FinTech businesses and securities law: is your initial coin offering regulated?



Navigating securities law in the age of financial technology (FinTech) businesses is tricky. Excitement around the FinTech sector is rightfully accompanied by concerns that the industry is less regulated than any traditional financial services or banking industry. This lack of regulation can lead to unwanted uncertainty when managing and operating a FinTech business.

Securities laws and regulations are struggling to keep pace with the faster rate of FinTech business development. While there is no universally accepted definition of what qualifies as a FinTech business, companies generally considered as belonging to this sector include online marketplace lending, mobile apps, financing, investments, blockchain, distributed ledger technology, digital currencies, mobile wallets, artificial intelligence (AI) and crowdfunding. The last thing any new FinTech business wants to hear is that it is not complying with securities regulation and may need to cease activities, or face penalties. How securities regulations apply to FinTech businesses varies widely between jurisdictions, and more often than not regulators rarely have a concrete answer. As such, it is important to understand the current landscape of securities law as it applies to each jurisdiction.

ICO regulation under US securities law

The SEC has provided limited guidance for FinTech businesses dealing in initial coin offerings (ICOs). An ICO, much like an initial public offering, is a way for companies to raise money from the public by selling tokens (or digital coins) to fund a project. An ICO is an investment – in return for investing, the investor receives a token. Tokens issued from an ICO will have a value, which gives the investor ownership with voting rights and, in certain cases, qualifying for dividends. ICOs allow companies to raise significant capital quickly from a broad base of investors.

In July 2017, the SEC released an investigative report which found that some forms of ICOs, in particular decentralised autonomous organisations (DAOs), are subject to the federal securities law requirements. Although the SEC did not announce a broad crackdown on all types of ICOs, it made clear that when coin offerings are similar enough to securities offerings, they fall under registration, disclosure and other requirements to be in compliance with US securities laws. These FinTech businesses must register offers and sales of such securities, unless a valid exemption applies.

In its report, the SEC stressed that “securities laws apply to those who offer and sell securities in the United States, regardless whether the issuing entity is a traditional company or a decentralised autonomous organisation, regardless whether those securities are purchased using US dollars or virtual currencies, and regardless whether they are distributed in certificated form or through distributed ledger technology”. Each investment transaction will be looked at on an individual basis. Depending on the ‘facts and circumstances’ of each individual ICO, the virtual coins or tokens that are offered or sold may be securities. If they are securities, the offer and sale of these virtual coins or tokens in an ICO are subject to, and must comply with, federal securities laws.

Insight into regulators’ views on ICOs has been long awaited, but this report is of limited use in determining if securities laws will apply to any given FinTech business. Although the agency’s conclusion currently only applies to DAO, this is likely the beginning of a larger crackdown on ICOs. US entrepreneurs and investors seeking clarity on how to launch or participate in ICO sales in a legally compliant manner are still faced with significant challenges. Assessing whether an ICO is a security or an asset/commodity is still an ad hoc exercise with no tangible rule or test.

This report could provide insight on how ICOs will be viewed under Canadian securities law in the near future. Investors are placing increased pressure on Canadian securities regulators to provide more concrete guidance on what forms of ICOs will constitute a security under the law.

ICO regulation under Canadian securities law

Canada, unlike the US, does not have a single federal body that regulates the securities industry across the country. The regulation of financial services in Canada is fragmented, overlapping and complex. Both the federal and provincial governments share jurisdiction to regulating financial services, and each province has its own securities commission responsible for investor protection and securities law. The Canadian Securities Administrators (CSA) also plays a role in regulating securities law by aiming to harmonise approaches to securities regulation across the country.

Regulation under the CSA

Canadian securities regulators have indicated they will work with FinTech businesses to tailor regulation and oversight of these businesses to foster innovation, and to reduce regulatory obligations, while protecting investors. In February 2017, the CSA announced a regulatory sandbox initiative, which strives to help FinTech businesses navigate Canadian securities law.

The new regulatory sandbox initiative is intended to allow FinTech businesses to test out new ideas and services, by allowing exemptive relief from certain securities law requirements, such as obtaining full regulatory approval. This allows FinTech businesses to avoid the lengthy time and high costs associated with getting their business approved by a regulatory body. Business models will be considered on a case-by-case basis, and selected FinTech businesses may be permitted to test out their businesses in the Canadian marketplace. FinTech businesses, from start-ups to well-established companies, can apply for the initiative, which is administered by the provinces’ local securities regulator, such as the Ontario Securities Commission (OSC) or the British Columbia Securities Commission (BCSC).

In response to the significant growth in this area and continued requests for guidance, the CSA published Staff Notice (No. 46-307) on crypto-currency offerings in August 2017, to help FinTech businesses understand what obligations may apply to their ICOs under securities laws.

The CSA recognised that many crypto-currency offerings involve sales of securities, and emphasised that ICOs which are found to be comprised of investment contracts are considered securities. Although what is being sold is referred to as a coin or token instead of a share, stock or equity, it may still be considered a security as defined in securities legislation. Notably, when assessing whether or not securities laws apply to ICOs, CSA staff are instructed to consider substance over form, and Canadian ICOs will be assessed on their own individual characteristics.

Regulation under the OSC

Following the same approach set out by the CSA, the OSC stated that any publicly-traded digital currency business, including crypto-currencies, is subject to the same regulatory requirements as other publicly-traded companies, including disclosure to investors about material risks, licensing and prospectus requirements. The OSC has gone further than other jurisdictions and listed potential FinTech business activities that may require compliance. These activities include setting up lending platforms such as ICOs, connecting investors with companies looking to raise capital, recommending investments, robo-advising, equity and crowdfunding portals, and using AI to recommend investments or facilitate trading.

When operating a FinTech business in Ontario, it is essential to be able to determine if securities regulations apply to your business activity and what regulatory requirements, such as registration or licensing and filing a prospectus, you must satisfy. To help FinTech businesses comply with securities laws, the OSC launched a FinTech-focused programme called ‘LaunchPad’, which engages with FinTech businesses, provides the opportunity for support in navigating the requirements, and strives to keep regulation in step with digital innovation. This idea of business-specific tailored regulation may be the future for FinTech business in the province, as unique business models often do not fall into the current rigidity of securities laws in Ontario.

Regulation under the BCSC

The BCSC has issued even less guidance regarding the FinTech industry and securities regulation. They have indicated that a prospectus and registration are sometimes required and emphasised their willingness to work with and consult FinTech businesses. However, the BCSC only outlines recommendations for robo-advisers, online lenders and crowdfunding portals as examples of FinTech businesses currently regulated. The BCSC conducted an online survey asking for input from the tech industry, but has yet to issue any substantive guidance on how FinTech businesses that do not meet any of the example criteria will be regulated under securities law in the province.

The future of FinTech and securities regulation

It is clear that both US and Canadian securities regulators agree that, in certain circumstances, ICOs may be considered securities and subject to the applicable securities laws of that jurisdiction. According to Accenture LLP, global investments in FinTech ventures reached US$5.3bn in the first quarter of 2016 and are expected to grow substantially in 2017. Regulators throughout the world are still grappling with this modern era of business structures. Rapid growth in the FinTech sector places pressure on regulators to implement laws that facilitate innovative ways to raise capital and promote growth, while also ensuring protection for investors and markets.

With an increasing need for regulation, securities commissions throughout the world will have to respond by issuing more guidance to FinTech businesses. Monitoring the securities law landscape is essential for present and future FinTech businesses that want to avoid penalties for non-compliance. The changes seen in the US and Canada in the past year alone are enough to caution anyone dealing in crypto-currencies and ICOs to make sure they are in compliance with the rapidly changing rules and regulations governing FinTech businesses. As guidance in this area is limited, it is wise to seek advice from legal counsel experienced in FinTech securities laws.


Jessica L. Lewis is an associate and Ceilidh Mulder is a student at Bennett Jones LLP. Ms Lewis can be contacted on +1 (604) 891 5100 or by email: Ms Mulder can be contacted on +1 (403) 298 3235 or by email:

© Financier Worldwide


Jessica L. Lewis and Ceilidh Mulder

Bennett Jones LLP

©2001-2019 Financier Worldwide Ltd. All rights reserved.