Suresh Ellawala

As many readers may have noted at the time, in December the SEC filed an enforcement action against Ripple Labs and two of its executives in connection with what the SEC described as the company’s unregistered offering of securities, relating to the company’s sale of digital asset units between 2013 and the time of the filing of the enforcement complaint. In the following guest post, Suresh Ellawala takes a closer look at the issues that the SEC’s enforcement action presents. Suresh is Head of Commercial Financial Lines at Price Forbes & Partners. I would like to thank Suresh for allowing me to publish his article as a guest post on this site. I welcome guest post submissions from responsible authors on topics of interest to this blog’s readers. Please contact me directly if you would like to submit a guest post. Here is Suresh’s article.




It has been quite some time since anyone could exchange a banknote for precious metals and thus claim such a note to be a genuine proxy for a commodity. Currency today is mostly a fiction; almost a shared delusion that allows societies to conduct commerce in economies far removed from their barter or commodity-backed origins.


Cryptocurrencies may be an evolution of the money fiction: currencies not just divorced from their originating economies – but in fact divorced from any economy. Their value is instead based largely on the concept of “work” and limited availability (mining – itself an interesting reference to commodities), with no tie to any national socio-political-economic factors whatsoever.


There are all sorts of reasons as to why governments may not like this idea. This is beyond the scope of this article – for our purposes, we need to examine whether cryptocurrencies are simply currencies, or something else as well. The categorisation of cryptocurrencies matters, as different laws and regulations apply to, for example, currencies and securities. In some respects they resemble commodities or investments. For example, investors do not just use them to buy goods and services – they also stockpile them for capital appreciation purposes. In an age of quantitative easing and devaluation, the same cannot be said for many traditional currencies.


This, of course, is where the SEC has stepped in. Obviously concerned with people treating cryptocurrencies as investments, and cryptocurrency companies accessing markets without regulation, the SEC is fighting to be involved. How best to do this? To deem digital assets as “securities”. The latest company to be caught in the crossfire of regulatory authorities fighting to understand and regulate new technologies is Ripple.


Jay Clayton, SEC Chairman until December 2020, fought for the SEC’s supreme authority to regulate digital assets. He spelled this out in a 2019 letter, using the Howey test as a benchmark for determination of whether a cryptocurrency is a security. The Howey test is important. It was devised by the Supreme Court in the 1946 case SEC v. W.J.Howey & Co. for determining whether a transaction qualifies as an “investment contract”. If it does, such a transaction is subject to the 1933 and Securities Act and engenders certain registration requirements – and likely ongoing disclosure requirements under the 1934 Securities Act in addition.


Interestingly, Howey was about leasing citrus growing land to speculators – far removed from our subject, but you can see the principle. Was the land a security and opportunity to share in a future enterprise, or just land? In terms of the SEC’s attempts to regulate cryptocurrency, there are parallels with the broadband telecommunication and online gaming industries, where US regulators have attempted to use old law to regulate new industries. Many view such US regulation as significant overreaching in the absence of Congressional guidance. Regardless of one’s opinion – there is risk for directors in emerging industries.


Are all Cryptocurrencies deemed securities? Well…no, maybe, sometimes, possibly. Clayton’s letter refers to “the presence of an investment in a common venture, premised on a reasonable expectation of profits to be derived from the entrepreneurial or managerial efforts of others” – a key component of the Howey test. It seems that not all cryptocurrency tokens are securities. In fact, Clayton himself said “I agree that the analysis of whether a digital asset is offered or sold as a security is not static…”. So, even more inexactly, whether a cryptocurrency is deemed a security can change at any moment.


And so to Ripple’s woes. Clayton’s SEC denied every application for cryptocurrency exchange traded funds, took a significant interest in regulating the space, and the Ripple suit was his final act in this arena before his resignation – filed just hours before he left the building. Incidentally, the suit against Ripple triggered a USD 50Bn crash in the cryptocurrency market.


Ripple is a cryptocurrency company, founded in San Francisco in 2012. It is considered a significant player in the industry and aims to revolutionise payments (their exchange network is claimed by some to be a low cost and alternative to even SWIFT). From 2013, Ripple started raising money from investors by selling the digital asset XRP both in the US and abroad. Two executives, the current Chairman and CEO, also effected personal sales of XRP. The number of tokens sold to date are in the billions, the amounts from the raises are USD 1.3Bn plus – these are big numbers. There are many issues under discussion in the case, including incentivization of customers, but our focus is the SEC’s argument that the coins are in fact securities, and some of the implications.


The SEC’s suit is against both the company itself and individual directors, for failing to properly register any securities offering of their XRP digital assets, thus allegedly violating the registration provisions of the 1933 Act. A variety of penalties are sought.


For D&O practitioners, this both provides a headache and is where things become even more interesting. If Ripple has a policy, it may not pay for all of this. But it will be likely to be paying for at least some of it.


Let us take Ripple as a case study for a fictitious D&O policy. Ripple is a private company. Let us assume that they buy D&O coverage and that this policy, despite being for a private company, contains securities Side C with a loose definition of “security”. This is far from unusual – underwriters have often simply granted it to private companies, not anticipating a high incidence of securities litigation.


Firstly, arguments seem inevitable about whether a security exists and whether the SEC has jurisdiction at all. For carriers, a client regulated by the Securities Acts, and who can fall foul of the SEC, is in a class of its own in terms of risk profile. For brokers and other advisors, such clients require specialist knowledge, guidance and care. For such clients, there exists a unique set of risks flowing both from regulation by the world’s most active and effective securities regulator, and from the attention of the world’s most prolific private prosecutor of corporation law, the US plaintiffs’ bar.


In Ripple’s case, the current argument is whether the SEC has jurisdiction – does a “security” exist and is the 1933 Securities Act applicable? Ripple’s CEO, Brad Garlinghouse, took the fight to Twitter (a brave approach, and possibly not what his carrier would wish to see, but at least you and I can see some of the arguments in this case). There is some entertaining mudslinging to be seen too, if anyone has the time to have a look – the SEC is accused of limiting US innovation, for example.


In any event, executives have had to respond to regulatory action, and have engaged counsel. It seems likely that the D&O policy will be advancing legal costs. A “wrongful act” certainly seems to have been alleged and a demand launched so, absent a specific coverage exclusion and/or large B side deductibles, it is hard to see how a carrier would avoid paying for some legal costs under the A or B sides of the policy.


Secondly, the application of any securities entity coverage (often known as “Side C”) may rest on the argument as to whether a security exists, and if so, whether it is a security “of the company” (a common qualification to Securities Side C coverage). There is a personal suit against directors and we have imagined that our D&O policy is at least advancing their legal costs; but the company is being targeted as well. Envisage an attempt to decide allocation of coverage between directors and company. If you are Ripple, or a particularly enthusiastic D&O advisor, you may want the D&O policy to pay it all and are pushing your carrier hard. But to access the Side C, you have to admit (to your carrier at least) that XRP is a “security” under the terms of the policy. This may be unwise…


Thirdly, Ripple’s D&O providers and advisors, whilst certainly alive to the risks of cryptocurrency enterprises, may not have fully expected to be defending an SEC action (this is stretching things in our scenario – given Ripple’s stature and resources, I expect that their advisors are of the highest quality, but please bear with our scenario). This may not lead to the kind of specialist claims capability required for such events, nor the tactical experience required to deal with a client who is not only up against the SEC, but in complex litigation with technology as both the subject and a sideshow. As we see in the Ripple case, it may lead to a CEO, indignant at the charges, taking to social media – a risk in itself and in the case of our fictitious D&O policy, possible a non-co-operation/prejudice of claim argument from an insurance carrier?


We all know that the D&O market has seen appetite and capacity restrictions, and for cryptocurrency risks, coverage options are scarce, reflecting the perceived risk. How good at all of this are a cryptocurrency company’s advisors and carriers?


These are a brief snapshot of a few discussions that may surface quickly in such a case, on one issue alone, the argument about whether a token is a security. There are plenty of other issues and arguments ahead for Ripple and the SEC; including, for example, the eventual nature of any sanctions imposed if they lose and whether any fines, penalties or settlements may be recoverable via our fictional D&O policy. If Ripple loses, will other regulators outside the US feel encouraged to look at the company as well?


One thing is clear; cryptocurrency companies require an approach from the insurance industry that anticipates complex risk, rigorous coverage analysis and anticipation of regulation and litigation. Directors of such companies may often, as in many emerging, entrepreneurial industries, lack public company experience. However, given the risks, it seems that they need to conduct themselves to the standards, and take the advice, that public company directors are expected to.


For those of us who advise or cover such clients, it seems obvious that we need to and be able to understand the risks inherent, tactics required and behaviours necessary when mixing it up with the most potent securities regulator out there. Nobody knows if Jay Clayton’s ambition for the SEC in this area will be fully realised, but we know that public interest in cryptocurrency shows no sign of abating. Bitcoin recently hit an all time high of over USD41,000 per coin; the price of that famous cryptocurrency just keeps rising. As does the risk of investing in, working in, insuring and advising the industry.