The ICO Enforcement Wave (2017-2020)

The Project:
Munchee developed a restaurant review app. It planned to issue MUN tokens to reward users for reviews and enable restaurant payments.

The SEC's Analysis:

The SEC applied DAO Report framework:

Investment of Money: Purchasers paid ETH and BTC for MUN tokens.

Common Enterprise: Funds would be pooled to develop the Munchee ecosystem.

• Munchee stated tokens would increase in value as ecosystem grew
• Company promoted potential for token appreciation
• Whitepaper discussed token economics suggesting price increases

Efforts of Others: Token value depended entirely on Munchee's efforts to develop the app and create the ecosystem.

The "Utility Token" Defense Failed:

Munchee argued MUN was a utility token for restaurant reviews. The SEC rejected this:

"Even if MUN tokens had a practical use at the time of the offering, it would not preclude the token from being a security. Determining whether a transaction involves a security does not turn on labelling—such as characterizing an ICO as involving a 'utility token'—but instead requires an assessment of 'the economic realities underlying a transaction.'"

• Munchee agreed to cease and desist
• Returned all funds to investors
• No monetary penalty (given early stage and cooperation)
• First completed ICO enforcement action

Significance:
Munchee established that "utility token" framing doesn't automatically defeat securities classification. Marketing matters. Economic reality controls over labels.

The Project:
Maksim Zaslavskiy promoted two ICOs—REcoin (supposedly backed by real estate) and DRC (backed by diamonds).

The Fraud:
Neither token was backed by anything. No real estate. No diamonds. Pure fraud.

Significance:
This was fraud enforcement, not just registration enforcement. The SEC and DOJ pursue outright scams differently from good-faith compliance failures.

The Project:
PlexCorps promised 1,354% returns in under 29 days through PlexCoin.

The Fraud:
Obviously fraudulent promises. No legitimate business model.

Significance:
Another fraud case. The SEC's cyber unit prioritized clear scams alongside registration enforcement.

These companion cases established a settlement template.

Settlement Terms:

1. Register tokens as securities (file Form 10 with SEC)
2. Pay $250,000 civil penalty each
3. Provide ongoing reporting (10-K, 10-Q, 8-K)
4. Offer rescission to investors (refund opportunity)
5. Continue operating (not shut down)

Significance:

This template showed a path forward: projects could settle, register, and continue operating. Not all enforcement meant death. The registration-plus-penalty model became standard.

The Project:
Block.one raised $4.1 billion for EOS—the largest ICO ever.

The Controversy:

$24 million penalty on $4.1 billion raised = 0.58%

• Large, established projects get favorable treatment
• Penalties don't scale proportionally to funds raised
• Cooperation and resources matter in negotiations

Significance:

Block.one showed that even massive ICOs could settle on manageable terms. The disparity between Block.one's penalty and smaller projects' treatment raised fairness questions.

The Project:
Kik was an established messaging app (100+ million users). It raised $100 million through Kin token sale in 2017.

The Difference:
Unlike most ICO projects, Kik fought. The company had resources and believed its legal position was defensible.

The Ruling (September 2020):

Judge Alvin Hellerstein granted summary judgment for the SEC:

"The economic reality is that the Kin ecosystem depended heavily on Kik's entrepreneurial and managerial efforts... Kik promised to build the ecosystem upon which the value of Kin depended."

• Kik found liable for unregistered securities offering
• $5 million penalty
• Injunction against future violations
• Kik subsequently sold messaging assets

Significance:

Kik was the first fully litigated ICO case. The SEC won on summary judgment—the facts weren't even close enough to require trial. This validated the SEC's approach and discouraged future litigation.

The Project:
Telegram (500+ million users) raised $1.7 billion from sophisticated investors for the TON blockchain and GRAM tokens.

The Court's Analysis:

Judge Kevin Castel agreed with the SEC:

"Telegram engaged in an illegal unregistered offering of securities... The Court concludes that the resale of Grams into the secondary public market would be an integral part of the sale of securities without a valid registration statement."

1. The SAFT itself might comply with exemptions
2. But token delivery is a separate offering
3. If the token is a security, delivery violates registration
4. Sophisticated investors' expected resales made this effectively a public offering

• Telegram returned $1.2 billion to investors
• Paid $18.5 million penalty
• TON network abandoned
• Most expensive ICO failure

Significance:

Telegram definitively killed the SAFT framework. Having sophisticated investors and claiming exemptions for the investment agreement doesn't help if the token itself is a security that will be delivered and traded.

Analyzing 75+ actions, patterns emerge:

High Priority Factors:

Lower Priority Factors:

Standard settlement elements evolved:

• Cease and desist order

• Disgorgement (return of proceeds)

• Civil penalty ($250K-$500K typical)

• Registration requirement (File Form 10)

• Rescission offer to investors

• Civil penalty (variable, often small relative to raise)

• Sometimes no registration requirement

• Sometimes no rescission requirement

• Negotiated based on circumstances

• Asset freezes

• Full disgorgement

• Large penalties

• Officer/director bars

• Criminal referral

Projects argued they lacked "fair notice" that tokens were securities:

• No clear SEC guidance on crypto before 2017

• Reasonable people disagreed on classification

• Due process requires notice before enforcement

• Howey test is clear and has been since 1946

• DAO Report provided explicit guidance

• Projects could have sought legal counsel

• Ignorance of law isn't defense

Court Treatment:
Courts generally rejected fair notice defenses, finding Howey's framework provided adequate notice. Ripple was an exception where fair notice received more analysis (though ultimately didn't constitute affirmative defense).

Factors Associated with Better Outcomes:

1. Early cooperation: Projects that settled quickly got better terms
2. Pre-enforcement remediation: Offering refunds before SEC contact
3. Small scale: Modest raises attracted less aggressive enforcement
4. Geographic isolation: Truly non-US offerings faced less enforcement
5. Genuine utility: While not dispositive, real use cases helped
6. Resources and sophistication: Well-funded projects negotiated better

Factors Associated with Worse Outcomes:

1. Fighting when facts are bad: Kik spent millions to lose on summary judgment
2. Fraud: Triggers criminal referral and harshest penalties
3. Celebrity promoters: Attracts attention and aggravates penalties
4. Misleading statements: Makes fraud claims possible
5. Continuing violations: Ongoing sales after SEC contact
6. Profit-focused marketing: Makes expectation of profits obvious

Not every ICO faced enforcement. Thousands occurred; fewer than 100 faced action.

Why Some Escaped:

• SEC resource constraints
• Truly offshore with no US nexus
• Small enough to not be worth resources
• Failed before enforcement could matter
• Lucky timing (pre-DAO Report)

What This Doesn't Mean:

Escaping enforcement doesn't mean the offering was legal. Statute of limitations for securities violations is 5 years (civil) or longer (fraud). Projects that escaped may simply not have been caught yet—or weren't worth the resources to pursue.

Based on enforcement patterns, assess projects by:

• US investor participation with no exemption

• Marketing emphasizing profit potential

• No functional utility at launch

• Large raise amounts

• Team holding significant tokens

• Prior SEC attention to similar projects

• International focus but some US exposure

• Mixed utility and investment messaging

• Moderate raise amounts

• Active development team

• Category previously targeted by SEC

• Genuine, current utility

• Truly non-US focus

• Small scale

• Community-driven development

• No profit-focused marketing

The SEC v. Ripple case differed from typical ICO enforcement:

• XRP existed before ICO era (2012)
• Ongoing sales over 8 years (not one-time ICO)
• Ripple had substantial business operations
• Different marketing approach than typical ICOs
• Institutional and programmatic sales mixed

Result:
Torres' contextual analysis distinguished Ripple from ICO pattern. The same enforcement framework produced different outcomes because facts differed.

✅ The SEC consistently applied Howey framework. Every ICO enforcement action used the same four-element analysis demonstrated in the DAO Report.

✅ "Utility token" framing didn't prevent enforcement. Munchee and others showed that labels don't control—economic reality does.

✅ SAFT structure failed. Telegram definitively established that Reg D compliance for the investment agreement doesn't cleanse subsequent token delivery.

✅ Settlement is usually better than litigation. Kik spent millions to lose on summary judgment. Cooperation typically produced better outcomes.

⚠️ Where the enforcement line falls. Many ICOs escaped enforcement. Was this legal analysis or resource constraints?

⚠️ Whether pattern will continue. New SEC leadership, potential legislation, or different priorities could change enforcement approach.

⚠️ How settled cases should be interpreted. Settlements don't create precedent. Block.one's terms don't bind future cases.

ICO enforcement history shows the SEC applied its framework consistently but selectively. Not every violation was pursued, but the ones that were followed predictable patterns. Projects with US investors, profit-focused marketing, and substantial raises faced the highest risk. Understanding these patterns helps assess regulatory risk—but doesn't guarantee any particular project is safe.

Assignment: Select three ICOs from 2017-2018 that were NOT subject to SEC enforcement. Analyze why they may have escaped enforcement and assess their ongoing legal risk.

Requirements:

• Identify three ICOs that raised >$10 million but faced no public SEC enforcement
• Briefly describe each project and amount raised

Part 2: Analysis for Each ICO (400-500 words each, 1,200-1,500 total)

• Enforcement risk factors: What factors should have attracted enforcement?

• Potential explanations: Why might they have escaped? (geography, timing, resource constraints, legal structure)

• Current status: Is the project still operating? Tokens still trading?

• Ongoing risk: Could enforcement still occur? What's the statute of limitations exposure?

• What common factors do these three projects share?

• Do their escapes reflect SEC policy or resource constraints?

• What does this tell you about relying on "no enforcement = legal"?

• 1,800-2,200 words total

• Clear section headers

• Specific facts about each ICO

• Honest acknowledgment of uncertainty

• Quality of ICO selection (20%)

• Depth of risk factor analysis (30%)

• Thoughtfulness of explanation (25%)

• Pattern analysis quality (25%)

Time Investment: 2-3 hours
Value: This exercise develops skill in distinguishing legal compliance from enforcement luck—essential for realistic risk assessment.

1. Munchee's "Utility Token" Defense:

Munchee claimed MUN tokens were utility tokens for restaurant reviews. How did the SEC respond?

A) The SEC agreed and dismissed the investigation
B) The SEC held that utility token classification automatically exempts tokens from securities laws
C) The SEC found that even if tokens had utility, the profit-focused marketing and economic reality of the offering meant it was still a securities offering
D) The SEC found Munchee guilty of fraud for claiming utility

Correct Answer: C
Explanation: The SEC stated that "even if MUN tokens had a practical use at the time of the offering, it would not preclude the token from being a security." The analysis focuses on economic reality, including how the offering was marketed, not just on labels or potential utility. Munchee's marketing emphasized profit potential, making it a security regardless of utility claims.

2. Block.one Settlement:

Block.one raised $4.1 billion through the EOS ICO and settled with the SEC for $24 million. What did this settlement suggest about SEC enforcement?

A) The SEC will always pursue maximum penalties proportional to funds raised
B) Penalties don't necessarily scale with offering size; large, established projects may negotiate favorable terms relative to smaller projects
C) The SEC determined EOS was not a security
D) Block.one was found not guilty of any violations

Correct Answer: B
Explanation: The $24 million penalty represented only 0.58% of funds raised—far less proportionally than penalties in smaller cases. This suggested that settlement terms depend on negotiating leverage, cooperation, and circumstances rather than a fixed formula. Critics argued this made enforcement a cost of doing business for well-resourced projects.

3. Telegram's SAFT Structure:

Telegram raised $1.7 billion using a SAFT-like structure, selling to sophisticated investors under claimed exemptions. Why did the SEC still block the token distribution?

A) SAFT agreements are illegal under securities law
B) The SEC found that even if the investment agreement complied with exemptions, the subsequent token delivery was itself a securities offering; if the tokens were securities, delivering them without registration violated the law
C) Telegram failed to file the required Form D
D) The sophisticated investors refused to accept delivery of tokens

Correct Answer: B
Explanation: Judge Castel found that "the resale of Grams into the secondary public market would be an integral part of the sale of securities without a valid registration statement." The SAFT structure treated the investment agreement and token delivery as separate events. The SEC argued (and the court agreed) that if the token is a security, delivering it is itself an unregistered securities offering—regardless of whether the investment agreement complied with exemptions.

4. Kik Litigation:

Kik was the first ICO case to be fully litigated rather than settled. What was the outcome?

A) Kik won at trial, establishing that utility tokens are not securities
B) The court granted summary judgment for the SEC, finding that Kik's token sale was an unregistered securities offering without needing a trial
C) The case was dismissed because the SEC lacked jurisdiction over messaging apps
D) The case is still pending appeal

Correct Answer: B
Explanation: Judge Hellerstein granted summary judgment for the SEC, meaning the facts were so clear that no trial was necessary. The court found that "the economic reality is that the Kin ecosystem depended heavily on Kik's entrepreneurial and managerial efforts." This validated the SEC's enforcement approach and discouraged future defendants from litigating rather than settling.

5. Enforcement Patterns:

Based on ICO enforcement history, which factor most strongly predicted SEC enforcement action?

A) The technical sophistication of the blockchain
B) US investor participation combined with profit-focused marketing and substantial amounts raised
C) Whether the project used proof-of-work or proof-of-stake consensus
D) The nationality of the founding team

Correct Answer: B
Explanation: Enforcement patterns show the SEC prioritized: (1) US investor participation (jurisdiction), (2) profit-focused marketing (clear Howey element satisfaction), and (3) substantial raises (worth enforcement resources). Technical details like consensus mechanism or founder nationality were less predictive than these economic and marketing factors.

For Next Lesson:
Lesson 10 examines the Torres Framework from SEC v. Ripple—the contextual analysis that distinguished institutional from programmatic sales and potentially changed how secondary market trading is analyzed.

End of Lesson 9

Total words: ~5,400
Estimated completion time: 55 minutes reading + 2-3 hours for deliverable