In November, Malta passed a 63-page regulation detailing the requirements for issuing virtual financial assets, better known as cryptocurrencies, cryptoassets or tokens. While many in the crypto community welcome this change as the beginning of the end of the “Wild West” stage, it has both benefits and downsides to issuers of new tokens. When it comes to ICO whitepaper writing, it’s new territory.
As one of the first jurisdictions to pass clear and detailed requirements around ICOs, including details on ICO whitepapers, Malta has attracted a tremendous amount of attention as a crypto-friendly jurisdiction. On the one hand, clarity in regulation provides a level of protection and assurance for founders and investors. Just knowing what is and isn’t acceptable allows companies a level of certainty when establishing themselves. It’s impossible to know if you are going to run amiss of the law if you don’t know what the law is. As of November, the “Virtual Financial Assets Act, 2018” gives issuers of “virtual financial assets” the assurance of having a guideline to follow.
Yet, the Malta regulations are so extensive and specific, it’s hard to consider them crypto-friendly. As the experts on ICO and STO whitepaper writing, we’ll focus this article specifically on the aspects of ICO whitepapers within that law, and go through what we’ve seen. Before there were whitepapers, by the way, there were “business plans”, executive summaries, and slide decks. In other words, the world of investing in startups has always had documentation that goes along with it.
The Malta regulation, to the best of our knowledge, is the first attempt at defining what should be in a business plan presented to private investors. While stock market regulations have always been clear on what needs to be in an investor prospectus, for speculative investments in emerging technologies, there has never been such a specification.
Business plans and slide decks are varied in their content because businesses need flexibility to live. Market conditions and customer demands change. Technology changes. Most investors in early stage startups will tell you that they don’t believe any of the financial projections. Early-stage investing is risky and requires a founding team with agility and creativity. For that reason, a highly detailed business plan (ICO or STO whitepaper) can be too restrictive to allow the business breathing room for change with the market.
Already, we are seeing the closing of blockchain startups which can’t deliver, or who found the market doesn’t need what they promised. Because they don’t have the ability to “pivot” like a regular startup, they simply have to close the doors and return what’s left to the token holders. Perhaps this is a good thing. If you aren’t able to deliver, you should return whatever money you have left. In the past, that would require both the founders and the investors to agree on that step. Today, if you have a foundation, and you are authorized by law only to follow the letter of your whitepaper, there really is no other choice.
First of all, there’s the issue of length. Based on the current regulation, it’s unlikely that any compliant whitepaper will be able to cover all the items in less than 60 pages. In other words, your whitepaper length just doubled. Is that good for investors? I’m not sure. So far, our experience with long ICO whitepapers is that they include a fair amount of meaningless technical jargon (more on that later in this article).
For investors, the good news is that the Malta regulations mandate that the issuers of the ICO need to be know people and provide their full contact information. In other words, if you claim your name is Satoshi Nakomoto, you have to prove it before you can issue a regulated whitepaper. For the cyberpunk revolutionary types, this isn’t great news, but let’s just say that the Satoshis of the world were never looking for legitimacy from the government in the first place. For the rest of us, in particular people who are looking for a real return on investment, this is good news.
The act goes even further, making sure that every board member is also identified, and requiring a financial history of the founders. The law also requires disclosure of legal proceedings that might affect the standing of the issuers of the ICO. All of this is good news, and if the whitepaper does comply with the law, this significantly simplifies the amount of researchers will need to do before investing in an ICO.
Caveat on the “good” part. For blockchain startups in areas such as privacy, security, freedom of speech and other areas that have reason to fear government intervention, this is not good news. Identifying and tracking of people has become one of the biggest issues of this century, particularly in totalitarian style governments and dictatorships. For blockchain startups looking to create a more free world, the Maltese requirement of identification is distinctly crypto-unfriendly.
One of the strangest parts of the Malta Virtual Financial Assets Act is a basic decency clause in article 9, basically stating that the issuer of financial assets should be honest, skillful, careful, manage conflicts, and have in place the appropriate administrative and security arrangements. Yes. Ok, we understand. You shouldn’t go into business unless you are competent and know how to run a business. At the same time, it just strikes us as odd that this would be the law. How are you going to enforce this? People are incompetent all the time and they think they have the right administrative procedures in place, but I’ve seen very few startups that actually do have the right people, operations, and security structures in place. In fact, you might be hard-pressed to find the parliamentarian or government worker with the qualifications to identify business acumen, competency or proper procedure. So, in theory, nice. In fact, not enforceable.
In a further attempt to say that dishonesty would be punished, the act goes on to state that the issuer is liable for damages based on any misinformation in the whitepaper, or if the information in the whitepaper contradicts other information in the whitepaper. Unless you had good reason to believe it was true. Or if you included a warning that includes key information (it’s not clear what “key information means”) about investing in this type of asset. So, don’t worry. Even though it says you are liable, all you need to do is believe it yourself or issue a warning and you are off the hook. Again, nice try, but not likely to create any level of enforcement. It is truly incredible what lawmakers can pass, isn’t it?
The Malta regulation provides clear directives regarding the ICO whitepaper writing required. The basics haven’t changed. A whitepaper, as defined in the law, is pretty much a business plan. You have to state what the business is about clearly, not omit anything of substance unless it would harm your company, and you need to write a summary. To comply with Maltese law the ICO whitepaper writing should be in English, and you can translate to any other language you like.
To create a Malta-compliant ICO whitepaper becomes a serious undertaking when you dive into the details, 38 of them, to be precise. The regulation addresses the minutiae of the technical requirements in a way that reflects just how much regulators truly understand technology startups.
In order to be compliant the whitepaper needs to delve into the protocol and platform, describe the project’s scalability and sustainability, technological risks, functionality of the tokens, interoperability, consensus algorithm, incentivization model, details of the smartcontracts, smartcontract protocols, and auditing mechanisms. The details of the AML and KYC are also required.
While this seems like an admirable attempt to get a real sense of the technology being developed, the problem lies in the fact that developing new technology requires flexibility. The blockchain space is still in early stages, and while some areas are well-established, others are still being explored.
For example, in the area of AML and KYC, there are off-the-shelf and SaaS platforms to perform those basic functions. It doesn’t make sense to develop your own KYC, because if you use these platforms, they’ll keep you protected. In the same way, you can use off-the-shelf token issuance platforms with built-in smartcontract auditing. On the other extreme, consensus mechanisms, particularly in the area of governance, are still in the emergent stages. Proof-of-work is on its way out and proof-of-stake mechanisms are still being improved.
The Malta regulation requires a high level of detail on the technology, including the blockchain technology, security mechanisms, etc. Is this something that either investors or government officials can understand well enough to regulate?
As writers in the tech world for cumulatively over a century, we’ve been flatly unimpressed by many of extensive technical sections we’ve read in recent ICO whitepapers and STO whitepapers. (Some of the technology sections are fantastic, but the majority are not.) One of our observations is that companies that have absolutely no reason to develop proprietary blockchains are saying that they will do so, expounding on the reasons why their blockchain is necessary. These whitepapers utilize terminology which may have been interesting 3 years ago, but today is common knowledge. These technical sections tend to lack imagination and generally point to the fact that their CTO probably isn’t qualified.
In fact, recently I had inquiries from companies that asked us to help find them a blockchain engineer to write these sections. Does this mean they are scammers? Sometimes. More frequently it means they are legitimate startup people with a business idea that makes sense but they don’t need blockchain. They are just using the blockchain terminology and the ICO in order to raise money. They are inflating the technology section around blockchain because that’s what investors want to hear. At least, that’s what they tell me investors want to hear.
In short, the technology section requirement isn’t likely to help anyone make better investments, but it will inflate your whitepaper, take you longer to write, and cost more.
In conclusion, we are neutral about the Malta regulation. From our business perspective, it’s good for service providers but not so good for founders. Theoretically, once there is a standardized process, it should be cheaper and faster to issue a Security Token Offering (STO) or a Initial Coin Offering (ICO), but in fact, we are seeing just the opposite. Most of the companies we’ve been working with lately are finding the process harrowing and the legal fees even higher than before.
Similarly, for us as ICO whitepaper writers there will be more opportunities, and the whitepapers are longer. In other words, the whitepapers will cost more. Is more better? We doubt it.
Business will go on as usual, regardless of the level of detail of your business plan, STO whitepaper or ICO whitepaper. Having a great whitepaper isn’t the same as having a good business, and having a good business isn’t the same as being good at raising capital.
The best thing we can say about the regulation is that it creates a greater barrier to entry for ICO and STO fundraising. Unfortunately, that’s also the worst thing we can say about it.