinion piece Clayton wrote in the Wall Street Journal along with his counterpart from the CFTC, J. Christopher Giancarlo. In both statements, Clayton made in clear that the SEC intends to hold gatekeepers to account for their activities in connection with ICOs and cryptocurrencies. In the following guest post, John Reed Stark, President of John Reed Stark Consulting and former Chief of the SEC’s Office of Internet Enforcement, takes a look at the SEC’s cryptocurrency related focus on gatekeeper liability. I would like to thank John for his willingness to publish his article as a guest post on this site. I welcome guest post submissions from responsible authors on topics of interest to this blog’s readers. Please contact me directly if you would like to submit a guest post. Here is John’s guest post.
It is gatekeeper liability redux at the U.S. Securities and Exchange Commission, and ICO lawyers should be watching their backs.
SEC Chairman Jay Clayton recently gave an extraordinary speech at the 2018 Securities Regulation Institute in Washington, D.C., reiterating his concerns about the ICO marketplace while also adding a new twist to his ICO combat plan – hit the lawyers involved, and hit them hard.
Chairman Clayton’s stridency could not have been clearer concerning Internet Coin Offerings (“ICOs”), the method by which startups or other parties can issue cryptographic tokens in an effort to fund or bootstrap a new blockchain network. Law firms and attorneys, the so-called “gatekeepers” connected to ICOs, have moved front and center on the SEC’s radar.
In his unusually pointed remarks, Chairman Clayton did not mince words, stating:
“Market professionals, especially gatekeepers, need to act responsibly and hold themselves to high standards. To be blunt, from what I have seen recently, particularly in the ICO space, they can do better. Our securities laws – and 80 plus years of practice – assume that securities lawyers, accountants, underwriters, and dealers will act responsibly. It is expected that they will bring expertise, judgment, and a healthy dose of skepticism to their work . . . Legal advice (or in the cases I will cite, the lack thereof) surrounding ICOs helps illustrate this point . . .
First, most disturbing to me, there are ICOs where the lawyers involved appear to be, on the one hand, assisting promoters in structuring offerings of products that have many of the key features of a securities offering, but call it an “ICO,” which sounds pretty close to an “IPO.” On the other hand, those lawyers claim the products are not securities, and the promoters proceed without compliance with the securities laws, which deprives investors of the substantive and procedural investor protection requirements of our securities laws.
Second, are ICOs where the lawyers appear to have taken a step back from the key issues – including whether the “coin” is a security and whether the offering qualifies for an exemption from registration – even in circumstances where registration would likely be warranted. These lawyers appear to provide the “it depends” equivocal advice, rather than counseling their clients that the product they are promoting likely is a security. Their clients then proceed with the ICO without complying with the securities laws because those clients are willing to take the risk.
With respect to these two scenarios, I have instructed the SEC staff to be on high alert for approaches to ICOs that may be contrary to the spirit of our securities laws and the professional obligations of the U.S. securities bar.”
This was not the first time Chairman Clayton has raised concerns about lawyers advising purveyors of ICOs. He issued a comparable warning in a similarly unusual ICO Statement issued on December 1lth, 2017, stating:
“On this and other points [of this ICO statement] where the application of expertise and judgment is expected, I believe that gatekeepers and others, including securities lawyers, accountants and consultants, need to focus on their responsibilities.”
Chairman Clayton’s admonition undoubtedly triggered an earthquake among the many lawyers and law firms advising issuers and promoters of ICOs. There exists an emerging cottage industry of legal professionals who work in the cryptocurrency space – and an energetic subculture of lawyers within that space who advise on ICOs. All of these lawyers should be on their own version of high alert – because Chairman Clayton is not likely making idle threats.
But Chairman Clayton’s alarm should come as no surprise to SEC veterans and historians, because he has actually ripped a page from the playbook of perhaps the most famous and successful SEC enforcement director in history: The Honorable Stanley Sporkin.
Director of the SEC Enforcement Division from 1974 to 1981; general counsel to the Central Intelligence Agency from 1981 to 1986; and U.S. District Court Judge for the District of Columbia from 1985 to 2000, Judge Sporkin championed the principle of what has come to be known as “gatekeeper liability,” premised upon what Judge Sporkin referred to as the “access theory” of regulation and enforcement.
Judge Sporkin’s decree: Rather than merely going after every bad actor, ensure good behavior by pursuing those who control “access” to our capital markets, which will accomplish far more in the long run. Pursuing gatekeepers was also the most targeted and effective way of leveraging the SEC’s limited enforcement resources while also packing the most powerful punch.
Some 40 or so years later, Chairman Clayton’s regeneration of Judge Sporkin’s gatekeeper liability lays the regulatory foundation for a successful and vast SEC ICO assault, which will leave some ICO lawyers looking over their shoulders, and others perhaps dashing for cover.
1970s: SEC v. National Student Marketing Corporation
Stanley Sporkin began his crusade for gatekeeper liability over 40 years ago, way back in 1977, during the prime of his SEC enforcement director tenure, in an SEC enforcement action against the National Student Marketing Corporation (NSMC).
Now considered a seminal case of gatekeeper liability in financial transactions, the SEC’s NSMC case involved two partners at the law firm of Lord Bissell & Brook, who had represented Interstate National Corporation in its proposed merger with NSMC. The closing of the merger was to be conditioned upon a mutual exchange of opinion letters from each corporation’s attorneys as well as “comfort letters” from each corporation’s accountants. At the closing, the lawyers became aware of serious problems with NSMC’s financial statements, which probably should have demonstrated a net loss, rather than a net profit-held. NSMC’s auditors refused to issue a “clean” comfort letter. The lawyers knew that, but they went ahead and issued the necessary opinion letters anyway. Next, the lawyers failed to object to the closing going forward.
The NSMC SEC enforcement action quickly became a legal ethics landmark. The law firm did not make any misrepresentations or assertions during the course of the transaction (including in their opinion letter) – but merely remained silent about the financial issue. This failure to speak provided enough of a legal basis for Stanley Sporkin and the SEC to charge the law firm for aiding and abetting the fraud and the district court agreed.
Stanley Sporkin and his SEC enforcement division took the position that the lawyers participated in a fraudulent scheme when they “failed to refuse to issue their opinions… and failed to insist that the financial statements be revised, and shareholders be resolicited, and failing that, to cease representing their respective clients and, under the circumstances, and notify the SEC concerning the misleading nature of the nine-month financial statements.” The court agreed that the lawyers had an obligation to do something.
Whether the Lord Bissell lawyers should have gone public with their concerns, blowing the whistle on their client, remains a matter of debate – and that expectation probably went a bit too far. In fact, although the SEC prevailed in obtaining a judgment, the district court rejected the SEC’s theory that attorneys should be whistleblowers for the government. Judge Parker wrote in his opinion:
“Even if the attorneys’ fiduciary responsibilities to the Interstate shareholders continued beyond the merger, the breach of such a duty would not have the requisite relationship to a securities transaction, since the merger had already been completed. It is equally obvious that such subsequent action or in action by the attorneys could not substantially assist the merger.”
However, at a bare minimum, it now seems clear that the lawyers needed to close the gate, preventing fraudulent transactions from being consummated, whether it by means of withholding their opinion letters or simply advising their clients to hold off. In other words, the lawyers in the NSMC case had a duty to guard the gate and they failed to do so.
1980s: The S&L Cases
Stanley Sporkin would once again encounter the gatekeeper issue some 15 years after his victory in the NSMC case, this time from the other side of the fence, after he had moved on from SEC enforcement division director to become a U.S. Federal District Court Judge for the District of Columbia.
In the 1980s, in the aftermath of the notorious and massive Lincoln Savings & Loan Scandal, now Judge Stanley Sporkin wrote one of the most important federal securities regulation opinions in history – judicially codifying the notion of gatekeeper liability once and for all.
The massive securities fraud orchestrated by Lincoln Savings and Loan executives and its former head, Charles H. Keating Jr., after collapsing in 1989, cost over $3 billion to the federal government, leaving some 23,000 Lincoln bondholders defrauded with many investors losing their life savings. In the end, the U.S. Savings and Loan crisis of the 1980s and early 1990s resulted in the failure of 747 savings and loan associations in the United States, ultimately costing over $160 billion, about $124.6 billion of which was directly paid for by the U.S. government.
In March 1992, the Office of Thrift Supervision sent shock waves through the legal community when it initiated a $275 million enforcement action against New York’s Kaye, Scholer, Fierman, Hays & Handler and froze the law firm’s assets, all based on the firm’s alleged misdeeds in representing the now-defunct Lincoln Savings & Loan. The OTS action, together with a spate of professional liability suits by the Resolution Trust Corporation and the Federal Deposit Insurance Corporation, laid a significant amount of blame for the overall savings and loan crisis on lawyers who wittingly or unwittingly helped savings associations skirt the rules when they engaged in risky investments.
After the government took over the failed banks, including Lincoln Savings and Loan Association, during the savings and loan crisis, Keating challenged the move. In rejecting the challenge, Judge Sporkin famously wrote in his now oft-quoted opinion:
“Where were these professionals…when these clearly improper actions were being consummated?… Why didn’t any of them speak up or disassociate themselves from the transaction?… What is difficult to understand is that with all the professional talent involved (both accounting and legal), why at least one professional would not have blown the whistle to stop the overreaching that took place in this case.”
Judge Sporkin had clearly not forgotten the lasting principles of gatekeeper liability that he had championed just fifteen years earlier at the SEC. Indeed, as the presiding judge in the Lincoln S&L case, Judge Sporkin applied exactly the same analysis he used as he did when he was the lead SEC prosecutor of the NMSC case.
1990s: Enron, Worldcom and the Rest
A decade after the S&L crisis, in 2001, the same Sporkinesque gatekeeper questions arose when billions of dollars in debt from unsuccessful projects and investments resulted in the ruin of Enron, and, eventually, triggered one of the largest bankruptcies and securities frauds in history. Enron’s executives had misled its board, employees, and investors by using accounting loopholes and poor financial reporting to hide the company’s true (and wretched) financial condition.
Many executives at Enron were indicted for a variety of charges and some were later sentenced to prison. Enron’s auditor, Arthur Andersen, was found guilty of illegally destroying documents relevant to the SEC investigation which voided its license to audit public companies, effectively closing the business. By the time the ruling was overturned by the U.S. Supreme Court, the billion dollar accounting firm had lost the majority of its customers and had ceased operating. Enron employees and shareholders received limited returns in lawsuits, despite losing billions in pensions and stock prices.
Enron’s fraud, initially considered an anomaly, was anything but. Enron’s record-breaking bankruptcy was soon eclipsed by WorldCom’s, whose less sophisticated accounting fraud led to a larger restatement of earnings, a larger bankruptcy filing, and a slew of equally far-reaching civil and criminal investigations.
By 2003, federal and state regulators had initiated fraud investigations involving dozens of corporations, including Adelphia, HealthSouth, McKesson, Tyco, and Qwest, with some ninety corporate owners, executives, and employees criminally charged.
Lawyers in both the savings and loan scandal and Enron bankruptcy paid the price for their wrongdoing with prison terms and financial penalties. Enron’s downfall also impelled Congress to approve the Sarbanes–Oxley Act of 2002, prompting the promulgation of new rules that set stricter financial reporting for public companies. Along with provisions for tougher penalties for defrauding shareholders and increased accountability for auditing firms, language was inserted into the act requiring attorneys to report “up the ladder” to senior executives if they know or fear a company is doing something that is not legal.
The Sporkin Legacy of Gatekeeper Liability
The NSMC SEC enforcement action looms large as a harbinger of the S&L cases of the 80s; the Enron and Worldcom frauds of the 90s; and now the ICO frauds of today.
Judge Sporkin believed then and you can bet he believes now, that securities lawyers have a responsibility to prevent fraud and other crimes that goes beyond their duty to clients, and that they should be governed by a set of basic ethical principles that recognizes their dual responsibility to both their clients and to the public.
By successfully prosecuting the SEC’s NSMC case and by authoring his memorable opinion in the Lincoln S&L decision, Judge Sporkin solidified the notion of gatekeeper liability into one of his greatest legacies – and it makes perfect sense for SEC Chairman Clayton to continue to carry Judge Sporkin’s torch. Why? Because ICO’s have quickly become a scourge in the financial marketplace and represent a clear and present danger to investors, especially main street investors.
ICOs: The Dark Side
ICO growth has been nothing short of astonishing. Before 2017, ICOs had raised a total of about $300 million going back to 2014. Fast forward to 2017, where according to Coindesk, the ICO market raised over $3.7 billion, in 235 ICOs, including over $800 million in ICOs during the month of September 2017 alone. Some ICO platforms take any project regardless, while other ICO platforms go so far as to have an ICO to raise money for their ICO platform: an ICO of an ICO if you will.
It is beyond the imagination of most experts that financial transactions such as those involving cryptocurrencies, can occur with such an extraordinary level of anonymity, complexity and lack of transparency. Yet that is precisely what cryptocurrency allows – with the added convolution of a monetary foundation embedded within computer code on a server somewhere, rather than within a safe and secure haven like Fort Knox.
Like PayPal or credit cards, cryptocurrencies are digital currencies that can be used to send or receive payment via the Internet. But unlike PayPal or credit cards which are based on actual legal tender such as dollars, euros, pounds or yen — cryptocurrencies are completely unmonitored, operating through intricate networks of decentralized computer systems.
While its unfettered and shadowy nature remains unsettling to say the least, what is most frightening is the dark side of the cryptocurrency world. Given their anonymous nature, cryptocurrencies have evolved into the payment mechanism of choice for unlawful transactions – from buying a fake I.D. or a bottle of opiates, to receiving a cache of credit card numbers or stolen identities, to collecting a ransomware payment demand or even for funding terrorist-related activities.
ICOs: An Unregulated Chaotic Morass
Equally astonishing is that ICOs have grown largely outside of regulatory oversight and without the investor protections and disclosure requirements that apply to traditional investment offerings. In fact, ICOs provide a virtual “Driver’s Ed” film of possible securities law violations.
The panoply of illegalities associated with ICOs could fill its own legal treatise, including the unlawful: 1) offer, sale and promotion of securities; 2) operation of a stock exchange; 3) sale of an unregistered mutual fund; 4) failure to meet anti-money laundering laws; 4) sale, advertising and promotion of commodities; and the list goes on.
Above all else, the federal securities laws apply to those who offer and sell securities in the U.S., regardless whether the issuing entity is a traditional company or a decentralized autonomous organization, regardless of whether those securities are purchased using U.S. dollars or virtual currencies, and regardless whether they are distributed in certificated form or through the distributed ledger technology of cryptocurrencies.
ICOs and Fraud
As the excitement of ICOs has spread throughout the business and financial sectors, so too have the concerns that lack of regulation render the new-age currency susceptible to fraud, manipulation and to being used as a vehicle for money laundering. Chairman Clayton’s voice in particular has been especially loud and pervasive with respect to his concerns about ICOs.
Speaking on November 9th, 2017, Chairman Clayton warned that ICOs in many cases looked like securities and were susceptible to fraud and chicanery by ICO insiders, management and better-informed traders and market participants.
Veering off-script, Chairman Clayton reportedly stated bluntly:
“I have yet to see an ICO that doesn’t have a sufficient number of hallmarks of a security . . . there is also a distinct lack of information about many online platforms that list and trade virtual coins or tokens offered and sold in ICOs.”
Along these lines, the SEC has issued a slew of unprecedented official statements about ICOs including a detailed Investor Bulletin warning investors about ICOs. The SEC even went so far as to put the spotlight on social media ICO promotions and endorsements by celebrities that were not properly disclosing the celebrity’s financial relationship to the ICOs. The SEC warning admonished celebrities and other influencers that they may run afoul of securities laws when advertising cryptocurrency and other investments including ICOs.
The SEC statement did not name any specific celebrities who have used their social media platforms to promote coin offerings, though music icon DJ Khaled recently posted on Instagram endorsement for a company called Follow Coin Ltd., saying it “puts you in the game with #cryptocurrency,” while hotel heiress Paris Hilton in September took to Instagram with a photo of herself decked out in jewels to tell her 7.6 million followers that she was “looking forward to participating in the new #LydianCoin Token.” That same month, Academy Award-winning actor Jamie Foxx promoted the ICO of yet another token-related product, a free cryptocurrency trading exchange called Cobinhood.
ICOs also raise a host of criminal concerns which has prompted action. In November 2017 the U.S. Department of Justice made its first ICO-related arrest, charging Maksim Zaslavskiy of Brooklyn with securities fraud conspiracy for his role in the illegal unregistered securities offerings of an ICO. More arrests are a virtual certainty in the ICO space.
The Current SEC ICO Dragnet
ICOs are in trouble. The SEC enforcement division is devoting a significant portion of its resources to the ICO marketplace. Through statements, reports and enforcement actions, the SEC has made it clear that federal securities laws apply regardless of whether the offered security—a purposefully broad and flexible term — is labeled a “coin” or “utility token” rather than a stock, bond or investment contract.
Along these lines, SEC Chairman Clayton together with Commodities Futures and Trading Commission (CFTC) Chairman Christopher Giancarlo recently took to the Wall Street Journal editorial pages to proclaim their stand regarding cryptocurrencies and ICOs. That same day, the CFTC announced its third fraud enforcement action in a week. In the WSJ op-ed, the powerful federal regulatory duo wrote portentously:
“In recent months we have seen a wide range of market participants, including retail investors, seeking to invest in DLT [distributed ledger technology] initiatives, including through cryptocurrencies and so-called ICOs, initial coin offerings. Experience tells us that while some market participants may make fortunes, the risks to all investors are high. Caution is merited . . . The SEC is devoting a significant portion of its resources to the ICO market. Through statements, reports and enforcement actions the SEC has made it clear that federal securities laws apply regardless of whether the offered security—a purposefully broad and flexible term—is labeled a “coin” or “utility token” rather than a stock, bond or investment contract. Market participants, including lawyers, trading venues and financial services firms, should be aware that we are disturbed by many examples of form being elevated over substance, with form-based arguments depriving investors of mandatory protections.”
The CFTC has also, together with the SEC, recently increased their scrutiny of crypto and Blockchain related companies. On January 18th, the CFTC filed enforcement actions against two questionable businesses attempting to benefit from the crypto-hype. At that time, the SEC and the CFTC issued a joint statement regarding digital currency issuers, once again warning companies and exchanges that seek to avoid following the law or simply commit fraud.
The SEC also recently announced the formation of a new cyber unit to target violations involving distributed ledger technology and ICOs as part of a new effort to fight cybercrime. The new cyber unit, chartered among other things, to police ICOs, is already up and running and well-staffed with seasoned SEC professionals.
In addition, the SEC created a retail strategy task force to “develop proactive, targeted initiatives to identify misconduct impacting retail investors, including to pursue “misconduct perpetrated using the dark web,” where bitcoin and other cryptocurrencies are used to pay for illicit goods. This new team was established “apply the lessons learned from [past securities fraud] cases and leverage data analytics and technology to identify large-scale misconduct affecting retail investors.”
Together, the new SEC’s Cyber Unit and Retail Task Force have set their sights on the ICO marketplace, and have begun bringing ICO-related cases, with many more likely to follow. Few ICO market participants will likely escape the SEC dragnet – as well as the reach of state regulators, and the litany of other federal regulatory and criminal prosecutorial agencies who will surely (and eagerly) follow the SEC’s lead.
Providing Legal Advice on ICOs
Providing legal advice within the toxic environment of ICOs remains a challenge to say the least. Law firms are building cryptocurrency practices that are growing exponentially and many esteemed and successful lawyers are making good faith attempts to advise companies on how to conduct a lawful and permissible ICO. But such an undertaking is a Herculean task.
Just ask Joseph Grundfest, a former SEC commissioner during the 1980s and now a law and business professor at Stanford University, who works amid a city of invention and excitement, right smack in the middle of Silicon Valley. Professor Grundfest is no stranger to innovation, he is also co-founder and director of the pioneering Financial Engines, the first independent online advice platform, and a director of Kohlberg, Kravis, Roberts & Co.
In a recent interview with the New York Times, Grundfest said he had been contacting current SEC officials to urge them to bring ICO prosecutions, and fast. Professor Grundfest explained incredulously:
“ICOs represent the most pervasive, open and notorious violation of federal securities laws since the Code of Hammurabi . . . It’s more than the extent of the violation, it’s the almost comedic quality of the violation . . . These are not hard cases, you don’t need teams of accountants poring over complex financing documents.”
Professor Grundfest mentioned to the New York Times that several teams looking at doing ICOs had approached him to ask how to lawfully conduct an ICO, but the discussions are never very fruitful:
“I say, ‘Look, you are at very high risk for violating the securities law,’ and explain why . . . Then they go find another lawyer.”
Professor Grundfest is not just a securities regulation expert and a pioneer of novel and democratizing capital formation strategies, he also happens to be a renowned Silicon Valley brain trust, and his admonition should be taken seriously. In short, if Professor Grundfest cannot successfully and lawfully orchestrate an ICO, it is not clear that any lawyer ever can.
Many SEC historians consider the Stanley Sporkin era among the halcyon days of the SEC enforcement division: tough but fair prosecutions; thoughtful yet expeditious investigations; and a relentless pursuit of wrongdoing. It was also an era marking an enforcement program targeting not just the perpetrators of fraud but also their facilitators, i.e. the legal, accounting, financial and other professionals who, by their actions or inactions, stood complicit.
By coopting the gatekeeper mandate of the great Stanley Sporkin, SEC Chairman Jay Clayton may be ushering a similarly effective and commonsense epoch. The concept of gatekeeper responsibility has served as the bedrock of the federal securities laws since their enactment – and could provide the ideal statutory weaponry for the SEC to arm its ICO prosecutorial gauntlet.
Chairman Clayton’s speech could also be a call for help. Who better than lawyers to assist in putting an end to all of the current ICO noise and nonsense? Unlike more traditional securities frauds, ICOs need lawyers, in the least, to lend credibility to an ICO’s legality and legitimacy, and enable ICO marketers, issuers and other purveyors to better promote their ethereal and cybernetic financial product. Lawyers are well-positioned to clean up the ICO marketplace – perhaps Chairman Clayton is merely providing some, albeit unwelcome, motivation to cajole lawyers into helping the SEC with its ICO offensive.
Under any circumstance, by allowing their ICO clients to peddle unlawful securities and violate a broad range of securities laws, lawyers are failing in their role as gatekeepers. Moreover, by providing the kind of legal advice that can land a client into the SEC’s crosshairs, or even worse, into the crosshairs of criminal investigators and prosecutors, lawyers risk more than just their reputations and livelihoods. Per Chairman Jay Clayton, lawyers now also risk being investigated or prosecuted right beside their ICO clients.
Not a pretty picture no matter what the ICO lawyer’s defense and no matter how much the ICO lawyer’s good faith . . .
John Reed Stark is president of John Reed Stark Consulting LLC, a data breach response and digital compliance firm. Formerly, Mr. Stark served for almost 20 years in the Enforcement Division of the U.S. Securities and Exchange Commission, the last 11 of which as Chief of its Office of Internet Enforcement. He currently works as an adjunct professor at the Duke University Law School Winter Session and also worked for 15 years as an Adjunct Professor of Law at the Georgetown University Law Center, where he taught several courses on the juxtaposition of law, technology and crime, and for five years as managing director of a global data breach response firm, including three years heading its Washington, D.C. office. Mr. Stark is the author of, “The Cybersecurity Due Diligence Handbook.”