1. ICO’s and how to
investigate them
Presented by the Enforcement Technology Project Group
Taylor Faw and Jake van der Laan
February 2018
WEBINAR
2. Any opinions expressed are our own and do not
necessarily reflect the position or perspective of our
employers or NASAA.
We do not endorse any of the websites, companies,
or products, if any, referenced in these slides or
during this presentation, nor do we make any
statement with respect to their legitimacy or lack
thereof.
3. Learning objectives
• What is an ICO and how do you “do one”? (Taylor)
• What kind of evidence is needed to assess whether it is a
security or a fraud? (Taylor)
• What should be the investigative approach? (Jake)
• How to find evidence? (Jake)
4. What is an ICO?
Think of it as crowdfunding with a
secondary market
1. Project promoters sell tokens in exchange for usually
Bitcoin or Ether
2. They then sell the Bitcoin or Ether for cash to fund their
project
3. After the ICO, the tokens can usually be traded on an
exchange
27. “Security” evidence
• Howey test (US) / Pacific Coast Coin test (Canada)
• “Does the scheme involve an investment of money in
a common enterprise, with profits to come solely
from the efforts of others?”
• Common enterprise: horizontal or vertical?
• Efforts of others: “primarily” or “solely”?
28. Canada
Pacific Coast Coin (1978) case:
• Speculative nature is important
• Must keep consumer protection in mind
• Must construe legislation broadly, remedially
Pacific Coast Coin:
https://www.canlii.org/en/ca/scc/doc/1977/1977canlii37/1977canlii37.
html
Plexcoin (2017):
https://www.canlii.org/en/qc/qctmf/doc/2017/2017qctmf88/2017qctmf8
8.html
30. “Fraud” evidence
• Are they lying?
• Identify misrepresentations or material omissions
• Note: money tracing can be difficult, especially for a
state/provincial/territorial regulator
31. Before starting
• Ensure you have the right setup
• Have a process for logging your work and collecting
evidence
• Important to ensure immutability of stuff collected online -
burn to a CD or DVD
Download the guide:
https://goo.gl/wLFQ9e
32.
33. Investigative goals
• Who is behind the ICO and are they legitimate?
• Identify their contact particulars and identifiers
• Determine what they are selling and how they are promoting
the ICO (representations)
• All, so we can assess whether the ICO is a security or a fraud
35. Capture and archive the site
• See the guide for tools
• Screen capture any dynamic content
• Store it together in a folder
• Burn it to a CD - easiest way to ensure it’s not changed
• Sign up for stuff (use your covert email!)
40. Review the white paper
• Does it make sense?
• Typos and grammatical errors
• Review any metadata
• Is there a prototype / pilot project / plan?
• Are there existing customers?
• Are owners keeping large amount of tokens?
• Are they listing on an exchange?
55. Check out the team
• Search LinkedIn and any other social media profiles
• Google search their names
• Check the profile pic images as well as other images on
the site on images.google.com (works best in Chrome)
66. Red flags
• The project does not make sense. E.g. proposing a
blockchain for a problem which can easily be solved/ is
already solved, without a blockchain.
• Offshore components / use of dubious jurisdictions.
• High proportion of tokens/ coins retained by development
team.
• “Anonymous” team / weak experience / no history.
• Unclear or poorly written white paper. No plan or roadmap.