An increasing number of businesses are concluding that a security token offering (STO) is now the preferred approach to raise funds for their project, product or platform. Whereas a traditional initial coin offering (ICO) seeks to raise funds through the issue of a non-asset backed cryptocurrency or digital token which is designed to be utilised in an ecosystem or platform, an STO typically links tokens to either profits, assets or both (referred to herein as a Security Token). As an STO therefore offers a token with the promise of a return as opposed to the promise of utility, many consumers are now looking to Security Tokens for their digital investments – a trend that has not been lost on those businesses competing or starting out in the blockchain space.

However, the issuance of Security Tokens and the distribution of profits raises several questions from a legal and regulatory perspective. This article considers a few of the common questions facing Security Token issuers incorporated or established in the Cayman Islands.

Building Blocks for STOs

In September 2017, we outlined certain legal and regulatory considerations applicable to ICOs in the Cayman Islands and in August 2018 we wrote further on the subject of structuring an ICO in the Cayman Islands. In large part, these considerations continue to apply to STOs. This article focuses on those laws and regulations which are further engaged by an STO.

Is a Security Token a Security?

As with ICOs and the issuance of utility tokens, it is imperative that a full analysis on the characteristics of the Security Token be conducted to determine whether or not such token is in fact a "security" for the purposes of the Securities Investment Business Law (Revised) (SIBL). Notwithstanding the nomenclature, it is possible that some Security Tokens will not actually be considered as securities under Cayman law. However, where the token is backed by profits or is redeemable for an asset, consideration must be given as to whether such token would be regarded as a debt instrument or an option and therefore a security. Alternatively, where the Security Token possesses all the rights of a typical share and such rights are acknowledged in the issuer's memorandum and articles of association, it is arguable that such token actually represents a share in the issuer, much like a share certificate albeit in digital form.

Under Cayman law, a token issuer may not be carrying on "securities investment business" despite issuing securities. Where a token issuer is issuing its own securities, such activity would typically be regarded as an excluded activity under SIBL in which case the issuer would not be required to be registered or licensed with the Cayman Islands Monetary Authority (CIMA). As several such exclusions or exemptions apply, the token issuer can therefore take steps to structure the STO so that licensing and registration is not required in the Cayman Islands. However, the same may not be true in any or all jurisdictions where the issuer proposes to market or sell such tokens and local legal advice should be sought before the issuer sells any tokens in such jurisdictions.


It is now well known that, for an ICO in any jurisdiction, a token issuer must have the prevention of money laundering and terrorist financing at the forefront of its priorities. It is no different for an issuer conducting an ICO from the Cayman Islands, as outlined in our article of September 2017. However, in many utility token ICOs, the issuer's anti-money laundering (AML) obligations often only extend to direct purchasers of tokens (such purchasers being characterised as the issuer's clients or customers). However, in the case of a Security Token issued as part of an STO, the relationship with the token holder often extends beyond the initial sale of the token, potentially resulting in further AML compliance required by the issuer. The extent of these obligations will depend on the rights attached to the Security Token itself. For example, where a Security Token entitles the holder to rights in a dividend or distribution, the holders of tokens at the time of the distribution may be considered as customers and the issuer may therefore be expected to gather "know your customer" (KYC) documentation and carry out AML checks on each such holder at the time of the distribution.

A large part of the attraction of digital tokens is that they may be listed on cryptocurrency exchanges and therefore become tradeable on secondary markets. Accordingly, listing Security Tokens on a cryptocurrency exchange may create additional AML obligations for issuers. Ultimately, an issuer's compliance with AML obligations should follow a risk-based approach, so it will be for each issuer to determine its own compliance strategy. This could include policies whereby (a) redemptions or distributions are not processed until a token holder has supplied adequate KYC, (b) KYC information is collected and exchanged on token holders as between the issuer and the cryptocurrency exchange, or (c) the issuer conducts due diligence on the AML policies and procedures of the cryptocurrency exchange and relies on those policies and procedures for the purposes of its own compliance.

The considerations above are not unique to the Cayman Islands and it is likely that most issuers of Security Tokens will need to consider their AML obligations.

Tax Reporting

Like many other jurisdictions, the Cayman Islands has adopted tax information reporting regimes such as FATCA and CRS. Accordingly, where an entity is classified as a reporting financial institution under these regimes, it will be required to collect tax information on its account holders and report to the Tax Information Authority of the Cayman Islands.

An in-depth, fact specific analysis for the purposes of FATCA/ CRS will be required for each and every STO. As Security Tokens often allow for a return of value to the token holder in a similar manner to share- or equity- holders, the relationship between token issuer and token holder is significantly different than under a utility token ICO and much closer to a relationship covered by FATCA and CRS. This relationship depends on the activities of the token issuer and the means through which its profits are derived and paid to token holders, possibly bringing the STO within scope of these tax reporting regimes.

If an STO is in scope, the collection of information and reporting on token holders becomes difficult where the issuer intends to list the tokens on cryptocurrency exchanges where the persons holding tokens may change minute-by-minute. Whilst it is possible that not all token holders would be regarded as account holders for FATCA/CRS purposes, the administrative burden on the issuer to monitor, collect and report for tax purposes on any of its token holders could prove decisive. If adequate consideration has not been paid to its tax information reporting obligations at the very start of the STO, an issuer could find itself stuck with obligations it cannot, or is not willing, to perform.


In short, an STO cannot be treated like an ICO and each project will require a fresh look from a legal and regulatory perspective in the Cayman Islands. In addition to the above, Security Token issuers must also be cognisant of a number of other structuring concerns from a Cayman perspective, including the type of corporate structure to use for the STO, whether the rights of token holders are included in constitutional documents, whether the rights of token holders, shareholders or ultimate beneficial owners are in conflict and whether the structure ultimately achieves the objectives of the STO. As for all digital, blockchain and fintech related matters, Ogier is on hand to tackle these questions and assist with launching your STO in the Cayman Islands.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.