The Securities and Exchange Commission banned the founder of a company that it claimed was involved in an illicit initial coin offering of a new digital token from ever serving as an officer or a director of a publicly-traded or reporting company. Importantly, although this action involved an ICO, the relevant digital token was not associated with any proposed new application on any blockchain. The SEC also fined a combined investment adviser and broker-dealer for not having written policies and procedures designed to detect misappropriation of customer assets by rogue representatives. And, unfortunately, misappropriation occurred. As a result, the following matters are covered in this week’s edition of Bridging the Week:
According to the SEC, during the relevant time, the respondents sought to raise US $5 million through an initial coin offering of TOMs to support an oil and gas exploration project. Potential purchasers of TOMs were told they could trade their digital tokens on a token trading platform for potential profits and would have an option to convert their TOMs into Tomahawk equity at a later time.
TOMs were marketed as “low risk” with high potential rates of return, said the SEC. Moreover, the SEC noted that Tomahawk claimed that its “risk-adjusted returns are exceptional,” and implied it had a lease for oil drilling when it did not. The SEC charged that these and other promotional statements were materially false and misleading. Additionally, Tomahawk's website pronounced that the company's principals were "successful citizens with flawless backgrounds" when, in fact, Mr. Laurance was convicted in 1993 of mail fraud and for providing false information to the SEC in connection with a penny stock scheme he promoted and controlled.
Apparently, the respondents did not raise any funds through their ICO. However, said the SEC, Tomahawk issued 80,000 TOMs to persons in exchange for online marketing and promotional services as part of a so-called “Bounty Program.” Recipients of TOMs were able to convert their digital tokens to other crypto assets on a decentralized platform.
The SEC claimed that the Bounty Program constituted the offer and sale of securities that were required to be registered (or issued pursuant to a bona fide exemption) but were not.
In addition to his agreement to an officer, director and penny stock bar, Mr. Laurance agreed to pay a fine of US $30,000 spread out over 1020 days, and both respondents consented to a cease and desist order. (The payment schedule appears to reflect the SEC's acknowledgement of Mr. Laurance's poor financial condition.) The respondents did not admit or deny any of the findings by the SEC with limited exception.
Separately, a federal court in Brooklyn, New York held that two non-United States based individual defendants and an unincorporated entity they controlled – PlexCorps – had sufficient contacts with the US to sustain the court’s personal jurisdiction over them in connection with in an SEC enforcement action against them related to another purported fraudulent ICO.
Last year, the SEC obtained an emergency asset freeze from the court to halt the ICO which involved PlexCoin digital tokens that began in August 2017. According to the SEC, the ICO – which was orchestrated by Dominic Lacroix and Sabrina Paradis-Royer of Quebec, Canada, through PlexCorps – was marketed as a means for investors to obtain a new “tokenized currency” that would net early purchasers a very high rate of return. These returns would supposedly derive from the appreciation in value that would result from investments PlexCorps would make with the ICO’s proceeds; proceeds distributed to investors from PlexCorps’ profits; and the appreciation in value of PlexCoins when traded on digital asset exchanges.However, charged the SEC, the defendants’ offering was fraudulent and the proceeds of the ICO were never to be used for legitimate business development. (Click here for further background in the article “SEC Obtains Emergency Asset Freeze to Stop Purportedly Fraudulent Initial Coin Offering” in the December 10, 2017 edition of Bridging the Week.)
The individual defendants subsequently challenged the court’s personal jurisdiction over them. The court, however, denied this challenge claiming that the individual defendants had sufficient contacts with the US in connection with their purported fraudulent activity. These contacts included doing relevant business while physically traveling in the US, using US-based payment services, and marketing their products to US persons using the Internet.
The individual defendants also sought to have dismissed PlexCorps for lack of personal jurisdiction too. However, the court said the defendants offered no legal authority for their counsel to make this motion and therefore denied it.
Legal Weeds: Although respondents in the Tomahawk case used digital tokens and an ICO to commit their purported wrongdoing, in the end, this case apparently involved a plain vanilla unregistered stock offering fraud. The TOMs were simply used as a vogue new medium to raise funds. There was no association between TOMs and any proposed new blockchain application and not any attempt by respondents to market TOMs as utility tokens. As I was quoted in the NY Post this week, “This is just another wolf in a different type of sheep’s clothing, but it’s still sheep’s clothing” – let alone, ultimately, a wolf! (Click here for access to the relevant NY Post August 14, 2018 article.)
(Typically, the term “utility token” references a digital token that has express functionality authorizing a holder to access or purchase assets based on a specific blockchain technology.)
The SEC has cautioned that digital tokens issued through ICOs to raise funds may be securities, even if the expectation of profits to purchasers is solely through secondary market trading. This would be the case even if such tokens might be labeled as utility tokens. (Click here for background in the article “Non-Registered Cryptocurrency Based on Munchee Food App Fails to Satisfy SEC’s Appetite for Non-Security” in the December 17, 2017 edition of Bridging the Week.) Since issuance of its DAO report in July 2017, officers of the SEC have generally voiced the opinion the most if not all ICO-issued tokens are likely investment contracts and thus securities. (Click here for an example, in the article “SEC Chairman Warns Lawyers Providing “It Depends” Advice on ICOs” in the January 28, 2018 edition of Bridging the Week.)
Recently, William Hinman, Director of the SEC’s Division of Corporate Finance indicated that he could envision that certain utility tokens might not always be securities. He said that such a conclusion might be appropriate “where there is no longer any central enterprise being invested in or where the digital asset is sold only to be used to purchase a good or service available through the network on which it was created.” (Click here for background in the article “Anything but Sleep Inducing: SEC Corporate Finance Director Says Ether Not a Security and Canada Issues Guidance on Utility Tokens” in the June 17, 2018 edition of Bridging the Week.)
In July 2018, the Token Alliance – an industry initiative of the Chamber of Digital Commerce – issued a comprehensive overview of the regulation of digital assets in the US and other select jurisdictions, and proposed best practices for sponsors of digital tokens that are not intended to be securities or an instrument over which the Commodity Futures Trading Commission might have anti-fraud or anti-manipulation authority – i.e., utility tokens. (Click here for details in the sub-article "Token Alliance's Best Practices for Non-Securities Utility Tokens" in the August 5, 2018 edition of Bridging the Week.)
The SEC said that, during the relevant time, five firm representatives engaged in various fraudulent acts, including forging customer documents, to steal over US $1 million of customer funds. Although Ameriprise considered fraud by its employees to be a risk for which it implemented an express compliance and supervisory framework that relied on various manual and automated tools, aspects of two of its automated tools to detect fraud and misappropriation broke down and contributed to the relevant fraud not being caught, claimed the SEC.
In one circumstance, a program meant to detect when an account address was changed to an address of a person associated with Ameriprise failed to work properly and was not tested until December 2013. As a result, in part, said the SEC, two representatives were able to change addresses for two of their clients to their home addresses, thus facilitating fraudulent check disbursements.
In the other circumstance, a program intended to detect suspicious disbursements made by check where the address of a payee matched the name or address of a person associated with Ameriprise was defective because the tool was too literal and solely flagged exact matches. As a result, for example, the system would not flag as suspicious a payment to an address that included “Ave.” when the address of the firm-associated person expressly included “Avenue.” The system also did not flag suspicious wire transfers. These limitations, in part, claimed the SEC, enabled the misappropriation of customer funds by a third Ameriprise representative.
Various manual and system breakdowns also contributed to the misappropriation by the other two representatives, alleged the SEC.
In determining the amount of Ameriprise’s fine, the SEC said it considered that the firm reimbursed all its customers for the misappropriated funds; fully cooperated with the Commission’s investigation; retained a compliance consultant to assess the effectiveness of its policies and procedures to safeguard customer assets; and enhanced its policies and procedures, including implementing a new automated money movement and control system.
In September 2016, Ameriprise agreed to pay a fine of US $850,000 to the Financial Industry Regulatory Authority for its alleged failure to detect the conversion of US $370,000 by an office manager from five accounts of the individual’s family members from October 2011 through September 2013. (Click here for details in the article, "FINRA Fines Broker-Dealer US $850,000 for Ignoring Red Flags of Office Manager’s Theft of Client Funds" in the September 18, 2016 edition of Bridging the Week.)
Compliance Weeds: Automated surveillance systems of every kind should not just be installed and left to function on their own. Periodic testing is likely critical to assess breakdowns in expected functionality and to assess the continued effectiveness of a system in light of evolving circumstances. Testing may be particularly warranted after periodic updates or other changes to source code.
Recently, Raymond James Financial Services, Inc., a registered broker-dealer, agreed to pay a fine of US $2 million to the Financial Industry Regulatory Authority for purportedly not maintaining an adequate system to review emails by its registered representatives. According to FINRA, the firm—which relied on a surveillance system that automatically identified emails containing certain preprogrammed words—did not choose words or phrases that would identify potentially problematic conduct in light of the nature of the firm’s business and prior disciplinary action taken against firm employees. Although the firm added and subtracted words over time, FINRA claimed it did so principally to reduce the volume of false positives rather than to ensure it captured all relevant emails. (Click here for additional background in the article “FINRA Fines One Broker-Dealer US $2 Million for Flawed Email Review System, and Another Broker-Dealer US $2.8 Million for Inadequate Segregation of Customer Securities” in the January 7, 2018 edition of Bridging the Week.)
In 2007, FINRA issued helpful guidance regarding the review and supervision of electronic communications (click here). Although intended for FINRA members, the guidance has useful information for all SEC and Commodity Futures Trading Commission-registered entities. In assessing the effectiveness of any lexicon-based automated review system, FINRA recommended that a system include a “meaningful” list of phrases and/or words (including industry jargon) based on the size of the firm, its type of business, its customer base and its location. FINRA suggested that this might necessitate inclusion of foreign language components. Overall, said FINRA, “[t]he lexicon system should be comprehensive enough to yield a meaningful sample of ‘flagged’ communications.” Any system should have the ability to add and delete words or phrases over time, and existing words or phrases should be periodically reviewed for effectiveness.
For further information:
Company Founder Banned by SEC for Allegedly Fraudulent and Unregistered ICO:
Bank and Broker-Dealer Affiliate Agree to US $55 Fine Million for Rogue Trading by Three Traders:
CME Group Hits Traders for Disruptive Trading:
FINRA Reminds ATS System Operators of Their Supervision Duty:
Investment Adviser Sanctioned US $4.5 Million for Not Having Policies Reasonably Designed to Protect Investor Assets Against Misappropriation:
Joint Audit Committee Issues Guidance Related to FCM Withdrawal of Residual Interests:
The information in this article is for informational purposes only and is derived from sources believed to be reliable as of August 17, 2018. No representation or warranty is made regarding the accuracy of any statement or information in this article. Also, the information in this article is not intended as a substitute for legal counsel, and is not intended to create, and receipt of it does not constitute, a lawyer-client relationship. The impact of the law for any particular situation depends on a variety of factors; therefore, readers of this article should not act upon any information in the article without seeking professional legal counsel. Katten Muchin Rosenman LLP may represent one or more entities mentioned in this article. Quotations attributable to speeches are from published remarks and may not reflect statements actually made. Views of the author may not necessarily reflect views of Katten Muchin or any of its partners or other employees.