First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

The future of securities regulation of distributed ledger technologies

distributed ledger technologiesThe following discussion provides a general description of blockchain and distributed ledger technologies (DLT) and the current state of the regulatory landscape in Ontario.

To date, the Ontario Securities Commission has not explicitly categorized a blockchain token or coin (which are further discussed below) as an investment contract or other type of security under section 1(1) of the Securities Act (Ontario) (the OSA), but did issue a press release on March 7, 2017, advising market participants that products or other assets that are tracked and traded as part of a distributed ledger may qualify as securities, even if they do not represent shares of a company or similar ownership interests. A business’ specific use of DLT may trigger Ontario securities law requirements, including the need to be registered or to file a prospectus. Any business that is operating or planning to operate a DLT-based venture should consider the nature of their product and whether the definition of security could capture it, the types of trading activities that will occur, and whether registration as a dealer, adviser and/or investment fund manager is required. Accordingly, market participants in Ontario entering into DLT arrangements may incur the risk that such arrangements could be classified as trading in, or a distribution of, securities and may not qualify for prospectus and registration exemptions. Careful consideration with respect to structuring DLT arrangements will be necessary to avoid or minimize the application of Ontario (and Canadian) securities regulation.

What is blockchain?

Blockchain is a type of DLT that protects the integrity of a digital piece of information through the use of a distributed and decentralized ledger for verifying and recording transactions between users across a peer-to-peer network, forming an immutable record of the ownership of the data it tracks. Each block contains a record of some or all recent transactions and a reference to the block that came immediately before it. These blocks are organized into a linear sequence which is known as the blockchain. Every block created makes it more difficult to rewrite the historical record (or hack the blockchain) because anyone can verify if the history is accurate when looking back to previous blocks.

Blockchain was originally invented to create the alternative crypto-currency called Bitcoin, and to track arrangements between counterparties involved in Bitcoin transactions, but today may be used for a multitude of other applications, including other forms of alternative crypto-currencies, a platform for smart-contracts, which are transactions converted into digital code that facilitate, execute and enforce commercial agreements between parties, clearing and settlement of financial assets, voting systems, registration of land title, and several other applications.

Most people are familiar with the term “application” as it pertains to software. A software application or “app” is software that defines a specific goal, with millions of applications currently in use, such as Instagram, Google Maps or Snapchat, on both desktop and mobile platforms. The vast majority of web-based software applications follow a centralized server-client model, which directly controls the operation of the individual units and flow of information from a single center or database. Users of centralized applications are directly dependent on the central system to send and receive information and to be commanded. By way of example, if someone desires to hail a taxi in the centralized application model, then in order for a passenger to be connected with a driver, they would need to access a central database, like Uber or Lyft, to facilitate the ride-share. In contrast, a decentralized application has its backend code running on a decentralized peer-to-peer network. In the decentralized model of ride sharing, for example, the passenger would be able to connect directly with a driver using a peer-to-peer programmable blockchain, and the consideration for use of the service could be delivered directly and seamlessly over the same blockchain, and without the record of the transaction stored on a private database.

The uniqueness of DLT lies in the fact that they are maintained by a shared or distributed network of participants (called “nodes”) and not by a centralized authority, meaning that there is no central validation system. Another important feature of distributed ledgers is the extensive use of cryptography, namely computer-based encryption techniques such as public/private keys and hash functions, to store assets and validate transactions.[1]

As DLT makes it possible to transfer value more easily and efficiently, it could result in the shift of significant flows of capital. Over the course of the last few years, the rise of initial coin (and token) offerings (ICOs) has facilitated a unique crowd-funding method to finance projects (as further described below). One of the most successful ICOs in Canada was the launch of Ethereum in 2015, a decentralized platform that runs smart contracts on a programmable blockchain. The value token of the Ethereum blockchain is called ether. It is listed under the “ETH” symbol and traded on crypto-currency exchanges (think of it as a stock exchange for digital currencies and assets). Ether is also used to pay for transaction fees and computational services on the Ethereum network. Another example is Brave, the web browser founded by Mozilla co-founder Brendan Eich, which completed an ICO on May 30, 2017 for the sale of its Ethereum-based Basic Attention Token (BAT) which raised US$35 million in under 30 seconds.[2]

What are ICOs?

Coins or tokens issued in an ICO are essentially digital coupons issued on the blockchain. They can easily be traded, although unlike shares of a company, they do not confer rights of ownership. Instead, they often serve as the currency for the project they finance, and investors hope that successful projects will cause the coin’s or token’s value to rise over time.

Taken from the example above, the BAT is a blockchain-based platform catered to the world of digital advertising, which, as the company explains, will “radically improve the efficiency of digital advertising by creating a new unit of exchange between publishers, advertisers, and users.” The token is based on the Ethereum blockchain, and the value of each token is based on the user’s attention – described as “a person’s focused mental engagement.”  Users of the Brave browser will be able to use (spend) their BAT to view web pages advertisement-free, while companies will be able to directly compensate viewers for electing to view and not block their browser advertisements.

Participation in an ICO generally involves the exchange of an existing crypto-currency, like Bitcoin or Ether, for a newly “minted” token or coin, facilitated over the blockchain during a prescribed “coin sale” period using a crypto-currency wallet, which is a secure digital wallet used to store, send, and receive digital currency. One could then either store their newly acquired token on their personal wallet, or digitally send the token to an exchange where it could be stored or traded (if such token is supported) for other crypto-currencies, or ultimately converted into a fiat currency.

Is a blockchain token a security?

In Ontario, issuers of blockchain tokens will need to consider if such tokens will be categorized as a “security” for the purposes of section 1(1) of the OSA. The broad definition of “security” contained in the OSA sets out a long, enumerated list of items, but the definition is not meant to be exhaustive, so things not specifically listed may ultimately be deemed to be a security.

Whether a blockchain token would be viewed as a simple contract and non-security will require further analysis based on the design and characteristics of the specific token, and the interpretation of securities legislation by applicable regulatory bodies.

Is a blockchain token an investment contact?

Part (n) of the definition of “security” under section 1(1) of the OSA includes any investment contract. The leading Canadian case on investment contracts is Pacific Coast Coin Exchange of Canada v. OSC[4] (Pacific Coin)[5]. In this case, the Supreme Court of Canada found that an investment contract (and therefore a “security”) exists when the following three factors are present:

  1. a person invests money;
  2. the investment of money is made with an intention to profit;
  3. in a common enterprise; and
  4. the investor is lead to expect profits solely from the efforts of the promoter or a third party.

While investment interests that are considered to be securities generally include things such as an ownership interest in a legal entity, equity interests, status as a creditor or lender, or entitlements to share of profits and/or losses, blockchain tokens may still, however, be characterized by regulators as an investment contract, or as another type of security under section 1(1) of the OSA, such as part (b), which includes any document constituting evidence of title or interests in the capital, assets, property, profits, earnings or royalties of any person or company. Of note, in January 2016, Peter Van Valkenburgh, research director at Coin Center, a Washington, D.C. based non-profit research and advocacy center focused on the public policy issues facing crypto-currency and decentralized computing technologies, published a report presenting a potential framework for securities regulation of crypto-currencies.[6]

Section 1.1 of the OSA states that the objectives of securities regulation in Ontario are to: (i) protect investors from unfair, improper, or fraudulent practices; and (ii) to foster fair and efficient capital markets and confidence in capital markets. Securities regulators attempt to achieve a balance between these objectives while ultimately seeking to protect unsophisticated investors. While the current regulatory regime lacks a coherent criteria for determining whether a blockchain token would be considered a security, the inclusion of a particular DLT arrangement under securities regulation will depend, to a great extent, on the specific nature of a blockchain token and how they are viewed in light of these policy considerations.

A recent Ontario Court of Justice decision in Ontario Securities Commission v Tiffin[7] adopted a “family resemblance test” used in the United States as a common sense approach to determining if an instrument (in that instance a promissory note) can be issued free of securities law implications. Applying this test, every promissory note is initially presumed to be a “security” unless it bears a strong resemblance to one of a judicially-crafted list of categories of instruments that are not typically considered to be securities. The court applied a contextual and purposeful approach to determine if the notes were issued in a commercial context or for investment purposes, the latter of which would almost certainly characterize the instrument as a security. The court proposed asking the following four questions:

  1. Is the purpose of the debt transaction to raise money for the general use of a business enterprise or to finance substantial investments and is the purchaser motivated primarily by the profit the notes are expected to generate for the business?
  2. Does the issuer’s plan of distribution seek to establish some form of common trading in the notes, either for speculative or investment purposes?
  3. Is there a reasonable public expectation that the instruments should be treated as “securities”?
  4. Is there some mitigating factor such as the existence of another regulatory scheme that sufficiently protects investors, thereby rendering strict application of securities laws unnecessary?

Answering yes to the first three questions or no to the last one all suggest characterization of a promissory note as a “security.” DLT businesses issuing tokens may find it helpful to consider this purpose-based approach when organizing their affairs and arrangements, especially in the ICO context.

Businesses should also consider that if an asset is “tokenized” it may be considered a security under section 1(1) of the OSA, but if not, it may be categorized as a derivative. Moreover, if a DLT-based venture provides a venue to facilitate the trading of a security or derivative (like a digital asset exchange), that venue could be deemed to be a “marketplace” and subject to regulation.[8]

By David Gardos, Associate, Cassels Brock


[4] [1978] 2 S.C.R. 112
[5] The investment contract test in Pacific Coin is the culmination of two leading American judicial tests, the “Howey test”, established in SEC v. W.J. Howey Co. (1945) 328 U.S. 293 (U.S. S.C.) and the “risk capital rest”, established in Hawaii Commissioner of Securities v. Hawaii Market Centres Inc. (1971) 485 P. 2d 105.
[6] A copy of Mr. Van Valkenbrugh’s report entitled “Framework for Securities Regulation of Cryptocurrencies” is available for download at
[7] Ontario Securities Commission v Tiffin, (2016) 133 O.R.(3d) 341 (O.C.J.)
[8] Popular crypto-currency exchanges include Kraken, Gemini and Coinbase.

Occasional Contributors

In addition to our regular guest bloggers, Inside Internal Controls blog published by First Reference, provides occasional guest post opportunities from various subject matter experts on the topics of risk management and best practices in finance and accounting, information technology, environmental issues, corporate governance, sales/marketing and operations, not-for-profits and business related issues in Canada. If you are a subject matter expert and would like to become an occasional blogger, please contact Yosie Saint-Cyr at If you liked this post and would like to subscribe to Inside Internal Controls blog click here.
Send to Kindle

, , , , , ,

Leave a Reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.