Why Token Launches Require a Legal Playbook
In my practice, I have guided dozens of projects through the token launch process. The difference between a successful launch and an SEC enforcement action often comes down to one thing: having a comprehensive compliance strategy from day one.
Token launches sit at the intersection of securities law, money transmission regulations, tax law, and international compliance. Miss any one of these, and the consequences can be severe: disgorgement of funds, civil penalties, and in extreme cases, criminal charges.
This playbook walks through every stage of a compliant token launch, from initial structuring decisions to post-launch obligations. I advise clients to treat this as a living document that evolves with their project.
The Stakes Are High
Since 2017, the SEC has brought enforcement actions against over 100 token projects, collecting billions in penalties and disgorgement. Many of these projects had legal counsel but made critical strategic errors early in the process. This playbook helps you avoid those mistakes.
Pre-Launch Legal Structuring
Before writing a single line of token code, I advise clients to establish the proper legal foundation. The decisions made at this stage will determine regulatory treatment, tax obligations, and liability exposure for years to come.
Entity Selection
The entity structure for a token project typically involves multiple entities serving different functions:
| Entity Type | Purpose | Jurisdiction Considerations |
|---|---|---|
| Development Company | Builds the protocol, employs developers | Often US (Delaware C-Corp) for talent access and VC compatibility |
| Token Issuer | Creates and distributes tokens | Often offshore (Cayman, BVI, Switzerland) to limit US securities exposure |
| Foundation | Manages treasury, funds ecosystem | Switzerland, Cayman, Singapore for governance flexibility |
| Operating Company | Runs any centralized services | Jurisdiction depends on user base and services offered |
In My Practice
I typically recommend a Delaware C-Corp for the development entity (for fundraising flexibility), paired with a Cayman or BVI entity for token issuance. The Foundation is often in Switzerland or Singapore, depending on governance needs and banking relationships.
Jurisdiction Selection
Jurisdiction choice involves balancing multiple factors:
- Regulatory clarity - Does the jurisdiction have clear token guidance?
- Banking access - Can you maintain fiat on/off ramps?
- Tax treatment - How are token sales and ongoing operations taxed?
- Talent pool - Can you hire and retain developers?
- Investor expectations - Do VCs require specific structures?
- Target market - Where will your users be located?
Popular Jurisdictions Compared
| Jurisdiction | Pros | Cons | Best For |
|---|---|---|---|
| Cayman Islands | No corporate tax, flexible structures, VC-familiar | Limited substance requirements changing, banking challenges | Token issuers, investment funds |
| Switzerland | Clear FINMA guidance, strong banking, credibility | Higher costs, substance requirements | Foundations, established projects |
| Singapore | Business-friendly, good banking, clear MAS guidance | PSA licensing complex, Asia-focused | Operating companies, Asia-market projects |
| BVI | Low cost, simple setup, no corporate tax | Less credibility, VASP registration required | Holding companies, smaller projects |
| Delaware (US) | VC-standard, clear law, talent access | Full US securities law exposure | Development entities, US-focused projects |
Howey Test Analysis for Your Token
The threshold question for any token launch is whether the token constitutes a security under US law. This analysis determines everything that follows in the compliance strategy.
For a deep dive on the Howey Test framework, see my Howey Test Guide for Utility Tokens.
The Four Prongs
Under SEC v. W.J. Howey Co., an instrument is a security if it involves:
- Investment of Money - Did purchasers pay cash, crypto, or other consideration?
- Common Enterprise - Are fortunes of investors tied together or to the promoter?
- Expectation of Profits - Do purchasers expect returns from the investment?
- Efforts of Others - Do expected profits derive from the promoter's efforts?
The "Efforts of Others" Trap
In my experience, this is where most projects fail the Howey analysis. Even if a token has genuine utility, if the network is still being built by a centralized team and purchasers are relying on that team's efforts to increase token value, it likely meets this prong. "Sufficient decentralization" is the key escape hatch, but few projects achieve it at launch.
Practical Howey Analysis Framework
I advise clients to document their analysis across these factors:
| Factor | Security Indicators | Non-Security Indicators |
|---|---|---|
| Functionality at Launch | Token has no current utility; network not live | Fully functional network; token required for operation |
| Marketing | Emphasizes investment returns, price appreciation | Focuses on utility, use cases, technology |
| Purchaser Motivation | Buyers seeking investment returns | Buyers need token for platform use |
| Development Status | Roadmap-dependent, centralized team | Decentralized governance, community-driven |
| Distribution | Concentrated holdings, team/investor heavy | Wide distribution, earned through participation |
| Secondary Trading | Promoted by issuer, liquidity provided | Organic market development |
For analysis of how tokens might become smart contract securities, see my guide on Smart Contract Securities Law.
Reg D vs Reg S vs Reg A+ Comparison
If your token is a security (or you are treating it as one for compliance purposes), you need an exemption from SEC registration. Here are the primary options I discuss with clients:
Regulation D (506(c))
- Investor Type: Accredited only
- Raise Limit: Unlimited
- General Solicitation: Permitted
- SEC Filing: Form D (15 days post-sale)
- Resale Restrictions: 12-month holding period
- Timeline: Fastest (weeks)
- Cost: $25K - $100K legal
- Ongoing Obligations: Minimal
Regulation S
- Investor Type: Non-US persons only
- Raise Limit: Unlimited
- General Solicitation: Offshore only
- SEC Filing: None required
- Resale Restrictions: 40 days - 1 year
- Timeline: Fast (weeks)
- Cost: $20K - $75K legal
- Ongoing Obligations: Distribution compliance
Regulation A+ (Tier 2)
- Investor Type: Anyone (with limits)
- Raise Limit: $75M per year
- General Solicitation: Permitted
- SEC Filing: Form 1-A (qualified)
- Resale Restrictions: None (freely tradeable)
- Timeline: 3-6 months SEC review
- Cost: $150K - $500K+
- Ongoing Obligations: Annual/semi-annual reports
Detailed Comparison
| Factor | Reg D 506(c) | Reg S | Reg A+ Tier 2 |
|---|---|---|---|
| US Retail Investors | No | No | Yes (10% income/net worth limit) |
| International Investors | Limited | Yes (primary focus) | Yes |
| Token Liquidity | Restricted 12 months | Restricted 40d-1yr | Immediate (if listed) |
| Audit Required | No | No | Yes (2 years) |
| State Preemption | Yes | N/A (offshore) | Yes (Tier 2) |
| Best For | VC/institutional raises | International communities | Retail token sales, exchange listings |
My Typical Recommendation
For most token projects, I advise a combined Reg D + Reg S approach: Reg D 506(c) for US accredited investors and Reg S for international buyers. This maximizes your addressable market while maintaining compliance. Reg A+ is worth considering if retail access and immediate liquidity are priorities, but the cost and timeline are significant.
SAFT vs SAFE vs Direct Token Sale
The structure of your token sale impacts securities treatment, investor rights, and tax consequences. Here are the primary approaches I encounter:
SAFT (Simple Agreement for Future Tokens)
The SAFT was designed to bridge the gap between fundraising and network launch. Investors receive a contractual right to tokens once the network is functional.
- Structure: Investment agreement now, token delivery later
- Securities Status: SAFT is a security; tokens may not be (if network is sufficiently decentralized at delivery)
- Typical Use: Pre-launch raises from accredited investors
- Pros: Delays token delivery until network functional; familiar to crypto VCs
- Cons: SEC has challenged the premise that delivered tokens are non-securities; Telegram case was a major setback
SAFT Warning: Post-Telegram
The SEC's victory in SEC v. Telegram (2020) significantly undermined the SAFT model. The court held that the entire scheme, including post-delivery tokens, was a single securities offering. I advise clients that SAFTs do not provide a safe harbor and the delivered tokens may still be securities.
SAFE (Simple Agreement for Future Equity)
Originally designed for equity fundraising, SAFEs are sometimes used with token warrants or side letters.
- Structure: Equity conversion right, sometimes with token warrant
- Securities Status: SAFE is a security; token warrant complicates analysis
- Typical Use: Seed/early stage when token economics uncertain
- Pros: Familiar to traditional VCs; flexible timing
- Cons: Token rights as side letter creates complexity; potential dual-class holder issues
Direct Token Sale
Selling tokens directly, either at network launch or after.
- Structure: Purchase agreement, immediate or near-term token delivery
- Securities Status: Depends on Howey analysis at time of sale
- Typical Use: Public sales, post-network-launch offerings
- Pros: Simplest structure; immediate utility possible
- Cons: Full securities analysis required; if security, needs exemption
Structure Comparison
| Factor | SAFT | SAFE + Token Warrant | Direct Token Sale |
|---|---|---|---|
| When to Use | Pre-network, clear token economics | Early stage, equity + token optionality | Network live, tokens functional |
| Investor Rights | Contractual token delivery | Equity conversion + token right | Token ownership only |
| Complexity | Moderate | High | Low to Moderate |
| SEC Risk Level | High (post-Telegram) | Moderate (untested) | Depends on token characteristics |
| VC Familiarity | High (crypto VCs) | High (all VCs) | Moderate |
SEC Enforcement Patterns and How to Avoid Them
Understanding how the SEC selects enforcement targets helps structure compliant offerings. In my analysis of SEC actions since 2017, clear patterns emerge.
Common Enforcement Triggers
- Fraud and Misrepresentation - Projects that made false claims about technology, team, or use of funds
- Unregistered Securities Offerings - Token sales without registration or valid exemption
- Targeting US Retail - Projects that marketed to US non-accredited investors
- Celebrity Promotions - Paid endorsements without disclosure
- Exchange Listings of Unregistered Securities - Facilitating trading in security tokens
Red Flags That Attract SEC Attention
- Marketing emphasizing investment returns or price appreciation
- Promising specific exchange listings
- Team anonymity (or fake team members)
- No working product at time of sale
- Funds used for team enrichment rather than development
- Aggressive social media campaigns targeting US audiences
- Influencer promotions without disclosure
Enforcement Case Studies
SEC v. Telegram (TON) - $1.2B Disgorgement
Telegram raised $1.7B through SAFTs to accredited investors. The SEC obtained an injunction blocking token distribution, arguing the entire scheme was a single unregistered offering. Telegram returned $1.2B to investors and paid $18.5M penalty.
Lesson: SAFT structure does not insulate token distribution from securities laws. The court looked at the economic reality of the entire transaction.
SEC v. Ripple Labs - Ongoing Litigation
The SEC charged that XRP sales constituted unregistered securities offerings. Ripple argued XRP is a currency. The case produced mixed rulings on programmatic sales vs. institutional sales.
Lesson: Distribution method matters. Programmatic sales on exchanges may be treated differently than direct sales to institutions.
SEC v. LBRY - Utility Token Loss
LBRY argued its token was a utility for accessing a decentralized content platform. The court rejected this, finding purchasers had investment intent and expected profits from LBRY's efforts.
Lesson: Genuine utility does not automatically escape securities classification. Purchaser motivation and promoter efforts remain central.
Compliance Strategies
Based on enforcement patterns, I advise clients to implement these protective measures:
- Document Everything - Maintain records of Howey analysis, legal opinions, and decision-making
- Control Marketing - Review all public communications; prohibit investment-return language
- Implement Geofencing - Block US persons from public sales if not compliant
- Use Compliant Exemptions - If there is any doubt, treat the token as a security and use Reg D/S
- Disclose Risks - Comprehensive risk disclosures in all offering materials
- Work Toward Decentralization - Document the path to reducing promoter reliance
KYC/AML Requirements for Token Sales
Regardless of securities status, token sales trigger anti-money laundering obligations. Failure to implement proper KYC/AML can result in FinCEN enforcement, banking relationship termination, and criminal liability.
Who Must Implement KYC/AML
- Money Services Businesses (MSBs) - If exchanging tokens for fiat or other virtual currencies
- Broker-Dealers - If tokens are securities
- Offshore Entities - Per local jurisdiction requirements (most require some form)
Minimum KYC Requirements
| Information | Individual | Entity |
|---|---|---|
| Identity | Full legal name, DOB | Legal name, formation jurisdiction |
| Address | Residential address | Business address |
| ID Document | Passport/government ID | Formation documents, operating agreement |
| Beneficial Owners | N/A | 25%+ owners, control persons |
| Source of Funds | For larger purchases | For larger purchases |
| Wallet Verification | Signed message from receiving wallet | Signed message from receiving wallet |
AML Program Elements
- Written Policies - Document KYC procedures, risk assessment, escalation
- Designated Compliance Officer - Named individual with authority
- Screening - OFAC sanctions list, PEP databases, adverse media
- Transaction Monitoring - Suspicious activity detection and SAR filing
- Record Keeping - 5-year retention of KYC documents and transaction records
- Training - Staff training on AML obligations
Practical KYC Implementation
I recommend clients use established KYC providers like Jumio, Onfido, or Sumsub rather than building in-house. These providers offer sanctions screening, document verification, and liveness checks. Budget $2-5 per verification for standard checks, more for enhanced due diligence.
OFAC Considerations
The Office of Foreign Assets Control (OFAC) sanctions apply to all US persons and entities, regardless of where tokens are issued. Key requirements:
- Screen all purchasers against SDN list before token delivery
- Block sales to sanctioned jurisdictions (North Korea, Iran, Cuba, etc.)
- Implement ongoing monitoring for sanctions list updates
- Consider blockchain analytics for wallet screening (Chainalysis, Elliptic)
Post-Launch Compliance Obligations
Launching the token is not the end of compliance obligations. Post-launch requirements depend on how the token was sold and its ongoing treatment.
Securities Token Obligations
If tokens were sold as securities under an exemption:
- Reg D: File Form D within 15 days of first sale; annual Form D amendments
- Reg A+: Annual reports (Form 1-K), semi-annual reports (Form 1-SA), current reports (Form 1-U)
- Transfer Restrictions: Implement and enforce holding periods; track ownership
- Bad Actor Disqualification: Ongoing monitoring of team and significant holders
Token Distribution Monitoring
Even for non-security tokens, I advise clients to monitor:
- Concentration Risk: Track wallet concentration; avoid manipulation risks
- Insider Trading: Implement trading policies for team members
- Market Manipulation: Monitor for wash trading, pump-and-dump schemes
- Decentralization Progress: Document governance decentralization over time
Ongoing Tax Obligations
- Token Treasury: Track cost basis and fair market value
- Team Token Grants: Properly structure and report compensation
- Protocol Revenue: Determine tax treatment of any protocol fees
- International Tax: Transfer pricing, permanent establishment issues
Communications Discipline
Post-launch communications can impact securities analysis. I advise clients to continue avoiding investment-return language, price predictions, or exchange listing promises. Everything said publicly can be used in an enforcement action.
Exchange Listing Legal Considerations
Listing on exchanges is often the goal, but it introduces additional legal complexity. The regulatory treatment differs dramatically between exchange types.
Centralized Exchange (CEX) Listings
Listing on major centralized exchanges like Coinbase, Kraken, or Binance.US involves:
- Exchange Due Diligence: Legal opinion on securities status, team background checks
- Listing Agreements: Market making requirements, lockup provisions
- Geographic Restrictions: Some tokens cannot be traded by US persons
- Ongoing Obligations: Material event disclosure, cooperation with delisting if required
SEC vs Exchanges
The SEC has filed enforcement actions against major exchanges (Coinbase, Binance) alleging they listed unregistered securities. This has made exchanges more cautious. Expect extensive legal diligence before any US exchange listing.
Decentralized Exchange (DEX) Listings
Listing on DEXs like Uniswap or SushiSwap appears simpler but carries risks:
- Anyone Can List: Permissionless listing means less control
- No KYC: Trading occurs without identity verification
- US Person Access: Difficult to prevent US access, even if intended
- Liquidity Provision: Team-provided liquidity may trigger securities issues
Listing Preparation Checklist
- Obtain legal opinion on securities status (from recognized counsel)
- Prepare token documentation (whitepaper, tokenomics, governance)
- Compile team background information
- Establish market making relationships (if required)
- Prepare liquidity (but consider securities implications)
- Implement ongoing disclosure procedures
Step-by-Step Timeline: Conception to Launch
Here is the timeline I typically work through with clients, from initial concept to token launch:
Legal Entity Formation
Establish corporate structure: development entity (often Delaware), token issuer (often offshore), and foundation (if applicable). Engage securities counsel for jurisdictional analysis.
Deliverables: Corporate formation documents, operating agreements, initial structure memo
Token Economics Design
Define token utility, supply mechanics, distribution schedule, and governance rights. Document the functional purpose of the token in the ecosystem.
Deliverables: Tokenomics paper, distribution schedule, vesting terms
Howey Analysis
Conduct comprehensive securities analysis with counsel. Document factors supporting non-security treatment (if applicable) or identify appropriate exemption.
Deliverables: Howey analysis memo, securities classification determination
Offering Structure Selection
Choose sale structure (SAFT, SAFE, direct sale) and registration exemption (Reg D, Reg S, Reg A+). Prepare offering documents.
Deliverables: Purchase agreements, subscription docs, PPM if applicable
KYC/AML Program
Establish AML program, select KYC provider, implement sanctions screening. Document policies and procedures.
Deliverables: AML policy, KYC vendor contract, screening procedures
Private Sale Execution
Conduct private sale to institutional/accredited investors under chosen exemption. Complete KYC, execute agreements, receive funds.
Deliverables: Signed purchase agreements, KYC files, fund receipts
SEC Filings (if applicable)
File Form D (Reg D) within 15 days of first sale. For Reg A+, this phase involves SEC qualification process (add 3-6 months).
Deliverables: Filed Form D, SEC receipt
Token Generation Event
Deploy token contract, conduct security audits, prepare for distribution. Implement transfer restrictions if required.
Deliverables: Deployed contracts, audit reports, distribution plan
Token Distribution
Distribute tokens to purchasers per vesting schedules. Implement any required lockups or transfer restrictions.
Deliverables: Distribution records, holder communications
Exchange Listing Preparation
Engage with exchanges for listing, provide legal opinions and due diligence materials. Establish market making relationships.
Deliverables: Exchange applications, legal opinions, listing agreements
Public Trading Begins
Token listed on exchanges, secondary trading commences. Implement ongoing compliance monitoring.
Deliverables: Exchange listings, trading policies, monitoring procedures
Continued Compliance
Maintain ongoing compliance: periodic filings (if required), trading policy enforcement, communications discipline, decentralization progress.
Deliverables: Annual filings, compliance reports, governance documentation
Timeline Reality Check
In my experience, most projects underestimate the time required. Plan for 9-12 months minimum from initial planning to exchange listing. Rushing the legal foundation creates risks that can take years to remediate or result in enforcement actions.