ICOs and the Role of Identity Security Practices

by Paul White

According to Forbes, Initial Coin Offerings (ICOs) are enjoying a “meteoric rise.”

By the first half of 2017, ICOs raised 2.3 billion USD – signaling the first time ICOs earned more startup funding than Venture Capital did.

ICOs are so appealing in blockchain-oriented companies because they allow for crowdsourcing, rather than requiring traditional venture or angel investors. Crowdsourced investors receive “tokens” from companies in exchange for their investments; these investments are later paid in a digital currency like Bitcoin or Ether. Tokens don’t typically function like securities, either, but instead let investors use the blockchain software in which they invested.

However, while ICOs may be designed to create tokens that can be used on the blockchain application that they’re designed, the majority of people are using ICO’s as a speculative alternative to the stock market. The draw for this type of investor is that they can invest in ICOs and sell them later for a higher price.

Take Ether tokens for example. Many ICOs have been developed on Ethereum, a blockchain computing platform that requires users to pay fees for transactions. These fees are paid through Ether tokens received by investors. Simultaneously, Ether tokens are a cryptocurrency, so they can be bought and sold on the open market.

Despite the popularity of ICOs from investors, however, these companies are under ever-increasing analysis from governmental regulatory bodies. In July 2017, the U.S. Securities and Exchange Commission (SEC) discussed the potential for fraud in ICOs. Specifically, the SEC suggested the major problem with ICOs was that they were essentially offering investors securities that were not treated as such.

Companies offering securities are under much more regulatory observation than companies that offer other types of investor perks.

SEC Chairman Jay Clayton explained the agency’s description of an ICO as a security:

“There’s no need to change the definition [of a security]. A token, a digital asset, where I give you my money and you go off and make a venture, and in return for giving you my money I say ‘you can get a return’ [;] that is a security and we can regulate that. We regulate the offering of that security and regulate the trading of that security.”

Officially, though, the SEC does not classify every ICO as a security but notes that “ICOs can be securities offerings.”

This regulatory problem is not insignificant. Other countries are wary of ICOs because of the central premise: if more people invest in the ICO, the tokens that investors receive will grow in value. This draws too close to the definition of a pyramid scheme for some countries, like Singapore, that worries about ICOs funding terrorism, defrauding investors, and facilitating money laundering.

China and South Korea have banned ICOs outright. China’s central bank banned ICO fundraising, because it “disrupts their social order.”

While the likelihood of regulatory examination is considerable, more ICOs continue to be developed. To meet regulatory scrutiny, as well as appealing to consumers wary of fraud, ICOs should use robust Know Your Customer (KYC) and Anti-Money Laundering (AML) practices to increase trust.

The Rise in ICO’s

ICOs have become an increasingly-popular investment over the five years since the first ICO, Mastercoin, was introduced in 2013.

By June 2018, ICOs had raised over $13 billion for a variety of blockchain projects. Some of the most successful have been NXT and Filecoin. NXT, first launched in 2013, now has an ROI of 697,275%. In turn, Filecoin had the largest token sale in history in 2017, raising $257 million in contributions. This is an extraordinary increase from the first ICO, Mastercoin, which raised $500,000 USD in the first ever crowdsourced sale in 2013.

Still, the rise of ICOs is not over, and in fact, their popularity seems poised to increase. A Coindesk report in 2017 suggests that 68% of industry leaders have or want to participate in an ICO project. The most common reasons for ICO investment include long-term investment (60%), interest in the technology or project (22%), and speculation (18%).

However, likely because of its novel and unregulated status, the ICO marketplace has had its ups and downs – in investor confidence. Take four markedly different examples:

  • Extreme failure: A class-action lawsuit was filed against ICO Tezos suggesting that the company defrauded investors and sold unregistered securities.
  • Extreme success: Prediction market application Gnosis earned $12 million in 10 minutes in a crowdsale.
  • Extreme failure: a UK market regulator suggested that ICO investors should be prepared to see their investment values fall to zero at any time.
  • Extreme success. A London dental clinic was the first business purchased with cryptocurrency in July 2017 – it was purchased with 31.5 billion “Dentacoins.”
  • Extreme failure: After raising $660 million from 33,000 investors in an ICO, the Vietnam-based Modern Tech simply disappeared – along with investors’ money. Though the company started off paying investors with bonuses, it started paying in tokens in January – three months before disappearing.

Ultimately, investor confidence and government regulations will seal the fate and future of the ICO industry. These failures also emphasize the importance of researching an ICO before investing to determine its legitimacy.

Regulatory Scrutiny of ICOs 


The major challenge for ICOs is making sure that their tokens don’t function as securities. If tokens are considered securities, then ICOs must register with the securities agency in the country in which they operate. The global test of whether an investor property is a security is called the “Howey Test” and has four factors to judge security status. They are:

  1. If money was invested
  2. If the investor expects to see profits from the investment
  3. If the company was a common enterprise
  4. If profit came from a promoter or third party

Now, most regulatory agencies do not think that ICOs are issuing securities; however, if an ICOs investments were to fall into the above definition, ICO regulation would become stricter. According to Juan Llanos of ConsenSys Fintech and Regtech:

“At this point in time, all token distinctions and definitions come from the emerging crypto industry, not regulators. In the eyes of regulators, there are no clear-cut token definitions, only ‘activities’ and ‘products’ regulated under existing law.”

Government Regulations 

Jonathan Chester suggests that countries have taken three different stances on ICOs. They are:

  • Outright hostility.Countries like China and South Korea ban ICOs altogether.
  • Cautious and strict, but still open. The United States and the European Union are more open because of their tax and privacy expectations.
  • Open, friendly, and liberal. Switzerland offers open operation for ICOs.

While there are not ICO regulations everywhere, many regulatory agencies have issued warnings to would-be investors.

A recent survey by the North American Securities Administrators Association (NASAA) makes the following warning about ICOs:

“Funding for ICOs exceeded $4 billion this year, and the market is becoming more saturated with new projects and riskier. ICOs are sometimes walking around regulations by offering special deals to large-scale investors, but they are still attractive to small-scale retail investors, and some ICOs are already accepting cash directly, promoting themselves to an audience unaware of cryptocurrency risks.”

The United States’ Financial Regulatory Authority (FINRA) also offered a similar warning, saying:

“It can be difficult for investors to avoid the lure of the cryptocurrency markets, especially when prominent people express interest in it, and news reports and social media tout the promise of guaranteed quick fortunes and skyrocketing returns. But it is important to do your research. Even when legitimate companies enter a hot, new sector, con artists almost always follow suit.”

The UK’s Financial Conduct Authority (FCA) also noted that ICOs capable of regulated investment must receive authorization. However, the FCA’s position on ICOs is still “technology neutral,” noting:

“…a well-functioning ICO market, where issuers are not only sensitive to any regulatory obligations they have but actively take appropriate steps to manage the risk of harm to the public and to the markets more broadly can materially contribute to the development of [blockchain] technology.”

Internationally, then, ICOs are still under an often-conflicting and mixed messages. Since ICOs are still only five years old, the global marketplace is a patchwork of differing warnings and speculations. ICOs, then, must create trustworthy regulations to appease both would-be consumers and regulatory agencies both at home and abroad.

Using Know Your Customer (KYC) and Anti-Money Laundering (AML) Practices to Bolster Credibility  

Identity security practices are the most significant conversation happening in the ICOs marketplace now. For ICOs to remain internationally compliant over the long term, implementing Anti-Money Laundering and Know Your Customer (KYC) procedures at every point of sale is a widely-adopted best practice.

The so-called father of ICOs, Fabian Vogelsteller suggests the most pressing step in ICO development currently is bolstering identity security practices in ICOs. After all, blockchains are intended to prevent fraud by giving consumers more control over their data than they would have with companies.

Vogelsteller, who created Ethereum, has now created identity standard ERC-725. While not adopted wholesale yet, the standard would require ICOs to commit to a series of identity regulations, including requirements to add claims to smart contracts and methods for later retrieval of those claims. If these are standardized, then, both companies and investors would know their claims would be able to interact with other applications.

ICO best identity security practices also incorporate heightened regulations for screening ICO investors. Most significantly AML and KYC procedures ensure that the buyers of tokens are “not a part of a sanctioned list, a criminal, a terrorist, or a corrupt organisation.” Despite an inconsistent set of international regulatory practices at present, these identity security practices would ensure that startup ICOs are performing their due diligence.

Here are some benefits of KYC for ICOs:

  • Increases Consumer Confidence.Though KYC practices are not expressly required, performing these measures increases investors, banks, and regulators’ confidence in the ICO.
  • Decreases risk.With so many cryptocurrency exchanges already requiring KYC practices, an ICO without KYC practices in place may not be viable in these legitimized marketplaces.
  • Expands foray opportunities in the global marketplace.With international regulations shifting quickly, implementing KYC practices will allow the ICO to enter more countries now and in the longer term.

Here are benefits for implementing AML procedures:

  • Meeting Regulatory Concerns Surrounding Money Laundering.Cryptocurrency is prone to money laundering schemes because it can make currency nearly untraceable. By preventing this function, ICOs ensure a positive relationship with financial and security regulatory agencies.
  • AML is the only way to prevent fraud. Since illegal investors crypto investments are designed to leave little trace, AML procedures improve transparency. Digital identity is required from every investor that is then mapped digitally and stored. This practice would discourage illegal investors most interested in the guise of anonymity.

Implementing Peer-to-Peer Identity Verification 

To be prepared for the crosshairs and incoming changes of international ICO regulations, ICOs ought to implement Digital ID strategies early. Folio’s Digital ID platform provides the KYC and AML strategies that are necessary for continued best practices and regulatory compliance.

Digital Identity 

Digital IDs help ICOs ensure that they’re only welcoming above-board investors. A simplified smartphone ID confirmation helps ICOs confirm customer identification quickly and with little hassle.

Digital Wallet 

Folio’s digital wallet offers hesitant ICO investors piece of mind. With multifactor authentication and sophisticated encryption, these investors can believe in the legitimacy of the ICO and trust in its long-term viability.

The digital wallet feature lets issuers add a layer of authenticity to their ICO projects, as well. Within the wallet, investors can send anyone with an email or mobile number a request to confirm their identity, which they can then do within their own Folio wallet. This ability to ask for identity confirmation protects the investor but also allows the issuers to confirm they are who they claim to be.

Now What? 

With the rise of unscrupulous ICOs, a commitment to KYC and AML practices demonstrates an ICO’s conscientiousness. Implementing these practices not only tells ethical investors that an ICO is reliable, but also prepares the company to comply with international ICO and blockchain regulations that will inevitably be established.

We use cookies and other similar technologies to improve your browsing experience and the functionality of our site. By clicking "Accept", you consent to the storing on your device of all the technologies described in our Cookie Policy. We urge you to read our Privacy Policy and Terms of Use to better understand how we maintain our site, and how we may collect and use visitor data.