- SEC urges crypto firms to disclose tokenomics, governance, and network risks in public filings.
- The new guidance highlights the need for clarity on smart contracts, supply, and control mechanisms.
- Issuers must detail crypto asset functionality, security audit, and any regulatory or legal risks involved.
The U.S. Securities of Exchange Commission Division of Corporation Finance has published a detailed staff statement on how federal securities laws apply to crypto asset securities. The new guidance is nonbinding and seeks to enhance disclosures of companies involved in the issuance, management, or sale of digital assets.
The statement comes ahead of the SEC’s second roundtable on crypto regulation. It is intended to clarify the type of information companies should disclose when dealing with crypto assets that may qualify as securities under federal law.
SEC Calls for Detailed Disclosures on Network Control, Tokenomics, and Risks
Specifically, the staff guidance addresses disclosures that companies need to make when registering offerings under the Securities Act or filing periodic reports under the Exchange Act. It explains the areas where often, the payment issuers fail to provide the required information to investors.
The SEC instructed companies to describe the nature and function of the crypto asset within their business model, including whether the issuer or related parties maintain an active role in the network’s governance, operations, or code updates. The statement emphasizes that firms must clearly state if they continue to influence the crypto network or if control is decentralized.
Crypto projects will also be required to detail how the tokens are being issued and distributed, including the information on total supply, mechanisms for inflation or deflation, and any pre-mining or lock-up arrangements. Firms should identify any large token holders, including insiders and affiliated entities, and disclose any transfer restrictions.
The agency called on issuers to clarify whether smart contracts are utilized in token functionality and to reveal the results of any third-party security audit. The statement advises projects to identify who has the right to change smart contracts and under what governance structure rules those changes.
Technical and Legal Risks Must Be Fully Disclosed
The guidance also highlights several technical characteristics that should be incorporated in registration and reporting documents. These include the consensus mechanism being used such as proof-of-work, or proof-of-stake—block size, transaction speed and whether the the blockchain code is open-source.
Firms need to disclose known risks related to the crypto asset, including, price volatility, cybersecurity vulnerabilities and token custody arrangements. There must be a clear disclosure of information in case a company relies on third parties to secure or manage tokens.
In addition to business and technical information, the statement advises companies to discuss legal and regulatory risks. These include any ongoing or past investigations, potential violations of securities laws, and jurisdictional uncertainties. Companies must also detail the compliance measures they have implemented, including anti-money laundering and know-your-customer procedures.
Issuers are expected to describe any rights attached to the tokens, such as voting rights, sharing of profit, or dividend mechanisms, and explain how these rights are enforced. Where a crypto project allows protocol changes, the guidance states that companies should determine who can make those changes and how such authority is applied.
While the guidance does not establish new legal obligations, the SEC noted that it reflects suggestions from its enforcement and examination work. It also incorporates known existing disclosure practices that the Commission deems insufficient or inconsistent in the crypto space.
