Month: July 2019

First ICO Qualified by the SEC Under Regulation A+

On July 10, 2019, Blockstack Token LLC (“Blockstack”), a wholly-owned subsidiary of Blockstack PBC, a Delaware public benefit corporation, became the first company to have its Regulation A+ token offering  qualified by the U.S. Securities and Exchange Commission (“SEC”).[1]

Blockstack is a technology company that offers an open-source blockchain-based network for developers to build and publish their own decentralized applications. According to Blockstack’s website, over 165 applications have been built on the Blockstack platform. Purchasers of Blockstack’s tokens (“Stacks Tokens”) will be able to use the tokens on its platform.

Token offerings have been under increasing scrutiny, especially with respect to whether or not tokens are securities. In its offering circular disclosure, Blockstack notes that the Stacks Tokens are characterized as investment contracts under the Howey test[2], though they “will not have the rights traditionally associated with holders of debt instruments, nor…equity.” The disclosure, in its discussion about the nature of its decentralized network, also references the SEC’s recent guidance on determining whether digital assets are securities, “Framework for ‘Investment Contract’ Analysis of Digital Assets”.[3]

Many blockchain-based companies  have conducted token offerings under various securities exemptions, including Regulation D, which do not require SEC approval. . One  notable difference in  Regulation D offerings is that certain types of offerings, including those involving a general solicitation component, such as advertising,  must be limited to accredited investors. Blockstack’s approval to offer its tokens under Regulation A+ will allow any retail investor to buy the Stacks Tokens.

Capital Raising Options for Companies Issuing Tokens and Other Blockchain-Based Digital Assets

In the SEC’s 2017 DAO report, the SEC staff  noted that generally all token and coin offerings are securities and U.S. securities laws apply when tokens are marketed or sold to U.S. persons, regardless of a token issuer’s location; and therefore, must be registered or exempt from registration.[4] As a result, in order to offer coin or tokens for blockchain and cryptocurrency companies,  these companies must either (i) register their securities under the Securities Act of 1933, as amended (“Securities Act”), by filing a registration statement with the SEC  or (ii)  rely on  an exemption from  the registration requirements,  such as Regulation A+ and Regulation D.

General Requirements Under Regulation A+

Regulation A+ was adopted under the Jumpstart Our Business Startups Act (JOBS Act), which allows issuers to offer to sell equity securities, debt securities, debt convertible or exchangeable into equity or any type of guarantees of such securities. Some of the general features under Regulation A+ include:

  • Broad Investor Base. Securities may be offered to both accredited  and non-accredited, or retail, investors.
  • Immediately Tradable Securities. Unlike other exemptions, such as Regulation D, that has up to a one-year lock up period, securities sold under Regulation A+ are immediately tradeable by non-affiliates of the issuer.
  • Promotion of Offering. Companies may engage in public advertising campaigns to market and promote the offering, which is not allowed in a traditional IPO or private placement, so long as any solicitation materials used after filing of the offering statement are preceded or accompanied by a preliminary offering circular or contain a notice about how to obtain the offering circular.
  • Secondary Sales. Sales of securities by selling security holders within the 12-month period after the initial offering cannot represent more than 30% of the aggregate offering price.
  • Only U.S. or Canadian Investors. Investors must have their primary place of business in the United States or Canada;
  • Ineligible Issuers. Ineligible issuers include, but are not limited to those (i) required to be registered under the Investment Company Act of 1940 and business development companies; (ii) blank check companies; (iii) issuing fractional undivided interests in oil, gas, mineral or similar rights; (iv) subject to “bad actor” disqualification under Rule 262 of Regulation A+.
  • Registered Transfer Agent. The SEC requires that issuers conducting Tier II offerings must engage a stock transfer agent under Section 17A of the Exchange Act, unless exempt. Note that Blockstack has disclosed that it is taking the position that Blockstack, the miners on the network, and the network’s blockchain are not required to register as transfer agents.

Specific Requirements Under Regulation A+

There are also specific requirements for issuers electing to take advantage of either  Tier 1 or Tier 2, which is more widely used, under Regulation A+, some of which are included below.[5]


Tier 1

Tier 2

Total Maximum Offering Amount in any 12-month Period[6] $20 million $50 million
Maximum Offering Amount to Affiliates of Issuer (Such as Insiders) $6 million $15 million
Initial Reporting Obligations
  • Financial statements may be unaudited
  • Blue sky registration required
  • Initial audited financial statements
  • Blue sky registration is preempted, though state regulators can require issuers to file any documents with them that were filed with the SEC
Post-Offering Reporting Obligations Form 1-Z (exit report filed 30 days after the termination or completion of the offering)
  • Annual audited financial statements (Form 1-K)
  • Semi-annual profit/loss and revenue reports (Form 1-SA)
  • Ongoing reporting of material changes to business (Form 1-U current report filed within 4 business days of triggering event)
  • If listed on a national exchange or an over-the-counter market, any applicable rules
Investor Qualifications None With the exception of securities that will be listed on a national securities exchange upon qualification, purchasers must either be (i) accredited investors (as defined in Rule 501(a) of Regulation D), or (i) be subject to certain limitations on their investment, including their purchase of securities can be no more than (x) 10% of the greater of annual income or net worth (for natural persons) or (y) 10% of the greater of annual revenue or net assets at fiscal year-end (for non-natural persons)
Investor Limit 2,000 pursuant to Section 12(g) of the Exchange Act None, as long as current in Regulation A+ reporting obligations.


Filing Process and Regulatory Requirements

The process of filing for a Regulation A+ offering takes at least 60 days. Companies who wish to use Regulation A+ as their path for an initial coin offering (ICO) or a securities token offering (STO) must first file a Form 1-A with the SEC. This Form 1-A includes a (i) notification of filing, (ii) an offering circular, which is more detailed than the traditional white paper created by blockchain companies and (iii) exhibits. The information includes, among other things, certain issuer information, balance sheets and related financial statements, risk factors, a business plan, plan of distribution, and Management’s Discussion & Analysis of Financial Condition and Results of Operations. The offering statements must be qualified by the SEC before any sales of securities may be made.  However, Regulation A+ does permit certain “testing the water” activities to gauge investor interest, before or after the filing of a Form 1-A, subject to certain legending and filing requirements.

Non-public submission of offering statements for review by the SEC before public filing is also permitted, but the statements must be publicly filed no less than 21 days before SEC qualification.

Potential issuers should be aware that additional regulatory requirements apply to these offerings, including anti-money laundering (“AML”) checks and investor verification, background checks on the principals of the issuer and disqualifications of “bad actors.”

Disclosure Issues

Although there is no one-size-fits-all approach, the amendments to Form 1-A filings may offer insight on the SEC’s areas of focus in offering circulars to companies considering a digital asset or token offering under Regulation A+. In addition to the traditional information, such as an overview of the business, its operations and use of proceeds, some areas highlighted in amendments as a result  of revisions prompted by SEC review include, but are not limited to:

  • Disclosure related to the terms of the tokens under smart contracts and that the tokens are expressly securities;
  • Disclosure related to liquidity and any secondary markets for sale and purchase of tokens, alternative trading systems and the clearing and settlement processes;
  • Risk disclosure related to (i) potential delays and the amount of time it will take for an issuer to deliver securities under Regulation A+ offerings for investors who subscribe to such securities; (ii) the effect of subscription agreements that have been offered; (iii) the tokens, the blockchain platform, service providers and the offering; and (iv) protection of intellectual property;
  • Investment process disclosure related to AML checks and investor verification; and
  • Financial statement revisions.

Other Considerations

Certain Liability Issues

Issuers should be aware of the other federal securities laws that are applicable to offerings under Regulation A+ that create certain potential liabilities, including:

  • under Section 12(a)(2) of the Securities Act for material misstatements or omissions in an issuer’s offering circular or in any oral communications;
  • anti-fraud liability;
  • insider trading; and
  • market manipulation.

Valuation Issues

There is not a generally accepted industry method for valuing digital securities, unlike traditional debt and equity securities; therefore, pricing of tokens may be uncertain and affected by additional factors, such as a token’s blockchain platform, expectations of future demand and usage of the platform, among other things.

Shell Companies

Investors should be aware that a shell company is not disqualified from filing under Regulation A+, as there is no requirement that an issuer be an operating company. Therefore, companies offering tokens may not be operational. However, development stage companies with no specific business plan or purpose are prohibited from relying on Regulation A+.


Although Blockstack’s is the first Regulation A+ ICO to be qualified, there is potential for other blockchain-based companies to use Regulation A+ as a viable capital-raising tool. If companies are able to have their ICOs qualified under Regulation A+, the secondary trading of such companies’ securities on alternative trading systems (ATSs) is likely to increase and be available much faster due to the non-restricted trading nature of securities initially offered under Regulation A+. In addition, many retail investors looking to participate in token offerings may have more opportunities to invest in the future under the changing Regulation A+ regime.

Until recently, many companies attempting to offer tokens under Regulation A+ have had inadequate or incomplete disclosure that has prevented SEC qualification. Now that the SEC has allowed public companies to use Regulation A+ as a means for capital raising and many  blockchain-based companies are increasingly better capitalized to support the accounting, legal and financial costs and  robust disclosure that Regulation A+ calls for, we may increasingly see Regulation A+ as a key method of issuance for blockchain-based offerings.

While the qualification of the Blockstack offering may encourage capital raising for blockchain-based companies looking to conduct token offerings in a regulated form, the costs incurred (approximately $2 million) and the time spent (over one year) for Blockstack to achieve qualification of its offering highlights that Regulation A+ may still not be the easiest and most efficient way for the majority of startup companies to raise capital.  In those situations, companies should continue to explore other exemptions from registration, including Regulation D (private placement offerings), Regulation S (offerings to non-U.S. investors) and Regulation CrowdFunding (offerings of up to $1.07 million through crowd funding).




[2] See SEC v. W.J. Howey Co., 328 U.S. 293 (1946).

[3] SEC’s Framework for “Investment Contract” Analysis of Digital Assets (Apr. 3, 2019), available at


[5] 17 C.F.R. §230.257

[6] An issuer of $20 million or less of securities could elect to proceed under either Tier 1 or Tier 2.

New Development: CFIUS’s Jurisdiction Has Expanded to Cover Non-Controlling Investments in Certain Industries

On August 13, 2018, the Foreign Investment Risk Review Modernization Act of 2018 (or FIRRMA for short) was signed into law, ushering in an unprecedented expansion in the jurisdiction of the Committee on Foreign Investment in the United States (or more commonly known as CFIUS). As our colleagues, Chuck Comey and Jim Ryan, mentioned in an earlier article, the enactment of FIRRMA capped months of escalation in the U.S./China trade relations. The expanded jurisdiction of CFIUS may result in financing transactions becoming subject to mandatory CFIUS declaration requirements prior to closing. Investors and companies alike should therefore take CFIUS considerations into account at the outset of any fundraising effort, even if the investment is not a controlling investment and the transaction is not expected to otherwise have any direct national security implications.

New development: CFIUS’s jurisdiction has expanded to cover non-controlling investments in certain industries

1. Non-Controlling Investments in “Critical Technologies”

Prior to the enactment of FIRRMA, CFIUS only had jurisdiction to review transactions that could result (directly or indirectly) in “control” (broadly defined to include as little as 10% voting interest) in U.S. companies or U.S. assets by a foreign-owned or controlled person. The CFIUS review regime was also voluntary; there was no requirement to notify CFIUS of a transaction prior to closing, even if that transaction fell within CFIUS’s jurisdiction.

With the enactment of FIRRMA, CFIUS’s jurisdiction was expanded to include, among other things, certain non-controlling investments in U.S. businesses involving critical infrastructure, critical technologies, or sensitive data pertaining to U.S. persons. This expanded jurisdiction is expected to be fully effective by February 2020 when CFIUS issues regulations implementing various FIRRMA provisions.

In the meantime, CFIUS has implemented the first stage of this jurisdictional expansion through the critical technologies “pilot program,” which applies to investments in U.S. businesses that produce, design, test, manufacture, fabricate or develop “critical technologies” (we will refer to such a business as an “Applicable U.S. Business”). Currently, critical technologies consist only of certain items controlled under the International Traffic in Arms Regulations or the Export Administration Regulations, nuclear materials and equipment, and select agents and toxins. However, the Commerce Department is currently preparing new export control regulations that will identify “emerging and foundational technologies,” which will also be considered critical technologies for CFIUS purposes. These emerging and foundational technologies are expected to include cutting-edge technology such as artificial intelligence, 3D printing, robotics, and genetic engineering, among others.

Importantly, CFIUS’s expanded review jurisdiction applies not only to such investments made directly by foreign persons, but also investments made by funds that have foreign persons as limited partners on an advisory board or committee of the fund. FIRRMA includes a limited carve-out that excludes from its jurisdiction funds that have one or more foreign limited partners, but where (i) the fund is managed by a general partner or managing member that is not a foreign person, (ii) the advisory board or committee on which the foreign limited partner sits does not control investment decisions of the fund or the general partner, (iii) the foreign limited partner does not control the fund, and (iv) the foreign limited partner does not have access to material nonpublic technical information of the portfolio companies of the fund.

2. Pilot Program Industries

A non-controlling investment by a foreign person in an Applicable U.S. Business is not, by itself, enough to trigger the mandatory CFIUS notification requirements. The critical technology produced by the Applicable U.S. Business must be one that is used in connection with the activities of the Applicable U.S. Business in one or more of the 27 specified industries (called “pilot program industries”), or that is specifically designed by the Applicable U.S. Business for use in one or more pilot program industries. The list of pilot program industries currently includes fields such as “Research and Development in Nanotechnology,” “Research and Development in Biotechnology,” “Semiconductor and Related Device Manufacturing,” and, of course, various dual-use industries.

3. Access or Influence by the Foreign Investor

The third prong of the critical technologies pilot program jurisdiction involves the extent to which the investment will provide the foreign person access to information regarding critical technologies or influence over the activities of the Applicable U.S. Business. In addition to controlling investments, non-controlling investments that meet the first two requirements above are subject to the pilot program if they would afford a foreign person (a) access to material nonpublic technical information (financial information is expressly excluded from this definition); (b) membership or observer rights on the board of directors of the Applicable U.S. Business or the right to nominate an individual or observer to the board of directors; or (c) any involvement in substantive decision making of the Applicable U.S. Business regarding the use, development, acquisition, or release of critical technology.

4. Declaration or Notice Requirement and Review Period

The parties to an investment subject to the critical technologies pilot program must submit either an abbreviated declaration or a full notice to CFIUS at least 45 days prior to closing. If the parties choose to submit a declaration, CFIUS has 30 days to review it, at the end of which CFIUS can provide one of four responses: (i) request a full written notice; (ii) inform the parties that it cannot make a determination based on the declaration alone, and that they may file a full notice; (iii) initiate a unilateral investigation of the transaction; or (iv) “clear” the transaction by informing the parties that CFIUS has concluded all action. Failure to provide the required declaration or notice could result in fines up to the total value of the investment.

If CFIUS has national security concerns with respect to a particular investment, it would seek to impose mitigation to address such concerns. Mitigation may include, among other measures, limitations on the foreign investor having access to certain target company technology and facilities. In rare cases where CFIUS determines that national security concerns associated with the transaction cannot be mitigated, CFIUS can also recommend that the President issue an executive order blocking the transaction, or for closed transactions, requiring the foreign person to divest its interest in the U.S. business (which might lead to a “fire sale”).

What does this development mean for investors and companies looking to raise funds?

Given the potentially significant penalties if a required filing is not made, investors and companies raising funds must carefully consider the relevant facts and the above legal developments (some of which are still in progress) at the outset of a financing transaction and, together with their legal advisors, develop a plan for navigating these issues.

1. Know Where You Stand; Be Prepared

For U.S. companies looking to raise money, it would be prudent to do a preliminary CFIUS risk assessment to determine, among other things, whether the technology produced by the company would be considered “critical technology” and whether it implicates one or more pilot program industries. Discussing any concerns with counsel as early as possible in the financing process will help identify risks of which management should be mindful in approaching and negotiating with investors.

2. Consider the Implications With Respect to Potential Investors

For a U.S. company that produces critical technology used in a pilot program industry, having foreign investors is not out of the question, and there may be any number of strategic reasons why having such investors may in fact provide a net benefit to the company. However, management should accept investments from foreign investors only after having considered whether additional regulatory compliance is needed. This includes determining whether the investor is a foreign person or, if an investment fund, has a foreign limited partner that may make the transaction subject to CFIUS’s jurisdiction. Some investment funds prefer not to disclose their limited partners to their portfolio companies. However, management may still ask potential investment fund investors about their investment and decision-making process to properly understand whether there is any regulatory risk. It may also be prudent for U.S. companies to include representations and warranties by investors in the financing documents to address these CFIUS risks.

3. Consider the Rights Being Provided to Investors

Some of the investor rights that would trigger a CFIUS notification requirement are rights that are commonly provided to lead investors in a financing. For example, it is common for the lead investor (and in some cases other large investors) to receive board representation and/or observer rights. Therefore, where a U.S. company that produces critical technology used in a pilot program industry proposes to take an investment from a foreign person, management must carefully consider whether certain rights should be denied to such an investor or, alternatively, whether the company will implement proper compliance procedures, including filing of a CFIUS declaration or notice.

4. Be Careful About Existing Investors, Too

Finally, the new CFIUS regulations discussed above could apply to a new investment by an existing investor as well, and not only to investments by new investors. For example, if an existing foreign investor participates in a new financing round of an Applicable U.S. Business and obtains additional control, governance, or information rights, this could trigger a mandatory CFIUS declaration requirement. As such, management must take into account the identity of existing investors in new rounds, and may need to curtail the rights of certain investors or be prepared to comply with the new CFIUS notification requirements. In connection with a review of a notified transaction for a new investor, CFIUS can also inquire about prior financings that resulted in existing investors acquiring control of the U.S. business, and request that the parties submit a CFIUS notice for such prior transactions.

Prudent risk management leads to better results

The legal developments mentioned above, as well as subsequent developments that will surely follow, yet again bring into focus the importance of proper risk management. Management and investors know very well that risk is an inherent part of any business. The key question is how will risk be managed to put the company on the best course towards success? The discussion above will hopefully help management and investors chart the right course.