Initial coin offerings, or ICOs, those blockchain technology-backed investments that have captured the imaginations of investors and skeptics alike, have appeared and will continue to appear in SEC enforcement subpoenas and examination requests in the coming months.

For RIAs and BDs, who suffer from heavier regulatory oversight than, for example, an ICO issuer sitting offshore, receiving such a subpoena or exam request should not come as a surprise. 

In July, the SEC issued its first report on this topic concluding that some ICOs are in fact securities, meaning that the federal securities laws apply. At the same time, the SEC issued a bulletin to investors warning about various risks associated with ICOs. 

SEC Chairman Jay Clayton followed these pronouncements with a speech in which he said “it would shock me if you don’t see pump-and-dump schemes in the initial coin offering space,” specifically pointing out that the agency’s enforcement division is seeing infractions in the space.

Lo and behold, on Sept. 29, the SEC sued two ICO issuers purportedly backed by investments in real estate and diamonds, alleging fraudulent representations.

So, the SEC ICO subpoenas are out there and will continue to come. Many recipients of the subpoenas will be tempted to immediately push back and insist that their ICO doesn’t involve a security and, accordingly, the SEC has no business asking questions. 

While that may be a worthwhile position to take for ICOs that obviously don’t involve investor expectations of profits from the efforts of others, the legal definition of “security” is flexible enough to cover many types of investments, and the SEC is unlikely to be persuaded by anything but the most extreme examples falling outside that definition.

Assuming the SEC is reasonably satisfied that a security might be involved, the tougher questions will begin. 

For issuers such as the aforementioned folks peddling diamond-backed ICOs, the first question will be whether representations to investors were true. The accuracy of statements about ICOs will be an issue for brokers and advisors who wade into this area as well, particularly as trading platforms proliferate and ICOs become more readily accessible. For example, what does the ICO white paper say about the returns and risks involved; the biographies of the principals, managers or promoters; the underlying assets, and how the investors’ funds will be used? Answers to these questions will be of great interest to the SEC.

Beyond those obvious questions designed to sniff out fraud, the SEC will focus on a host of more technical, non-fraud issues. Was the ICO offering registered or exempt from registration? For private funds buying, selling or “flipping” ICOs, are they acting as underwriters or brokers? For RIAs, have custody and personal securities holdings reporting requirements been met? For brokers, have SAR and other anti-money laundering requirements been met?

In short, the SEC will be looking for violations of the sort they routinely look for in other contexts.  

Tips will have come in from the usual sources: disgruntled investors or former employees, private lawsuits, internet chatter, bounty hunter whistleblowers, among others. Because ICOs are relatively new and the SEC doesn’t have a history of investigations about them to draw on, the subpoenas will be very broad, calling for production of all relevant documents for long periods of time. And the SEC will send subpoenas to and conduct investigations of people and firms that, it will turn out, committed no violations.

Although the SEC always makes the point that its subpoenas do “not mean that we have concluded that you or anyone has broken the law” and that “the investigation does not mean that we have a negative opinion of any person, entity or security,” those conclusions can change very quickly.