Initial coin offerings are red-hot, but they fall into a scary regulatory gray area.
When Brave, a privacy-focused Internet browser company, decided to raise money this May, it could have gone a traditional route by borrowing money or selling equity to investors. Instead it chose a third way: an initial coin offering, or ICO.
Like an initial public offering, an ICO lets a firm raise capital from multiple sources. But rather than issuing shares of ownership, the offering company sells digital tokens, or “coins,” created through blockchain technology. In Brave’s ICO, the startup raised $35 million from about 130 investors—in less than a minute.
Boosters believe that strategies like Brave’s could be the future of investing, a transformative approach to fundraising that enables consumers to benefit more directly from the popularity of new technologies than they would if they owned a traditional stock. Critics, meanwhile, fret that ICOs occupy a regulatory gray area that could leave investors vulnerable to fraud and land startups in legal trouble. And at this early stage in ICO history, both sides may be right.
ICOs are among the big financial innovations to spring from blockchain technology, which uses revolutionary software and multiple computers to create tamper-proof record systems. Blockchain is central to the business models of most startups that use ICOs; Brave, for example, plans to use blockchain tokens to help its users earn money if they agree not to block online ads. By distributing tokens in an ICO, a startup gives buyers early access to its technology, to use however they see fit. If the service or product catches on—or in some cases, before it even launches, if it generates a lot of buzz—the buyers can sell their tokens on secondary markets. The startup, meanwhile, raises money without ceding any control to private investors or venture capitalists, and without the paperwork burdens of an equity IPO.
Get Data Sheet, Fortune’s technology newsletter.
Perhaps the most famous ICO so far is that of Ethereum, which raised $18 million in 2014 by selling tokens that facilitate online contracts. Today Ethereum-powered contracts are proliferating, and the tokens had a market cap of $35 billion as of mid-June.
Indeed, with speculators’ appetites for blockchain rapidly expanding—the combined market cap of the world’s cryptocurrencies has grown almost ninefold in the past 12 months, to pass $100 billion—it’s no surprise ICOs are having a moment. Renowned venture capitalists like Chris Dixon of Andreessen Horowitz and Fred Wilson of Union Square Ventures now tout ICOs as a new form of corporate financing. Even companies that are not blockchain-centric are getting in on the action. Messaging service Kik, founded in 2009, plans to conduct an ICO this year in hopes that tokens will spur more person-to-person payments and gaming on its platform. According to research firm Smith + Crown, dozens of firms have already completed ICOs this year, with dozens more to come; the 30 that reported their gains have raised about $540 million.
So what do regulators have to say about this brave new world? Right now, nothing. And that could become a problem, for investors and startups alike. In a traditional IPO, a company can’t sell shares unless it gets approval from the Securities and Exchange Commission, which means disclosing extensive details about its business prospects and potential risks. For ICOs, there are no such requirements yet—and that could make them prone to abuse.
While no fraud investigations of ICOs have come to light, blockchain fans frequently warn one another about dubious offerings in online discussion groups. (One snide slide deck in wide circulation is dubbed “PonzICO.”) And some companies have been able to issue tokens even though their business models are long shots at best. Jeff Garzik, a leading figure in the blockchain community who runs a consultancy called Bloq, sees ICOs as “transformative” but remains wary. “Ninety-nine percent of these ICOs will be garbage,” he says. “It’s like penny stocks but with less regulation.”
Even the most legitimate and fiscally sound ICOs pose a potential threat for their issuers. “Coins” or tokens can look a lot like traditional securities, because they enable companies to take investors’ cash while holding out the potential for profit. And selling securities without SEC approval violates federal law. “In the future, token sales won’t be done in the same way as today, because of regulatory constraints,” says Marco Santori, a digital currency lawyer with the firm Cooley. If regulators eventually determine that tokens are securities, Santori says, the SEC and Internal Revenue Service could impose sanctions on issuers; such a decision could also make it easier for investors to sue startups if their tokens become worthless.
Attorneys are now helping startups structure their ICOs to stay on regulators’ good side. Lee Schneider, a securities lawyer with Debevoise & Plimpton who also hosts a fintech podcast, collaborated with digital currency exchange Coinbase on best practices for ICOs (Schneider prefers to call them “token launches”), and his advice offers good rules of thumb for would-be buyers too. The best token exchanges involve predictable pricing—a clear relationship between demand for tokens and their price. Issuers should be transparent about sharing the software code underlying the tokens.
Perhaps most noteworthy: Schneider says ICO candidates shouldn’t market tokens as the equivalent of an investment. They should pitch buyers on what the tokens can do, and not on what they could be worth. The bottom line: If a startup advertises its coins as something you can flip to get rich, its ICO is more likely to be “garbage” than “transformative.”
A version of this article appears in the July 1, 2017 issue of Fortune with the headline “Investors Seek Sweet Coin.”