ICO-Related Claims and Insurance Coverage: Questions You Should Be Asking
In this post, we provide a brief overview of initial coin offerings (ICOs), discuss certain recent enforcement actions involving ICOs and highlight potential coverage issues under management and professional liability insurance policies.
Developments in the past year involving cryptocurrencies have led the Securities and Exchange Commission (SEC) to increasingly monitor and regulate ICOs and digital currency trading. An ICO is a fundraising event in which an entity offers participants a digital “coin” or “token” in exchange for consideration (often in the form of virtual currency – most commonly “Bitcoin” or “Ether” – or fiat currency). The coin or token may entitle its holder to certain rights related to a venture underlying the ICO, such as rights to profits, shares of assets, rights to use certain services provided by the issuer or voting rights. These coins or tokens may also be listed on online trading platforms, called virtual currency exchanges, and can be traded for virtual or fiat currencies. Significantly, to date, ICOs have not been used to fund equity or debt offerings by the entity conducting the ICO. However, the volume of information on social media platforms and financial markets regarding the marketing and sale of cryptocurrency units and ICOs in the United States has led the SEC to increase its enforcement efforts.
In the fall of 2017, the SEC commenced three separate enforcement actions against individuals and defendants seeking to conduct ICOs (i.e., SEC v. PlexCorps et al., SEC v. REcoin Group, et al., and In re Munchee, Inc.). Late last month, the SEC filed yet another ICO-related enforcement action. In SEC v. Titanium Blockchain Infrastructure Services, Inc., et al., the SEC charged the individual defendant and two companies he controls – Titanium Blockchain Infrastructure Services, Inc. (TBIS) and EHI Internetwork and Systems Management, Inc. (EHI) – with orchestrating a fraudulent ICO of a digital asset called “BAR” that raised $21 million from investors domestically and abroad. The ICO purported to crowdfund a decentralized information technology services platform to be provided by TBIS and EHI.
The SEC alleged that the ICO was based on outright deception by the defendants who falsely proclaimed in TBIS’s investment whitepaper and on TBIS’s and EHI’s websites that well-known corporations and the U.S. Federal Reserve were clients of EHI and imminent users of TBIS’s services. In fact, these entities had little to no relationships with the defendants. Shortly after the individual defendant received cease-and-desist letters from some of the companies whose names and logos he was using, he disclosed an alleged illegal theft of 16 million tokens from TBIS’s digital wallet, and announced that TBIS would issue a new digital asset called “TBAR” to replace BAR.
In its complaint, the SEC alleged that the defendants had violated the antifraud provisions of Section 17(a) of the Securities Act of 1933, and Section 10(b) of the Exchange Act of 1934 and Rule 10b-5 thereunder. Section 17(a) prohibits fraud in the offer or sale of securities, and Section 10(b) and Rule 10b-5 prohibit fraud in connection with the purchase or sale of any security. The SEC sought a temporary restraining order (TRO), an asset freeze and the appointment of a receiver over TBIS. On May 23, 2018, the District Court granted the SEC’s request for a TRO and on May 30, 2018, following consent by the defendants, issued a preliminary injunction in the action.
Given that no separate market for ICO insurance has developed to date, entities and individuals can be expected to seek coverage for ICO-related claims like those alleged in the Titanium action under traditional D&O policies. A threshold issue in determining D&O coverage for ICOs is whether the insurer intended to cover such risks and expressed that intent in the policy wording. Beyond that, both public and private company D&O policies may limit or preclude coverage for ICO-related investigations and lawsuits, although policy wordings can vary materially with respect to this particular exposure.
Here are some questions to be considered:
1. Is a claim brought by purchasers of an ICO offering likely to be considered a D&O claim or an E&O (i.e., professional services) claim?
To date, ICO offerings have been limited to prospective ownership of units or shares in a marketplace or business opportunity, which are materially different than an equity or debt interest in the issuer itself. Such offerings are more likely to result in E&O claims brought by customers or clients, and the professional services exclusions in D&O policies likely would exclude coverage for such claims.
2. Is an SEC investigation into tokens or coins offered for sale in an ICO more likely to be considered a D&O claim or an E&O claim?
Here, it depends. Assuming that the policy wording at issue includes in its definition of “Claim” “investigations or proceedings” – thereby including SEC investigations – then the answer likely is “yes” for an E&O policy. Entity coverage is a given for E&O policies.
The answer may be more nuanced for D&O policies, though. For example:
(a) Does the D&O policy wording at issue provide entity coverage for investigations only when individual directors or officers are simultaneously subject to the same investigation? That condition may trip up coverage for the entity in the SEC investigation if the individual person component is not satisfied.
(b) How does the D&O policy define “Securities Claim?” If the definition limits application of the term to only securities of the issuer, there may be a distinction between securities of the issuer and securities offered for sale by the issuer to customers or clients of the issuer. The former definitional scheme would appear to provide a basis for a D&O insurer to argue that its policy responds only to SEC investigations into the disclosures of the entity made to its own equity or debt investors, and correspondingly argue that its definition does not treat as a "Securities Claim” an SEC investigation into securities (here, ICOs or cryptocurrencies) sold by the entity to its clients or customers.
(c) Does the D&O policy contain a professional services exclusion? If the SEC investigation at issue is focused on ICOs or cryptocurrency sales to customers or clients of the entity, this exclusion may bar coverage for any such claims, whether brought by the customers or clients, or by the SEC into those sales activities.
As more regulatory and litigation activity follows the growth of ICO and cryptocurrency marketplaces, we can expect that D&O insurers, brokers and policyholders will be working towards greater clarity and expectation-setting as to whether and under what kinds of coverage policyholders can expect to receive intended coverage for ICO and cryptocurrency-related claims.
If you have any questions or would like additional information, please feel free to contact John McCarrick (email@example.com; 212.714.3072), Sedgwick Jeanite (firstname.lastname@example.org); 212.631.4413), or Michael Goldwasser (email@example.com; 212.631.4438).
 See Public Statement of SEC Chairman Jay Clayton, “Statement on Cryptocurrencies and Initial Coin Offerings” December 11, 2017
 SEC v. PlexCorps et al., 17-cv-7007 (SDNY); SEC v. REcoin Group, et al., 17-cv-05725 (EDNY); and In re Munchee, Inc., Adm. Proc. File No. 3-18304.
 Case No. 18-cv-4315 (C.D. Cal.).