In an important step, the Securities and Exchange Commission ("SEC") has released a cease-and-desist order against Zachary Coburn, the founder of EtherDelta, a well-known online platform for trading Ether and ERC20-based tokens.1 Coburn created the platform in 2016 and was responsible for developing the code for the "smart contracts" used to execute trades on the platform. Coburn sold the platform in 2017 and appears to be no longer associated with it. The SEC found that EtherDelta violated Section 5 of the Exchange Act of 1934 ("Exchange Act"), which generally requires national securities exchanges to register with the SEC, and that Coburn caused EtherDelta to engage in the violation.
This order is important in several ways, and serves as a cautionary statement both to crypto exchanges specifically and more generally to developers of any tokens and token-related platforms. In particular:
-
The SEC is willing to take action against the developers of unregistered exchanges of tokens and other cryptoassets. The SEC has repeatedly indicated that crypto exchanges that facilitate token trades may be subject to the federal securities laws, but this is the first time the SEC has brought an enforcement action against the founder, operator, developer, or other person involved in creating or sponsoring a crypto exchange.
-
Decentralization doesn't immunize an exchange or its developers. EtherDelta purported to be a fully decentralized trading platform. After Coburn deployed the smart contracts used on the platform, he did not appear to administer or effect trades himself or to touch the tokens or any assets exchanged on the platform. He claimed the platform had no true "owner." The SEC brought an enforcement action against him anyway. In other words, just because a crypto exchange is decentralized does not mean the federal securities laws do not apply to it or its developers.
-
Cooperating with the SEC can help. Coburn has been ordered to pay a relatively light set of penalties, including disgorgement of $300,000, prejudgment interest of $13,000 and a civil money penalty of $75,000. The SEC indicated in its order that the lighter penalty was in part due to Coburn's efforts to take remedial action and cooperate with the SEC staff.
-
Exchanges (including EtherDelta) are not in the clear. The SEC brought this enforcement action against Coburn personally, and the SEC's action did not involve EtherDelta or any other person or entity. Nonetheless, the SEC also signaled that it may take further actions involving EtherDelta. The order noted (among other things) that Coburn has agreed to testify in any related enforcement action, and the SEC's press release announcing the action stated that the SEC's investigation is continuing. In addition, in light of other statements suggesting that the SEC and its staff are scrutinizing illegal token exchanges, it is possible (and perhaps likely) that the SEC will bring additional actions against developers and others associated with unregistered token exchanges.
-
Developers of tokens and token-related platforms (not just exchanges) have potential liability for violations of the federal securities laws. Section 21C(a) of the Exchange Act (and other provisions of the federal securities laws) permit the SEC to sue people and entities who "cause" violations of the federal securities laws. Coburn was held responsible for "causing" EtherDelta's violation because he wrote and deployed the relevant coding and exercised control over operations of the platform. Although Coburn did not appear to touch any money or tokens, or execute trades himself, he developed the platform, smart contracts, and protocols that provided the means for trading. In the SEC's eyes—and under Section 21C(a)—this meant he could be liable for causing the platform to act as an illegally unregistered exchange. Notably, however, the SEC's authority to bring actions against people who "cause" violations is not limited to the provisions related to securities exchanges; the SEC has authority to sue a person or entity who causes virtually any violation of the federal securities laws. The SEC's order thus indicates that the SEC disagrees with the notion that developers that only program code are immune from potential liability under the federal securities laws. The SEC could assert the same type of causation or similar ancillary liability used against Coburn against a variety of developers and other actors in the crypto space whose smart contracts, blockchain protocols, or token issuances are violating the federal securities laws.2