What Should Be in an ICO White Paper? Expert Take
In our Expert Takes, opinion leaders from inside and outside the crypto industry express their views, share their experience and give professional advice. Expert Takes cover everything from Blockchain technology and ICO funding to taxation, regulation, and cryptocurrency adoption by different sectors of the economy.
If you would like to contribute an Expert Take, please email your ideas and CV to
The rising popularity of Initial Coin Offerings (ICOs) — and an accompanying spate of fraud and market volatility — has prompted an overdue debate in Washington, D.C., and around the world, about the proper regulatory policies for ICOs and cryptocurrencies more generally. Some of the most common questions involve the appropriate division of authority between the Commodity Futures Trading Commission (CFTC) and Securities and Exchange Commission (SEC), and whether their authority should reach deep into the heart of the cryptocurrency ecosystem, the spot market. Still, others contemplate whether or not an entirely new or alternative regulatory regime is needed for cryptocurrency and token fundraisers, not only here but also in Europe and elsewhere.
This article is drawing from the Congressional testimony on cryptocurrencies, which intends to consider the current regulatory approach that regulators are using to monitor and oversee cryptocurrencies and ICOs and how to achieve further regulatory clarity in these markets.
The disclosure system embodied in US Securities laws is largely one where promoters share, among other things, material information publicly about their company, management, and securities being offered, as well as their intended use of proceeds. This information is then filed with the SEC. Most ICO disclosures, by contrast, are facilitated via currently unregulated “whitepapers” focusing largely on the existing technology or technology under development or to be financed via the offering. There is, as a result, a large gap between the disclosures required in an S-1 (and arguably Form 1-A) and that which is provided in most whitepapers.
Buyers of ICO tokens—whether they are investors seeking to profit or technology users seeking to support and participate in an innovative product— would expect some disclosures in order to make a purchase in an informed manner. These disclosures, some of which entrepreneurs themselves have identified, are especially relevant as ICOs transition from technical expert ecosystems to the distribution of instruments that are ever more likely to attract everyday investors and the retail public.
At least one credible academic study notes that in roughly 32 percent of ICOs, it is not possible to identify the issuing entity’s or promoter’s origin. This creates serious information asymmetries on the part of the investor. Without this information, it becomes impossible to know or identify what rules and legal protections might be afforded to investors. Further, investors have few means by which to contact relevant public authorities in case of fraud, theft or loss. ICO whitepapers should, therefore, set out a detailed statement (beyond a simple PO box) of where the issuer and its key management are located. Without a verifiable geographical address(es), ICO whitepapers should not be permitted for use in raising funds.
Problem and proposed technology solution
For most of the history of US Securities law, no information was more important for investors than the issuer’s financial statements. By being able to scrutinize balance sheets, cash flow and income statements, investors could evaluate a company’s past performance, make informed guesses about its future performance and profitability, and make an estimation of the value of a company’s securities. Due to the centrality of financial statements in securities offerings, an entire ecosystem of third party auditors, accountants and credit rating agencies were developed and relied on to ensure the accuracy of financial statements and their compliance with best practices.
ICOs tend to serve a different purpose from most traditional Initial Public Offerings (IPOs). Instead of funding industrial companies transitioning into a more mature cycle of development, ICOs involve products developed by startups identifying technology-based problems and proposing the sale or financing of technology-based “solutions”. In return for financing, promoters offer coins with varying currency, utility or securities features.
For most of these offerings, it is not a company’s past performance, or even financial statements, that are the window through which value is perceived, but more the venture’s technology proposition. Consequently, ensuring that investors (including retail buyers) understand the basic contours of the underlying technology solution is paramount as ICOs become more popular means of fundraising.
To that end, an optimal disclosure system for ICOs would require to the extent possible a “plain english” description of the technology problem and solution. Furthermore, for larger fundraises, the more technical parts of the whitepaper would ideally be subject to a system of third party validation (a “technology audit”) confirming that the solution disclosed in the whitepaper complies with sound engineering and mathematical principles. ICO promoters could be required to disclose just what if any third party audit of their solution was conducted (and if there was no such audit, then this, would be affirmatively disclosed), the material features of that auditing system, and the results of the audit. Meanwhile, all code, regardless of the size of the fundraise, would be posted to a public code repository, such as Github, so potential buyers can conduct due diligence on the code itself or other proxies for the strength of the code.
Promoters should avoid hyperbole when describing their solutions, an endemic problem in white papers - and should also be required to identify an objective basis for all forward-looking statements. Along these lines, disclosures should be made as to whether post-ICO financial statements will be provided to token holders.
Description of the token
Tokens can have a variety of different qualitative and economic features, for example utility, securities and currency. If the tokens will be based on a technological format that must comply with certain rules, such as the ERC20 standard, the disclosures should clarify what that means to a typical holder. Similarly, if special efforts will be made to list a token, such as to list a securities token on a regulated alternative trading system (ATS), or if there are trading restrictions on the security, those facts should be disclosed in a manner that is clear to the token holder. Token descriptions should relatedly indicate the intended use of the coins issued in the offering, their quantity, when and whether the founders or advisors will hold reserve coins, and how they may choose to liquidate them (including whether there are any restrictions on their ability to sell). Promoters should also be required to disclose the intellectual property/ownership of the company’s protocol (including which elements have been borrowed from elsewhere), as well as detail with specificity what legal rights holders of the tokens receive.
Investors should be informed as to how the supporting infrastructure operates, and how it will impact the governance of the token. Along these lines, the consensus mechanism for a virtual currency’s Blockchain should be disclosed, along with an overview of how governance decisions and other decisions affecting the network, for example software upgrades, will be coordinated among the various stakeholders such as developers, users and miners.
Qualifications of the technical team
Information about the business experience of executive officers and directors is a common disclosure requirement in registered offerings. They give investors a sense of the quality of management, and likely success of the company once a company goes public. In ICOs, where firms have limited histories and the technology at issue may be exotic, similar information about the offering’s technical team can be especially valuable. Coders have varying backgrounds, with some more (and much less) qualified, credentialed or experienced than others. In order to provide investors with some sense as to the expertise and credibility of the white paper, founders should be required to provide all material information relating to key engineering experience, skills, qualifications and other relevant attributes. Where relevant, developers should also be required to provide links to their previous work on a public code repository.
ICOs should include disclosures concerning the most significant risk factors affecting token holders in the offering document. Although most investors likely realize that even successful ventures might be later disintermediated by more efficient upstarts, a token holder may be surprised to find that the product does not yet function as intended or may develop a new use or purpose altogether depending on the development of the technology or, perhaps even less predictably, the wishes of the participants in the ecosystem. Holders should also understand the larger sectoral risks as well, including changes in the industry that could relegate some blockchain designs to more niche roles in the sector, and render many tokens worthless. Critically, buyers must be made fully aware of their potential vulnerability to hacking, data-loss, and disruption, as well as legal issues like privacy concerns and data portability across borders.
There are undoubtedly other important disclosures that could and should be operationalized in ways that are as effective and efficient as possible. But here’s to moving in a direction for the ICO market that would be good for legitimate projects and investors as well.
The views and interpretations in this article are those of the author and do not necessarily represent the views of Cointelegraph.Chris Brummer is a Professor of Law at Georgetown University Law Center and Director of the school's Institute of International Economic Law.